Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
How to debug 'MismatchingStateError'
See original GitHub issueHello, i was trying to connect to the OneDrive REST Api using oauthlib. I am able to create an authorization url, but when it comes to fetching a token, my programm throws an exception.
from requests_oauthlib import OAuth2Session
client_id = '3753a627-146e-4137-8f6e-8c561547551b'
client_secret = 'xxxxxxxxxxxxxxxxxxxxxxx'
redirect_uri = 'https://localhost:8080'
#OAuth Endpoints for OneDrive
authorization_base_url = "https://login.live.com/oauth20_authorize.srf"
token_url = "https://login.live.com/oauth20_token.srf"
scope = [
"offline_access",
"onedrive.readwrite",
"wl.signin"
]
onedrive = OAuth2Session(client_id, scope=scope, redirect_uri=redirect_uri)
authorization_url, state = onedrive.authorization_url(authorization_base_url)
print('Authlink,', authorization_url)
redirect_response = input('Please enter the FULL Url: ')
onedrive.fetch_token(token_url, client_secret=client_secret,authorization_response=redirect_response)
C:\Users\Tim\AppData\Local\Programs\Python\Python35-32\python.exe C:/Users/Tim/PycharmProjects/copy+/onedriveconnect.py
Authlink, https://login.live.com/oauth20_authorize.srf?response_type=code&client_id=3753a627-146e-4137-8f6e-8c561547551b&redirect_uri=https%3A%2F%2Flocalhost%3A8080&scope=offline_access+onedrive.readwrite+wl.signin&state=sYQ8Lv2cLpV7QqZyujgfI9d7OmuhPE
Please enter the FULL Url: https://localhost:8080/?code=Mfac93b90-7dda-0c22-4000-8d7cb40ca384&state=sYQ8Lv2cLpV7QqZyujgfI9d7OmuhPE
Traceback (most recent call last):
File "C:/Users/Tim/PycharmProjects/copy+/onedriveconnect.py", line 25, in <module>
onedrive.fetch_token(token_url, client_secret=client_secret,authorization_response=redirect_response)
File "C:\Users\Tim\AppData\Local\Programs\Python\Python35-32\lib\site-packages\requests_oauthlib\oauth2_session.py", line 187, in fetch_token
state=self._state)
File "C:\Users\Tim\AppData\Local\Programs\Python\Python35-32\lib\site-packages\oauthlib\oauth2\rfc6749\clients\web_application.py", line 174, in parse_request_uri_response
response = parse_authorization_code_response(uri, state=state)
File "C:\Users\Tim\AppData\Local\Programs\Python\Python35-32\lib\site-packages\oauthlib\oauth2\rfc6749\parameters.py", line 227, in parse_authorization_code_response
raise MismatchingStateError()
oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) CSRF Warning! State not equal in request and response.
Process finished with exit code 1
Issue Analytics
- State:
- Created 7 years ago
- Comments:11 (3 by maintainers)
Top Results From Across the Web
How to debug Oauth: MismatchingStateError when using live ...
Both work using localhost and the flask debug server, but not on a production machine. The full error is: authlib.integrations.base_client.
Read more >mismatching_state: CSRF Warning! State not equal in request ...
For months, I have been experiencing ad-hoc issues with authlib.integrations.base_client.errors.MismatchingStateError: mismatching_state: CSRF ...
Read more >How to use the oauthlib.oauth2.rfc6749.errors.OAuth2Error ...
OAuth2Error as e: log.debug('Client error during validation of %r. %r. ... class MismatchingStateError(OAuth2Error): error = 'mismatching_state' description ...
Read more >pdb — The Python Debugger — Python 3.11.1 documentation
The module pdb defines an interactive source code debugger for Python programs. It supports setting (conditional) breakpoints and single stepping at the ...
Read more >How to Debug Python Errors - SitePoint
The Python Debugger (PDB) is a tool that allows you to step through your callstack using breakpoints. The tool itself is inspired by...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
It appears that there are several different people asking for help in this GitHub issue, with several different issues that are similar, but may have different causes. That makes it really hard to actually help anyone.
I’m going to close this GitHub issue. If you still have a problem that you haven’t been able to resolve, please open a new, separate GitHub issue.
Actually the issue is “How to debug MismatchingStateError”
I am gonna try to bring some light as I encountered the same issue. I solved it by passing the FULL url in the response in the authorization_response:
http://localhost:8090/callback?code=XXX&state=YYY&session_state=ZZZZNote that the url callback configured in my app is: http://localhost:8090/callback I was not passinghttp://localhost, just/callback?code=XXX&state=YYY&session_state=ZZZZAnd that was causing the oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) Seems obvious but I just wanted to note that. Besides, check that you state is the same and that there are not encoded characters.