OAuth GConnect KeyError: 'name' with Python on flask in Ubuntu +apache on Amazon Lightsail
OAuth GConnect KeyError: 'name' with Python on flask in Ubuntu +apache on Amazon Lightsail
使用 Flask 与 OAuth 斗争。
在 Flask 上托管了一个 python 应用程序,它可以在 amazon lightsail 上运行,apache.App 可以运行,但 Oauth 除外。
它 运行 在 OAuth 中遇到问题 google Oauth.Application 允许重定向并向用户显示 google 登录按钮。用户名和密码已提交,应用程序进行了重定向,但没有重定向就被击中了。
应用程序在本地开发环境中使用 auth 没有任何问题。 amazon lightsail 环境问题。
Apache 日志
ERROR:flask.app:Exception on /gconnect [POST]
[Sat Jan 26 00:35:27.445588 2019] [wsgi:error] [pid 3644:tid 139961772205824] Traceback (most recent call last):
[Sat Jan 26 00:35:27.445647 2019] [wsgi:error] [pid 3644:tid 139961772205824] File "/var/www/catalog/venv/lib/python2.7/site-packages/flask/app.py", line 2292, in wsgi_app
[Sat Jan 26 00:35:27.445699 2019] [wsgi:error] [pid 3644:tid 139961772205824]
--所以我们往下走----到达---
KeyError: 'name'[Sat Jan 26 00:35:27.446205 2019] [wsgi:error] [pid 3644:tid 139961772205824]
代码片段
片段 1)
CLIENT_JSON_LOC = '/var/www/catalog/catalog/client_secrets.json'
print("Looking for cl sec json at :",CLIENT_JSON_LOC)
CLIENT_ID = json.loads(
open(CLIENT_JSON_LOC, 'r').read())['web']['client_id']
print("Client ID is :",CLIENT_ID)
片段 2)
@app.route('/gconnect', methods=['POST'])
def gconnect():
----------------
片段 3)
login_session['access_token'] = credentials.access_token
login_session['gplus_id'] = gplus_id
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
#print("Reached after getting user info, data is :",data)
login_session['username'] = data['name']
login_session['picture'] = data['picture']
所以在客户端浏览器上,开始检查元素并报告 500
[Error] [Report Only] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. (signin, line 0, x2)
[Error] Failed to load resource: Not allowed to follow a redirection while loading https://apis.google.com/u/0/_/cspreport (cspreport, line 0)
[Error] Failed to load resource: Not allowed to follow a redirection while loading https://apis.google.com/u/0/_/cspreport (cspreport, line 0)
[Error] Failed to load resource: the server responded with a status of 500 (INTERNAL SERVER ERROR) (gconnect, line 0)```
我找到了答案。我通过写回 google auth connect 和 call back 的所有可能异常的代码来让它工作。事实证明 google 会不时更改其范围!感觉最好关闭这个问题,因为托管应用程序在网络上可以正常运行几天。
使用 Flask 与 OAuth 斗争。
在 Flask 上托管了一个 python 应用程序,它可以在 amazon lightsail 上运行,apache.App 可以运行,但 Oauth 除外。
它 运行 在 OAuth 中遇到问题 google Oauth.Application 允许重定向并向用户显示 google 登录按钮。用户名和密码已提交,应用程序进行了重定向,但没有重定向就被击中了。
应用程序在本地开发环境中使用 auth 没有任何问题。 amazon lightsail 环境问题。
Apache 日志
ERROR:flask.app:Exception on /gconnect [POST]
[Sat Jan 26 00:35:27.445588 2019] [wsgi:error] [pid 3644:tid 139961772205824] Traceback (most recent call last):
[Sat Jan 26 00:35:27.445647 2019] [wsgi:error] [pid 3644:tid 139961772205824] File "/var/www/catalog/venv/lib/python2.7/site-packages/flask/app.py", line 2292, in wsgi_app
[Sat Jan 26 00:35:27.445699 2019] [wsgi:error] [pid 3644:tid 139961772205824]
--所以我们往下走----到达---
KeyError: 'name'[Sat Jan 26 00:35:27.446205 2019] [wsgi:error] [pid 3644:tid 139961772205824]
代码片段
片段 1)
CLIENT_JSON_LOC = '/var/www/catalog/catalog/client_secrets.json'
print("Looking for cl sec json at :",CLIENT_JSON_LOC)
CLIENT_ID = json.loads(
open(CLIENT_JSON_LOC, 'r').read())['web']['client_id']
print("Client ID is :",CLIENT_ID)
片段 2)
@app.route('/gconnect', methods=['POST'])
def gconnect():
----------------
片段 3)
login_session['access_token'] = credentials.access_token
login_session['gplus_id'] = gplus_id
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
#print("Reached after getting user info, data is :",data)
login_session['username'] = data['name']
login_session['picture'] = data['picture']
所以在客户端浏览器上,开始检查元素并报告 500
[Error] [Report Only] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. (signin, line 0, x2)
[Error] Failed to load resource: Not allowed to follow a redirection while loading https://apis.google.com/u/0/_/cspreport (cspreport, line 0)
[Error] Failed to load resource: Not allowed to follow a redirection while loading https://apis.google.com/u/0/_/cspreport (cspreport, line 0)
[Error] Failed to load resource: the server responded with a status of 500 (INTERNAL SERVER ERROR) (gconnect, line 0)```
我找到了答案。我通过写回 google auth connect 和 call back 的所有可能异常的代码来让它工作。事实证明 google 会不时更改其范围!感觉最好关闭这个问题,因为托管应用程序在网络上可以正常运行几天。