Page MenuHomePhabricator

Python social_core incorrectly escapes text in AuthException
Closed, InvalidPublic

Description

I generated a E010 error in a django app. The error message I got was:

Error: "roysmith-test" is an owner-only Connected App. To fetch the access token, see [[Special:OAuthConsumerRegistration/update/...........................]].

&lt;span class=&quot;plainlinks mw-mwoautherror-details&quot;&gt;Consumer is owner-only, <a class="external" href="https://www.mediawiki.org/wiki/Help:OAuth/Errors#E010">E010</a>&lt;/span&gt;

(the ................... above is my consumer key, which I've elided from this report)

Traceback was:

Environment:


Request Method: GET
Request URL: https://spi-tools-dev.toolforge.org/oath/login/mediawiki/

Django Version: 2.2.13
Python Version: 3.7.3
Installed Applications:
['django.contrib.admin',
 'django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'cat_checker',
 'spi',
 'pageutils',
 'tools_app',
 'social_django',
 'debug_toolbar']
Installed Middleware:
['debug_toolbar.middleware.DebugToolbarMiddleware',
 'django.middleware.security.SecurityMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware',
 'social_django.middleware.SocialAuthExceptionMiddleware',
 'tools_app.middleware.LoggingMiddleware']



Traceback:


File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/django/core/handlers/exception.py" in inner
  34.             response = get_response(request)

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/django/core/handlers/base.py" in _get_response
  115.                 response = self.process_exception_by_middleware(e, request)

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/django/core/handlers/base.py" in _get_response
  113.                 response = wrapped_callback(request, *callback_args, **callback_kwargs)

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
  44.         response = view_func(request, *args, **kwargs)

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_django/utils.py" in wrapper
  49.             return func(request, backend, *args, **kwargs)

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_django/views.py" in auth
  23.     return do_auth(request.backend, redirect_name=REDIRECT_FIELD_NAME)

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_core/actions.py" in do_auth
  27.     return backend.start()

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_core/backends/base.py" in start
  35.             return self.strategy.redirect(self.auth_url())

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_core/backends/oauth.py" in auth_url
  167.         token = self.set_unauthorized_token()

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_core/backends/oauth.py" in set_unauthorized_token
  223.         token = self.unauthorized_token()

File "/data/project/spi-tools-dev/www/python/venv/lib/python3.7/site-packages/social_core/backends/mediawiki.py" in unauthorized_token
  67.             raise AuthException(self, response.content.decode())

Exception Type: AuthException at /oath/login/mediawiki/
Exception Value: Error: &quot;roysmith-test&quot; is an owner-only Connected App. To fetch the access token, see [[Special:OAuthConsumerRegistration/update/2aef91ea064b02b2cf99a44db255b6a2]].

&lt;span class=&quot;plainlinks mw-mwoautherror-details&quot;&gt;Consumer is owner-only, <a class="external" href="https://www.mediawiki.org/wiki/Help:OAuth/Errors#E010">E010</a>&lt;/span&gt;

Event Timeline

Reedy changed the task status from Open to Stalled.Jul 11 2020, 4:29 PM
Reedy added a subscriber: Reedy.

Python social_core incorrectly escapes text in AuthException

I'm not sure what you want us to do here. If python social_core is doing something wrong, we can't fix that...

Please always read and follow https://www.mediawiki.org/wiki/How_to_report_a_bug and be specific where you expect what to happen.

Oh, my bad. I thought that was something developed by MWF.

Unfortunately not.

Looks like it's developed over at https://github.com/python-social-auth/social-core so might want to try filing an issue there :)

It was created by @Tobias1984 in T155945, maybe he can help.