-
-
Notifications
You must be signed in to change notification settings - Fork 6.2k
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth2 Authorization Code flow fails #550
Comments
Re-reading the docs, I'm not sure if the above interpretation is right any more. |
Yup - in that picture, the "Regular web app" is both the client and the API server. It's a really confusing picture that had me scratching my head for a couple of hours a few weeks back. Glad to see I'm not the only one that finds it a bit confusing. |
For what it's worth, the swagger docs client logic is handled entirely outside of FastAPI (FastAPI just includes a reference to a cdn-hosted script); I think this repo might be a better place to look for information (or post an issue). |
It looks like this is not implemented upstream in swagger-ui: |
Also relevant: |
I am also facing this error message |
Probably not a bug. I have been using playing with it since August. Already submitted a pull request: #797 |
Also seeing this same error message Seems like it is caused by a CORS error under the hood :
Is this simply not supported or has the situation evolved ? |
I'm having a similar issue. I get |
To fix |
Sorry, this is the machine translated version. I have successfully solved this problem in my program. The main reason for this problem is that the address pointed to by the Swagger authorization button is not the same as your login api address. Just change the tokenUrl to the correct path. If not, it may not be the same as your problem. |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Describe the bug
I believe the following code should implement the OAuth2 Authorization Code flow for the openapi/swagger docs interface:
This successfully produces an Authorization button in the
/docs
swagger UI, which when used successfuly takes the user to the authorization service to enter credentials.The next part of the process, exchanging the authorization code for a token, which should happen server side not client side, fails. In the UI I see
Auth ErrorTypeError: Failed to fetch
. Looking at the network traffic I see that the client is trying to connect to the TOKEN_URL, and (obviously) failing. My understanding is that this is not how Authorization Code Flow is supposed to work - the authorization code should be passed from the client to the API server, and the API server should take care of exchanging the code for a token by going to the token URL.In the console where I am running the fastAPI application I see:
(Have X'ed out some characters)
This is the problem I referred to in #335
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I would expect to see successful authentication.
Screenshots
Environment:
fastapi 0.38.1
Python 3.7.4
The text was updated successfully, but these errors were encountered: