我正在尝试为我的企业创建一个基本的库存管理应用程序。它只需要在我的机器上运行,因此我在本地主机上运行 Flask 应用程序。我一直在尝试获取使用 clover api 进行授权的基本代码,但我遇到了很多问题。
import flask
import requests
import config
import os
from OpenSSL import SSL
ASSETS_DIR = os.path.dirname(os.path.abspath(__file__))
CLIENT_ID = config.CLIENT_ID
CLIENT_SECRET = config.CLIENT_SECRET
ENV = "https://sandbox.dev.clover.com"
if not CLIENT_ID or not CLIENT_SECRET:
raise ValueError("Set your CLIENT_ID and CLIENT_SECRET in config.py.")
app = flask.Flask(__name__)
context = SSL.Context(SSL.SSLv23_METHOD)
context.use_privatekey_file('crt/key.pem')
context.use_certificate_file('crt/certificate.pem')
app.config['APPLICATION_ROOT'] = '/'
app.config['PREFERRED_URL_SCHEME'] = 'https'
@app.route("/", methods=["GET"])
def landing_page():
"""Depending on whether `code` parameter is present, redirects to
oauth_callback or to Clover merchant login."""
# A request from an authorized merchant includes a code in its query string.
code = flask.request.args.get("code")
# If the request doesn't include a code, redirect the merchant to Clover's
# authorize endpoint.
if not code:
return flask.redirect("%s/oauth/authorize?client_id=%s" % (ENV, CLIENT_ID))
# If the request does include a code, redirect to this app's oauth_callback
# in order to request an access_token.
else:
return flask.redirect("/oauth_callback?code=%s" % code)
@app.route("/oauth_callback", methods=["GET"])
def oauth_callback():
"""Uses `code` with CLIENT_ID and CLIENT_SECRET to request access_token."""
code = flask.request.args.get("code")
# The merchant shouldn't reach this endpoint without a code, but just in case:
if not code:
return flask.redirect("/")
# Use the code with your app ID and app secret to request an access_token.
request = "%s/oauth/token?client_id=%s&client_secret=%s&code=%s" % (ENV, CLIENT_ID, CLIENT_SECRET, code)
try:
response = requests.get(request)
response.raise_for_status()
access_token = response.json().get("access_token")
print("Access token: ", access_token)
if access_token:
return "Access token: " + access_token
else:
return "Could not retrieve access_token."
except requests.RequestException as e:
print("Request failed:", e)
except Exception as e:
print(e)
################################################################################
if __name__ == "__main__":
app.run(host='0.0.0.0', port=5000, debug=True, ssl_context=context)
127.0.0.1 - - [12/Feb/2024 19:09:57] code 400, message Bad request version ('**\x13\x01\x13\x02\x13\x03À+À/À,À0̨̩À\x13À\x14\x00\x9c\x00\x9d\x00/\x005\x01\x00\x01\x9f\x1a\x1a\x00\x00\x00')
127.0.0.1 - - [12/Feb/2024 19:09:57] "\x16\x03\x01\x02\x0c\x01\x00\x02\x08\x03\x039Kmñx\x00=;G¢Ë¬\x95\x9c>)\x91ZSqîÝ%µÈ\x86OÞ\x1f>× \x96Büo\x08H4¡6ÆÎÈ´ö¡fÐÔ\x8552È\x00uÚ$ߪàss·\x00 **\x13\x01\x13\x02\x13\x03À+À/À,À0̨̩À\x13À\x14\x00\x9c\x00\x9d\x00/\x005\x01\x00\x01\x9f\x1a\x1a\x00\x00\x00" 400 -
我生成了一个自签名证书来使用 HTTPS,因为我认为这可以解决问题,但我仍然收到错误代码 400、错误的请求版本、Chrome 上的 ssl_protocol_error 等。
我几乎没有更改三叶草网站上的以下代码,只是添加了证书和一些调试内容。有人知道我可以尝试什么或者是否有更简单的方法来做到这一点?
验证它不是说纯文本 -
curl -v http://127.0.0.1:5000/
验证它可以使用 HTTPS
curl -vk https://127.0.0.1:5000/
如果不是纯文本,请找出您的 TLS 配置的版本和详细信息
openssl s_client -connect 127.0.0.1:5000 -showcerts -debug < /dev/null
如果我没看错你的代码,那么你正在使用 SSLv23_METHOD 来获得 SSLv2 握手。您正在测试的浏览器可能不兼容,因此会出现 400 错误请求。尝试 TLS 1.2(或更好)
context = SSL.Context(SSL.PROTOCOL_TLSv1_2)