开发者

Using Google OAuth on localhost

I started to use OAuth with Python and Django. I need it for Google APIs. I working on localhost, so I can't register a domain for url-callback. I've read about that Google OAuth could be used with anonymous domain. Can't find, how and where I can do that?

Edit:

I have this view:

def authentication(request):
    CONSUMER_KEY = 'xxxxx'
    CONSUMER_SECRET = 'xxxxx'
    SCOPES = ['https://docs.google.com/feeds/', ]

    client = gdata.docs.client.DocsClient(source='apiapp')
    oauth_callback_url = 'http://%s/get_access_token' % request.META.get('HTTP_HOST')
    request_token = client.GetOAuthToken(
      SCOPES, oauth_callback_url, CONSUMER_KEY, consumer_secret=CONSUMER_SECRET)
   domain = '127.0.0.1:8000'
   return HttpResponseRedirect(
        request_token.generate_authorization_url(google_apps_domain=domain))

And this error:

Sorry, you've reached a login page for a domain that isn't using Google Apps. Please check the web address and try again.

Registered via https://code.google.com/apis/console/

Edit:

CONSUMER_KEY = 'xxxxxxxxxxxxxxxxxxxxxxxxxxx'
CONSUME开发者_如何转开发R_SECRET = 'xxxxxxxxxxxxxxxxxxxxxxxxx'
SCOPES = ['https://docs.google.com/feeds/', ]
DOMAIN = 'localhost:8000'


def authentication(request):    
    client = gdata.docs.client.DocsClient(source='apiapp')
    oauth_callback_url = 'http://%s/get_access_token' % DOMAIN

    request_token = client.GetOAuthToken(SCOPES,
                                     oauth_callback_url,
                                     CONSUMER_KEY,
                                     consumer_secret=CONSUMER_SECRET)

    return HttpResponseRedirect(
        request_token.generate_authorization_url())


def verify(request):
    client = gdata.docs.client.DocsClient(source='apiapp')
    f = open('/home/i159/.ssh/id_rsa')
    RSA_KEY = f.read()
    f.close()

    oauth_callback_url = 'http://%s/get_access_token' % DOMAIN

    request_token = client.GetOAuthToken(SCOPES,
                                     oauth_callback_url,
                                     CONSUMER_KEY,
                                     rsa_private_key=RSA_KEY)
    return HttpResponseRedirect(
        request_token.generate_authorization_url(google_apps_domain=DOMAIN))

The error:

Unable to obtain OAuth request token: 400, Consumer does not have a cert: xxxxxxxxxxxxxxx.apps.googleusercontent.com


Just to be clear, you can use the web application flow with localhost while developing on either OAuth 1.0 or OAuth 2.0. OAuth 2.0 should be preferred as it's the mechanism we are focussed on. The user experience for OAuth 2.0 is going to be substantially better.

There's nothing stopping you from using localhost as your callback URL. I do this myself all the time. You just need to make sure the callback URL matches exactly, including any port numbers, and you can't deploy your application that way for obvious reasons. Installed applications are more complicated, but if you're doing something with Django, it's possible to take advantage of the fact that OAuth 2.0 is a bearer-token system. As long as you're keeping the refresh token server-side, you can authenticate with your own application out-of-band and then send the bearer token to the installed application. Your installed application will have roughly a one-hour window in which to make calls before you'll need to repeat the process. This can happen transparently to the user in most cases. Transmission of the bearer token should happen over an encrypted channel.


OAuth 1.0 for Installed Applications

Besides that, you probably don't want to include your actual CONSUMER_KEY and CONSUMER_SECRET in the example code.


Try your code without arguments:

return HttpResponseRedirect(request_token.generate_authorization_url())
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜