django-repositories/api-sandbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
api-sandbox/share/readmes/authorization_tokens_testing.md
ronny abraham 95b566622d initial commit
2025-04-22 18:06:11 +03:00

3.2 KiB
Raw Blame History

getting testing authorization tokens for the django rest framework

The purpose of this readme is to explain how to retrieve testing tokens that can be passed into the django rest framework's oauth authorization to retrieve a user token

currently, this document will list how to get testing tokens for the following platforms:

  • facebook
  • google

facebook

getting an access token for testing

to get a testing token, go to graph api explorer

  1. under "meta app", select the application you want a token for
  2. under "user or page", select "user token" from the dropdown
  3. under "add a permission", select "email" from the dropdown
  4. then hit "generate access token" button, and you're good to go

graph api explorer

sources

configure facebook login

getting a testing token for authentication

google

notes

in the case of the google provider we don't actually want the access token what we want is the ID TOKEN that is returned

setting up credentials

To use OAuth playground to get the id token, you have to first set the Authorized Redirect URLs in the oauth credential section to at least have: https://developers.google.com/oauthplayground

oauth playground

next in OAuth Playground, set it up to use your client

  1. click the settings wheel in the upper left corner
  2. click on 'use your own OAUTH credentials'
  3. enter the client id and client secret
Step1

go to Step1 Select & authorize APIs

  1. find Google OAuth2 API v2
  2. select unserinfo.email and userinfo.profile
  3. click Authorize APIs
Step2

go to Step 2 Exchange authorization code for tokens

  1. click Exchange authorization code for tokens
  2. IGNORE access and refresh token!!! they are not relevant!
  3. go to the right panel Request / Response
    • in the json data, find 'id_token'
  4. paste the id token in the field for auth_token in swagger

sources

Using OAuth 2.0 to access Google APIs

django allauth callback

old info in this page

Notes

facebook authorization requests are different than straight user/pass requests. One requires the user and pass registered with the django app when they signed in, etc. The other is via the users facebook account.

So the user must paas in his facebook account name and password

try using standard api get token method

Unlike the facebook request,this one passes the username and password that is already stored in Django

http http://127.0.0.1:8026/api-token-auth/ username=someuser1 password=testpass1

got to facebook dev apps

get the

facebook test user name/pass get client id and client secret from settings

apply: `curl -X POST -d "client_id=<client_id>&client_secret=<client_secret>&grant_type=password&username=<user_name>&password=" http://localhost:8000/auth/token