Google Social Authentication with dj-rest-auth

[MatejMijoski]

I've spent a a lot of time on implementing Google oAuth with dj-rest-auth which should be easier, and I'll post my solution here, hoping it'll help somebody else.
views.py

class GoogleLogin(SocialLoginView):
    adapter_class = GoogleOAuth2Adapter
    client_class = OAuth2Client
    callback_url = "http://127.0.0.1:8000/api/auth/google/callback/"

urls.py

path(r'auth/google', GoogleLogin.as_view(), name='google_login')

settings.py

   'allauth.socialaccount',
   'allauth.socialaccount.providers.google',

The callback_url and client_class are only required if you're sending only code i.e. authorization_code to Google oAuth URL.
The problem I had was that after making the request to https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=<callback-url>&prompt=consent&response_type=code&client_id=<your_client_id>&scope=openid%20email&access_type=offline (change the callback_url and client_id with the ones from your app), as a response I got back the code. When sending the code to the /auth/google URL, i got this error Error retrieving access token: b'{\n “error”: “redirect_uri_mismatch”,\n “error_description”: “Bad Request”\n}'. This was because the code is URL safe, which means you'll need to first decode it and then send it to your API endpoint.

[ghost]

Did you work around: {"non_field_errors":["View is not defined, pass it as a context variable"]} ?

[MatejMijoski]

I think that downgrading to django-rest-framework v3.10.3 solved the issue for me.

[ghost]

#147 (comment) this would also help you out I think. Thanks for the quick response!

[ghost]

How did you decode the URL? I'm hitting this error and it looks like the redirect_uri is being encoded in the requests.request of django-allauth here https://github.com/pennersr/django-allauth/blob/master/allauth/socialaccount/providers/oauth2/client.py#L75

[MatejMijoski]

You can use urllib for the decoding.

import urllib.parse
url = "your-encoded-url"
urllib.parse.unquote(url) 

[iMerica]

Thanks for creating this issue and documenting a solution that works for Oauth + Google. I'm going to close this ticket, but feel free to post any updates here.

[Tobeyforce]

This endpoint expects the code, token sent in JSON right?
Having issues where my frontend plugin sends it as a post-request but doesn't understand that it needs to extract the variables and insert them in an understandable json format (Nuxt Auth). Not sure if I should attempt to override the backend or frontend at this point, how easy is this to modify based on all auth? @MatejMijoski

EDIT: Duh, dumb me. I had a global header always being set on my front end which caused it to add a conte-type:application/json to the request, when it should've been x-www-urlencoded. The response from the serializer made me think it expected json though, hehe.

[mohamedsamiromar]

How to get access token and code?
Please.

[himarajab]

How to get access token and code? Please.

generally u get the access token from the front end and if u want to test the apis u can use
https://developers.google.com/oauthplayground/?code=4%2F0AX4XfWjoWnaJvOAdjpcaolPnYSuIfRW9LjeGfFEg-rwo-jtyypKcwAs3Y78oLuMOSuTZHQ&scope=email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid&authuser=0&prompt=consent
and for facebook
https://developers.facebook.com/tools/explorer/6326047150802438/?method=GET&path=me%3Ffields%3Did%2Cname%2Cabout%2Cemail&version=v12.0
and search for oath which will will generate token u can use for testing

[mohamedsamiromar]

Thank you so much