from requests_oauthlib import OAuth2Session | |
from flask import Flask, request, redirect, session, url_for | |
from flask.json import jsonify | |
import os | |
app = Flask(__name__) | |
# This information is obtained upon registration of a new GitHub | |
client_id = "<your client key>" | |
client_secret = "<your client secret>" | |
authorization_base_url = 'https://github.com/login/oauth/authorize' | |
token_url = 'https://github.com/login/oauth/access_token' | |
@app.route("/") | |
def demo(): | |
"""Step 1: User Authorization. | |
Redirect the user/resource owner to the OAuth provider (i.e. Github) | |
using an URL with a few key OAuth parameters. | |
""" | |
github = OAuth2Session(client_id) | |
authorization_url, state = github.authorization_url(authorization_base_url) | |
# State is used to prevent CSRF, keep this for later. | |
session['oauth_state'] = state | |
return redirect(authorization_url) | |
# Step 2: User authorization, this happens on the provider. | |
@app.route("/callback", methods=["GET"]) | |
def callback(): | |
""" Step 3: Retrieving an access token. | |
The user has been redirected back from the provider to your registered | |
callback URL. With this redirection comes an authorization code included | |
in the redirect URL. We will use that to obtain an access token. | |
""" | |
github = OAuth2Session(client_id, state=session['oauth_state']) | |
token = github.fetch_token(token_url, client_secret=client_secret, | |
authorization_response=request.url) | |
# At this point you can fetch protected resources but lets save | |
# the token and show how this is done from a persisted token | |
# in /profile. | |
session['oauth_token'] = token | |
return redirect(url_for('.profile')) | |
@app.route("/profile", methods=["GET"]) | |
def profile(): | |
"""Fetching a protected resource using an OAuth 2 token. | |
""" | |
github = OAuth2Session(client_id, token=session['oauth_token']) | |
return jsonify(github.get('https://api.github.com/user').json()) | |
if __name__ == "__main__": | |
# This allows us to use a plain HTTP callback | |
os.environ['DEBUG'] = "1" | |
app.secret_key = os.urandom(24) | |
app.run(debug=True) |
This comment has been minimized.
This comment has been minimized.
There is a small race condition here. After the first time through callback() will get called nearly immediately and session['oauth_state'] might not be set yet. If you put a time.sleep(1) at the beginning of callback() everything is fine... but I suspect that's not the right answer... Thanks so much for putting together this example! It really does help! |
This comment has been minimized.
This comment has been minimized.
STRTM+TCPHTTPML://127.0.0.1:5000 |
This comment has been minimized.
This comment has been minimized.
STRTM+TCP+HTTPML://127.0.0.1:5000 |
This comment has been minimized.
This comment has been minimized.
STRTM+TCP+HTTP+ML://127.0.0.1.COM.NE:5000 |
This comment has been minimized.
This comment has been minimized.
Great example can you please help me with the same example falcon that would be help full |
This comment has been minimized.
This comment has been minimized.
Hello! I am trying to use your gist above, but I get the following
I see the following URL in my browser with the I have been stuck on this for a long time now, can you please help me ? Here is my link to the repo: https://github.com/ghoshabhi/commit-reminder/tree/feat_oauth/commit-reminder Thank You! |
This comment has been minimized.
This comment has been minimized.
Solved the error above! Notice I am using |
This comment has been minimized.
This comment has been minimized.
Hahahahaah this just happened to me, took me finding this message after 40 mins of research |
This comment has been minimized.
Try it out by typing in your key and secret on line 10 & 11 then
and go to 127.0.0.1:5000/