[英]Could not setup django-oauth-toolkit authentication
I'm going to restrict my working rest_framework.views.APIView
inherited class, to be visible only by authenticated users.我将限制我的工作
rest_framework.views.APIView
继承 class,仅对经过身份验证的用户可见。
I made these modifications:我做了这些修改:
authentication_classes
and permission_classes
to my class:authentication_classes
和permission_classes
:class TestView(APIView):
authentication_classes = (OAuth2Authentication,)
permission_classes = (IsAuthenticated,)
return Response("Hey there...")
curl -XPOST "http://172.18.0.1:8000/oauth2/token/" \
-d 'grant_type=client_credentials&client_id=MY-CLIENT-ID&client_secret=MY-CLIENT-SECRET'
{"access_token": "Haje1ZTrc7VH4rRkTbJCIkX5u83Tm6", "expires_in": 36000, "token_type": "Bearer", "scope": "read write groups"}
access_token
:access_token
的情况下请求视图:curl -XGET "http://172.18.0.1:8000/api/v1/test/"
{"detail":"Authentication credentials were not provided."}
access_token
:access_token
尝试了一个新请求:curl -XGET "http://172.18.0.1:8000/api/v1/test/" \
-H "Authorization: Bearer Haje1ZTrc7VH4rRkTbJCIkX5u83Tm6"
{"detail":"You do not have permission to perform this action."}
Should I do anything more to enable access_token authentication?我应该做更多的事情来启用 access_token 身份验证吗?
Note: I have installed these libraries in the environment:注意:我已经在环境中安装了这些库:
Django==2.2.17
djangorestframework==3.12.2
django-oauth-toolkit==1.3.3
Note2: Forgot to say that rest_framework
and oauth2_provider
have been added to INSTALLED_APPS.注意2:忘了说
rest_framework
和oauth2_provider
已经添加到INSTALLED_APPS了。
IMPORTANT EDIT:重要编辑:
This problem exists only if using "client credential grant" for authentication.仅当使用“客户端凭据授予”进行身份验证时才存在此问题。 check my own answer below.
在下面检查我自己的答案。
In the end I found that OAuth2Authentication
does not authenticate a user by its client_credential (accepts username/password pair with grant_type=password).最后,我发现
OAuth2Authentication
没有通过其 client_credential 对用户进行身份验证(接受用户名/密码对,grant_type=password)。 so I wrote this custom authenticator.所以我写了这个自定义身份验证器。 hope it helps other guys with the same problem.
希望它可以帮助其他有同样问题的人。
from oauth2_provider.contrib.rest_framework import OAuth2Authentication
from oauth2_provider.models import Application
class OAuth2ClientCredentialAuthentication(OAuth2Authentication):
"""
OAuth2Authentication doesn't allows credentials to belong to an application (client).
This override authenticates server-to-server requests, using client_credential authentication.
"""
def authenticate(self, request):
authentication = super().authenticate(request)
if not authentication is None:
user, access_token = authentication
if self._grant_type_is_client_credentials(access_token):
authentication = access_token.application.user, access_token
return authentication
def _grant_type_is_client_credentials(self, access_token):
return access_token.application.authorization_grant_type == Application.GRANT_CLIENT_CREDENTIALS
Try djoser for authentication in Django rest framework在 Django rest 框架中尝试使用 djoser 进行身份验证
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.