Google oauth2 using 127.0.0.1 in the redirect url
2,034 views
Skip to first unread message
Brian Browning
Jul 6, 2012, 12:57:27 PM7/6/12
to django-so...@googlegroups.com
In production, my app is using
http://127.0.0.1:8000/complete/google-oauth2/ as the redirect url after login.
In development, this works fine of course, but I don't see where this is hardcoded anywhere in the app.
Is there an additional setting I need to provide to have it use my domain name?
In my settings.py file I have the following :
LOGIN_URL = '/login-form/'LOGIN_REDIRECT_URL = '/'LOGIN_ERROR_URL = '/login-error/'
Tim Arbuckle
Jul 7, 2012, 3:45:15 PM7/7/12
to django-so...@googlegroups.com
Brian
The only way I have found to fix this is to monkey patch the redirect uri. I found this link https://gist.github.com/1983212 and modified it for this purpose. It would be so much better if there were a built in mechanism for this. Here's basically what i have done.
from django.dispatch import receiver
import social_auth.backends
@receiver(request_started)
def monkey_patch_redirect_uri(sender, **kwargs):
"""
store redirect uri in _redirect_uri
"""
def set_redirect_uri(self, redirect_uri):
self._redirect_uri = redirect_uri
"""
replace default redirect uri with
uri based on settings.CALLBACK_URL
"""
def get_redirect_uri(self):
from django.conf import settings
rooturi = urlparse(settings.CALLBACK_URL)
redirecturi = urlparse(self._redirect_uri)
return urlunparse((rooturi.scheme, rooturi.netloc, \
redirecturi.path, redirecturi.params, redirecturi.query, \
redirecturi.fragment))
social_auth.backends.BaseOAuth2.redirect_uri = \
property(get_redirect_uri, set_redirect_uri)
social_auth.backends.BaseOAuth.redirect_uri = \
property(get_redirect_uri, set_redirect_uri)
Then i import this module in my models.py (as suggested in the link). And it works. Since my app runs behind nginx this fixed me right up. Hope it helps.
Matías Aguirre
Jul 7, 2012, 9:03:46 PM7/7/12
to django-social-auth
Excerpts from Brian Browning's message of 2012-07-06 13:57:27 -0300:
Google OAuth2 enforces the redirect URI, check the value defined in your app at
https://code.google.com/apis/console/, for example I have two apps, one for
production environment and another for my local tests, the local one uses
http://localhost:8000/complete/google-oauth2 as redirect_uri, while the
production one uses http://social.matiasaguirre.net/complete/google-oauth2
Also, DSA uses request.build_absolute_uri() to build any redirect URL,
build_absolute_uri() uses request.get_host() to get the current host,
get_host() uses:
1. HTTP_X_FORWARDED_HOST (from request.META) if USE_X_FORWARDED_HOST
setting is True
2. HTTP_HOST (from request.META)
3. SERVER_PORT (from request.META)
So, check these values, they might drop some light too, but I would bet that
the issue is the conf in the Google OAuth2 app.
Regards,
Matías
--
Matías Aguirre (matias...@gmail.com)
https://code.google.com/apis/console/, for example I have two apps, one for
production environment and another for my local tests, the local one uses
http://localhost:8000/complete/google-oauth2 as redirect_uri, while the
production one uses http://social.matiasaguirre.net/complete/google-oauth2
Also, DSA uses request.build_absolute_uri() to build any redirect URL,
build_absolute_uri() uses request.get_host() to get the current host,
get_host() uses:
1. HTTP_X_FORWARDED_HOST (from request.META) if USE_X_FORWARDED_HOST
setting is True
2. HTTP_HOST (from request.META)
3. SERVER_PORT (from request.META)
So, check these values, they might drop some light too, but I would bet that
the issue is the conf in the Google OAuth2 app.
Regards,
Matías
--
Matías Aguirre (matias...@gmail.com)
Brian Browning
Jul 8, 2012, 6:58:12 AM7/8/12
to django-so...@googlegroups.com
Thanks for the suggestions.
The X-Forwarded-for value was the clue, I needed to change my nginx settings so that it passes those values through.
This issue gave me the settings to set: https://github.com/omab/django-social-auth/issues/157
Works fine now, thanks again
Reply all
Reply to author
Forward
0 new messages