django Incorrect authentication service "google-oauth2" - django

I am trying to get django-social-auth to work with google logins.
I logged into google dev console > created a project > created a new client id in credentials as a web application which gave me the id and secrete.
I then get an error when i click the link on my site to log on with google
WrongBackend at /login/google-oauth2/
Incorrect authentication service "google-oauth2"
Here is my settings in settings.py
AUTHENTICATION_BACKENDS = (
'social.backends.open_id.OpenIdAuth',
'social.backends.google.GoogleOpenId',
'social.backends.google.GoogleOAuth2',
'social.backends.google.GoogleOAuth',
'social.backends.twitter.TwitterOAuth',
'social.backends.yahoo.YahooOpenId',
'django.contrib.auth.backends.ModelBackend',
)
TEMPLATE_CONTEXT_PROCESSORS = (
'social.apps.django_app.context_processors.backends',
'social.apps.django_app.context_processors.login_redirect',
'django.contrib.auth.context_processors.auth',
)
LOGIN_URL = '/login/'
LOGIN_REDIRECT_URL = '/oauth2callback/'
LOGIN_ERROR_URL = '/login-error/'
SOCIAL_AUTH_DEFAULT_USERNAME = 'new_social_auth_user'
SOCIAL_AUTH_UID_LENGTH = 16
SOCIAL_AUTH_ASSOCIATION_HANDLE_LENGTH = 16
SOCIAL_AUTH_NONCE_SERVER_URL_LENGTH = 16
SOCIAL_AUTH_ASSOCIATION_SERVER_URL_LENGTH = 16
SOCIAL_AUTH_ASSOCIATION_HANDLE_LENGTH = 16
SOCIAL_AUTH_ENABLED_BACKENDS = 'google'
GOOGLE_OAUTH2_CLIENT_ID = 'id.apps.googleusercontent.com'
GOOGLE_OAUTH2_CLIENT_SECRET = 'client_secret'
Does anyone know why i get that message? Thanks

Based on AUTHENTICATION_BACKENDS you mentioned, it seems you use python-social-auth (not django-social-auth) which has another syntax of key and secrect declaration.
references: python-social-auth documentation
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = 'id.apps.googleusercontent.com'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = 'client_secret'

Related

Reset email send me example.com url

When I try to use the password password/reset send me a mail with this this url
http://example.com/password-reset/confirm/MjM/572-52a21bbd1b80e9377f98/ Any ideas??
settings.py
SITE_ID = 1
#Registro simple sin correo
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
#Login no mail
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
ACCOUNT_CONFIRM_EMAIL_ON_GET = True
ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL =
reverse_lazy('account_confirm_complete')
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL =
reverse_lazy('account_confirm_complete')
ACCOUNT_USERNAME_REQUIRED = False
#Following is added to enable registration with email instead of username
AUTHENTICATION_BACKENDS = (
# Needed to login by username in Django admin, regardless of `allauth`
"django.contrib.auth.backends.ModelBackend",
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
)
This will obviously happen if you use SITE_ID=1 in your settings. The django-all-auth package uses the value of domain field of SITE_ID while creating a reset-password mail.
So, you can do either,
1. Change the value of domain of existing SITE_ID
Run the script in your Django Shell
from django.conf import settings
from django.contrib.sites.models import Site
site = Site.objects.get(id=settings.SITE_ID)
site.domain = "your.required.domain.com"
site.name = "Some Readable Name for Your Site"
site.save()
2. Create new Site instance and put newly created site id in settings.py
Run this on django shell,
from django.contrib.sites.models import Site
site = Site.objects.create(domain="your.required.domain.com", name="Some Readable Name for Your Site")
print(site.id)
Now, you'll get the new site id, put that in settings.py as,
#settings.py
SITE_ID = 123 # here "123" is the id of your newly creted site object
Note
These things(1 and 2) can also be done via Django Admin console.

django-auth-ldap failed authentication

I'm trying to use Django-Auth-Ldap in my project (Django 1.6, Python 2.7) but it is not working.
My active Directory shema is:
I've tested the connection on the cmd line by installing the ldap-utils package
sudo apt-get install ldap-utils
ldapsearch -H ldap://domain.com -D "ou=Resources,ou=Company, dc=domain,dc=com" -U "user_name" -w "user_password" -v -d 1
The connection test works fine.
I am using below code to test python-ldap connection from the shell:
import ldap
con = ldap.initialize('ldap://domain.com')
con.simple_bind_s('User_mail', 'User_password')
results = con.search_s('ou=Users,ou=Resources,ou=Company,dc=domain,dc=com', ldap.SCOPE_SUBTREE, "(cn=User_name)")
python-ldap connection works fine.
My problem is how to authenticate AD users from my django login interface?
settings.py:
import ldap
from django_auth_ldap.config import LDAPSearch
# The URL of the LDAP server.
AUTH_LDAP_SERVER_URI = "ldap://domain.com"
AUTH_LDAP_BIND_DN = "cn='User_name',ou=Resources,ou=Company,dc=domain,dc=com"
AUTH_LDAP_BIND_PASSWORD = "User_password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=Users,ou=Resources,ou=Company,dc=domain,dc=com",ldap.SCOPE_SUBTREE, "(cn=%(user)s)")
AUTH_LDAP_GLOBAL_OPTIONS = { ldap.OPT_REFERRALS : False }
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
views.py:
from django_auth_ldap.backend import LDAPBackend
auth = LDAPBackend()
user = auth.authenticate(username="User_name", password="User_password")
In the file django-ldap-debug.log I have this error:
Caught LDAPError while authenticating User_name: INVALID_CREDENTIALS({'info': '80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1', 'desc': 'Invalid credentials'},)
I found the answer.
I changed the AUTH_LDAP_BIND_DN by adding (OU=Users)
I must use samAccountName instead of CN in AUTH_LDAP_USER_SEARCH
My new settings.py :
import ldap, logging
from django_auth_ldap.config import LDAPSearch
logger = logging.getLogger('django_auth_ldap')
logger.addHandler(logging.StreamHandler())
logger.setLevel(logging.DEBUG)
AUTH_LDAP_SERVER_URI = "ldap://domain.com"
AUTH_LDAP_BIND_DN = "CN=User_name,OU=Users,OU=Resources,OU=Company,DC=domain,DC=com"
AUTH_LDAP_BIND_PASSWORD = "User_password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("OU=Users,OU=Resources,OU=Company,DC=domain,DC=com",ldap.SCOPE_SUBTREE, "(samAccountName=%(user)s)")
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
My views.py
from django_auth_ldap.backend import LDAPBackend
def login(request):
if request.method == 'POST':
form = MyLoginForm(data=request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
auth = LDAPBackend()
user = auth.authenticate(username=username, password=password)
if user is not None:
....
else:
form = MyLoginForm()
....
Hope this help all :)
I had similar problem but I have solved it other way around. Under AUTH_LDAP_BIND_DN have just put the user and domain and password. After that this was working like charm...
While I was investigating my ldaps issues I found above solution somehow useful, maybe also someone will benefit with my solution
LDAP_IGNORE_CERT_ERRORS = True
AUTH_LDAP_START_TLS = False
AUTH_LDAP_SERVER_URI = "ldaps://domain.com:636"
AUTH_LDAP_BIND_DN = "serviceaccount#domain.com"
AUTH_LDAP_BIND_PASSWORD = "superPass"
AUTH_LDAP_USER_SEARCH = LDAPSearch(
"OU=Company,DC=domain,DC=com",ldap.SCOPE_SUBTREE,"(sAMAccountName=%(user)s)"
)
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}

Cannot pass APP ID while using Django Social Auth

I am trying to enable logging in via facebook,twitter and Google Open Auth 2. I am using the main documentation https://django-social-auth.readthedocs.org/en/latest/index.html. I have also used http://c2journal.com/2013/01/24/social-logins-with-django/
I have put all the necessary configurations in place. Here is my settings.py
....
AUTHENTICATION_BACKENDS = (
'social_auth.backends.twitter.TwitterBackend',
'social_auth.backends.facebook.FacebookBackend',
'social_auth.backends.google.GoogleOAuthBackend',
'social_auth.backends.google.GoogleOAuth2Backend',
'social_auth.backends.google.GoogleBackend',
'django.contrib.auth.backends.ModelBackend',
)
.....
TEMPLATE_CONTEXT_PROCESSORS = (
"social_auth.context_processors.social_auth_by_type_backends",
"django.contrib.auth.context_processors.auth",
)
......
SOCIAL_AUTH_ENABLED_BACKENDS = ('google','facebook','twitter')
.....
FACEBOOK_APP_ID='**********'
FACEBOOK_API_SECRET='**********************'
FACEBOOK_APP_NAMESPACE = '********_app'
FACEBOOK_EXTENDED_PERMISSIONS = ['email']
GOOGLE_OAUTH2_CLIENT_ID = '***************'
GOOGLE_OAUTH2_CLIENT_SECRET = '**************************'
TWITTER_CONSUMER_KEY = '***************'
TWITTER_CONSUMER_SECRET = '**********************'
........
INSTALLED_APPS = (
............
'social_auth',
)
I have added social-auth to my urls.py too
(r'^accounts/login/$', 'django.contrib.auth.views.login',
{'template_name': 'login.html'}),
(r'^accounts/logout/$', 'django.contrib.auth.views.logout_then_login'),
.....
urlpatterns = patterns('',
...
url(r'', include('social_auth.urls')),
...
)
On my login.html page, here is how I have called the links
<div>Login with Facebook</div>
</div>Login with Twitter</div>
</div>Login with Google</div>
The problem however, everytime I try logging in via any of these services, It seems the APP Id is missing.
I get this error on Facebook Invalid App ID: None and this one on twitter Only unicode objects are escapable. Got None of type .. Google doesn't work too but It tells me I cannot use raw IP addresses. I am using the server IP address. Please help.
I figured out what was the problem. I had installed python social auth then installed django-social auth. My application was still using the python-social-auth package.
Using the python-social-Auth syntax of naming configuration variables, I added the prefix
SOCIAL_AUTH_
to my config variables so that they now looked like this
SOCIAL_AUTH_FACEBOOK_SECRET='*******************'
SOCIAL_AUTH_FACEBOOK_APP_NAMESPACE = '*******'
SOCIAL_AUTH_FACEBOOK_EXTENDED_PERMISSIONS = ['email']
SOCIAL_AUTH_TWITTER_KEY = '********'
SOCIAL_AUTH_TWITTER_SECRET = '************'
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '*************************************'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '****************'
I can now log in. Thanks

Django OAuth2 Error: invalid_client and client_id=None when client_id has been provided

I am using django-social-auth for google apps authentication for my django project. I obtained the client id and secret key from Google api console for my domain. And plugged in the values in my app as follows:
**settings.py**
MIDDLEWARE_CLASSES = (
'social_auth.middleware.SocialAuthExceptionMiddleware',
)
LOGIN_URL = '/login/google-oauth2/'
LOGIN_REDIRECT_URL = '/profile'
LOGIN_ERROR_URL = '/login-error/'
AUTHENTICATION_BACKENDS = (
'social_auth.backends.google.GoogleOAuth2Backend',
'django.contrib.auth.backends.ModelBackend',
)
TEMPLATE_CONTEXT_PROCESSORS = (
"django.contrib.auth.context_processors.auth",
"social_auth.context_processors.social_auth_by_type_backends",
)
SOCIAL_AUTH_ENABLED_BACKENDS = ('google',)
SOCIAL_AUTH_DEFAULT_USERNAME = 'new_social_auth_user'
GOOGLE_OAUTH2_CLIENT_ID = '***.apps.googleusercontent.com'
GOOGLE_OAUTH2_CLIENT_SECRET = '****'
GOOGLE_WHITE_LISTED_DOMAINS = ['127.0.0.1:8000']
SOCIAL_AUTH_COMPLETE_URL_NAME = 'socialauth_complete'
SOCIAL_AUTH_ASSOCIATE_URL_NAME = 'socialauth_associate_complete'
SOCIAL_AUTH_RAISE_EXCEPTIONS = False
SOCIAL_AUTH_PROCESS_EXCEPTIONS = 'social_auth.utils.log_exceptions_to_messages'
INSTALLED_APPS = (
'social_auth', )
...
**urls.py**
from django.conf.urls import patterns, include, url
from django.contrib import admin
from django.views.generic import TemplateView
from django.contrib.auth.views import logout
admin.autodiscover()
urlpatterns = patterns('',
url(r'^admin/', include(admin.site.urls)),
url(r'', include('social_auth.urls')),
url(r'^$', TemplateView.as_view(template_name="login.html")),
url(r'^logout/$', logout, {'next_page': '/'}, name='gauth_logout'),
url(r'^profile/$', TemplateView.as_view(template_name="profile.html")),
)
...
**login.html**
<p>Use your work email credentials to sign in to this application:
Sign In
</p>
The problem is that when I click on sign in I am redirected to the Error: Invalid_client page with the details:
Request Details
cookie_policy_enforce=false
scope=https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
response_type=code
redirect_uri=http://127.0.0.1:8000/complete/google-oauth2/
state=WZWyJgDRfeW4RneRynqSZ3nSy0Bzs0v6
client_id=None
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile&state=WZWyJgDRfeW4RneRynqSZ3nSy0Bzs0v6&redirect_uri=http://127.0.0.1:8000/complete/google-oauth2/&response_type=code&client_id=None
Even though I have provided the correct client_id in my project, the page (and as can be seen from the url) says that it has not been provided. If I plug it manually in the url, I am redirected to the permissions page though.
Also when I accept the permissions I get an AuthCanceled at /complete/google-oauth2/ error. Is it that my project is not reading the social_auth settings correctly?
Any help would be appreciated. Thanks.
i was having the same problem just change
GOOGLE_OAUTH2_CLIENT_ID = '***.apps.googleusercontent.com'
GOOGLE_OAUTH2_CLIENT_SECRET = '****'
To
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '****.apps.googleusercontent.com'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET ='****'
in the settings.py file

django-social-auth error in connecting with Facebook

I have problem in connecting with Facebook backend of django-social-auth. I have created a Facebook app and in my project setting, I have provided its settings:
INSTALLED_APPS = (
...
'social_auth'
)
AUTHENTICATION_BACKENDS = [
"account.auth_backends.AuthenticationBackend",
'social_auth.backends.facebook.FacebookBackend',
'django.contrib.auth.backends.ModelBackend',
]
LOGIN_URL = "/"
LOGIN_REDIRECT_URLNAME = "home"
LOGOUT_URL = "/"
urlpatterns = patterns('',
...
url(r'', include('social_auth.urls')),
...
)
TEMPLATE_CONTEXT_PROCESSORS = (
...
'social_auth.context_processors.social_auth_by_type_backends',
)
SOCIAL_AUTH_EXPIRATION = 'expires'
FACEBOOK_APP_ID = '***************'
FACEBOOK_API_SECRET = '**************'
FACEBOOK_EXTENDED_PERMISSIONS = ['email', 'user_birthday', 'user_photos']
In 'Site Url' of my app on Facebook I have provided IP of my PC. Now when I connect with Facebook through my IP with my own account then it works fine. But when I try to connect with some other Facebook account then it give the error on permissions page:
"Sorry, something went wrong.We're working on getting this fixed as soon as we can."
Can someone has any idea?
In Facebook each app has certain permissions for Facebook Users, you are the lead developer, you can add testers and what not, Its on the app configuration interface.
For Facebook backend of django-social-auth to work properly then runserver on your IP instead of running on localhost.