Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scope change warning (actually an error) when fetching tokens #173

Closed
josephtate opened this issue Feb 27, 2015 · 4 comments
Closed

Scope change warning (actually an error) when fetching tokens #173

josephtate opened this issue Feb 27, 2015 · 4 comments

Comments

@josephtate
Copy link

My test script is pretty much straight from the http://requests-oauthlib.readthedocs.org/en/latest/examples/google.html Google OAuth2 tutorial.

#My test script
client_id =  '<snipped>.apps.googleusercontent.com'
client_secret = '<snipped>'
redirect_uri = '<snipped>'
token_url = "https://accounts.google.com/o/oauth2/token"
authz_url_base = 'https://accounts.google.com/o/oauth2/auth'
scope = ['https://www.googleapis.com/auth/plus.me', 'email']

from requests_oauthlib import OAuth2Session

google = OAuth2Session(client_id, scope=scope, redirect_uri=redirect_uri)

authorization_url, state = google.authorization_url(authz_url_base, access_type="online")

print 'Please go here and authorize,', authorization_url

redirect_response = raw_input('Paste the full redirect URL here:')

google.fetch_token(token_url, client_secret=client_secret, authorization_response=redirect_response)

And here's the output:

Please go here and authorize, https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=<snipped>
Paste the full redirect URL here:<snipped>
Traceback (most recent call last):
  File "test.py", line 18, in <module>
    google.fetch_token(token_url, client_secret=client_secret, authorization_response=redirect_response)
  File "/home/jtate/.virtualenvs/crunch/local/lib/python2.7/site-packages/requests_oauthlib/oauth2_session.py", line 199, in fetch_token
    self._client.parse_request_body_response(r.text, scope=self.scope)
  File "/home/jtate/.virtualenvs/crunch/local/lib/python2.7/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 409, in parse_request_body_response
    self.token = parse_token_response(body, scope=scope)
  File "/home/jtate/.virtualenvs/crunch/local/lib/python2.7/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 376, in parse_token_response
    validate_token_parameters(params)
  File "/home/jtate/.virtualenvs/crunch/local/lib/python2.7/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 406, in validate_token_parameters
    raise w
Warning: Scope has changed from "email https://www.googleapis.com/auth/plus.me" to "".

It looks like the Session object's scope isn't passed down into the oauthlib token parsing lib causing the error every time.
@josephtate
Copy link
Author

This error is referenced in a comment in #157, but it's not related to that bug.

@josephtate
Copy link
Author

I have a pull request against oauthlib to fix this: https://github.com/josephtate/oauthlib/pull/1

@josephtate
Copy link
Author

Moved the pull request to oauthlib/oauthlib#323

@josephtate
Copy link
Author

Closing since this is not a bug against requests-oauthlib

wking added a commit to wking/google-form-templater that referenced this issue Apr 30, 2015
@wking
Use a development snapshot of oauthlib
83dae1c 
Work around:

  Warning: Scope has changed from "..." to "".

by pulling in this fix [1].  See previous discussion in [2,3].  Once
this gets released [4], we should update our requirements.txt to use a
tagged release.

[1]: oauthlib/oauthlib#323
[2]: requests/requests-oauthlib#157
[3]: requests/requests-oauthlib#173
[4]: https://pypi.python.org/pypi/oauthlib
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@josephtate