From 62fcaf41343622aba7dcd86a1ac6069bfa049593 Mon Sep 17 00:00:00 2001 From: ronny abraham Date: Wed, 15 Nov 2023 00:25:35 +0200 Subject: [PATCH] renamed drf_token to tokens_testing --- .../readmes/authorization_drf_token.md | 23 ---- .../readmes/authorization_tokens_testing.md | 103 ++++++++++++++++++ 2 files changed, 103 insertions(+), 23 deletions(-) delete mode 100644 share/templates/readmes/authorization_drf_token.md create mode 100644 share/templates/readmes/authorization_tokens_testing.md diff --git a/share/templates/readmes/authorization_drf_token.md b/share/templates/readmes/authorization_drf_token.md deleted file mode 100644 index 075559c..0000000 --- a/share/templates/readmes/authorization_drf_token.md +++ /dev/null @@ -1,23 +0,0 @@ - -## Notes - -facebook authorization requests are different than straight user/pass requests. One requires the user and pass registered with the django app when they signed in, etc. The other is via the users facebook account. - -So the user must paas in his facebook account name and password - -### try using standard api get token method - -Unlike the facebook request,this one passes the username and password that is already stored in Django -http http://127.0.0.1:8026/api-token-auth/ username=someuser1 password=testpass1 - - -got to [facebook dev apps](https://developers.facebook.com/apps/) - -get the - -facebook test user name/pass -get client id and client secret from settings - -apply: -`curl -X POST -d "client_id=&client_secret=&grant_type=password&username=&password=" http://localhost:8000/auth/token - diff --git a/share/templates/readmes/authorization_tokens_testing.md b/share/templates/readmes/authorization_tokens_testing.md new file mode 100644 index 0000000..908503f --- /dev/null +++ b/share/templates/readmes/authorization_tokens_testing.md @@ -0,0 +1,103 @@ + +# getting testing authorization tokens for the django rest framework + +The purpose of this readme is to explain how to retrieve testing tokens that can be passed into the django rest framework's oauth authorization to retrieve a user token + +currently, this document will list how to get testing tokens for the following platforms: + +- facebook +- google + +## facebook + +### getting an access token for testing + +to get a testing token, go to graph api explorer + +1. under "meta app", select the application you want a token for +2. under "user or page", select "user token" from the dropdown +3. under "add a permission", select "email" from the dropdown +4. then hit "generate access token" button, and you're good to go + +[graph api explorer](https://developers.facebook.com/tools/explorer/) + + +#### sources +[configure facebook login](https://help.sharetribe.com/en/articles/666072-configure-facebook-login) + +[getting a testing token for authentication](https://developers.facebook.com/docs/marketing-apis/overview/authentication/) + + +## google + + +### notes + +in the case of the google provider we don't actually want the +access token what we want is the ID TOKEN that is returned + +#### setting up credentials + +To use OAuth playground to get the id token, you have to first set +the Authorized Redirect URLs in the oauth credential section to at least have: + https://developers.google.com/oauthplayground + +#### oauth playground + +next in OAuth Playground, set it up to use your client + +1. click the settings wheel in the upper left corner +2. click on 'use your own OAUTH credentials' +3. enter the client id and client secret + +##### Step1 + +go to Step1 Select & authorize APIs + +1. find Google OAuth2 API v2 +2. select unserinfo.email and userinfo.profile +3. click Authorize APIs + +##### Step2 + +go to Step 2 Exchange authorization code for tokens + +1. click Exchange authorization code for tokens +2. IGNORE access and refresh token!!! they are not relevant! +3. go to the right panel Request / Response + - in the json data, find 'id_token' +4. paste the id token in the field for auth_token in swagger + + +#### sources + +[Using OAuth 2.0 to access Google APIs](https://medium.com/@anupama.pathirage/using-oauth-2-0-to-access-google-apis-1dbd01edea9a#:~:text=In%20a%20separate%20browser%20window,obtained%20in%20the%20previous%20step.) + +[django allauth callback](https://django-allauth.readthedocs.io/en/latest/socialaccount/providers/index.html?highlight=callback) + + + +# old info in this page + +### Notes + +facebook authorization requests are different than straight user/pass requests. One requires the user and pass registered with the django app when they signed in, etc. The other is via the users facebook account. + +So the user must paas in his facebook account name and password + +#### try using standard api get token method + +Unlike the facebook request,this one passes the username and password that is already stored in Django + +http http://127.0.0.1:8026/api-token-auth/ username=someuser1 password=testpass1 + + +got to [facebook dev apps](https://developers.facebook.com/apps/) + +get the + +facebook test user name/pass +get client id and client secret from settings + +apply: +`curl -X POST -d "client_id=&client_secret=&grant_type=password&username=&password=" http://localhost:8000/auth/token