0

我在 django authlib 客户端https://docs.authlib.org/en/latest/client/django.html上有一些问题。在重定向 url 上,authorize_access_token 引发 MismatchingStateError()。

这是我的代码:

def login(request):
    # google = oauth.create_client('google')

    authservice = oauth.create_client('authservice')
    redirect_uri = 'http://localhost:8050/authorize'

    authservice.save_authorize_data(request)

    return authservice.authorize_redirect(request, redirect_uri)


def authorize(request):
    token = oauth.authservice.authorize_access_token(request)
    userinfo = oauth.authservice.parse_id_token(request, token)
    resp = oauth.authservice.userinfo(token=token)
    return JsonResponse(token, safe=False)

和堆栈跟踪:

Internal Server Error: /authorize/
app_1  | Traceback (most recent call last):
app_1  |   File "/usr/local/lib/python3.7/site-packages/django/core/handlers/exception.py", line 34, in inner
app_1  |     response = get_response(request)
app_1  |   File "/usr/local/lib/python3.7/site-packages/django/core/handlers/base.py", line 115, in _get_response
app_1  |     response = self.process_exception_by_middleware(e, request)
app_1  |   File "/usr/local/lib/python3.7/site-packages/django/core/handlers/base.py", line 113, in _get_response
app_1  |     response = wrapped_callback(request, *callback_args, **callback_kwargs)
app_1  |   File "/opt/project/access/views.py", line 141, in authorize
app_1  |     token = oauth.authservice.authorize_access_token(request)
app_1  |   File "/usr/local/lib/python3.7/site-packages/authlib/integrations/django_client/integration.py", line 66, in authorize_access_token
app_1  |     params = self.retrieve_access_token_params(request)
app_1  |   File "/usr/local/lib/python3.7/site-packages/authlib/integrations/base_client/base_app.py", line 144, in retrieve_access_token_params
app_1  |     params = self._retrieve_oauth2_access_token_params(request, params)
app_1  |   File "/usr/local/lib/python3.7/site-packages/authlib/integrations/base_client/base_app.py", line 126, in _retrieve_oauth2_access_token_params
app_1  |     raise MismatchingStateError()
app_1  | authlib.integrations.base_client.errors.MismatchingStateError: mismatching_state: CSRF Warning! State not equal in request and response.

如果有人对如何解决它有一个想法,那就太好了。

感谢你们 :)

4

1 回答 1

0

我相信可能会发生错误,因为您的应用中配置的 url 与'http://localhost:8050/authorize'

检查并验证它们是否相同。另外,请参阅

于 2020-03-03T18:13:35.793 回答