我正在尝试编写一个 Web 服务,它使用来自 Sharepoint Online 站点的一些数据使用该flask_oauthlib
模块。
我已经这样设置了:
from flask import Flask, session
from . import settings
app = Flask(__name__)
app.config.from_object(settings) # To get SECRET_KEY
from flask_oauthlib import OAuth
oauth = OAuth(app)
sharepoint = oauth.remote_app(
'sharepoint',
consumer_key = '<redacted>',
consumer_secret = '<redacted>',
request_token_params = {'scope': 'AllSites.Manage'},
base_url = 'https://<redacted>.sharepoint.com/_layouts/15/OAuthAuthorize.aspx',
request_token_url = None,
access_token_method = 'GET',
access_token_url = 'https://<redacted>.sharepoint.com/_layouts/15/OAuthAuthorize.aspx'
)
@sharepoint.tokengetter
def get_sharepoint_token(token=None):
return session.get('sharepoint_token')
@app.route('/')
def index():
return sharepoint.authorize(callback='https://localhost:5000/login')
@app.route('/login')
def login():
resp = sharepoint.authorized_response()
if resp is None:
return 'Login failed: ' + request.args.get('error_description')
session['sharepoint_token'] = ( resp['auth_token'], resp['auth_token_secret'] )
session['sharepoint_user'] = resp['screen_name']
return 'Hello, ' + resp['screen_name']
if __name__ == '__main__':
app.run(host='127.0.0.1', port=5000, debug=True, ssl_context=('server.crt', 'server.key'))
这成功重定向到 Sharepoint 授权屏幕,在该屏幕上询问我是否信任我的应用程序。当我单击“信任它”按钮时,控制台上出现内部服务器错误:
127.0.0.1 - - [19/Mar/2018 14:48:15] "GET /login?code=IAAAAJ2%5FBr9vn6qSXfgVMvTH8zRV7l%2DFvowYYRZ4jRO52i5u7RA%2DKwgdswowaS4Msg79Oz%2Dl70kgUvpSwE8VtzJ7cXlw8EEN5lR6znN6XgaGSJrdZoYLTkVQuXMlN%5FAVy1TTnNCe5R5TFqL1sm6kphH7PnvxZQ6IX...<redacted> HTTP/1.1" 500 -
Traceback (most recent call last):
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1997, in __call__
return self.wsgi_app(environ, start_response)
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1985, in wsgi_app
response = self.handle_exception(e)
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1540, in handle_exception
reraise(exc_type, exc_value, tb)
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/_compat.py", line 33, in reraise
raise value
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/_compat.py", line 33, in reraise
raise value
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/home/tkcook/git/azimuth-timesheets/timesheets/routes/__init__.py", line 15, in login
resp = sharepoint.authorized_response()
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask_oauthlib/client.py", line 677, in authorized_response
data = self.handle_oauth2_response()
File "/home/tkcook/Envs/venv/lib/python3.6/site-packages/flask_oauthlib/client.py", line 664, in handle_oauth2_response
type='invalid_response', data=data
flask_oauthlib.client.OAuthException: Invalid response from sharepoint
仔细研究一下,Sharepoint 似乎正在返回 HTTP 403 Forbidden。我已经尝试使用通过在 Azure AD 中注册应用程序生成的客户端 ID/秘密以及通过在 Sharepoint 网站集上注册应用程序(通过转到/_layouts/15/appregnew.aspx
)生成的客户端 ID/秘密以及通过在特定站点上注册应用程序生成的客户端 ID/秘密(通过去/sites/nameofmysite/_layouts/15/appregnew.aspx
)。都给出相同的结果;显示授权屏幕,但最后一步给出 HTTP 403。
我做错了什么?