Snowflake 自定义 OAuth 无法处理 invalid_client 错误

问题描述 投票:0回答:1

首先它工作正常,并且显示范围不可用错误,但现在显示此错误, 我使用 snowflake_oauth_docs 创建了集成,这是我的查询:

CREATE SECURITY INTEGRATION my_app_oauth
   TYPE = OAUTH
   ENABLED = TRUE
   OAUTH_CLIENT = CUSTOM
   OAUTH_CLIENT_TYPE = 'CONFIDENTIAL'
   OAUTH_REDIRECT_URI = 'https://b54rmx30-8000.inc1.devtunnels.ms/callback/snowflake/'
   OAUTH_ISSUE_REFRESH_TOKENS = TRUE
   OAUTH_REFRESH_TOKEN_VALIDITY = 7776000;

然后我做了这个

DESC SECURITY INTEGRATION my_app_oauth;
和这个
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('DATAOPSLY_OAUTH');

我收集了 client_id 和 client_secret

我使用 django 进行 oauth,所以这是我的回调和登录视图:

def snowflake_login(request):
    # Snowflake OAuth configuration
    snowflake_client_id = 'my_client_id'
    snowflake_client_secret = 'my_secret'
    authorization_url = 'https://<my_account>.snowflakecomputing.com/oauth/authorize'
    token_url = 'https://<my_account>.snowflakecomputing.com/oauth/token'
    redirect_uri = 'https://b54rmx30-8000.inc1.devtunnels.ms/callback/snowflake/'  # Update with your Django callback URL
    scopes = 'openid email profile'  # Adjust scopes as needed

    # Redirect user to Snowflake OAuth authorization URL
    auth_params = {
        'response_type': 'code',
        'client_id': snowflake_client_id,
        'redirect_uri': redirect_uri,
        'scope': scopes,
    }
    redirect_url = f"{authorization_url}?{'&'.join([f'{k}={v}' for k, v in auth_params.items()])}"
    return redirect(redirect_url)

def snowflake_callback(request):
    # Handle callback from Snowflake OAuth
    snowflake_client_id = 'my_client_id'
    snowflake_client_secret = 'my_secret'
    token_url = 'https://<my_account>.snowflakecomputing.com/oauth/token'
    redirect_uri = 'https://b54rmx30-8000.inc1.devtunnels.ms/callback/snowflake/'  # Update with your Django callback URL

    # Get authorization code from callback request
    code = request.GET.get('code')
    
    # Exchange authorization code for access token
    token_params = {
        'grant_type': 'authorization_code',
        'code': code,
        'client_id': snowflake_client_id,
        'client_secret': snowflake_client_secret,
        'redirect_uri': redirect_uri,
    }

    # Make POST request to get access token
    response = requests.post(token_url, data=token_params)
    print("***************response:", response)
    token_data = response.json()
    print("**************token_data:", token_data)

    # Assuming successful response, store token_data as needed (e.g., in session)
    access_token = token_data.get('access_token')
    refresh_token = token_data.get('refresh_token')

    # Example of using the access token to fetch user information
    if access_token:
        headers = {
            'Authorization': f'Bearer {access_token}',
        }
        user_info_url = 'https://<my_account>.snowflakecomputing.com/oauth/userinfo'
        user_info_response = requests.get(user_info_url, headers=headers)
        user_info = user_info_response.json()

        # Example: Extract user details from user_info and create/update user in your Django app
        email = user_info.get('email')
        username = user_info.get('username')

        # Logic to authenticate user in Django (create user if not exists, login, etc.)
        # Example:
        # user, created = User.objects.get_or_create(email=email, defaults={'username': username})
        # login(request, user)

        # Redirect user to home or another page after successful login
        return redirect('home')

    # Handle error scenarios if needed
    return render(request, 'home.html', {'error_message': 'Failed to authenticate with Snowflake.'})

我用过这个

from requests_oauthlib import OAuth2Session

所以,我的问题是我收到此错误:

授权发生错误 未找到与给定客户端 ID 的 OAuth 客户端集成。

即使我从

DESC SECURITY INTEGRATION my_app_oauth;

访问网址

首先我正常尝试,但出现了范围不适用或其他错误,然后,当我尝试创建新的集成时突然收到此错误,不知道如何继续!

有人可以帮助我吗!

django oauth snowflake-cloud-data-platform django-authentication
1个回答
0
投票

当使用 Snowflake 作为 OAuth 服务器时,必须请求令牌:

获取授权码的网址:

?response_type=代码&client_id=&redirect_uri=

注意:我们必须对 client_id 和重定向 URI 进行 URL 编码。

请检查您是否在编码后发送客户端ID?

请参阅以下文章,其中讨论了获取令牌的参考集成。 雪花Oauth自定义

© www.soinside.com 2019 - 2024. All rights reserved.