can't make tutorial "getting started" , django-oauth-toolkit 2.0.0

[vebp]

hi good day

I can't make work the tutorial "getting started" from the docs
(sorry I know there are a couple of similars issues rised but still it seems there is some differences)

Django 4.0.5
django-oauth-toolkit 2.0.0
OS Ubuntu 20.04
python 3.8

I've been following the steps as appears in the docs but at the end the system delivers me the line

{"error": "invalid_request", "error_description": "Code verifier required."}

instead of the expected:

These where my steps:

BTW, when you enters the url
http://127.0.0.1:8000/o/applications/register/

the form has another field called "Algorithm" with 3 options:

• No OIDC support
• RSA with SHA-2 256
• HMAC with SHA-2 256

Which option should I choose at this step? The docs do not refers to it.
I tried with the first and the third but the steps didn't work with any of them. The second option gives me this strange error when I try to selected it.

Finally, and don't know if it was important, but when I tried to create the code_challenge, I had to change the line
code_verifier = base64.urlsafe_b64encode(code_verifier)
to
code_verifier = base64.urlsafe_b64encode(code_verifier.encode('utf-8'))
because I had an error that requests me to use a string.
Later the line
code_challenge = hashlib.sha256(code_verifier.encode('utf-8')).digest()
had to change to
code_challenge = hashlib.sha256(code_verifier).digest()

What am I doing wrong?

(Thanks in advance)

[n2ygk]

@vebp Oh wow, I didn't even know (remember?) there was an http://127.0.0.1:8000/o/applications/register/ endpoint. (I've never followed the tutorial apparently!) I always use the admin UI at http://127.0.0.1:8000/admin/oauth2_provider/application/add/. I'll have to look over the tutorial, but meanwhile, can you try using the admin endpoint? Also 2.1.0 was just published.

Also the Algorithm selection should be "No OIDC support". See this screenshot:

I can't comment on the code challenge other than to suggest you try using Postman first as in this screen shot, selecting "Authorization Code (With PKCE)":

Also, make sure your Application includes this redirect URI: https://www.getpostman.com/oauth2/callback

[vebp]

OK @n2ygk thanks a lot!, I'll try to do that.
I've continued doing the tutorials and have a similar problem at Part 1 - Make a Provider in a Minute , in the following part "Tutorials". The truth is I imagine that most people is just interested in using Django OAuth Toolkit integrated with Django-rest-framework (which is my case too) so maybe that’s why no one has noticed. Still, you may want to make the docs consistent.
I’ll let you know if a find a problem at django-rest-framework
Have a nice day and thanks again

[tartarini]

I've tested twice the getting started doc and end up with the same error
{"error": "invalid_grant"}

any idea?

Setup:
Django==4.1
django-oauth-toolkit==2.1.0
Python 3.10.6

[g-normand]

@tartarini @n2ygk I had a similar problem.

My problem was that I thought code_verifier and code_challenge were the same thing.
I updated the doc for more clarity, I hope it's enough : #1224