Tornado Google+Oauth错误代码400

2024-03-28 14:42:25 发布

您现在位置:Python中文网/ 问答频道 /正文

我在Google+OAuth使用tornado框架时遇到问题。我使用AngularJS作为前端,pythontronado作为nginx服务器的后端。我从AngularJS向Google+API发送HTTP请求,我的tornado API被重定向到Google登录。成功登录后,它会重定向回我的应用程序。在重定向时,我认为它会自动刷新,即有两个来自Google的重定向调用。在

请参阅tornado OAuth2发出的两个HTTP重定向调用

enter image description here

这是我的代码:

class GoogleOAuth2LoginHandler(tornado.web.RequestHandler, tornado.auth.GoogleOAuth2Mixin):
    @tornado.gen.coroutine
        def get(self):
            if self.get_argument('code', False):
                user = yield self.get_authenticated_user(
                    redirect_uri='http://your.site.com/auth/google',
                    code=self.get_argument('code')
                )
                # Save the user with e.g. set_secure_cookie
            else:
                yield self.authorize_redirect(
                    redirect_uri='http://your.site.com/auth/google',
                    client_id=self.settings['google_oauth']['key'],
                    scope=['profile', 'email'],
                    response_type='code',
                    extra_params={'approval_prompt': 'auto'}

错误:

Google auth error: HTTPResponse(_body=None,buffer=<_io.BytesIO object at 0xb37809bc>,code=400,effective_url='https://accounts.google.com/o/oauth2/token',error=HTTPError('HTTP 400: Bad Request',),headers={'X-Consumed-Content-Encoding': 'gzip', 'Alternate-Protocol': '443:quic,p=1', 'X-Xss-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'NID=76=iaY_jJFPzvLg3_h3eqUFMt4fecbELKk9_bGJju-mwsHBNlxeDqSrtmpyazsrJ3mDgtDnTnzsw5_fjIfV8GcUAegoNgxGi5ynpcfg0vEWULSeVXKio_ANxEoK9C-F5oRs;Domain=.google.com;Path=/;Expires=Sat, 13-Aug-2016 10:17:46 GMT;HttpOnly', 'Expires': 'Fri, 12 Feb 2016 10:17:46 GMT', 'Server': 'GSE', 'Connection': 'close', 'Cache-Control': 'private, max-age=0', 'Date': 'Fri, 12 Feb 2016 10:17:46 GMT', 'P3p': 'CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."', 'Alt-Svc': 'quic=":443"; ma=604800; v="30,29,28,27,26,25"', 'Content-Type': 'application/json; charset=utf-8', 'X-Frame-Options': 'SAMEORIGIN'},reason='Bad Request',request=,request_time=0.4158029556274414,time_info={})


Tags: selfcomauthhttpgetgooglecodecontent
1条回答
网友
1楼 · 发布于 2024-03-28 14:42:25

同样的配置(Tornado+nginx+angularjs)也有同样的问题。我只是重新编写了OAuth认证部分,没有龙卷风和问题解决。您可以使用tornado的AsyncHttpClient,但我使用aiohttp,因为我在asyncio中托管了tornado。 下面是新代码,注释部分是旧代码。在

from backend.helpers.async_oauth2.client import Client

        oauth_client = Client(app_settings.security.google.client_id, app_settings.security.google.client_secret,
                              app_settings.security.google.redirect_uri, "https://accounts.google.com/o/oauth2/auth"
                              , "https://accounts.google.com/o/oauth2/token")

        access = await oauth_client.get_token(code, grant_type="authorization_code")

        # access = await self.get_authenticated_user(
        #     redirect_uri=app_settings.security.google.redirect_uri,
        #     code=code)

        # user = await self.oauth2_request(
        #     "https://www.googleapis.com/oauth2/v1/userinfo",
        #     access_token=str(access["access_token"]))

        user = await oauth_client.http_get(
            "https://www.googleapis.com/oauth2/v1/userinfo?{}".format(
                url_parse.urlencode({'access_token':str(access["access_token"])})))

相关问题 更多 >