I'm following the example in the docs:
from flask import Flask, redirect, url_for
from flask_dance.contrib.google import make_google_blueprint, google
app = Flask(__name__)
app.secret_key = "supersekrit"
blueprint = make_google_blueprint(
client_id="my-key-here",
client_secret="my-secret-here",
scope=[
"https://www.googleapis.com/auth/plus.me",
"https://www.googleapis.com/auth/userinfo.email",
]
)
app.register_blueprint(blueprint, url_prefix="/login")
@app.route("/")
def index():
if not google.authorized:
return redirect(url_for("google.login"))
resp = google.get("/oauth2/v2/userinfo")
assert resp.ok, resp.text
return "You are {email} on Google".format(email=resp.json()["email"])
if __name__ == "__main__":
app.run()
I've configured my Web Client app in Google developer console to only accept HTTPS using https://www.example.com/login/google/authorized endpoint.
After I try to start the whole auth process I get this:
Error: redirect_uri_mismatch
I can see in the request that Flask-Dance is sending http://www.example.com/login/google/authorized (using HTTP, not HTTPS). Is there a way to tell Flask-Dance to use HTTPS instead? I have my develop environment configured for HTTPS as well.
OAUTHLIB_INSECURE_TRANSPORTandOAUTHLIB_RELAX_TOKEN_SCOPEto'1'- César