[英]HTTPError 403 (Forbidden) with Django and python-social-auth connecting to Google with OAuth2
Using python-social-auth
, I get a 403: Forbiden
error message after accepting access from google 使用python-social-auth
,我在接受谷歌访问后收到403: Forbiden
错误消息
EDIT: I've recently (2017) had the same error but under a new message: 401 Client Error: Unauthorized for url: https://accounts.google.com/o/oauth2/token
编辑:我最近(2017)有相同的错误,但在一条新消息: 401 Client Error: Unauthorized for url: https://accounts.google.com/o/oauth2/token
This answer is outdated as the Google+ API is being deprecated on 3/7/19 此答案已过时,因为Google+ API已于2009年3月7日弃用
You need to add the Google+ API
to the list of enabled APIs on the Google Developer Console (under APIs
) 您需要将Google+ API
添加到Google Developer Console上的已启用API列表中(在APIs
下)
Note: If you want to see the real error message, use the traceback to look at the content of the response
variable ( response.text
). 注意:如果要查看真实的错误消息,请使用traceback查看response
变量的内容( response.text
)。 I use werkzeug for that ( django-extensions
+ python manage.py runserver_plus
). 我使用werkzeug( django-extensions
+ python manage.py runserver_plus
)。
Thanks also. 还要感谢。 I was using this python-social-auth tutorial by art and logic , but couldn't get past a 403: Forbidden HTTPError at /complete/google-oauth2/ until enabling Google+ API as above and waiting for a few minutes for Google to enable it . 我正在通过艺术和逻辑使用这个python-social-auth教程 ,但无法在/ complete / google-oauth2 /上通过403:Forbidden HTTPError,直到启用上述Google+ API 并等待Google启用几分钟它 。
Additionally, I had to place the templates in a template directory and set TEMPLATE_DIRS = ('/path/to/psa_test/thirdauth/templates/',)
in settings.py. 另外,我必须将模板放在模板目录中,并在settings.py中设置TEMPLATE_DIRS = ('/path/to/psa_test/thirdauth/templates/',)
。
Hope this helps someone along the way. 希望这有助于一路上的人。 All in all, it's taken about 6 hours to figure it out. 总而言之,花了大约6个小时来搞清楚。 Not too bad, I'm happy. 还不错,我很高兴。
For me I was using the full-URI scope which is deprecated by Google from Sept 1, 2014, this is mentioned in python-social-auth documentation here 对我来说,我使用的是2014年9月1日Google弃用的完整URI范围,这在python-social-auth文档中有所提及。
http://psa.matiasaguirre.net/docs/backends/google.html#google-oauth2 http://psa.matiasaguirre.net/docs/backends/google.html#google-oauth2
Google is deprecating the full-url scopes from Sept 1, 2014 in favor of Google+ API and the recently introduced shorter scopes names. Google从2014年9月1日开始弃用全网址范围,转而使用Google+ API和最近推出的缩短范围名称。 But python-social-auth already introduced the scopes change at e3525187 which was released at v0.1.24. 但是python-social-auth已经在e3525187引入了范围变化,该变化发布于v0.1.24。
However if you don't want to Enable the Google+ API for any reason and want to continue working with the full-uri old scope you need to follow the steps mentioned in the same link: 但是,如果您因任何原因不想启用Google+ API并希望继续使用完整的旧范围,则需要按照相同链接中提到的步骤操作:
# Google OAuth2 (google-oauth2)
SOCIAL_AUTH_GOOGLE_OAUTH2_IGNORE_DEFAULT_SCOPE = True
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile'
]
# Google+ SignIn (google-plus)
SOCIAL_AUTH_GOOGLE_PLUS_IGNORE_DEFAULT_SCOPE = True
SOCIAL_AUTH_GOOGLE_PLUS_SCOPE = [
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile'
]
SOCIAL_AUTH_GOOGLE_OAUTH2_USE_DEPRECATED_API = True
SOCIAL_AUTH_GOOGLE_PLUS_USE_DEPRECATED_API = True
This worked for me as I didn't want to enable the Google+ API at this point. 这对我有用,因为此时我不想启用Google+ API。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.