upload.py requests auth token 4 times and then generates 302 error
140 views
Skip to first unread message
Ernesto Andrade
Jun 1, 2015, 6:01:50 PM6/1/15
to coderevie...@googlegroups.com
Hi,
I am running into an issue with a newly deployed instance of rietveld on Google App Engine.
When I set login: required to the app in the app.yaml file, the upload.py tool prompts me for my auth token 4 times and then fails with a 302 error.
Any ideas why this is happening?
Has anyone gotten upload.py to work with OAuth2 on a rietveld deployment with login: required on their app?
I see this comment, but it is from 5 years ago: https://github.com/robfig/rietveld/issues/327
I am running into an issue with a newly deployed instance of rietveld on Google App Engine.
When I set login: required to the app in the app.yaml file, the upload.py tool prompts me for my auth token 4 times and then fails with a 302 error.
Ernestos-MacBook-Pro:chronic erne$ ~/upload.py --oauth2 --no_oauth2_webbrowser --rev=origin/masterUpload server: <myapp>.appspot.com (change with -s/--server)
New issue subject: testingGo to the following link in your browser:
https://<myapp>.appspot.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>
Request: http://<myapp>.appspot.com/upload
Go to the following link in your browser:
https://<myapp>.appspot.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>
Request: http://<myapp>.appspot.com/upload
Go to the following link in your browser:
https://<myapp>.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>
Request: http://<myapp>.appspot.com/upload
Go to the following link in your browser:
https://<myapp>.appspot.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>Request: http://<myapp>.appspot.com/upload
Traceback (most recent call last):
File "/Users/erne/upload.py", line 2721, in <module>
main()
File "/Users/erne/upload.py", line 2713, in main RealMain(sys.argv)
File "/Users/erne/upload.py", line 2669, in RealMain
response_body = rpc_server.Send("/upload", body, content_type=ctype)
File "/Users/erne/upload.py", line 465, in Send
f = self.opener.open(req, timeout=70)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 410, in open response = meth(req, response)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 523, in http_response 'http', request, response, code, msg, hdrs)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 448, in error return self._call_chain(*args)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 382, in _call_chain result = func(*args)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 531, in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 302: Found
New issue subject: testingGo to the following link in your browser:
https://<myapp>.appspot.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>
Request: http://<myapp>.appspot.com/upload
Go to the following link in your browser:
https://<myapp>.appspot.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>
Request: http://<myapp>.appspot.com/upload
Go to the following link in your browser:
https://<myapp>.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>
Request: http://<myapp>.appspot.com/upload
Go to the following link in your browser:
https://<myapp>.appspot.com/get-access-token
and copy the access token.
Enter access token: <my-access-token>Request: http://<myapp>.appspot.com/upload
Traceback (most recent call last):
File "/Users/erne/upload.py", line 2721, in <module>
main()
File "/Users/erne/upload.py", line 2713, in main RealMain(sys.argv)
File "/Users/erne/upload.py", line 2669, in RealMain
response_body = rpc_server.Send("/upload", body, content_type=ctype)
File "/Users/erne/upload.py", line 465, in Send
f = self.opener.open(req, timeout=70)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 410, in open response = meth(req, response)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 523, in http_response 'http', request, response, code, msg, hdrs)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 448, in error return self._call_chain(*args)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 382, in _call_chain result = func(*args)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 531, in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 302: Found
Any ideas why this is happening?
Has anyone gotten upload.py to work with OAuth2 on a rietveld deployment with login: required on their app?
I see this comment, but it is from 5 years ago: https://github.com/robfig/rietveld/issues/327
Ernesto Andrade
Jun 2, 2015, 6:54:37 PM6/2/15
to coderevie...@googlegroups.com
Just in case someone else runs into this problem, we were able to resolve this issue by using password-based authentication (you may need to remove ~/.codereview_upload_cookies in some cases).
The support team at Google Cloud Support mentioned that password-based authentication will be phased out (he didn't have a timeline as to when), so OAuth2 support will need to be fixed at some point. When we get time here, we cab experiment to see what's needed to get full OAuth2 support working. Suggestions from Google support:
upload.py --rev=origin/master -e <email_address>
The support team at Google Cloud Support mentioned that password-based authentication will be phased out (he didn't have a timeline as to when), so OAuth2 support will need to be fixed at some point. When we get time here, we cab experiment to see what's needed to get full OAuth2 support working. Suggestions from Google support:
For the hosted version, I'm still getting my head wrapped around why it is written the way it is. If it is attempting to assert user identity for Google accounts (eg: gmail, or Google Apps Domain accounts), then the Users API[2] is the correct way to do so. To stick more closely to the original app, the current OAuth2 flow is described in this[3] documentation. The latter may be quicker to retrofit.
I'm still looking into this, but I do have to stress that rietveld is not a supported product/code base. Suggestions for modifying its codebase are as-is. However, I will continue to provide best-effort support in this case. I'll be able to investigate more tomorrow and will aim to update at 12:00 PDT, or at least by 16:00 PDT.
[1] https://github.com/rietveld-codereview/rietveld/commit/a0a624f89dd0b6c52f05cb3d39e179be4028fe7b
[2] https://cloud.google.com/appengine/docs/python/users/
[3] https://developers.google.com/identity/protocols/OAuth2WebServer
Lance Erickson
Jul 31, 2015, 4:22:08 PM7/31/15
to codereview-discuss, eand...@gmail.com
I am having this same issue. Just posted to:
I am worried the password mechanism is going away soon. Thanks for the links. I haven't wanted to get into the rietveld source, but...
Joni Kivinen
Oct 20, 2015, 2:03:18 PM10/20/15
to codereview-discuss
Well, I find myself to be in this position now, rather critically as they dropped the password mechanism, and apparently this is still to be fixed. Any chance on getting my hands on a diff or such for the changes you had to do to make it work?
Ernesto Andrade
Oct 20, 2015, 3:27:23 PM10/20/15
to codereview-discuss
Hi Joni,
Please see this recent post: https://github.com/rietveld-codereview/rietveld/issues/385#issuecomment-149462323
I'm going to try it out in our instance...looks like a good solution to the problem.
Please see this recent post: https://github.com/rietveld-codereview/rietveld/issues/385#issuecomment-149462323
I'm going to try it out in our instance...looks like a good solution to the problem.
Reply all
Reply to author
Forward
0 new messages