I'm working to integrate Facebook and Google OAuth2 into a site that already has working login using contrib.auth. I'm now stuck with a situation where I will receive a AuthStateMissing for both Google-Oauth2 and Facebook. The only way to successfully log in with those services is to wipe out my site cookie prior to clicking login. If I do that I can login once. Then if I try to login again I'll receive another AuthStateMissing. I've checked past issues and the site is on a subdomain of a TLD, the callback urls are correct.

The traceback:

Traceback (most recent call last):

  File "/home/env/tcm/lib/python3.4/site-packages/django/core/handlers/base.py", line 112, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/newrelic-2.42.0.35/newrelic/hooks/framework_django.py", line 497, in wrapper
    return wrapped(*args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/django/views/decorators/cache.py", line 52, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/django/views/decorators/csrf.py", line 57, in wrapped_view
    return view_func(*args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/social/apps/django_app/utils.py", line 52, in wrapper
    return func(request, backend, *args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/social/apps/django_app/views.py", line 28, in complete
    redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/social/actions.py", line 40, in do_complete
    user = backend.complete(user=user, *args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/social/backends/base.py", line 40, in complete
    return self.auth_complete(*args, **kwargs)

  File "/home/env/tcm/lib/python3.4/site-packages/social/backends/oauth.py", line 361, in auth_complete
    state = self.validate_state()

  File "/home/env/tcm/lib/python3.4/site-packages/social/backends/oauth.py", line 87, in validate_state
    raise AuthStateMissing(self, 'state')

social.exceptions.AuthStateMissing: Session value state missing.

My relevant settings:

INSTALLED_APPS = {
    'social.apps.django_app.default',
}
...
 AUTHENTICATION_BACKENDS = (
    'social.backends.facebook.FacebookOAuth2',
    'social.backends.google.GoogleOAuth2',
    'django.contrib.auth.backends.ModelBackend'
)
...
TEMPLATE_CONTEXT_PROCESSORS = (
   'django.contrib.auth.context_processors.auth',
   'django.core.context_processors.debug',
   'django.core.context_processors.i18n',
   'django.core.context_processors.media',
   'django.core.context_processors.static',
   'django.core.context_processors.tz',
   'django.contrib.messages.context_processors.messages',
   'social.apps.django_app.context_processors.backends',
   'social.apps.django_app.context_processors.login_redirect',
)

The errors only trigger once I am sent back to my site. So it doesn't appear to be related to either Google or Facebook.

django.db.migrations.exceptions.NodeNotFoundError: Migration social_auth.0004_auto_20160423_0400 dependencies reference nonexistent parent node (u'default', u'0003_alter_email_max_length')

Nobody?

Looking at https://github.com/omab/python-social-auth/blob/master/social/apps/django_app/default/migrations/0004_auto_20160423_0400.py#L11

kinda weird, did the app name change? look at the previous one.

https://github.com/omab/python-social-auth/blob/master/social/apps/django_app/default/migrations/0003_alter_email_max_length.py#L14

I am attempting to use Django oauth with Amazon. I have setup an application with amazon and placed my key/secret in settings.py

SOCIAL_AUTH_AMAZON_OAUTH2_KEY = ''blahkey'
SOCIAL_AUTH_AMAZON_OAUTH2_SECRET = 'blahblahblabhsecret' 

The request (which returns an Error from Amazon) is made to amazon with url like so:

https://www.amazon.com/ap/oa?ie=UTF8&response_type=code&scope=profile&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Fcomplete%2Famazon%2F&state=oRNdyN6ewMMA6zqkkPc2k8ntR20JNtp2&client_id=None

Notice the client_id=None in the url. Could this be an issue?

When trying to login, I'm getting this from google:

1. That’s an error.

Error: invalid_scope

Some requested scopes were invalid. {valid=[https://www.googleapis.com/auth/userinfo.email], invalid=[plus.login]}

Removed metaclass syntax to break the dependency on django.db.models.SubfieldBase, which has been deprecated in Django 1.9 and will be removed with Django 1.10.

Fixes #804 and #754. Extends fix provided by #806.

Environment:


Request Method: GET
Request URL: http://localhost:8000/complete/facebook/?redirect_state=sGJcpBJYrR7EPzX3ATNMBeLPZP9rKse8&code=AQCFaLPqPLOyw0_tL23fb0-sg_0E4d4Dtng_XnPvpDG5jg8vHH2I31M_XGsUOFBcu6KaJjeXsY-yWIH26H-_X1_1X5fYauzhJ8dS0uo2p1uS7nS3HUykIJADbm6a7Gmcey_8Ehh94RJXFdixpZfu-irUSryamD4f9xMbkOOLvdzzwWd35qZGtTLlwWYGJktxTDaynl6qAlf_aE8-8t6f5zI7y4TdoiCk7VP2HdM6CtXJJ8Qu53U-HYlUuKL-F_v_WzvO6Fq-5bYbMCgofCGM0-dNZd8getQsGTQtQTW3rD1nNDvn0oQQnbmw1P95Ssz0yjQ&state=sGJcpBJYrR7EPzX3ATNMBeLPZP9rKse8

Django Version: 1.6
Python Version: 2.7.4
Installed Applications:
('django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.sites',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django.contrib.admin',
 'app1',
 'south',
 'django_extensions',
 'social.apps.django_app.default')
Installed Middleware:
('django.middleware.common.CommonMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware')


Traceback:
File "/home/mohit/.virtualenvs/app1/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  114.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/mohit/.virtualenvs/app1/local/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
  57.         return view_func(*args, **kwargs)
File "/home/mohit/.virtualenvs/app1/local/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
  45.             return func(request, backend, *args, **kwargs)
File "/home/mohit/.virtualenvs/app1/local/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
  21.                        redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
File "/home/mohit/.virtualenvs/app1/local/lib/python2.7/site-packages/social/actions.py" in do_complete
  61.             login(strategy, user)
File "/home/mohit/.virtualenvs/app1/local/lib/python2.7/site-packages/social/apps/django_app/views.py" in _do_login
  44.         expiration = social_user.expiration_datetime()

Exception Type: AttributeError at /complete/facebook/
Exception Value: 'NoneType' object has no attribute 'expiration_datetime'

I am getting this 500 error mail frequently, stating that on /complete/facebook/ a KeyError is raised. I don't get what is the reason causing it, and how to avoid it.

I am using it on a deployed version so I can't track the scenario that caused so.

Facebook updates it API recently, it seems that the way to get extra scope is not working now. e.g. setting SOCIAL_AUTH_FACEBOOK_SCOPE = ['email'] does not return the email.

here's the link to graph API v2.4 https://developers.facebook.com/blog/post/2015/07/08/graph-api-v2.4/?ref=hp

I am using Django REST Framework + Python-Social-Auth. I already got Facebook and Google OAuth2 working, but am having a problem using the same code to connect Twitter. I am having the same error as #107, but solution does not work because all work is done on the client and I have to work with keys in the request:

{
    "backend": "twitter",
    "access_token": "2478*************************************tdkiOW",
    "access_token_secret": "WgaYaEyHL******************************X6UpzAlTgITPa"
}

kwargs = {key: value for key, value in serializer.data.items() if key != 'backend'}
user = request.user
kwargs['user'] = user.is_authenticated() and user or None
user = strategy.backend.do_auth(**kwargs)

I also tried to do something like this:

if serializer.is_valid():
            backend = serializer.data['backend']
            oauth_token = serializer.data['access_token']
            oauth_token_secret = serializer.data['access_token_secret']
...
twitter = {'oauth_token': oauth_token, 'oauth_token_secret': oauth_token_secret}
user = strategy.backend.do_auth(twitter)

But no matter what I tried, I always got the same stacktrace

Environment:

Request Method: POST
Request URL: http://127.0.0.1:8000/social-auth/

Django Version: 1.7b3
Python Version: 3.4.0
Installed Applications:
('django.contrib.admin',
 'django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'rest_framework',
 'api',
 'rest_framework.authtoken',
 'social.apps.django_app.default')
Installed Middleware:
('django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware')

Traceback:
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/django/core/handlers/base.py" in get_response
  113.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/django/views/generic/base.py" in view
  69.             return self.dispatch(request, *args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/django/views/decorators/csrf.py" in wrapped_view
  57.         return view_func(*args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/rest_framework/views.py" in dispatch
  400.             response = self.handle_exception(exc)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/rest_framework/views.py" in dispatch
  397.             response = handler(request, *args, **kwargs)
File "/Users/maryokhin/Workspace/backend/api/views/auth.py" in post
  54.           user = strategy.backend.do_auth(**kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/social/backends/oauth.py" in do_auth
  124.         data = self.user_data(access_token)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/social/backends/twitter.py" in user_data
  33.             auth=self.oauth_auth(access_token)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/social/backends/base.py" in get_json
  195.         return self.request(url, *args, **kwargs).json()
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/social/backends/base.py" in request
  188.             response = request(method, url, *args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/requests/api.py" in request
  44.     return session.request(method=method, url=url, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/requests/sessions.py" in request
  349.         prep = self.prepare_request(req)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/requests/sessions.py" in prepare_request
  287.             hooks=merge_hooks(request.hooks, self.hooks),
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/requests/models.py" in prepare
  291.         self.prepare_auth(auth, url)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/requests/models.py" in prepare_auth
  470.             r = auth(self)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/requests_oauthlib/oauth1_auth.py" in __call__
  67.                 unicode(r.url), unicode(r.method), None, r.headers)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/oauthlib/oauth1/rfc5849/__init__.py" in sign
  280.         request.oauth_params.append(('oauth_signature', self.get_oauth_signature(request)))
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/oauthlib/oauth1/rfc5849/__init__.py" in get_oauth_signature
  112.         uri, headers, body = self._render(request)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/oauthlib/oauth1/rfc5849/__init__.py" in _render
  186.             headers = parameters.prepare_headers(request.oauth_params, request.headers, realm=realm)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/oauthlib/oauth1/rfc5849/utils.py" in wrapper
  32.         return target(params, *args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/oauthlib/oauth1/rfc5849/parameters.py" in prepare_headers
  58.         escaped_value = utils.escape(value)
File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/oauthlib/oauth1/rfc5849/utils.py" in escape
  57.                          'Got %s of type %s.' % (u, type(u)))

Exception Type: ValueError at /social-auth/
Exception Value: Only unicode objects are escapable. Got None of type <class 'NoneType'>.

Any help would be appreciated, thank you.

When i tried makemigrations i take following error

Traceback (most recent call last):
  File "manage.py", line 22, in <module>
    execute_from_command_line(sys.argv)
  File "/home/giverroot/django/gve1/lib/python2.7/site-packages/django/core/management/__init__.py", line 353, in execute_from_command_line
    utility.execute()
  File "/home/giverroot/django/gve1/lib/python2.7/site-packages/django/core/management/__init__.py", line 327, in execute
    django.setup()
  File "/home/giverroot/django/gve1/lib/python2.7/site-packages/django/__init__.py", line 18, in setup
    apps.populate(settings.INSTALLED_APPS)
  File "/home/giverroot/django/gve1/lib/python2.7/site-packages/django/apps/registry.py", line 108, in populate
    app_config.import_models(all_models)
  File "/home/giverroot/django/gve1/lib/python2.7/site-packages/django/apps/config.py", line 202, in import_models
    self.models_module = import_module(models_module_name)
  File "/usr/local/lib/python2.7/importlib/__init__.py", line 37, in import_module
    __import__(name)
  File "/home/giverroot/django/gve1/lib/python2.7/site-packages/social/apps/django_app/default/models.py", line 1, in <module>
    from social_django.models import AbstractUserSocialAuth, UserSocialAuth, Nonce, Association, Code, DjangoStorage
ImportError: No module named social_django.models

So I updated my PSA since I was told we had made adjustments in relation to just some warnings coming around the bend with django 1.9 and then this happened so I wanted to drop it here in case it was of value. It appears something else has gone wrong:

(athletesunited)JJs-MacBook-Pro:athletesunited JJZ$ python manage.py runserver localhost:8000 /Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/importlib/_bootstrap.py:321: RemovedInDjango19Warning: The utilities in django.db.models.loading are deprecated in favor of the new application loading system. return f(_args, *_kwds)

Traceback (most recent call last): File "manage.py", line 10, in execute_from_command_line(sys.argv) File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/django/core/management/init.py", line 338, in execute_from_command_line utility.execute() File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/django/core/management/init.py", line 312, in execute django.setup() File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/django/init.py", line 18, in setup apps.populate(settings.INSTALLED_APPS) File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/django/apps/registry.py", line 108, in populate app_config.import_models(all_models) File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/django/apps/config.py", line 198, in import_models self.models_module = import_module(models_module_name) File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/importlib/init.py", line 109, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 2254, in _gcd_import File "", line 2237, in _find_and_load File "", line 2226, in _find_and_load_unlocked File "", line 1200, in _load_unlocked File "", line 1129, in _exec File "", line 1471, in exec_module File "", line 321, in _call_with_frames_removed File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/social/apps/django_app/default/models.py", line 9, in from social.storage.django_orm import DjangoUserMixin,
File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/social/storage/django_orm.py", line 5, in from social.storage.base import UserMixin, AssociationMixin, NonceMixin,
File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/social/storage/base.py", line 12, in from openid.association import Association as OpenIdAssociation File "/Users/JJZ/.virtualenvs/athletesunited/lib/python3.4/site-packages/openid/init.py", line 52, in if len(version_info) != 3: TypeError: object of type 'map' has no len()

I am trying to get social login working together with django-two-factor-auth (so that it requires additional authentication step for users with 2FA enabled). I am now stuck for several hours on this step from documentation: Partial Pipeline

There is written:

When it’s time to resume the process just redirect the user to /complete// or /disconnect// view. The pipeline will resume in the same function that cut the process.

I have already figured out, that it is not very precise description, because I have to pass the partial_token token to that URL. But I am still stuck on the fact, that the pipeline is returning to the same (two factor authentication) step again and again. To overcome this I am trying to store somewhere the information that the user has been authenticated by 2FA, but I don't know how to access the pipeline correctly or if I am not doing it completely wrong.

I would be glad if this is documented more deeply, possibly with some examples. I could also help to extend the documentation if I know how to implement this correctly.

https://github.com/omab/python-social-auth/blob/81c0a542d158772bd3486d31834c10af5d5f08b0/social/tests/models.py#L169

https://docs.python.org/3/library/base64.html#base64.encodestring

Hello Guys!

im stuck with above mention problem. in my project which is already 50% dveloped i use owner model to represent owner of shop and then i used user model for login and for registration purpose. so i tried to use user model in my owner model so i could utilise both model effectively with additional fields. i tried to extend user model in owner model using onetoone field. after doing that i was not able to do migrations so i deleted all migrations files but after that it was start giving this error while doing migrations:-

(``` venv) C:\Users\Mayur\PycharmProjects\StartUp\social>py manage.py makemigrations Traceback (most recent call last): File "manage.py", line 21, in main() File "manage.py", line 17, in main execute_from_command_line(sys.argv) File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\core\management_init_.py", line 401, in execute_from_command_line utility.execute() File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\core\management_init_.py", line 395, in execute self.fetch_command(subcommand).run_from_argv(self.argv) File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\core\management\base.py", line 328, in run_from_argv self.execute(*args, **cmd_options) File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\core\management\base.py", line 369, in execute output = self.handle(*args, **options) File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\core\management\base.py", line 83, in wrapped res = handle_func(*args, **kwargs) File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\core\management\commands\makemigrations.py", line 87, in handle loader = MigrationLoader(None, ignore_no_migrations=True) File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\db\migrations\loader.py", line 49, in init self.build_graph() File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\db\migrations\loader.py", line 274, in build_graph raise exc File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\db\migrations\loader.py", line 248, in build_graph self.graph.validate_consistency() File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\db\migrations\graph.py", line 195, in validate_consistency [n.raise_error() for n in self.node_map.values() if isinstance(n, DummyNode)] File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\db\migrations\graph.py", line 195, in [n.raise_error() for n in self.node_map.values() if isinstance(n, DummyNode)] File "C:\Users\Mayur\PycharmProjects\StartUp\venv\lib\site-packages\django\db\migrations\graph.py", line 58, in raise_error raise NodeNotFoundError(self.error_message, self.key, origin=self.origin) django.db.migrations.exceptions.NodeNotFoundError: Migration listings.0001_initial dependencies reference nonexistent parent node ('owners', '0001_initial')

here is my Owner Model :-

from django.db import models from django.contrib.auth.models import User

class Owner(models.Model): user = models.OneToOneField(User,on_delete=models.CASCADE, default=False) name=models.CharField(max_length=200) photo=models.ImageField(upload_to='photos/%Y/%m/%d/') description=models.TextField(blank=True) phone=models.CharField(max_length=20) email=models.CharField(max_length=20)

def __str__(self):
    return self.name

im hoping that will get help on this because i'm totally stuck here and also not getting how to tackle this problem.

Bumps python-saml from 2.1.3 to 2.4.0.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

I am having an Angular SPA based frontend and it's server via localhost:4200 (for development), and has proxy for /api at api.mybackend.local. I am using DRF token authentication having Authentication Token bearer. However, the user is always AnonoymousUser since I can't pass the header via a popup window. Also it crashes with state invalid.

Any solution how can I use a popup window to use the social:begin having the Token authentication instead of session? I was researching the season and I found the DjangoStrategy, but don't know if I need to change something there in order to use a token, meanwhile, I made custom authentication that intercepts the token via GET param and logs the users, but I it's not working.

Also, I have a custom subclasses Facebook provider in order to have different permissions, cause I am having one facebook app for one set of users and second app for different set of users.

4 solutions I come up with:

• iframe in dialog, but I can't capture events like closed or something
• popup window, automatically closes via the redirect to custom template haveing window.close
• redirect option, instead of fb to load with popup true in extra data, it can redirect there and pass the token via GET param. But redirect sucks. Any tips are welcomed.