I am using the following code for authentication using oauth 2.0
oauth2.init_app(
app,
scopes=['email', 'profile'],
authorize_callback=_request_user_info)
The route is as follows
@app.route('/')
@oauth2.required
def hello():
"""Return a friendly HTTP greeting."""
return 'Hello ' + session['profile']['displayName']
The auth callback method
def _request_user_info(credentials):
"""
Makes an HTTP request to the Google+ API to retrieve the user's basic
profile information, including full name and photo, and stores it in the
Flask session.
"""
http = httplib2.Http()
credentials.authorize(http)
resp, content = http.request(
'https://www.googleapis.com/plus/v1/people/me')
if resp.status != 200:
current_app.logger.error(
"Error while obtaining user profile: %s" % resp)
return None
session['profile'] = json.loads(content)
I can see the consent screen and then after that there are too many redirects. The logs shows the following.
NFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:21] "GET / HTTP/1.1" 302 -
INFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:21] "GET /oauth2authorize?scopes=profile&scopes=email&return_url=http%3A%2F%2F127.0.0.1%3A8080%2F HTTP/1.1" 302 -
INFO:oauth2client.client:Successfully retrieved access token
INFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:27] "GET /oauth2callback?state=%7B%22csrf_token%22:+%22aa7d28d2496c0e0714eac20b902c1e4db21677d333a837d743525a9696d6c976%22,+%22return_url%22:+%22http://127.0.0.1:8080/%22%7D&code=4/Kz1xkENjHrTzLphfEG8CGND7tkeGXxjIffZxMwSr_hU HTTP/1.1" 302 -
INFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:27] "GET / HTTP/1.1" 302 -
INFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:27] "GET /oauth2authorize?scopes=profile&scopes=email&return_url=http%3A%2F%2F127.0.0.1%3A8080%2F HTTP/1.1" 302 -
INFO:oauth2client.client:Received token response with no refresh_token. Consider reauthenticating with approval_prompt='force'.
INFO:oauth2client.client:Successfully retrieved access token
INFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:28] "GET /oauth2callback?state=%7B%22csrf_token%22:+%22862efe9c1803e12c5c1323b5f68d8bbf185ba89d5d46268924ac527d3dca886c%22,+%22return_url%22:+%22http://127.0.0.1:8080/%22%7D&code=4/nU8o3y3zslgd9KVXJ_NDtzJUZfABeF6ka4IbYSiGKcs HTTP/1.1" 302 -
INFO:werkzeug:127.0.0.1 - - [10/Apr/2016 15:25:28] "GET / HTTP/1.1" 302 -
Eventually I see a page with the words. Invalid request state
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/SMKTg.png', '推荐 够拽才男人 的文章《Invalid request state: oauth2 flask》','https://www.manongdao.com/article-1097825.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}