When I try to implement an OAuth flow into Quickbooks Online with the openid scope, I receive an error authlib.jose.errors.MissingClaimError: missing_claim: Missing "nonce" claim.
Here is the code:
from authlib.integrations.flask_client import OAuth
oauth = OAuth(app)
oauth.register(
name="qbo",
client_id='x',
client_secret='x',
server_metadata_url='https://developer.api.intuit.com/.well-known/openid_sandbox_configuration',
client_kwargs={"scope": "openid email profile com.intuit.quickbooks.accounting"},
)
@app.route("/login")
def login():
redirect_uri = url_for("callback", _external=True)
client = getattr(oauth, 'qbo')
return client.authorize_redirect(redirect_uri, state='hello')
@app.route("/callback")
def callback():
client = getattr(oauth, 'qbo')
token = client.authorize_access_token()
return 'authorized'
The line client.authorize_access_token() is failing. This also fails when I pass a nonce param to the authorize_redirect() method.
When I remove the openid email profile scopes, then this works without an issue. I have similar code for openid and Google, and that works without any issues.
Any ideas on what is happening in this case?
from Missing "nonce" claim with Quickbooks + Authlib
No comments:
Post a Comment