Getting a token on the client side, rest framework

See original GitHub issue

Hello! I cannot fix the following problem: I cannot get the acсess token on the client side,
although on the server side the access token was received successfully.
I use the rest framework and on the client side I do everything as written in your documentation
https://github.com/snok/django-auth-adfs/blob/master/docs/rest_framework.rst.

I do it like this:
I take the authorization code from the logs, the logs are below

data = {
    'grant_type': 'authorization_code',
    'client_id': 'your-configured-client-id',
    'redirect_uri': 'https://djangoapp.example.com/oauth2/callback',
    'code': code_from_logs,
}
response = requests.post(
    "https://adfs.example.com/adfs/oauth2/token",
    data,
)

but the adfs server responds with the following

{
     "error":"invalid_grant",
     "error_description":"MSIS9612: The authorization code received in \\u0027code\\u0027 parameter is invalid. "
}

What happens is that I get the token on the server side, but cannot get it on the client side.
This means that I cannot log in to my django application, because the client does not have a token.
Although the server logs show that the server successfully received the token

Authentication on the adfs server side is successful, the following is written in the logs of my application:

[22/Jul/2021 07:47:55] “GET /api/oauth2/login HTTP/1.1” 302 0

DEBUG 2021-07-22 07:47:55,349 django_auth_adfs Received authorization code: AAAAAAAAAAAAAAAAAAAAAA.Nobt–RM2QhBANjrsh84_ranQd0.F6txam-GaIgxlI-hIvQK4-hxFO5w7vCKdRaTJuyJZJtrMeWw6voRc647RSuVg6uDT8pWyVyB-6uVjNO04OCrdQnDCImnsk-CDIl-FQNF-Orp1AYwx8q8svroruVedBcuglSitGaZD08AsOv0NaC2Y1I_oVZQ3kweYszyZHi2iGJpz8E8m68zZ_dYZ51YID4B9BA3gsctaK8797YEWz_Kf10vmVsj_lToqwRYmx7SGZqdPLwKEE0iu434I_t0sCLdPEp0o_X-QBCTSSfLSzhpsPljkHNBaUbTeC3ybAU91ccQjBmwTH48j5nA-E4cB2nXTKt_nO8ozS42U9nbmoEuhA

DEBUG 2021-07-22 07:47:55,350 django_auth_adfs Getting access token at: https://my-adfs-server/adfs/oauth2/token/

DEBUG 2021-07-22 07:47:55,357 django_auth_adfs Received access token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6InBRTngxb3FrY3Nwa0hsTllwcHNaekYyUUp1cyJ9.eyJhdWQiOiJtaWNyb3NvZnQ6aWRlbnRpdHlzZXJ2ZXI6ZjUwZWZjMjYtODFmMy00YjM3LThkYmMtODA4ZjJlNDc4NmI2IiwiaXNzIjoiaHR0cDovL2F1dGgucnBhc3MuZGVsb2l0dGUucnUvYWRmcy9zZXJ2aWNlcy90cnVzdCIsImlhdCI6MTYyNjk0MDA2MSwiZXhwIjoxNjI2OTQzNjYxLCJlbWFpbCI6ImlvcHVzbmV2QGdtYWlsLmNvbSIsImdpdmVuX25hbWUiOiJJbHlhIiwiZmFtaWx5X25hbWUiOiJPcHVzaG5ldiIsImdyb3VwIjpbIkRvbWFpbiBVc2VycyIsIlJTVE9PTF9SUEFTU19BY3RpdmVVc2VycyJdLCJ3aW5hY2NvdW50bmFtZSI6IiRXODNFRzdKTS1KU1ZRQUJXRCIsImFwcHR5cGUiOiJQdWJsaWMiLCJhcHBpZCI6ImY1MGVmYzI2LTgxZjMtNGIzNy04ZGJjLTgwOGYyZTQ3ODZiNiIsImF1dGhtZXRob2QiOiJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZFByb3RlY3RlZFRyYW5zcG9ydCIsImF1dGhfdGltZSI6IjIwMjEtMDctMjJUMDY6NTg6NTMuMzg5WiIsInZlciI6IjEuMCIsInNjcCI6Im9wZW5pZCJ9.CItz-2LwSSZZYL-34oVootHHALwWBCfkwOSaMudOPdXsHljX72U64nuHXi-iCtwBwim5VPk_AdnJV2_i1WPRV9Xg6OvliZNgyG8-Lsk8LNZXRp-4hSrao8n42rnBdk2qeCydx7pn2yqNY9lPpd_Kujngn1Ufn9H6MXmwTcpdrMl_JNBZyDbC4Y3J_CwFpWQ5LyC0QX3Dk2tOFdcQUJyrMm9jeA0vXDJWAekAfNchYLwHeruT660ZP_x9zw3x9V2IiEU0kPwDN1F6NqWXSk5VCh6AMVLm6BiJ994sy2JZ80DFSbNhQm-IuCGQpCd9jfnbDNK07NDQtRwB_Ad8S_Yc0A

[22/Jul/2021 07:47:55] “GET /api/oauth2/callback?code=AAAAAAAAAAAAAAAAAAAAAA.Nobt–RM2QhBANjrsh84_ranQd0.F6txam-GaIgxlI-hIvQK4-hxFO5w7vCKdRaTJuyJZJtrMeWw6voRc647RSuVg6uDT8pWyVyB-6uVjNO04OCrdQnDCImnsk-CDIl-FQNF-Orp1AYwx8q8svroruVedBcuglSitGaZD08AsOv0NaC2Y1I_oVZQ3kweYszyZHi2iGJpz8E8m68zZ_dYZ51YID4B9BA3gsctaK8797YEWz_Kf10vmVsj_lToqwRYmx7SGZqdPLwKEE0iu434I_t0sCLdPEp0o_X-QBCTSSfLSzhpsPljkHNBaUbTeC3ybAU91ccQjBmwTH48j5nA-E4cB2nXTKt_nO8ozS42U9nbmoEuhA&state=L3Byb2ZpbGU= HTTP/1.1” 302 0

What am I doing wrong? How do I pass the token to the client or how do I get the token on the client side? I would be very grateful for any help!

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:5 (1 by maintainers)

github_iconTop GitHub Comments

1reaction
JonasKscommented, Jul 22, 2021

Hi! Happy you figured it out. 😊

0reactions
ven-shupocommented, Jul 22, 2021

Here is the solution

AUTHENTICATION_BACKENDS = (
    'django_auth_adfs.backend.AdfsAccessTokenBackend',
    'django.contrib.auth.backends.ModelBackend'
)

neet to remove ‘django_auth_adfs.backend.AdfsAuthCodeBackend’ from auth_backend

Read more comments on GitHub >

github_iconTop Results From Across the Web

How to Implement Token Authentication using Django REST ...
In this tutorial you are going to learn how to implement Token-based authentication using Django REST Framework (DRF).
Read more >
django-rest-auth token authentication on client side
From Django Rest Framework Docs. For clients to authenticate, the token key should be included in the Authorization HTTP header.
Read more >
How to secure a REST API using JWT authentication
Finally, the client app will receive the token, verify it on its own side to ensure it's authentic, and then use it on...
Read more >
API Clients - Django REST framework
API Clients. An API client handles the underlying details of how network requests are made and how responses are decoded.
Read more >
Get a token in a web app that calls web APIs - Microsoft Entra
Get a token for the web API by using the token cache. To get this token, you call the Microsoft Authentication Library (MSAL)...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found