Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google OAuth2Error: Invalid id_token #3328

Closed
CucumisSativus opened this issue Jun 16, 2023 · 1 comment
Closed

Google OAuth2Error: Invalid id_token #3328

CucumisSativus opened this issue Jun 16, 2023 · 1 comment

Comments

@CucumisSativus
Copy link

CucumisSativus commented Jun 16, 2023
edited
Loading

When using allauth for social login with dj_rest_auth like this

class GoogleLogin(SocialLoginView):
    adapter_class = GoogleOAuth2Adapter
    client_class = OAuth2Client

After sending access token i get

traceback

Traceback (most recent call last):
  File "<my_app>/.venv/lib/python3.10/site-packages/jwt/api_jws.py", line 258, in _load
    header_segment, payload_segment = signing_input.split(b".", 1)
ValueError: not enough values to unpack (expected 2, got 1)

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "<my_app>/.venv/lib/python3.10/site-packages/allauth/socialaccount/providers/google/views.py", line 42, in complete_login
    identity_data = jwt.decode(
  File "<my_app>/.venv/lib/python3.10/site-packages/jwt/api_jwt.py", line 210, in decode
    decoded = self.decode_complete(
  File "<my_app>/.venv/lib/python3.10/site-packages/jwt/api_jwt.py", line 151, in decode_complete
    decoded = api_jws.decode_complete(
  File "<my_app>/.venv/lib/python3.10/site-packages/jwt/api_jws.py", line 198, in decode_complete
    payload, signing_input, header, signature = self._load(jwt)
  File "<my_app>/.venv/lib/python3.10/site-packages/jwt/api_jws.py", line 260, in _load
    raise DecodeError("Not enough segments") from err
jwt.exceptions.DecodeError: Not enough segments

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "<my_app>/.venv/lib/python3.10/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "<my_app>/.venv/lib/python3.10/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/sentry_sdk/integrations/django/views.py", line 84, in sentry_wrapped_callback
    return callback(request, *args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 56, in wrapper_view
    return view_func(*args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/django/views/generic/base.py", line 104, in view
    return self.dispatch(request, *args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/django/utils/decorators.py", line 46, in _wrapper
    return bound_method(*args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/django/views/decorators/debug.py", line 92, in sensitive_post_parameters_wrapper
    return view(request, *args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/dj_rest_auth/views.py", line 48, in dispatch
    return super().dispatch(*args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/rest_framework/views.py", line 509, in dispatch
    response = self.handle_exception(exc)
  File "<my_app>/.venv/lib/python3.10/site-packages/rest_framework/views.py", line 469, in handle_exception
    self.raise_uncaught_exception(exc)
  File "<my_app>/.venv/lib/python3.10/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
    raise exc
  File "<my_app>/.venv/lib/python3.10/site-packages/rest_framework/views.py", line 506, in dispatch
    response = handler(request, *args, **kwargs)
  File "<my_app>/.venv/lib/python3.10/site-packages/dj_rest_auth/views.py", line 125, in post
    self.serializer.is_valid(raise_exception=True)
  File "<my_app>/.venv/lib/python3.10/site-packages/rest_framework/serializers.py", line 227, in is_valid
    self._validated_data = self.run_validation(self.initial_data)
  File "<my_app>/.venv/lib/python3.10/site-packages/rest_framework/serializers.py", line 429, in run_validation
    value = self.validate(value)
  File "<my_app>/.venv/lib/python3.10/site-packages/dj_rest_auth/registration/serializers.py", line 157, in validate
    login = self.get_social_login(adapter, app, social_token, response={'id_token': token})
  File "<my_app>/.venv/lib/python3.10/site-packages/dj_rest_auth/registration/serializers.py", line 61, in get_social_login
    social_login = adapter.complete_login(request, app, token, response=response)
  File "<my_app>/.venv/lib/python3.10/site-packages/allauth/socialaccount/providers/google/views.py", line 60, in complete_login
    raise OAuth2Error("Invalid id_token") from e
allauth.socialaccount.providers.oauth2.client.OAuth2Error: Invalid id_token

I followed iMerica/dj-rest-auth#503 (comment) and downgraded django-allauth to 0.50.0 and it fixed the issue. It appears that there is a regression

My configuration

        'google': {
            "APP": {
                "client_id": os.getenv("GOOGLE_APP_ID"),
                "secret": os.getenv("GOOGLE_APP_SECRET"),
                "key": ""
            },
            'SCOPE': [
                'profile',
                'email',
            ],
            'AUTH_PARAMS': {
                'access_type': 'online',
            }
        },
        ```
@pennersr
Copy link
Owner

Closing -- see #3253

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pennersr @CucumisSativus