From 693e817bc50d132a4eba5e1a5468eb09364727e5 Mon Sep 17 00:00:00 2001 From: "Zhanwen \"Phil\" Chen" Date: Thu, 2 Feb 2017 13:54:30 -0500 Subject: [PATCH] Migrated from Google OAuth v1 to v3 "result" object fields changed: "user_id" => "sub" "client_id" => "aud" --- Lesson2/step5/project.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Lesson2/step5/project.py b/Lesson2/step5/project.py index 8883695..94785c4 100644 --- a/Lesson2/step5/project.py +++ b/Lesson2/step5/project.py @@ -51,6 +51,9 @@ def gconnect(): code = request.data try: + # "client_secrets.json" file must contain field "redirect_uris" + # which can be set on Google API Console + # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' @@ -63,7 +66,7 @@ def gconnect(): # Check that the access token is valid. access_token = credentials.access_token - url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' + url = ('https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) @@ -75,14 +78,14 @@ def gconnect(): # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] - if result['user_id'] != gplus_id: + if result['sub'] != gplus_id: response = make_response( json.dumps("Token's user ID doesn't match given user ID."), 401) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is valid for this app. - if result['issued_to'] != CLIENT_ID: + if result['aud'] != CLIENT_ID: response = make_response( json.dumps("Token's client ID does not match app's."), 401) print "Token's client ID does not match app's."