Im having trouble getting identity-toolkit fully working with Python App Engine Sandbox. The sample provided is for a non GAE Sandbox project.
In the sample project it reads gitkit-server-config.json from file using os.path. But this is not supported in GAE Sandbox. To get around this I am creating a GitkitClient directly using the constructor:
gitkit_instance = gitkitclient.GitkitClient(
client_id="123456opg.apps.googleusercontent.com",
service_account_email="my-project#appspot.gserviceaccount.com",
service_account_key="/path/to/my-p12file.p12",
widget_url="http://localhost:8080/callback",
http=None,
project_id="my-project")
Is this the correct way to create the GitkitClient?
The issue now is when I try to do a password reset when running locally using dev_appserver.py I get the following stack trace:
File "dashboard.py", line 89, in post
oobResult = gitkit_instance.GetOobResult(self.request.POST,self.request.remote_addr)
File "identitytoolkit/gitkitclient.py", line 366, in GetOobResult
param['action'])
File "identitytoolkit/gitkitclient.py", line 435, in _BuildOobLink
code = self.rpc_helper.GetOobCode(param)
File "identitytoolkit/rpchelper.py", line 104, in GetOobCode
response = self._InvokeGitkitApi('getOobConfirmationCode', request)
File "identitytoolkit/rpchelper.py", line 210, in _InvokeGitkitApi
access_token = self._GetAccessToken()
File "identitytoolkit/rpchelper.py", line 231, in _GetAccessToken
'assertion': self._GenerateAssertion(),
File "identitytoolkit/rpchelper.py", line 259, in _GenerateAssertion
crypt.Signer.from_string(self.service_account_key),
File "oauth2client/_pure_python_crypt.py", line 183, in from_string
raise ValueError('No key could be detected.')
ValueError: No key could be detected.
Im assuming this is a problem with the .p12 file? I double checked service_account_key="/path/to/my-p12file.p12" and the file exists. What am I missing here?
FYI to others working on this in the future -
I could not get this working in python. The documentation doesn't make it clear how to get this working in app engine. In addition, dependency issues with PyCrypto made this a gcc and dependency nightmare.
I was however able to get this working in Go and there is a semi-working example online that will work with some modifications highlighted in the issues and pull request pages. Good luck.
Related
I'v been trying to launch project(example_setup folder):
https://github.com/OTA-Insight/djangosaml2idp/tree/master/example_setup
I can anybody answer to men according with documentation. But it does not working. First problem, as I undesrtand is in date of methadata in SP(idp_metadata.xml)- validUntil="2020-12-27T12:41:18Z"> . It does not valid at the moment, and was changed to future date, as example(validUntil="2030-12-27T12:41:18Z"). But next I got another problem when trying to sign in to SP(localhost:8000) in my browser, I have more problem:
Error during SAML2 authentication
IncorrectlySigned
In attempts to find problem, I found the place where it is occured. In original it iis in tryexcept block, and can't be found easy.
Traceback (most recent call last):
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/djangosaml2idp/views.py", line 251, in get
req_info = idp_server.parse_authn_request(request.session['SAMLRequest'], binding)
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/server.py", line 238, in parse_authn_request
return self._parse_request(enc_request, AuthnRequest,
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/entity.py", line 1036, in _parse_request
_request = _request.loads(xmlstr, binding, origdoc=enc_request,
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/request.py", line 110, in loads
return self._loads(xmldata, binding, origdoc, must,
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/request.py", line 51, in _loads
print(self.signature_check(xmldata, origdoc=origdoc,
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/sigver.py", line 1662, in correctly_signed_authn_request
return self.correctly_signed_message(decoded_xml, 'authn_request', must, origdoc, only_valid_cert=only_valid_cert)
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/sigver.py", line 1653, in correctly_signed_message
return self._check_signature(
File "/home/dmitriy/projects/djangosaml2idp/example_setup/idp/venv/lib/python3.8/site-packages/saml2/sigver.py", line 1503, in _check_signature
raise MissingKey(_issuer)
saml2.sigver.MissingKey: http://localhost:8000/saml2/metadata/
Internal Server Error: /idp/login/process/
Some key is missing:
Error during SAML2 authentication
MissingKey
http://localhost:8000/saml2/metadata/
My idp_metada in the SP is like in the [example_setup][1] folder of project, only validUntil has been changed as I said above, user in IDP has been created as superuser, I also tried to create user in the SP, the same as in the IDP, but nothing changed
Can anybody anser to me, what my problem is?
It's no any information in docs. But you need to create SP inside IDP from admin panel. That was resolved my problem.
I was trying to run a query for data in one of my google docs, and it's worked for several months. Starting yesterday or the day before, I noticed that my script no longer works. Has Google updated their api for spreadsheets? Has anybody found a workaround?
My error looks like this:
Traceback (most recent call last):
File "build_packer_image.py", line 311, in <module>
for index, entry in enumerate(client.GetWorksheetsFeed(doc_key).entry):
File "/build/toolchain/mac-10.5-32/lib/python2.7/site-packages/gdata/spreadsheet/service.py", line 129, in GetWorksheetsFeed
converter=gdata.spreadsheet.SpreadsheetsWorksheetsFeedFromString)
File "/build/toolchain/mac-10.5-32/lib/python2.7/site-packages/gdata/service.py", line 1074, in Get
return converter(result_body)
File "/build/toolchain/mac-10.5-32/lib/python2.7/site-packages/gdata/spreadsheet/__init__.py", line 411, in SpreadsheetsWorksheetsFeedFromString
xml_string)
File "/build/toolchain/mac-10.5-32/lib/python2.7/site-packages/atom/__init__.py", line 93, in optional_warn_function
return f(*args, **kwargs)
File "/build/toolchain/mac-10.5-32/lib/python2.7/site-packages/atom/__init__.py", line 127, in CreateClassFromXMLString
tree = ElementTree.fromstring(xml_string.replace('doctype','DOCTYPE'))
File "<string>", line 125, in XML
cElementTree.ParseError: no element found: line 1, column 0
Build step 'Execute shell' marked build as failure
Finished: FAILURE
I am using:
Python 2.7.5
gdata 2.0.18
I am just using an document key and no oauth in my code, if that makes a difference (I am passing in the username and password to the ClientLogin method)
Actually here is the answer to the problem:
The use of client login (using username/password instead of oauth2) is
likely the cause of the error. That protocol was deprecated 3+ years
ago and was just shutdown. If you capture the HTTP response (which
appears to have some HTML content), that might confirm if it is
related to the shutdown. Migrating to OAuth 2 would get your apps
working again.
After sending xml for update in spreadsheet google respond with a login page.
It means the authentication is not working for gdata now
https://code.google.com/a/google.com/p/apps-api-issues/issues/detail?id=3851#c2
I started using Google App Engine Launcher in Python. I have also installed Python 2.7 on my PC and confirmed the interpreter works.
When I click run on an application a yellow triangle with an exclamation mark appears next to the name. I have tried accessing the application on localhost:8080, but as expected nothing shows up.
This is my error code:
File "C:\Program Files (x86)\Google\google_appengine\google\appengine\api\appinfo.py", line 1873, in LoadSingleAppInfo
listener.Parse(app_info)
File "C:\Program Files (x86)\Google\google_appengine\google\appengine\api\yaml_listener.py", line 226, in Parse
self._HandleEvents(self._GenerateEventParameters(stream, loader_class))
File "C:\Program Files (x86)\Google\google_appengine\google\appengine\api\yaml_listener.py", line 177, in _HandleEvents
raise yaml_errors.EventError(e, event_object)
google.appengine.api.yaml_errors.EventError: Unable to assign value 'Hello-Udacity' to attribute 'application':
Value 'Hello-Udacity' for application does not match expression '^(?:(?:[a-z\d\-]{1,100}\~)?(?:(?!\-)[a-z\d\-\.]{1,100}:)?(?!-)[a-z\d\-]{0,99}[a-z\d])$'
in "C:\Users\username\Hello-Udacity\app.yaml", line 1, column 14
2014-04-22 00:07:52 (Process exited with code 1)
Any ideas on what is causing this? Why is the application not running?
Your error code indicates that your app id does not follow the allowed format. Looks like you are not allowed to use uppercase letters.
I'm trying to host a Django app on Google App Engine, so I'm using Django nonrel and following these instructions. Now, trying to get Python social auth working on it, I'm running into two problems.
First, when working with code very similar to the example Django config from Python social, trying to load a url from a running server, I get this:
Traceback (most recent call last):
File "/home/pablo/scripts/google_appengine/google/appengine/tools/dev_appserver.py", line 2989, in _HandleRequest
self._Dispatch(dispatcher, self.rfile, outfile, env_dict)
File "/home/pablo/scripts/google_appengine/google/appengine/tools/dev_appserver.py", line 2832, in _Dispatch
request_file = open(request_file_name, 'wb')
File "/home/pablo/scripts/google_appengine/google/appengine/dev_appserver_import_hook.py", line 605, in __init__
raise IOError('invalid mode: %s' % mode)
IOError: invalid mode: wb
Somewhere, the app is trying to create local files, which App Engine doesn't allow, but I'm confused because this is coming from App Engine's code. Does anyone know where this might be coming from?
Secondly, when I try to access root on the server, I get the following error:
... [many lines elided]
File "/home/pablo/scripts/google_appengine/google/appengine/tools/dev_appserver_import_hook.py", line 692, in Decorate
return func(self, *args, **kwargs)
File "/home/pablo/scripts/google_appengine/google/appengine/tools/dev_appserver_import_hook.py", line 1642, in FindAndLoadModule
description)
File "/home/pablo/scripts/google_appengine/google/appengine/tools/dev_appserver_import_hook.py", line 692, in Decorate
return func(self, *args, **kwargs)
File "/home/pablo/scripts/google_appengine/google/appengine/tools/dev_appserver_import_hook.py", line 1589, in LoadModuleRestricted
description)
File "/usr/lib/python2.7/lib-tk/Tkinter.py", line 42, in <module>
raise ImportError, str(msg) + ', please install the python-tk package'
ImportError: No module named _tkinter, please install the python-tk package
Somewhere, Django is trying to use python-tk for Tkinter, but as I understand it, python-tk is a GUI library. How did it get here, and how can I get rid of any code that needs it?
For reference, here's the function getting called for the domain I'm trying in urls.py when accessing the running server (and getting these errors):
def home(request):
"""Home view, displays login mechanism"""
if request.user.is_authenticated():
return redirect('done')
return render_to_response('home.html', {
'plus_id': getattr(settings, 'SOCIAL_AUTH_GOOGLE_PLUS_KEY', None)
}, RequestContext(request))
Any help would be appreciated -- I'm pretty new to Django and Python, and I'd love to move forward from this :D
Python on Google App Engine is behaving a bit different, as you already realised with the local files. Another thing that needs a special treatment is the 3rd party libraries that in order to make them available, they should be handled properly.
In many cases, even if you're going to include these libraries into your GAE app, they might be using something that is not supported on the production so the whole thing is not going to work.
I'm running the demo that comes with the mapreduce framework. It's giving me an error:
File "/Applications/GoogleAppEngineLauncher.app/Contents/Resources/GoogleAppEngine-default.bundle/Contents/Resources/google_appengine/google/appengine/ext/webapp/_webapp25.py", line 703, in __call__
handler.post(*groups)
File "/path/to/mapreduce/base_handler.py", line 68, in post
self.handle()
File "/path/to/mapreduce/handlers.py", line 431, in handle
self.aggregate_state(state, shard_states)
File "/path/to/mapreduce/handlers.py", line 462, in aggregate_state
context.COUNTER_MAPPER_CALLS))
File "/path/to/mapreduce/model.py", line 257, in get
return self.counters.get(counter_name, 0)
AttributeError: 'list' object has no attribute 'get'
Is this something I'm doing wrong, does the demo not work? Is there more updated code somewhere else?
This is using the code from http://appengine-mapreduce.googlecode.com/svn/trunk/
Not familiar with that code, but the latest code is the MapReduce Bundle you can download from the SDK:
https://developers.google.com/appengine/downloads
It comes with a bit of a demo. I was able to follow this and get this to work:
http://code.google.com/p/appengine-mapreduce/wiki/GettingStartedInPython
Here's some additional notes I had when I was trying to get MapReduce running.
http://eatdev.tumblr.com/post/17983355135/using-mapreduce-with-django-nonrel-on-app-engine