0

i wanted to test google login view of my own i am without a front so i just clicked on this link: https://accounts.google.com/o/oauth2/auth/oauthchooseaccount?client_id=###&redirect_uri=###&scope=openid%20email%20profile&response_type=code&service=lso&o2v=1&flowName=GeneralOAuthFlow then i tried to login my google account into my website with this view:

@api_view(['POST'])
def google_login(request):
    code = request.data.get('code')
    client_id = base.SOCIAL_AUTH_GOOGLE_OAUTH2_KEY
    redirect_uri = base.SOCIAL_AUTH_GOOGLE_OAUTH2_REDIRECT_URI
    client_secret = base.SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET
    oauth2_session = OAuth2Session(client_id=client_id,
                                   redirect_uri=redirect_uri)
    token = oauth2_session.fetch_token('https://oauth2.googleapis.com/token',
                                       code=code,
                                       client_id=client_id,
                                       client_secret=client_secret)
    try:
        id_info = id_token.verify_oauth2_token(token, requests.Request())
        if id_info['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
            raise ValueError('Invalid issuer')
    except ValueError:
        return Response({'error': 'Invalid id_token'}, status=status.HTTP_400_BAD_REQUEST)

    email = id_info['email']

    user, created = User.objects.get_or_create(email=email)
    if created:
        role = request.data.get('role')
        if role:
            user.role = role
            user.is_active = True
            generate_jwt_for_user(user)
            user.save()

    serializer = UserSerializer(user)
    return Response(serializer.data)

tested it with postman and got error: InvalidGrantError at /api/complete/google-oauth2/ (invalid_grant) Malformed auth code.

my urls:

from django.urls import path, include
from rest_framework_simplejwt.views import TokenRefreshView
from .views import *

urlpatterns = [
    path('signup/', sign_up, name='signup'),
    path('verify-email/<int:user_id>/<str:jwt>/', verify_email, name='verify-email'),
    path('signin/', sign_in, name='signin'),
    path('token/refresh/', TokenRefreshView.as_view()),
    path('password-reset/', password_reset, name='password-reset'),
    path('password-reset/confirm/', password_reset_confirm, name='password-reset-update'),
    path('complete/google-oauth2/', google_login)

how can i fix it? help me please

Эльхан Пиригам
  • 1

0 Answers0