python-social-auth, I get a
403: Forbiden error message after accepting access from google
EDIT: I’ve recently (2017) had the same error but under a new message:
401 Client Error: Unauthorized for url: https://accounts.google.com/o/oauth2/token
You need to add the
Google+ API to the list of enabled APIs on the Google Developer Console (under
Note: If you want to see the real error message, use the traceback to look at the content of the
response variable (
response.text). I use werkzeug for that (
python manage.py runserver_plus).
Thanks also. I was using this python-social-auth tutorial by art and logic, but couldn’t get past a 403: Forbidden HTTPError at /complete/google-oauth2/ until enabling Google+ API as above and waiting for a few minutes for Google to enable it.
Additionally, I had to place the templates in a template directory and set
TEMPLATE_DIRS = ('/path/to/psa_test/thirdauth/templates/',)in settings.py.
Hope this helps someone along the way. All in all, it’s taken about 6 hours to figure it out. Not too bad, I’m happy.
For me I was using the full-URI scope which is deprecated by Google from Sept 1, 2014, this is mentioned in python-social-auth documentation here
Google is deprecating the full-url scopes from Sept 1, 2014 in favor of Google+ API and the recently introduced shorter scopes names. But python-social-auth already introduced the scopes change at e3525187 which was released at v0.1.24.
However if you don’t want to Enable the Google+ API for any reason and want to continue working with the full-uri old scope you need to follow the steps mentioned in the same link:
# Google OAuth2 (google-oauth2) SOCIAL_AUTH_GOOGLE_OAUTH2_IGNORE_DEFAULT_SCOPE = True SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [ 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile' ] # Google+ SignIn (google-plus) SOCIAL_AUTH_GOOGLE_PLUS_IGNORE_DEFAULT_SCOPE = True SOCIAL_AUTH_GOOGLE_PLUS_SCOPE = [ 'https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile' ] SOCIAL_AUTH_GOOGLE_OAUTH2_USE_DEPRECATED_API = True SOCIAL_AUTH_GOOGLE_PLUS_USE_DEPRECATED_API = True
This worked for me as I didn’t want to enable the Google+ API at this point.