Hello,
I was using the Python OAuth2 decorator in my Google App Engine application. I downloaded the client secrets as a json file from API console. After deploying the app to appspot.com, the local version (localhost:8080) is no longer working. The call to decorator.has_credentials() returns false. The appspot version works fine.
Code snippet (simplified)
CLIENT_SECRETS = os.path.join(os.path.dirname(__file__), 'client_secrets.json')
oauth2_decorator = oauth2decorator_from_clientsecrets(
CLIENT_SECRETS,
scope='https://www.googleapis.com/auth/calendar',
message=MISSING_CLIENT_SECRETS_MESSAGE)
class MyRequestHandler(webapp2.HandleRequest):
@oauth2_decorator.oauth_aware
def get(self):
if oauth2_decorator.has_credentials():
# do stuff...
else:
self.out.write("<html><body>Invalid credentials</body></html>")
app = webapp2.WSGIApplication([
('/', MyRequestHandler),
(oauth2_decorator.callback_path, oauth2_decorator.callback_handler())
], debug=True)
This is the content of my client_secrets.json, without sensible information
{"web":
{
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"client_secret":"MY_CLIENT_SECRET",
"token_uri":"https://accounts.google.com/o/oauth2/token",
"client_email":"MY_CLI...@developer.gserviceaccount.com",
"redirect_uris":[
"http://MY_APP_NAME.appspot.com",
"http://localhost:8080"
],
"client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/MY_CLI...@developer.gserviceaccount.com",
"client_id":"MY_CLIENT_ID.apps.googleusercontent.com",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
"javascript_origins":[
"http://MY_APP_NAME.appspot.com",
"http://localhost:8080"
]
}
}
I'm getting "Invalid credentials" in my local machine. Works fine in appspot.com. It worked in my machine before deploying in appspot.
What can be happening?
Thanks in advance
Ok, I was so stupid. I forgot to provide an authorization link to the user for the first time, instead of an error.
CLIENT_SECRETS = os.path.join(os.path.dirname(__file__), 'client_secrets.json')
oauth2_decorator = oauth2decorator_from_clientsecrets(
CLIENT_SECRETS,
scope='https://www.googleapis.com/auth/calendar',
message=MISSING_CLIENT_SECRETS_MESSAGE)
class MyRequestHandler(webapp2.HandleRequest):
@oauth2_decorator.oauth_aware
def get(self):
if oauth2_decorator.has_credentials():
# do stuff...
else:
self.out.write(oauth2_decorator.authorize_url())
app = webapp2.WSGIApplication([
('/', MyRequestHandler),
(oauth2_decorator.callback_path, oauth2_decorator.callback_handler())
], debug=True)
Now it's working fine :-).
"client_email":"MY_CLIENT_ID@developer.gserviceaccount.com",
"redirect_uris":[ "http://MY_APP_NAME.appspot.com", "http://localhost:8080" ],
"client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/MY_CLIENT_ID@developer.gserviceaccount.com",
"client_id":"MY_CLIENT_ID.apps.googleusercontent.com", "auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs", "javascript_origins":[ "http://MY_APP_NAME.appspot.com", "http://localhost:8080" ] } }