Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fitbit do not allow callback URLs with http anymore #163

Open
BigValen opened this issue Dec 11, 2020 · 2 comments
Open

fitbit do not allow callback URLs with http anymore #163

BigValen opened this issue Dec 11, 2020 · 2 comments

Comments

@BigValen
Copy link

Fitbit won't allow a new application without a https callback.

Screenshot from 2020-12-11 10-45-37

Probably should switch to https...this worked for me.


diff --git a/gather_keys_oauth2.py b/gather_keys_oauth2.py
index 39a19f8..c021ce1 100755
--- a/gather_keys_oauth2.py
+++ b/gather_keys_oauth2.py
@@ -14,7 +14,7 @@ from oauthlib.oauth2.rfc6749.errors import MismatchingStateError, MissingTokenEr
 
 class OAuth2Server:
     def __init__(self, client_id, client_secret,
-                 redirect_uri='http://127.0.0.1:8080/'):
+                 redirect_uri='https://localhost:8080/'):
         """ Initialize the FitbitOauth2Client """
         self.success_html = """
             <h1>You are now authorized to access the Fitbit API!</h1>
@@ -42,8 +42,13 @@ class OAuth2Server:
 
         # Same with redirect_uri hostname and port.
         urlparams = urlparse(self.redirect_uri)
-        cherrypy.config.update({'server.socket_host': urlparams.hostname,
-                                'server.socket_port': urlparams.port})
+        cherrypy.config.update({
+            'server.socket_host': urlparams.hostname,
+            'server.socket_port': urlparams.port,
+            'server.ssl_module': 'builtin',
+            'server.ssl_certificate': 'cert.pem',
+            'server.ssl_private_key': 'privkey.pem'
+            })

But you also need to run python in an environment with a variable that tells OAUTHLIB to be cool about a bunch of things;

export OAUTHLIB_RELAX_TOKEN_SCOPE=1
@guillochon
Copy link

Missing from these instructions are the fact that you need to generate a cert.pem and privkey.pem file using this guide here: https://docs.cherrypy.org/en/3.3.0/progguide/security.html

Also one needs to add the certificate to the keychain and trust it, instructions available here: https://www.ateam-oracle.com/how-to-make-chrome-on-os-x-trust-a-self-signed-certificate

@3v1n0
Copy link

3v1n0 commented Sep 5, 2021

The links are dead but you can generate things quite easily by using:

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout privkey.pem -out cert.pem

This is self-signed certificate so on the browser (firefox for example) when you get the certificate error, you can just go in advanced toggle to allow this certificate and all will work properly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@3v1n0 @BigValen @guillochon