无法使用google-oauth2验证django中来自flutter应用程序的access_token出现了类似“凭据不正确”的错误

mw3dktmi  于 2022-11-21  发布在  Go
关注(0)|答案(1)|浏览(121)
@api_view(['POST'])
@permission_classes([AllowAny])
@psa()
def register_by_access_token(request, backend):
    token = request.data.get('access_token')
    user = request.backend.do_auth(token)
    print(request)
    if user:
        token, _ = Token.objects.get_or_create(user=user)
        return Response(
            {
                'token': token.key
            },
            status=status.HTTP_200_OK,
            )
    else:
        return Response(
            {
                'errors': {
                    'token': 'Invalid token'
                    }
            },
            status=status.HTTP_400_BAD_REQUEST,
        )

所以上面是代码
这是网址

re_path('api/register-by-access-token/' + r'social/(?P<backend>[^/]+)/$', register_by_access_token),

但一直以来
user = request.backend.do_auth(token)
这个东西给出“凭证不正确”的错误

xlpyo6sf

xlpyo6sf1#

The issue is that Google OAuth access tokens issued to mobile apps are actually ID tokens, not access tokens. They use a different signature and contain user information instead of scope information.
To authenticate with these, you need to use a social auth backend that supports ID tokens, like social-auth-app-django.
In that backend, you would use the auth_by_id_token view instead of auth.

相关问题