I'm developing an add-on for the django library-allauth 0.54.0 (https://www.intenct.nl/projects/django-allauth/). I want to add an ArcGIS account authentication module to this library.
I've read your OAuth integration documentation carefully
(https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/)
I created an account, created an application. Received the public and secret keys. Added the necessary redirect urls :
1. local - http://127.0.0.1:8000/accounts/arcgis/login/callback/
2. local + ngrok - https://….ngrok-free.app/accounts/arcgis/login/callback/
3. prodaction - https://...io/accounts/arcgis/login/callback/
Currently, I have this module ready. It works well locally, locally + ngrok and didn't give any crashes. But prodaction often has questions when receiving a token.
Here is my part of the code where the error occurs:
resp = requests.request(
self.access_token_method,
url,
data=data,
auth=auth,
)
self.access_token_method = ‘POST’
url = 'https://www.arcgis.com/sharing/rest/oauth2/token'
data = {
'redirect_uri': 'https://…/accounts/arcgis/login/callback/'
'grant_type': 'authorization_code',
'code':
'o9DGl2OY7JRDSwvinUTRJy7jSHy3D9p-ftLIPNiWXgMDtA-JcsQ3cucXm1V-OcoJCrB0G05CX_iErKl9TK2LsYC-bf5eDcRa5O88heoxvwpWRnBuLoVpx1Bw8FPZ8QqBVVmu4lhN-C4I3f
uSe6sZEvyQ3jGTa7V1xcbhxELw02S96t-yO_8ZAJhZ-WQg_Jybzq3s3LsBM0EQe7r9301JE1
W5-sLQd-YrKkjc909t4d5zrUi-XzMNyUtD4v-KD5fc',
'client_id': <my_client_app_id>,
}
P.S. I get the ‘code’ parameter from the redirect url. Example:
<WSGIRequest: GET
'/accounts/arcgis/login/callback/?code='o9DGl2OY7JRDSwvinUTRJy7jSHy3D9p-ftLIPNiWX
gMDtA-JcsQ3cucXm1V-OcoJCrB0G05CX_iErKl9TK2LsYC-bf5eDcRa5O88heoxvwpWRnBu
LoVpx1Bw8FPZ8QqBVVmu4lhN-C4I3fuSe6sZEvyQ3jGTa7V1xcbhxELw02S96t-yO_8ZAJhZ
-WQg_Jybzq3s3LsBM0EQe7r9301JE1W5-sLQd-YrKkjc909t4d5zrUi-XzMNyUtD4v-KD5fc&st
ate=YcoUuwg0Nvni'>
For this request (locally and locally + ngrok), I get a response with the status 200 and
the following data:
{
'access_token': 'Nn35y22fGaSqrrzkkbGQp…',
'expires_in': 1800,
'username': 'username',
'ssl': True,
'refresh_token': '53Anf42u0nwrDCGgm…',
'refresh_token_expires_in': 1209599,
}
BUT when a similar situation occurs on prodaction (https://...io/), I get a response with the status 403, with
the following data:
raise OAuth2Error("Error retrieving access token: %s" % resp. content)
oauthlib. oauth2. rfc6749. errors. OAuth2Error: (None) Error retrieving access token:
b'<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403
Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n'
10.42.2.48 - - [24/Aug/2023:11:57:45 -0400] "GET
/accounts/arcgis/login/callback/?code=JiYZNXrTrbg8_o7f0o7QY3blC_T34SoxubESKNpBr3z
9pxKFb5m5J0oxwbW4yNDRdVuVt-ZGL3gmIo349zpLQDEqm1Lf2rRbnK2MTQMPKl6Of3-n
WLO8BBsNOYaZQ37LfP6PZ0SIkcrHkgJ7ESgALlMKA7mRilHiCSPF-R9UwSqJfww_tOiQCS
KEhbVwrWhuKDcFly9QGh4SWlTRNFgdOmimaXyuDwwkdcRFDiIa6dGWyPi9pcoqVhrzNG
YQw2Xx835nG5yela53XT73nj7-mg&state=BujTt0IhiPDX HTTP/1.1" 302 0
"https://www.arcgis.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/116.0.0.0 Safari/537.36"
PS
it also often happens on prodaction that I get the parameter ‘code’ at the end of which
there are two dots. For example:?code=YQw2Xx835nG5yela53XT73nj7-mg..
Sometimes, if you delete these points, you will receive a 200 response with
the desired token later. (this doesn't always happen). An error was excluded when extracting this
parameter in our code. This ‘code ' comes from your server.
Also, if I get a 403 response to prodaction, I quickly send the same
request with the same data via Postman and get a 200 response.I.e. the problem occurs exactly on prodaction.
Please, tell me what the problem may be and how to fix it?
