I have implemented an oauth2 server and an oauth2 client using flask-oauthlib.
When I am trying to test locally, the client returns an InsecureTransportError and tells me that I should be using https.
Is there a way to test the app locally without https?
The client is running on 127.0.0.2:5000 and the server is running on 127.0.0.1:5000.
Thanks
From http://requests-oauthlib.readthedocs.org/en/latest/examples/real_world_example.html:
You should note that Oauth2 works through SSL layer. If your server is not parametrized to allow HTTPS, the fetch_token method will raise an oauthlib.oauth2.rfc6749.errors.InsecureTransportError . Most people don’t set SSL on their server while testing and that is fine. You can disable this check in two ways:
- By setting an environment variable.
export OAUTHLIB_INSECURE_TRANSPORT=1
- Equivalent to above you can set this in Python (if you have problems setting environment variables)
# Somewhere in webapp_example.py, before the app.run for example
import os 
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
For OAuth1 you can add setting
app.config.update({
    'OAUTH1_PROVIDER_ENFORCE_SSL': False
})
For OAuth2 you can setting in environment variable.
export OAUTHLIB_INSECURE_TRANSPORT=1
or in runtime
import os
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
For Authlib usesrs :
export AUTHLIB_INSECURE_TRANSPORT=1
Or if you want to set it programmatically :
import os
os.environ['AUTHLIB_INSECURE_TRANSPORT'] = '1'
I know it's not answering the question but everytime I ask Google about it I land on this page.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With