https://github.com/oauthlib/oauthlib/issues/495ãããŒãžããããããrequests / requests-oauthlibã§äœ¿çšãããšãã¹ã¿ãŒã«ãªã°ã¬ãã·ã§ã³ãèŠã€ãããŸããã ããã¯ãæ¿èªä»äž/ Webã¢ããªã±ãŒã·ã§ã³ã®ã¿ã«é¢é£ããŠããŸãã
ãªã¯ãšã¹ãã®åºæ¬çãªäœ¿çšæ³-oauthlibã¯æ¬¡ã®ãšããã§ãã
sess = OAuth2Session(client_id)
token = sess.fetch_token(token_url, client_secret=client_secret, authorization_response=request.url)
ãã ããå€æŽããããããã»ãã·ã§ã³ã®client_id
ã¯ç¡èŠãããŸãã https://github.com/oauthlib/oauthlib/pull/505ã¯ãŠãŒã¹ã±ãŒã¹ãä¿®æ£ãããšæã
ãªã¯ãšã¹ã-https ïŒ //github.com/requests/requests-oauthlib/blob/master/requests_oauthlib/oauth2_session.py#L196ã§ã®oauthlibã³ãŒãåŒã³åºã-L198ãšoauthlibã®åé¡ã¯ãã¡ã
https://github.com/oauthlib/oauthlib/blame/master/oauthlib/oauth2/rfc6749/clients/web_application.py#L128ã
ç§ã®æåã®èãã¯ã®å€åæ»ãããšã§ãprepare_request_body
ãããã©ã«ãã§ã䜿çšããself.client_id
ã«èšå®ãããWebApplicationClient
ã³ã³ã¹ãã©ã¯ã¿ãã
次ã«ãã€ã³ã©ã€ã³ããã¥ã¡ã³ããdequationã§å€æŽããŠã &client_id=xx
ãprepare_request_body
åºåã«è¿œå ããå¿
èŠããããŸãã
æåŸã«ãå
ã®ä¿®æ£ã眮ãæããããã«ãåŒæ°ããclient_id
ãåé€ãã include_client=True/False
ããã«prepare_request_body
æ°ããåŒæ°ãè¿œå ããŠãäž¡æ¹ã«client_id
è¿œå ããããšããå§ãããŸããæ¬æã«client_secret
ãå«ããããäž¡æ¹ãå«ããªãã§ãã ããã
èãïŒ
@Diaoul @ skion @ thedrowãçªã
ã©ãã§ããïŒ
åŒæ°ããclient_idãåé€ããinclude_client = True / Falseã®ãããªprepare_request_bodyã«æ°ããåŒæ°ãè¿œå ããŠãclient_idãšclient_secretã®äž¡æ¹ãæ¬æã«è¿œå ããããäž¡æ¹ãå«ããªãããšããå§ãããŸãã
ããããšã
ç§ã¯å®éã«ç§ã®ãã¹ãã®1ã€ã§ãããšåãåé¡ãåŒãèµ·ãããŸããããrequests / oauthlibã«å¯ŸããŠããã«æåºããŸããïŒ https ïŒ
åé¡ã¯å®éã«ã¯requests_oauthlibã®ããã ãšæããŸãã 圌ãã®ããã¥ã¡ã³ãïŒå®éã«ã¯ãããŒãžãããŒããããšãã®ããã¥ã¡ã³ãå
šäœã®æåã®äŸïŒã¯ã OAuth2Session
ã³ã³ã¹ãã©ã¯ã¿ãŒã§client_id
ãæå®ããããšããµããŒãããŠããŸãã è¡200ã®ããžãã¯ã¯ãkwargsããclient_id
ããã«ããŸããããã§ã«æ§ç¯ãããŠããWebApplicationClient
ã€ã³ã¹ã¿ã³ã¹ãããã«ããããã®ãã©ãŒã«ããã¯ã¯ãããŸããã
@jvanasco ãçŸåšã®åé¡ïŒ585ã¯ãrequests-oauthlibã®ã¿ã§ä¿®æ£ããããoauthlibã®PRïŒ505ãå ã«æ»ãããšã§ä¿®æ£ã§ããŸãã ãã ãã httpsïŒ //github.com/oauthlib/oauthlib/pull/505#issuecomment-351221107ã®ã³ã¡ã³ãã§@skionãèšåããåäœãä¿®æ£ãããœãªã¥ãŒã·ã§ã³ã¯ãããŸããã
ä»æ§ã«ããã°ãclient_idãã©ã¡ãŒã¿ãŒã¯èªèšŒãããŠããªãã¯ã©ã€ã¢ã³ãã«éä¿¡ããå¿ èŠããããŸãããæ©å¯ã¯ã©ã€ã¢ã³ãã®ããŒã¯ã³èŠæ±æ¬æã§ã¯éä¿¡ããªãããšãæãŸããã§ãããã®å Žåãã¯ã©ã€ã¢ã³ããèªèšŒããããã®æšå¥šã¡ã«ããºã ã¯HTTPåºæ¬èªèšŒãä»ããŠè¡ãããŸãã ãã ããWebApplicationã¯ã©ã¹ã«ã¯åžžã«ãããå«ãŸãïŒäžéšã®ãµãŒããŒãç ŽæããŸãïŒããããåé€ããã¡ã«ããºã ã¯æäŸãããŸããã
Oauthlibã¯ããªã¯ãšã¹ãã«å¯ŸããŠãšã¬ã¬ã³ãã§ã·ã³ãã«ãªæ¹æ³ãæäŸããå¿ èŠããããŸã-oauthlibã¯åé¡ã解決ããŸãã ãã®è°è«ã§è§£æ±ºçãèŠã€ããããšãã§ããã°ãããã¯çŽ æŽãããããšã§ãã ããã¯å·šå€§ãªãããã«ãŒã ããã§ãã
prepare_request_body()
ãã«ãã§client_id=False
ãèš±å¯ããŠãclient_idãéä¿¡ãããªãããšã瀺ããŸããïŒ ããšãããã ãšããŠããããã¯126è¡ç®è¿ãã®ãã®éãã«ã€ãªããã§ãããïŒ
client_id = None if client_id=False else self.client_id
ãããåãã£ãã
client_idãéä¿¡ããå¿ èŠãããå Žåãšéä¿¡ããªãå Žåã®æ¢åã®åäœãã¹ãã¯ãããŸããïŒ ããã§ãªãå Žåã誰ãããããçæããããã«äœ¿çšã§ãããªã¹ããæã£ãŠããŸããïŒ ç§ã¯ãããšrequests-oauthlibãä¿®æ£ããããšãåãã§åãå ¥ããŸãããªããªãããã¯ä»ç§ã®ä»äºã®ããã€ãããããã¯ããŠããããã§ãã
@JonathanHuot
åŒæ°ããclient_idãåé€ããinclude_client = True / Falseã®ãããªprepare_request_bodyã«æ°ããåŒæ°ãè¿œå ããŠãclient_idãšclient_secretã®äž¡æ¹ãæ¬æã«è¿œå ããããäž¡æ¹ãå«ããªãããšããå§ãããŸãã
ãããèªã¿è¿ããŠãç§ã¯å®éã«ããªãã®ææ¡ããšãŠã奜ãã§ãã é¢æ°ã¯ãã§ã«**kwargs
åãã®ã§ããããããããå£ããªãæ¹æ³ã§ããããšã¯ã§ããŸãã
泚ïŒ
æ¬äœã«client_idãšclient_secretã®äž¡æ¹ãè¿œå ããŸã
ããã¯ãããªãã¯ã¯ã©ã€ã¢ã³ãIIUCã«é¢ãããã®ãªã®ã§ã client_secret
ãé¢ä¿ããŠãããšã¯æããŸããã client_id
ãæ¬äœã«è¿œå ãããŠããã ãã§ããïŒ ãã®å Žåãæ°ãããã©ã¡ãŒã¿ã®ååãinclude_client_id=True/False
å€æŽããããšãæ€èšããŸãã
ãã®å Žåãæ°ãããã©ã¡ãŒã¿ãŒã®ååãinclude_client_id = True / Falseã«å€æŽããããšãæ€èšããŸãã
ããã¯ãã ïŒ client_secret
ã¯ã WebApplicationClient
ååšããªããããé¢äžããŸããã
@ jvanasco ãPRããããã®ãªããå€æŽã¯æ¬¡ã®ããã«ãã¹ãã ãšæããŸãã
1ïŒhttps://github.com/oauthlib/oauthlib/pull/505ãå
ã«æ»ããŸã
2ïŒãå€æŽãã眲åprepare_request_body()
åé€ããclient_id
ããè¿œå include_client_id=True/False
ïŒ True
ïŒããã©ã«ãïŒïŒããã¯è¿œå self.client_id
ïŒ
次ã«ãrequests-oauthlibã¯ãhttpsïŒ//github.com/requests/requests-oauthlib/blob/master/requests_oauthlib/oauth2_session.py#L196-L211ã§æ¬¡ã®ãããããéžæã§ããŸãã
AïŒæ¬æã«client_id
ã®ã¿ãå«ãã
self._client.prepare_request_body(..)
BïŒ client_id
ãšclient_secret
ãauth
å«ããæ¬æã«ã¯å«ããªãïŒRFCæšå¥šãœãªã¥ãŒã·ã§ã³ïŒ
self._client.prepare_request_body(include_client_id=False, ..)
auth = requests.auth.HTTPBasicAuth(client_id, client_secret)
CïŒæ¬æã«client_id
ãšclient_secret
ãå«ããïŒRFC代æ¿ãœãªã¥ãŒã·ã§ã³ïŒ
self._client.prepare_request_body(client_secret=client_secret, ..)
ä»æ¥ã¯äž¡æ¹ã®ãããžã§ã¯ãã®PRãçæããŸãã
OAuthlibã®PRãšãã¹ãã¯ã»ãŒå®äºããŠããŸãã ã§ã質åããããŸã...
client_id
ãŸã kwargãšããŠèš±å¯ãããã¹ãã§ããïŒ ããã¯éšåçã«äžäœäºææ§ã®ããã§ããããšããžã±ãŒã¹ã®ããã§ããããŸãã ãã®ã¡ãœããã¯ããå£ããŠããã®ã§ãæå³ãããšããã«æ©èœãããïŒ prepare_request_body
self.client_idããªãŒããŒã©ã€ãã§ããããã«ãããªã©ïŒãã誀ã£ã䜿çšæ³ã§äŸå€ãçºçãããïŒçºçããããªã©ïŒäŸ¡å€ããããšæããŸãã client_id
ãæäŸãããŠãããã self.client_id
äžèŽããªãå Žåã¯ãšã©ãŒã«ãªããŸãïŒã
client_id
ãå¥ã®å€ã§ãªãŒããŒã©ã€ãããæ¹æ³ãããããªããããäŸå€ãç°ãªãå Žåã¯äŸå€ãçºçãããããšã«æ祚ããŸãã
ããã«ã client_id
ãkwargãšããŠæäŸãããå Žåã DeprecationWarning
ãã°ã«èšé²ããå¿
èŠããããŸããïŒ
PRïŒ593ãæåºããŸããã client_id
ãéä¿¡ããããšDeprecationWarningãçºçãã self.client_id
ãšç°ãªãå Žåã¯ValueErrorãçºçããŸãã 詳现ãª3ã€ã®ã·ããªãª@JonathanHuotãžã®æºæ ã確èªããæ°ãããã¹ãããããŸãã
ãªã¯ãšã¹ãã«é¢ããæåã®åé¡ã«ééããŸãã-ããã€ãã®ãã¹ããæžããŠãããšãã«oauthlibPRåè£
ããã¯ãåžžã«èµ·åããŸãprepare_request_body
ããŠusername=username, password=password
ã ããã¯ééã£ãŠããããã§ãã ããã«ãã誰ããRFCã«ç²ŸéããŠããŠã次ã®çããç¥ã£ãŠããããšãé¡ã£ãŠããŸãã
username
+ password
request.bodyã®ãã©ã¡ãŒã¿ã«ããå¿
èŠããããŸããïŒusername
+ password
ãHTTPåºæ¬èªèšŒããããŒã«è¡šç€ºãããå Žåããããããªã¯ãšã¹ãæ¬æã«è€è£œããå¿
èŠããããŸããïŒusername
+ password
æ¬æãã©ã¡ãŒã¿ãŒãšã¯ã©ã€ã¢ã³ãã®è©³çŽ°ãå«ãHTTPBasicAuthããããŒã®äž¡æ¹ãæã€ããšã¯å¯èœã§ããïŒããã«ééããŠãããŠããããšãã
username
ãšpassword
ã¯ãåžžã«ãªã¯ãšã¹ãã®æ¬æã«ååšããã®ã¿äœ¿çšããå¿
èŠããããŸãã ããããä»ã®ä»äžïŒæé»çãã³ãŒããã¯ã©ã€ã¢ã³ãè³æ Œæ
å ±ïŒã«äœ¿çšããŠã¯ãªããŸãããclient_secret
䜿çšããå Žåã«æšå¥šãããŸãïŒã ãŠãŒã¶ãŒã®è³æ Œæ
å ±ã¯ãHTTPåºæ¬èªèšŒã«å«ãŸããŠããŠã¯ãªããŸãããããšãã 2ã€ã®ããšãæ確ã«ããããã«ãç§ã5æ³ã®ããã«é æ ®ãªãç§ã«è©±ããŠãã ããã ç§ã¯ãããšãã¹ããæ£ããè¡ãããããšã確èªããããšæããŸãïŒ
ããããæ瀺çã«æå®ãããŠããªãéãããããã¯ååšãã¹ãã§ã¯ãããŸãããæ£ããã§ããïŒ
åé·ã§ããããã®å°ããªè©³çŽ°ã«å·çããŠããããšããèš±ããã ããã jãæ£ããåäœãååŸããå¥ã®ååž°ãçºçããªãããšã確èªãããã¹ããèšè¿°ã§ããããšã確èªãããã ãã§ãã
@ jvanasco ãOAuth2 RFCã«ã€ããŠã¯ããããŸããã requests-oauthlib
ãšflask-oauthlib
ã©ã®ããã«çµã¿åããããŠãããããããŸããã
æ£ããã
ç§ã®ç解ã§ãããçŸå Žã®çŸå®ãšç §åããã®ã¯è¯ãããšã§ãã ã€ãŸããrequests-oauthlibãšããŸããŸãªãããªãã¯ãããã€ããŒã®çµéšã è€æ°ã®èŠæ±-oauthlibã®è°è«https://github.com/requests/requests-oauthlib/issues/218 ã https://github.com/requests/requests-oauthlib/issues/211 ã https://github.com/requests / requests-oauthlib / issues / 264 ããã§ã«çºçããŠããŸãã
client password
ãšclient secret
éã§æ··ä¹±ããã£ããšæããŸãããããã¯å®éã«ã¯ãŸã£ããåãããšãè¡šã2ã€ã®è¡šçŸã§ãã
https://github.com/requests/requests-oauthlib/pull/206ã®èåŸã«ããçè«çæ ¹æ ã«åŸããšãPRã®ã³ã³ãã³ãã¯HTTPAuth(username, password)
è¿œå ãããããªãã®ã§ã¯ãªãã HTTPAuth(client_id, client_secret
ã§ããã¯ãã§ãã ïŒã¯ã©ã€ã¢ã³ãã®ãã¹ã¯ãŒãïŒã
ãªã¯ãšã¹ãã«åå ãã@ Lukasa ã @ chaosct ã @ ibuchananãçªã-oauthlibã®è°è«ã
çŽ æŽãããïŒ æ¬åœã«ããããšãã ãããèµ·ãã£ãŠãããšæããŸãããã確èªãããã£ãã®ã§ãã
ç§ã¯ä»ããªã¯ãšã¹ããã©ã®ããã«æ§æãããããç¥ã£ãŠãããšæããŸãã ç§ã¯ã¡ã€ã³ãªã¯ãšã¹ããããžã§ã¯ãã«ããã€ãã®ã³ããããæã£ãŠããã®ã§ãã¡ã³ãããPRãšæ©èœã§äœãèŠããããç¥ã£ãŠããŸãã
- ãŠãŒã¶ãŒåãšãã¹ã¯ãŒãã¯ãããããå¿ èŠãšããç¹å®ã®çš®é¡ã®ä»äžã§ã®ã¿äœ¿çšãããŸãã 䜿çšããå Žåããããã¯ãªã¯ãšã¹ãæ¬æã«ã®ã¿ååšããå¯èœæ§ããããŸãã
ã¯ããæåã®éšåã§ããç¹å®ã®çš®é¡ã®å©æéã®ã¿ãããããå¿ èŠãšããŸãã ãããããªã¯ãšã¹ãæ¬æã§ããããéä¿¡ããããšã«ã€ããŠã®2çªç®ã®éšåã§ã¯ãä»æ§ã¯æ¬¡ã®ããã«è¿°ã¹ãŠããŸãã
ãªã¯ãšã¹ãæ¬æã«ã¯ã©ã€ã¢ã³ãã®è³æ Œæ å ±ãå«ãã
2ã€ã®ãã©ã¡ãŒã¿ãŒã®äœ¿çšã¯æšå¥šãããŸãã
çŽæ¥å©çšã§ããªãã¯ã©ã€ã¢ã³ãã«éå®ããå¿ èŠããããŸã
HTTPåºæ¬èªèšŒã¹ããŒã ..
ãããããµãŒããŒã®å Žåã次ã®ããã«ãªããŸãã
æ¿èªãµãŒããŒã¯ã以äžãå«ããµããŒããè¡ãå ŽåããããŸã
ãªã¯ãšã¹ãããã£ã®ã¯ã©ã€ã¢ã³ãã¯ã¬ãã³ã·ã£ã«...
æºæ ããŠããã¯ã©ã€ã¢ã³ãã¯ããªã¯ãšã¹ãæ¬æã§è³æ Œæ
å ±ãéä¿¡ããŸããã
ãã ããäžéšå®è£
ãããŠãããµãŒããŒã®å Žåããªã¯ãšã¹ãæ¬æã§ã®ã¿åãå
¥ããŸãã
æ£ããæãåºãã°ãç§ã®PRã¯ãèªèšŒããããŒãè¿œå ããããšã§ãã®æ··ä¹±ã解決ããŸããã
ãããã£ãŠãã¯ã©ã€ã¢ã³ãã¯äž¡æ¹ãéä¿¡ããŸãã
@JonathanHuotã¯2ç¹ç®ã«ã€ããŠã¯æ£ãããš
ããã«ã¡ã¯@ibuchanan ãããªããåç
§ããŠããåŒçšç¬Šã¯çšèªclient credentials
ãŸãã ã¯ã©ã€ã¢ã³ããšãªãœãŒã¹ææè
ïŒå®éã®ãŠãŒã¶ãŒïŒãæ··åšãããªãããã«ååã«æ³šæããå¿
èŠããããŸãã
圹å²ã¯ããã§æ確ã«èª¬æãããŠããŸãrfc6749ïŒ1.1 ã
ãã®client credentials
ã¯client_id
ãšclient_secret
ãusername
ãšpassword
ãŸãã ãããã¯äºææ§ããããŸããã
ãããã£ãŠããããã®ããŒã«ã§RFCãèªã¿åãããšã¯ãæºæ ããã¯ã©ã€ã¢ã³ããHTTP Basicã§ã¯ã©ã€ã¢ã³ãã¯ã¬ãã³ã·ã£ã«ïŒ client_id
ã client_secret
ïŒãéä¿¡ããå¿
èŠãããããŠãŒã¶ãŒã¯ã¬ãã³ã·ã£ã«ïŒ username
ã password
ãªã¯ãšã¹ãæ¬æã®rfc6749ïŒ4.3.2ãåç
§ããŠãã ããã
client_idããªã¯ãšã¹ãã«å«ãŸããŠããå Žåãäžéšã®ãµãŒããŒã¯ãªã¯ãšã¹ãïŒ400ïŒãæåŠããŸã
äœã ããã©ã«ãã¯ä»æ§ã§æšå¥šãããŠãããã®ã§ãªããã°ãªããªããšæããŸãã
Okã oauthlib
ã®çŸåšã®PRã¯ãäžèšã®æžå¿µãæºãããŠãããšæããŸãã include_client_id
ãã©ã°ã¯ã client_id
éä¿¡ãæ瀺çã«èš±å¯ãããã©ããã瀺ããŸãã
requests_oauthlib
ã«é¢ããŠã¯ããããç§ãèããŠããããšã§ãã
username
ãšpassword
ã¯æ¬æã«ã®ã¿è¡šç€ºãããŸãïŒHTTPåºæ¬ãšããŠã¯è¡šç€ºãããŸããïŒã éæºæ ã®ãµãŒããŒçµ±åã«ãã®åäœãå¿
èŠãªå Žåãå®è£
è
ã¯auth
ãŸãã¯headers
åŒæ°ãfetch_token()
éä¿¡ã§ããŸãã
client_id
ãæ£ããå Žæã«æäŸããã®ã¯å°ãé¢åã§ãããããžãã¯ãšãŠãŒã¹ã±ãŒã¹ã¯ããŠã³ããŠãããšæããŸãã ããã¯ééããªãããã€ãã®ã¬ãã¥ãŒãå¿
èŠã«ãªããŸãã
@JonathanHuotãš@ibuchananã«ã€ããŠã®è³ªåïŒ
oauthlib
ã®OAuth2 Client
ãšrequests_oauthlib
ã®OAuth2Session
ã¯ã client_secret
ãä¿æãããç¹°ãè¿ãåŒã³åºãå¿
èŠããããŸãã ããã¯OAuth1ã«ã¯åœãŠã¯ãŸããŸããã§ãããããããïŒ370ã®èåŸã«ããå®éã®åé¡ã ã£ããšæããŸãã RFCã¯ããã®å¿
èŠæ§ã«ã€ããŠèšåããŠããããç§ã¯æŽå²ãèŠã€ããããšãã§ããŸããã§ããã
ç§ã«ãšã£ãŠã¯ã client_secret
ãæ ŒçŽããŠã¯ã©ã€ã¢ã³ããæ¡åŒµãã fetch_token
ãšrequest
client_secret
ãæž¡ãããšãžã®OAuth2Sessionã®äŸåãéæšå¥šã«ããããšã¯çã«ããªã£ãŠããŸãã request
ã¯ã©ã€ã¢ã³ãèªäœã§çŸåšäœ¿çšããŠãããã®ã䜿çšããããšã«è³æã ïŒããã¯ãhttpsïŒ//github.com/requests/requests-oauthlib/issues/264ã§å ±åãããŠããä»ã®ããã€ãã®äžæŽåã«ã察åŠããŸãïŒ
ãŠãŒã¶ãŒå/ãã¹ã¯ãŒããšclient_id / client_secretã®ãã¹ãå€æ°ãæšæºåããããã«ãoauthlibïŒïŒ593ïŒã®PRãå°ãå€æŽããŸããã å°æ¥çã«ã¯ãééãã«ããäž¡è ã®æ··ä¹±ãé²ãããšãã§ãããšæããŸãã
ãªã¯ãšã¹ãã«å¯ŸããŠææ¡ãããå€æŽ-oauthlibïŒ https ïŒ
ããã¯ããå°ãææ¬çã§ããã³ãŒããšãã¹ããèŠããšãã©ã€ãã©ãªã¯ãæ©èœããŠã¯ãããªãããããçš®é¡ã®ãã®ãæ©èœãããããšããŠããããã§ãã
ä¿®æ£ã¯ããã€ãã®ããšãè¡ããŸãïŒ
username
ãšpassword
ãã§ãã¯ã¯ã LegacyApplicationClient
ã€ã³ã¹ã¿ã³ã¹ã§ã®ã¿çºçããŸãããããå¿
èŠãªå¯äžã®çš®é¡ã§ããããã§ãïŒæ£ããã§ããïŒïŒã ãã§ãã¯ã®äžã«ããŠãŒã¶ãŒå/ãã¹ã¯ãŒããkwargsdictã«ããŒãžããã»ã¯ã·ã§ã³ããããŸãã ãã¹ãã§ã¯ãä»ã®ã¯ã©ã€ã¢ã³ãããã®æ
å ±ãæž¡ãããå¯èœæ§ãããããšã瀺åãããŠãããããçŸåšã¯ã¢ãŠããã³ããããŠããŸãã
client_id / authããããŒãåŠçããããã®ããžãã¯ãæžãçŽãããé©åãªã¿ã€ãã®èªèšŒãããã©ã«ãã§é©åãªå Žæã§è¡ãããããã«ãªããŸããã ãŠãŒã¶ãŒãå¥ã®æ¹æ³ã§è³æ Œæ å ±ã匷å¶ãããå Žåã§ããããã¯å¯èœã§ãã
質åïŒ client_secret
ãæž¡ãããªãç¶æ³ã¯ãããŸããïŒ äœãæãã€ããªãã®ã§ãããoAuthãããŒã¯ãããããããŸãã
ãããã£ãŠãrequests-oauthlibããŒãžã§ã³ã§ã¯ïŒ
| include_client_id
| auth
| è¡å|
| ------------------- | --------------- | -------- |
| ãªãïŒããã©ã«ãïŒ| ãªãïŒããã©ã«ãïŒ| client_id
䜿çšããŠAuthãªããžã§ã¯ããäœæããŸãã æ¬æã§client_idãéä¿¡ããªãã§ãã ããã RFCãæšå¥šããŠãããããããã¯ããã©ã«ãã®åäœã§ãã |
| ãªãïŒããã©ã«ãïŒ| ãã¬ãŒã³ã| Authãªããžã§ã¯ãã䜿çšããŸãã include_client_id=False
oauthlibã®prepare_request_body
ãåŒã³åºã|
| 誀ã| ãã¬ãŒã³ã| Authãªããžã§ã¯ãã䜿çšããŸãã include_client_id=False
oauthlibã®prepare_request_body
ãåŒã³åºã|
| æ¬åœ| ãã¬ãŒã³ã| Authãªããžã§ã¯ãã䜿çšããŸãã include_client_id=True
oauthlibã®prepare_request_body
ãåŒã³åºã|
| æ¬åœ| ãªãïŒããã©ã«ãïŒ| client_id
䜿çšããŠAuthãªããžã§ã¯ããäœæããŸãã include_client_id=True
oauthlibã®prepare_request_body
ãåŒã³åºã|
| 誀ã| ãªãïŒããã©ã«ãïŒ| client_id
䜿çšããŠAuthãªããžã§ã¯ããäœæããŸãã include_client_id=False
oauthlibã®prepare_request_body
ãåŒã³åºã|
ãŸãã¯å¥ã®èšãæ¹ããããšïŒ
@jvanasco ïŒoauthlibãšrequests-oauthlibåŽã§éåžžã«ããèŠããŸãã
3.質åã«ã€ããŠïŒ
client_secretãªãã§ïŒãŸãã¯ç©ºã®ãRFCã®èŠ³ç¹ããã¯è¿ãïŒãããªãã¯ã¯ã©ã€ã¢ã³ããæã€ããšãã§ããŸãã ãããã£ãŠãPythonAPIã¯ãç§å¯ãªããããµããŒãããå¿ èŠããããŸãã
å®éã®ãŠãŒã¹ã±ãŒã¹ã¯ãå€ãã®å ŽåãèªèšŒã³ãŒãã䜿çšããããšã奜ããã€ãã£ãã¢ããªã±ãŒã·ã§ã³ã§ãããç§å¯ãå®å
šã«ä¿ã€ããã®ã»ãã¥ãªãã£ãä¿èšŒããããšã¯ã§ããŸããããããã£ãŠã client_secret
ãªãã§client_id
ãåãå
¥ããããšãã§ããŸãã client_secret
ïŒãŸãã¯RFCãšåã空ã®client_secret
ïŒ; ãŸãã¯ãå¥ã®PKCE RFCãå©çšã§ããŸãïŒhttps://oauth.net/2/pkce/ãåç
§ïŒã ããããåŸè
ã¯ãŸã oauthlib
åŽã§ã¯å®è£
ãããŠããŸããã
ããããšãã client_id
ãªãã§client_secret
client_id
ãéä¿¡ã§ããããšã確èªããããã«ãããã€ãã®ãã¹ãã±ãŒã¹ãè¿œå ããŸãã éåžžã«å€ãã®è³ªåãããŠç³ãèš³ãããŸãããããã®ä»æ§ã®å¯èœãªå®è£
ã¯éåžžã«å€ããã
@JonathanHuotæ¢åã®å®è£
ã¯ã client_secret
空ã®æååã®éä¿¡ããµããŒãããŠããŸããã ãã®ããžãã¯ã§ã¯åé€ãããŸãhttps://github.com/oauthlib/oauthlib/blob/master/oauthlib/oauth2/rfc6749/parameters.py#L90-L125-å
·äœçã«ã¯122è¡ç®
ããããµããŒãããããšã¯ããã®ã«ãŒãã³ã®çŽåŸã«æ¬¡ã®ãããªãã®ãè¿œå ããããšã§ãïŒ
if ('client_secret' in kwargs) and ('client_secret' not in params):
if kwargs['client_secret'] == '':
params.append((unicode_type('client_secret'), kwargs['client_secret']))
ã·ãŒã¯ã¬ããã空ã®æååã®å Žåã¯client_secret
ã®ç©ºã®æååãéä¿¡ããŸãããå€ãNone
å Žåã¯client_secret
éä¿¡ããŸããã
RFCã2ã€ã®ããªã¢ã³ãã®ããããããµããŒãããŠããå Žåã1ã€ã®ããªã¢ã³ãã®ã¿ããµããŒãããå€ãã®å£ããå®è£ ãååšããå¯èœæ§ããããããããããµããŒããã䟡å€ããããšæããŸãã
ãã®å ã®åé¡ã¯oauthlibã§ä¿®æ£ãããŠããŸãã ãã ãã httpsïŒ//github.com/requests/requests-oauthlib/pull/331ãä¿®æ£ããããŸã§ãåäœã¯ãã®ãŸãŸã§ãã
æãåèã«ãªãã³ã¡ã³ã
client_id
ãå¥ã®å€ã§ãªãŒããŒã©ã€ãããæ¹æ³ãããããªããããäŸå€ãç°ãªãå Žåã¯äŸå€ãçºçãããããšã«æ祚ããŸããããã«ã
client_id
ãkwargãšããŠæäŸãããå ŽåãDeprecationWarning
ãã°ã«èšé²ããå¿ èŠããããŸããïŒ