VK convert-token issue

Question

VK convert-token issue

grindnoise opened this issue 3 years ago · 3 comments

Hi! I'm using drf-social-oauth2 based on python-social-auth to implement oauth2.
The issue is that when I pass VK (vk.com) access token to api's convert-token url, I get 500 response (vk access token received on Android device):

And this one by posting token from iOS device:

Meanwhile Facebook works fine.
Maybe someone could fix this?

Answer 1 · 2022-01-31T13:35:44.000Z

1/2 of headache is gone. The problem was API_VERSION - I used same constant in my settings.py

Successfully converted token received via android. the problem with iOS persists. Got that message, saying:
"(access_denied) User revoke access to the token <oauthlib.Request SANITIZED>"

Answer 2 · 2022-01-31T14:20:50.000Z

Got that response at vk_api(self, 'users.get', {
'access_token': access_token,
'fields': fields,
}) (vk.py):

{'error': {'error_code': 5, 'error_msg': 'User authorization failed: access_token was given to another ip address.', 'request_params': [{'key': 'fields', 'value': 'first_name,photo,screen_name,last_name,nickname'}, {'key': 'v', 'value': '5.131'}, {'key': 'method', 'value': 'users.get'}, {'key': 'oauth', 'value': '1'}]}}

Maybe someone faced it?

Answer 3 · 2022-02-01T07:16:55.000Z

Problem solved. VK access token is bound to IP address, details:
{'error': {'error_code': 5, 'error_msg': 'User authorization failed: access_token was given to another ip address.', 'request_params': [{'key': 'fields', 'value': 'last_name,screen_name,nickname,first_name,photo'}, {'key': 'v', 'value': '5.131'}, {'key': 'method', 'value': 'users.get'}, {'key': 'oauth', 'value': '1'}]}}

Solution is to add offline to SOCIAL_AUTH_VK_OAUTH2_SCOPE