我们正在尝试让苹果oauth在一个使用django-social的django后台的web应用中工作。最初的登录请求设置了一个sessionid cookie,但是最后的authcomplete请求并没有发送任何浏览器的cookie。 控制台没有错误,我们的测试服务器使用的是ssl。redirect_uri是正确的,只是缺少了它的cookie。
django中的设置我们已经尝试过了。
SESSION_COOKIE_SECURE = False
SESSION_COOKIE_SAMESITE = "Lax"
SOCIAL_AUTH_APPLE_ID_CLIENT = '<our_website_name>' # Your client_id com.application.your, aka "Service ID"
SOCIAL_AUTH_APPLE_ID_TEAM = '<our_id>' # Your Team ID, ie K2232113
SOCIAL_AUTH_APPLE_ID_KEY = values.SecretValue() # Your Key ID, ie Y2P99J3N81K
SOCIAL_AUTH_APPLE_ID_SECRET_B64 = values.SecretValue()
SOCIAL_AUTH_APPLE_ID_SCOPE = ['email', 'name']
SOCIAL_AUTH_APPLE_ID_EMAIL_AS_USERNAME = True # If you want to use email as username
USE_X_FORWARDED_HOST = True
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True
@property
def SOCIAL_AUTH_APPLE_ID_SECRET(self):
return base64.b64decode(self.SOCIAL_AUTH_APPLE_ID_SECRET_B64
AUTHENTICATION_BACKENDS = (
"rest_framework.authentication.TokenAuthentication",
"social_core.backends.open_id.OpenIdAuth", # for Google authentication
"social_core.backends.google.GoogleOpenId", # for Google authentication
"social_core.backends.google.GoogleOAuth2", # for Google authentication
"django.contrib.auth.backends.ModelBackend",
'social_core.backends.apple.AppleIdAuth', # Apple oauth
)
结果出现了以下错误
[04/May/2020 22:18:39] "GET /auth/login/apple-id/ HTTP/1.0" 302 0
Internal Server Error: /auth/complete/apple-id/
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/usr/local/lib/python3.8/site-packages/django/core/handlers/base.py", line 115, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/local/lib/python3.8/site-packages/django/core/handlers/base.py", line 113, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/social_django/utils.py", line 49, in wrapper
return func(request, backend, *args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/social_django/views.py", line 31, in complete
return do_complete(request.backend, _do_login, user=request.user,
File "/usr/local/lib/python3.8/site-packages/social_core/actions.py", line 45, in do_complete
user = backend.complete(user=user, *args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
return self.auth_complete(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/social_core/utils.py", line 251, in wrapper
return func(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/social_core/backends/oauth.py", line 388, in auth_complete
state = self.validate_state()
File "/usr/local/lib/python3.8/site-packages/social_core/backends/oauth.py", line 90, in validate_state
raise AuthStateMissing(self, 'state')
social_core.exceptions.AuthStateMissing: Session value state missing.
[04/May/2020 22:18:53] "POST /auth/complete/apple-id/ HTTP/1.0" 500 102779
是我们漏掉了django的设置还是django的social设置? 有人能帮助我们吗? 谢谢你
文件 "usrlocallibpython3.8site-packagessocial_corebackendsoauth.py",第90行,在validate_state中引发AuthStateMissing(self, 'state')social_core.exceptions.AuthStateMissing: [04May2020 22:18:53] "POST authcompleteapple-id HTTP1.0" 500 102779。
这说明它是一个social_auth的问题,你需要进一步挖掘。
另外,你可以尝试 https:/github.python-social-authsocial-coreissues250#issuecomment-436832460。 这一点,并检查docs和源代码的social-auth更详细。