python - Django OAuth2 无效 grant_type

Question

我正在使用 Django OAuth Toolkit，并且成功创建了sign_up 调用 - 这反过来给了我以下响应:

{
  "username": "boban16",
  "client_id": "sxFB8WOd5qupdyp5c4pjJHXAQQFPVCW7FKA3SUmy",
  "client_secret": "3nUreBDpx9cCSEeVyOhpXZ76Om0keOxFwK2rRQJNK5wvYuA1tUF37sH0Of473wCgeJ3tCmflN9kPnP9VkgepWxrARC6iimqI6y34pyVU7otlcXHjS2SSOmsP2c0XNxrA"
}

所以，我现在尝试使用 Postman 应用程序进行调用来生成 token - 请求如下所示:

这是响应:

{
  "error_description": "Invalid credentials given.",
  "error": "invalid_grant"
}

这是我来自 urls.py 的代码

urlpatterns = patterns('',
    url(r'^sign_up/$', SignUp.as_view(), name="sign_up"),
    url(r'^login/$', Login.as_view(), name="login"),
    url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
)

这是settings.py的一部分

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        # 'rest_framework.authentication.BasicAuthentication',
        'oauth2_provider.ext.rest_framework.OAuth2Authentication',
    ),
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.AllowAny',
    ),
}

我不确定问题是什么以及如何解决它。有人建议如何使其发挥作用吗？非常感谢!

--------更新--------

我终于得到了一些回应:

curl -v http://127.0.0.1:8000/o/token/ -X POST -u "<client_id>:<client_secret>" -d "grant_type=client_credentials"

这是响应:

* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
* Server auth using Basic with user 'JNBUdgUJ44ndu49yeokHxU0ZUNfIbpdESC8PVTQU'
> POST /o/token/ HTTP/1.1
> Authorization: Basic Sk5CVWRnVUo0NG5kdTQ5eWVva0h4VTBaVU5mSWJwZEVTQzhQVlRRVTpaQVNwZ0xLY3didXA2ajJ2YlJqakc1WlFZenpWWFZWQU5HcHJ0WWZVNnIya2VpUkEzZW9vNlh5M0tSMENkOGpWN3FLT2xFTENoTHZTUk5vTzBkUE5YNGdoRXdvRnB4UDNKbHdxY0FqRkpIV0RmSkJzYnpmNjJ5dE5DaEFVM29RcA==
> User-Agent: curl/7.37.1
> Host: 127.0.0.1:8000
> Accept: */*
> Content-Length: 29
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 29 out of 29 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Date: Sat, 13 Jun 2015 16:14:19 GMT
< Server: WSGIServer/0.2 CPython/3.4.3
< Content-Type: application/json
< Cache-Control: no-store
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
< 
* Closing connection 0
{"error": "unauthorized_client"}

正如您在响应中看到的 - 我获得了授权 token ，但它最后说 - 未经授权的客户端。这样可以吗？谢谢!

Answer 1

我发现了问题。

自动创建应用程序的 post_save 信号存在问题。

def create_auth_client(sender, instance=None, created=False, **kwargs):
    """
    Intended to be used as a receiver function for a `post_save` signal
    on a custom User model
    Creates client_id and client_secret for authenticated users
    """
    if created:
        Application.objects.create(user=instance,
                                   client_type=Application.CLIENT_CONFIDENTIAL,
                                   authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS)

# TODO
post_save.connect(create_auth_client, sender=User)

这是现在正确的解决方案。然后您可以使用这些调用来进行sign_up/获取oauth2 token :

curl -X POST -F "username=test1" -F "password=test1" http://127.0.0.1:8000/sign_up/

curl -X POST -d "grant_type=client_credentials" -u "<client_id>:<client_secret>" http://127.0.0.1:8000/o/token/