How to test google federated login on localhost

Question

I'm trying to test a federated login application on my local machine. I'm using django together with the Socialauth application. When logging in on localhost, however, I get a 403 Forbidden django error page, informing me that the "CSRF token [is] missing or incorrect." I'm assuming that means the site I'm accessing from is not authorized.

On the google domain management page you can add localhost, but nothing happens when you then try to manage that page.

So, is there a way to test federated login on your local machine?

Answer 1

My mistake seems simply to have been not to have added the CsrfResponseMiddleware.

So my middleware classes in settings.py now looks like:

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'openid_consumer.middleware.OpenIDMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.csrf.CsrfResponseMiddleware',
    #'socialauth.middleware.FacebookConnectMiddleware',
)

This takes away the error, and everything works fine.

Answer 2

The error

"CSRF token [is] missing or incorrect."

means just that, the CSRF token which django is expecting is missing or incorrect. AFAIK the CSRF token functionality was added not so long ago, maybe you need to update your Django install.