✊🏿 Black Lives Matter. Please consider donating to Black Girls Code today.
⚡️ Concerned about the grid? Kyle Baranko teaches how to predicting peak loads using XGBoost. Register for the August webinar!

Dash_google_auth redirect problem

Hi,
Has anyone recently used dash_google_auth and/or dash_okta_auth with success?
I was able to make oauth work with okta but not with google.

For okta, the code is the following:

from dash_okta_auth import OktaOAuth

server = Flask(name)

server.config.update({
‘OKTA_OAUTH_CLIENT_ID’: ‘XXXXXXXXXX’,
‘OKTA_OAUTH_CLIENT_SECRET’: ‘XXXXXXXXXXXXX’,
})
server.secret_key = os.environ.get(“FLASK_SECRET_KEY”, “anythinggoes”)
os.environ[‘OAUTHLIB_INSECURE_TRANSPORT’] = ‘1’

app = dash.Dash(name, server=server, url_base_pathname=’/’)

scopes =
auth = OktaOAuth(app, base_url=‘https://dev-xxxxxx.okta.com’, additional_scopes=scopes)

One possible configuration for the Login redirect URIs at okta is http://xxxxxxxxxxx/login/okta/authorized

The prescribed code for google auth is the following:

server.config.update({
‘GOOGLE_OAUTH_CLIENT_ID’: ‘xxxxxxxxxxxxxxxxxxxxxx’,
‘GOOGLE_OAUTH_CLIENT_SECRET’: ‘xxxxxxxxxxxxxxxxxx’,
})
server.secret_key = os.environ.get(“FLASK_SECRET_KEY”, “supersikrit”)
os.environ[‘OAUTHLIB_INSECURE_TRANSPORT’] = ‘1’

app = dash.Dash(name, server=server, url_base_pathname=’/’)

emails = [‘xxxxxxxx@gmail.com’’]
scopes =
auth = GoogleOAuth(app=app, authorized_emails=emails, additional_scopes=scopes)

One possible configuration for the Login redirect URIs at google is http://xxxxxxxxxxx/login/google/authorized

The problem with google is that after the login I always get redirected back to the login
http://xxxxxxxxxxx/login/google/authorized
and the server throws an internal server error (500)

I tried to change the base url by doing

app = dash.Dash(name, server=server, url_base_pathname=’/mydashapp/’)

@server.route(’/mydashapp’)
def MyDashApp():
return app.index()

but it still doesn’t work and it gives the same error-- also, I’m not very familiar with Flask, to be honest.

Any help solving this issue? I’ve lost the entire day trying to make this work.

I am getting the same exact error. I tried changing the routing as well. Exception comes in because of token validation error:

127.0.0.1 - - [18/Jul/2020 16:52:18] “GET /login/google HTTP/1.1” 302 -
[2020-07-18 16:52:21,800] ERROR in app: Exception on /login/google/authorized [GET]
Traceback (most recent call last):
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask\app.py”, line 2447, in wsgi_app
response = self.full_dispatch_request()
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask\app.py”, line 1952, in full_dispatch_request
rv = self.handle_user_exception(e)
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask\app.py”, line 1821, in handle_user_exception
reraise(exc_type, exc_value, tb)
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask_compat.py”, line 39, in reraise
raise value
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask\app.py”, line 1950, in full_dispatch_request
rv = self.dispatch_request()
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask\app.py”, line 1936, in dispatch_request
return self.view_functionsrule.endpoint
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\flask_dance\consumer\oauth2.py”, line 256, in authorized
token = self.session.fetch_token(
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\requests_oauthlib\oauth2_session.py”, line 360, in fetch_token
self._client.parse_request_body_response(r.text, scope=self.scope)
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\oauthlib\oauth2\rfc6749\clients\base.py”, line 421, in parse_request_body_response
self.token = parse_token_response(body, scope=scope)
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\oauthlib\oauth2\rfc6749\parameters.py”, line 431, in parse_token_response
validate_token_parameters(params)
File “C:\Users\Ishwi\AppData\Local\Programs\Python\Python38\lib\site-packages\oauthlib\oauth2\rfc6749\parameters.py”, line 461, in validate_token_parameters
raise w

Any help is much appreciated

I finally solved it. Google auth is different from Okta auth, since for google you have to provide the email addresses. I was somehow confused. Here is the code (as run on a Ubuntu 20.04 machine):

from flask import Flask
import dash
from dash_google_auth import GoogleOAuth

server = Flask(__name__)

server.config.update({
    'GOOGLE_OAUTH_CLIENT_ID': 'xxxxxx',
    'GOOGLE_OAUTH_CLIENT_SECRET': 'xxxxxxx'
})

server.secret_key = os.environ.get('FLASK_SECRET_KEY', 'anything goes')
# dont use for production
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'

external_stylesheets = []
app = dash.Dash(__name__, server=server, url_base_pathname='/', external_stylesheets=external_stylesheets)
app.config['suppress_callback_exceptions']=True

additional_scopes = ['openid']
authorized_emails = ['xxxxxxx@gmail.com', 'yyyyyy@gmail.com']
auth = GoogleOAuth(app, authorized_emails, additional_scopes)

if __name__ == '__main__':
   app.run_server(debug=True)

Thanks for this! We had gotten around this using Google’s IAP since we are on Google cloud.