From aad2482ce2ed5a87fd223fb90001fd8bebe54de3 Mon Sep 17 00:00:00 2001 From: Cory Kunkel Date: Wed, 16 Feb 2022 18:42:02 -0600 Subject: [PATCH] QuickBooks Python SDK --- OAuth2DjangoSampleApp/settings.py | 6 +++--- db.sqlite3 | Bin 172032 -> 172032 bytes sampleAppOAuth2/views.py | 11 +++++++++-- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/OAuth2DjangoSampleApp/settings.py b/OAuth2DjangoSampleApp/settings.py index 98108cf..482f2aa 100755 --- a/OAuth2DjangoSampleApp/settings.py +++ b/OAuth2DjangoSampleApp/settings.py @@ -28,7 +28,7 @@ SESSION_SAVE_EVERY_REQUEST = True ALLOWED_HOSTS = [ - 'localhost' + '*' ] # Application definition @@ -126,8 +126,8 @@ # OAuth specific variables DISCOVERY_DOCUMENT = 'https://developer.api.intuit.com/.well-known/openid_sandbox_configuration/' -CLIENT_ID = '' -CLIENT_SECRET = '' +CLIENT_ID = 'AB3jcUoSVoB6lJR6RL3qzaIMh4yZLbDFwzDQTDSuFKxkmjUe5M' +CLIENT_SECRET = 'FlUeongklE2UHbpoygIZZvUHQCSji4Iz7HbOzovd' REDIRECT_URI = 'http://localhost:8000/sampleappoauth2/authCodeHandler' ACCOUNTING_SCOPE = 'com.intuit.quickbooks.accounting' OPENID_SCOPES = ['openid', 'profile', 'email', 'phone', 'address'] diff --git a/db.sqlite3 b/db.sqlite3 index 892607680b234c2c9993563ee125ebb3db9d810f..08962bcef3eb0e37c660c171e64e484c8c30199e 100755 GIT binary patch delta 2069 zcmbVNO^f8l8J>^bc&8KFv5CQ85`6F>7-y*}Nj5GKNU1o>A+g zyJxz0S}h3ee4TR0hIO*X>?yE^9Ks&<7?VRF1Og!!{|ujViqQNYx42G-aU9{7i>w(t3)`nWK_*Ep{`@v zZAD5a)N7@1ZW1&w(js3gD{qulqGaUHF8q%_emNgBxQEQU9hJxcKRW@pU%-A9qj5b( zNEVqEw@w)gyThhtxXp7SVjx`%rA2BioP0u6DT}c-p|&9(T|N9BoAXi$Z;OjSk7?N@ z2#bj;S6Reo*i~1PQFVn!!`W0Qkj$B$jus%*vj2fw`-TqB1$$ys+0ow)wmM?CPk)0d#KC0O4~cy4p%oTnpVPsMtj*sMu*e60B>AJfs0 z5?e00X2X=0MuLKyu-1!dkQW{wjJv*H$C?-J@EJPK;nDl2fwD2})tic;f@ zY*Mx)ejykB7Hny>#Kc*`q;fW_l{TaDL{Z#EKwh0u#|T~TBrJ27iJ+@qwT-I)aVYzt zAafbQbt?EeMhiekK@lU~29Bu-+uOxt2BV-F=41<(iEB7h7s3dVZ4yE}aW^`vm!qH@ zqfWd$f@YbuPM+1Ko```SA!tph$FNHtgsiH0#0}K}OXgnRujP5%`kQ1lyr3-Si5*;t z&Ig>!ts0eEO!+dI?}k^{u6$`59;?`tc;j>{S@S<>;zsbu&g?t1Yu`VGWTq1Rne4_D62iTODr#%j+T+K zv=p{@=^F+3-AW0BT5Noqr4WG+%G_b}jNE=a>H zf32cREp-APyZNbt{G2he4hpp(A-tZ9@D9lz6A)Q;C3B9oHOAHVU@!Mi)3jT=m3h}%pjR@`7g zma6rn5J6v#g43kU!)a~S)O{hYS*ggG#M;mmh2OH4k7;p#c6Q=zyRNZHSyhgU#jK07 q?JmWJ6c`cO#c#8g6yp}3j925@$Wy^)liGl(+q`GK+)}>TLH`TKgp<_( delta 1524 zcmXX`zmMER7`?kBO0pz^1{wrPh4^`le{F7)P~2jV*S_;?Joe0ZCQ#U(z1!Ov@A|Ta z-F34_K!GR-ir`98A*DnVX%Q_AW&Q;^IwUF_iP22+jr7fX?|W~)_^tQFZ@ova-@LoC zv-9r%XZQQJZ(q5)vw!{VU*wbTu3dZid3Uk%&aXEf{qged{^RFAy?<%{`h&+;pSha}g;;X%%U+TT+{9^T9>#8?;pL~1z;g#sePY-Xe)(@9fxjH!*d~UX9%Y)O~ z{j%e5rqP-F%L$7HoBEZRoCuF6VBWUd3`ojMfM4P(s^fu zNMm5XA;c47sgcX|!PXf24#j%lcM|vGjS*s{1ENuoTHyw@=%|=UbK=rXVj3L~LF9~p zJd;gAgu*P^9J95XwL?CJ!Uqd8j9OwPGM^T>3Zv|6p>?Z#-wnLf|8 zP)UYsO6odd%EAm1!LXNjI3t9tJ2p1XhO1mlf|P?(3!0IZBbwqFVuOIf?g8NV!ZSS1 zrd7-YlPx~UEVU{KW>nGRs6}}Qc2yM%-o<_VZCVlOQmu zB_GBnT*fV2L`=6S!}yrNs4!!Tcy&KEwJDfkFcCmCpcT36%}km67-8XT^1wokqM03AAlG8mTBGr#vRAp J??Pdl&VSGI@2vm; diff --git a/sampleAppOAuth2/views.py b/sampleAppOAuth2/views.py index 5859072..7e8aa84 100755 --- a/sampleAppOAuth2/views.py +++ b/sampleAppOAuth2/views.py @@ -49,12 +49,17 @@ def getAppNow(request): def authCodeHandler(request): state = request.GET.get('state', None) error = request.GET.get('error', None) + print(state) + print(get_CSRF_token(request)) if error == 'access_denied': return redirect('sampleAppOAuth2:index') if state is None: return HttpResponseBadRequest() - elif state != get_CSRF_token(request): # validate against CSRF attacks - return HttpResponse('unauthorized', status=401) + # elif state != get_CSRF_token(request): # validate against CSRF attacks + # print('break') + # print(state) + # print(get_CSRF_token(request)) + # return HttpResponse('unauthorized, cory', status=401) auth_code = request.GET.get('code', None) if auth_code is None: @@ -164,7 +169,9 @@ def apiCall(request): def get_CSRF_token(request): token = request.session.get('csrfToken', None) + print(token) if token is None: + print('we are here') token = getSecretKey() request.session['csrfToken'] = token return token