400错误提示:redirect_uri_mismatch当尝试从Django视图使用OAuth2和Google Sheets时

1yjd4xko  于 2023-03-24  发布在  Go
关注(0)|答案(4)|浏览(289)

我正在尝试从Django视图连接到Google Sheets的API。我从这个链接中获取的大部分代码:https://developers.google.com/sheets/api/quickstart/python
下面是代码:

sheets.py(复制粘贴自上面的链接,函数重命名)

from __future__ import print_function
import pickle
import os.path
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request

# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/spreadsheets.readonly']

# The ID and range of a sample spreadsheet.
SAMPLE_SPREADSHEET_ID = '1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms'
SAMPLE_RANGE_NAME = 'Class Data!A2:E'

def test():
    """Shows basic usage of the Sheets API.
    Prints values from a sample spreadsheet.
    """
    creds = None
    # The file token.pickle stores the user's access and refresh tokens, and is
    # created automatically when the authorization flow completes for the first
    # time.
    if os.path.exists('token.pickle'):
        with open('token.pickle', 'rb') as token:
            creds = pickle.load(token)
    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(
                'credentials.json', SCOPES)
            creds = flow.run_local_server(port=0)
        # Save the credentials for the next run
        with open('token.pickle', 'wb') as token:
            pickle.dump(creds, token)

    service = build('sheets', 'v4', credentials=creds)

    # Call the Sheets API
    sheet = service.spreadsheets()
    result = sheet.values().get(spreadsheetId=SAMPLE_SPREADSHEET_ID,
                                range=SAMPLE_RANGE_NAME).execute()
    values = result.get('values', [])

    if not values:
        print('No data found.')
    else:
        print('Name, Major:')
        for row in values:
            # Print columns A and E, which correspond to indices 0 and 4.
            print('%s, %s' % (row[0], row[4]))

网址.py

urlpatterns = [
    path('', views.index, name='index')
]

查看次数.py

from django.http import HttpResponse
from django.shortcuts import render

from .sheets import test

# Views

def index(request):
    test()
    return HttpResponse('Hello world')

view函数所做的只是从sheets.py模块调用test()方法。无论如何,当我运行我的服务器并转到URL时,另一个标签页为Google oAuth2打开,这意味着检测到凭据文件和所有内容。然而,在此标签页中,显示以下来自Google的错误消息:

Error 400: redirect_uri_mismatch The redirect URI in the request, http://localhost:65262/, does not match the ones authorized for the OAuth client.

在我的API控制台中,我将回调URL设置为127.0.0.1:8000以匹配我的Django的视图URL。我甚至不知道http://localhost:65262/ URL来自哪里。有人能帮助解决这个问题吗?有人能解释一下为什么会发生这种情况吗?提前感谢。

EDIT我试图删除如注解中提到的flow方法中的port=0,然后URL不匹配发生在http://localhost:8080/,这又是一个非常奇怪的问题,因为我的Django应用程序运行在8000端口。

yfwxisqw

yfwxisqw1#

除非Flow.run您不打算部署代码,否则不应该使用www.example.com _local_server()。这是因为run_local_server在服务器上启动浏览器来完成流程。
如果您是在本地为自己开发项目,这很好用。
如果您打算使用本地服务器来协商OAuth流。在您的secrets中配置的重定向URI必须匹配,主机的本地服务器默认值为localhost,端口为8080
如果您希望部署代码,则必须通过用户浏览器、您的服务器和Google之间的交换来执行流程。
因为你已经有一个运行中的Django服务器,你可以使用它来协商流程。
例如,
假设Django项目中有一个tweets应用程序,其中包含urls.py模块,如下所示。

from django.urls import path, include

from . import views

urlpatterns = [
    path('google_oauth', views.google_oath, name='google_oauth'),
    path('hello', views.say_hello, name='hello'),
]

urls = include(urlpatterns)

您可以为需要凭据的视图实现一个防护,如下所示。

import functools
import json
import urllib

from google.oauth2.credentials import Credentials
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request

from django.shortcuts import redirect
from django.http import HttpResponse

SCOPES = ['https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', 'openid']

def provides_credentials(func):
    @functools.wraps(func)
    def wraps(request):
        # If OAuth redirect response, get credentials
        flow = InstalledAppFlow.from_client_secrets_file(
            'credentials.json', SCOPES,
            redirect_uri="http://localhost:8000/tweet/hello")

        existing_state = request.GET.get('state', None)
        current_path = request.path
        if existing_state:
            secure_uri = request.build_absolute_uri(
                ).replace('http', 'https')
            location_path = urllib.parse.urlparse(existing_state).path 
            flow.fetch_token(
                authorization_response=secure_uri,
                state=existing_state
            )
            request.session['credentials'] = flow.credentials.to_json()
            if location_path == current_path:
                return func(request, flow.credentials)
            # Head back to location stored in state when
            # it is different from the configured redirect uri
            return redirect(existing_state)

        # Otherwise, retrieve credential from request session.
        stored_credentials = request.session.get('credentials', None)
        if not stored_credentials:
            # It's strongly recommended to encrypt state.
            # location is needed in state to remember it.
            location = request.build_absolute_uri() 
            # Commence OAuth dance.
            auth_url, _ = flow.authorization_url(state=location)
            return redirect(auth_url)

        # Hydrate stored credentials.
        credentials = Credentials(**json.loads(stored_credentials))

        # If credential is expired, refresh it.
        if credentials.expired and creds.refresh_token:
            creds.refresh(Request())

        # Store JSON representation of credentials in session.
        request.session['credentials'] = credentials.to_json()

        return func(request, credentials=credentials)
    return wraps

@provides_credentials
def google_oauth(request, credentials):
    return HttpResponse('Google OAUTH <a href="/tweet/hello">Say Hello</a>')

@provides_credentials
def say_hello(request, credentials):
    # Use credentials for whatever
    return HttpResponse('Hello')

请注意,这只是一个例子。如果你决定走这条路,我建议你考虑将OAuth流提取到它自己的Django应用程序中。

bhmjp9jg

bhmjp9jg2#

我遇到了同样的问题,redirect_uri错误,结果(如上所述)我在谷歌控制台中创建了我的凭据,类型为“Web服务器”而不是“桌面应用程序”。我创建了新的凭据为“桌面应用程序”,下载了JSON,它工作了。
最后,我想为Web服务器使用API,但这是一个与示例不同的流程。

a1o7rhls

a1o7rhls3#

重定向URI告诉Google您希望将授权返回到的位置。必须在Google开发人员控制台中正确设置,以避免任何人劫持您的客户端。它必须完全匹配。
编辑您当前使用的客户端并添加以下内容作为重定向uri

http://localhost:65262/

提示点击小铅笔图标编辑客户端:)
TBH在开发过程中,只需要添加谷歌说你要调用的端口,然后在应用程序中摆弄设置就可以了。

0ve6wy6x

0ve6wy6x4#

我也有同样的问题。
1.刚刚添加了错误中提到的重定向URL(例如在您的情况下-http://localhost:65262/)到Google云控制台上的授权重定向URI。
1.我正在使用jupyter notebook为gsheet API生成令牌,所以它正在等待我进行身份验证(S/A请访问此URL以授权此应用程序:.
1.完成第一步后,点击第二步中的链接。授权进行得很顺利。顺便说一句,我使用的是基于OAuth的Web应用程序。

相关问题