Skip to content
This repository has been archived by the owner on Oct 4, 2024. It is now read-only.

oauth2 redirect to localhost:8080 #507

Open
blessendor opened this issue Aug 24, 2024 · 11 comments
Open

oauth2 redirect to localhost:8080 #507

blessendor opened this issue Aug 24, 2024 · 11 comments

Comments

@blessendor
Copy link

"Please visit this URL to authorize this application: https://accounts.google.com/o/oauth2/auth?response_type=code&client_id= ..."

after accepting permissions, browser redirect me to the page like

http://localhost:8080/?state=Zfo......hCs1jokZiEwFM&code=4/0AQlEd8........javr_j2F_8XlsVW.....6Wj9u4s-LpuUx-evjO.......55A&scope=https://www.googleapis.com/auth/photoslibrary.readonly

I was expecting of redirect to the Google page with new token.
I used this script without docker from 2020. Today I upgraded my Synology from 6.2 and 7.2, installed app from pip, but stuck with this redirect.

Do you know what is the issue?

@ikwyl6
Copy link

ikwyl6 commented Aug 24, 2024

If you are running this on another machine then change 'localhost' to the IP of that machine (synology)... gphotos-sync runs a little webserver on port 8080 and so it assumes where you are running the script is the same machine you are using (localhost)..

@blessendor
Copy link
Author

blessendor commented Aug 24, 2024

But I always did copy and paste token from the google page to the terminal, where I ran the script.

OK, when I changing localhost to my DSM hostname, google says "400: redirect_uri_mismatch"
Maybe I need to edit url in the client_secret.json

@ikwyl6
Copy link

ikwyl6 commented Aug 24, 2024

On google - instead of 'localhost' for the redirect on google, put in the IP (or what you call DSM hostname) of your synology (I think)..

You need to put the token that you received from the google link back into the script and that's how it does it by going to the webapge that is hosted on localhost port 8080. I assume there is a blank text box that you paste the response from the google page into that localhost:8080 webpage and then it should work (I haven't done it a really long time - sorry).. So if you can get that localhost:8080 webpage working and paste the result from google into it, it should hopefully work.

@blessendor
Copy link
Author

I do not see any google tokens to copy before redirecting to localhost:8080. After accepting access request on the google page, redirect is occurs. Old behaveour was waiting to paste token from browser to terminal. You script was waiting for paste instead of listenning to 8080 port afaik.

@blessendor
Copy link
Author

Redirect uri can be assigned only for the Web applications client, not for Desktop type.
Create OAuth client ID – APIs   Services – gphotos-sync – Google Cloud console 2024-08-25 03-17-50

Then manually replaced "web" to "installed" in the secret json file. Then redirect became working, but I got error in the terminal:

08-25 03:25:58 ERROR
Process failed.
Traceback (most recent call last):
File "/root/gphotos-sync-venv/lib/python3.8/site-packages/gphotos_sync/main.py", line 552, in main
self.setup(args, db_path)
File "/root/gphotos-sync-venv/lib/python3.8/site-packages/gphotos_sync/main.py", line 372, in setup
self.auth.authorize()
File "/root/gphotos-sync-venv/lib/python3.8/site-packages/gphotos_sync/authorize.py", line 99, in authorize
flow.run_local_server(
File "/root/gphotos-sync-venv/lib/python3.8/site-packages/google_auth_oauthlib/flow.py", line 457, in run_local_server
authorization_response = wsgi_app.last_request_uri.replace("http", "https")
AttributeError: 'NoneType' object has no attribute 'replace'
08-25 03:25:58 WARNING Done.

@ikwyl6
Copy link

ikwyl6 commented Aug 25, 2024

It might be a code field in the redirect url that it gives back to you to paste in your browser (the localhost url). I believe with other google apis where you have to add your script (gphotos-sync) as a script under your account, you have to add a redirect url and I think this is where you enter in 'localhost', when you create access for your account to let gphotos-sync access it.

@ikwyl6
Copy link

ikwyl6 commented Aug 25, 2024

ok.. Before you use that url, what happens if you try from the machine you are using your browser on (assuming you are using linux) to 'telnet dsm.mydomain.tld 8080' ? Does it show that it connects?

@blessendor
Copy link
Author

blessendor commented Aug 25, 2024

Connection is refusing by the script with errors I posted above - with telnet test or after oauth redirect action.

BTW I set my domain as a host in the /google_auth_oauthlib/flow.py

def run_local_server(
    self,
    host="dsm.mydomain.tld",
    bind_addr=None,
    port=8080,
    authorization_prompt_message=_DEFAULT_AUTH_PROMPT_MESSAGE,
    success_message=_DEFAULT_WEB_SUCCESS_MESSAGE,
    open_browser=True,
    redirect_uri_trailing_slash=True,
    timeout_seconds=None,
    token_audience=None,
    browser=None,
    **kwargs
):

@gilesknap
Copy link
Owner

This area of running on a remote is a little fiddly and the recommendation is to do your first auth on a local copy of ghotos-sync.

However, I'm sad to say that this project is now going EOL so it is not worth looking into this anymore.
See #511 (comment)

@ikwyl6
Copy link

ikwyl6 commented Oct 3, 2024

I got this to work on other scripts that use the 3-legged oauth method FYI. You request an auth url, you plug that in your browser, then you take the code= and put that into your script where the oauth authority gives you a reusable token that can be used to login without going the 3-legged procedure every time.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants