You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I had a problem to validate the oauth2 token with xsrfutil.validate_token.
Indeed, I switched to Django 1.7 which gives a unicode object when getting the state parameter of the oauth callback URL.
The initial state variable passed to Google is built as following:
Then I try to validate the token using xsrfutil.validate_token in my oauth return view as follows:
if not xsrfutil.validate_token(google_app.secret,
state,
request.user,
action_id=AUTHORIZE_GOOGLE_API_ACCESS_ACTION_ID):
return HttpResponseBadRequest('Your Google API token could not be validated.')
with:
state = request.REQUEST['state']
However, I had to use
state = str(request.REQUEST['state'])
so the token validates.
This is due to the fact Django 1.7 returns a unicode object for the state variable above using request.REQUEST. I was previously using Django 1.6 which used to return a string.
I believe this is somehow related to the api's Python 3 migration enhancement, which is not available yet. It would be nice to update the api documentation and django samples to reflect this issue.
The text was updated successfully, but these errors were encountered:
Hi guys,
I had a problem to validate the oauth2 token with xsrfutil.validate_token.
Indeed, I switched to Django 1.7 which gives a unicode object when getting the state parameter of the oauth callback URL.
The initial state variable passed to Google is built as following:
Then I try to validate the token using xsrfutil.validate_token in my oauth return view as follows:
with:
However, I had to use
so the token validates.
This is due to the fact Django 1.7 returns a unicode object for the state variable above using request.REQUEST. I was previously using Django 1.6 which used to return a string.
I believe this is somehow related to the api's Python 3 migration enhancement, which is not available yet. It would be nice to update the api documentation and django samples to reflect this issue.
The text was updated successfully, but these errors were encountered: