def __getattr__(self, name):
"""Lazily load the auth entity and instantiate :attr:`self.gr_source`.
Once :attr:`self.gr_source` is set, this method will *not* be called;
:attr:`gr_source` will be returned normally.
"""
if name == 'gr_source' and self.auth_entity:
auth_entity = self.auth_entity.get()
token = auth_entity.access_token()
if not isinstance(token, tuple):
token = (token,)
kwargs = {}
if self.key.kind() == 'FacebookPage' and auth_entity.type == 'user':
kwargs = {'user_id': self.key.id()}
elif self.key.kind() == 'Instagram':
kwargs = {'scrape': True, 'cookie': appengine_config.INSTAGRAM_SESSIONID_COOKIE}
elif self.key.kind() == 'Twitter':
kwargs = {'username': self.key.id()}
self.gr_source = self.GR_CLASS(*token, **kwargs)
return self.gr_source
if name == 'gr_source' and self.key.kind() == 'FacebookEmailAccount':
from granary import facebook as gr_facebook
self.gr_source = gr_facebook.Facebook(user_id=self.key.id())
return self.gr_source
return getattr(super(Source, self), name)
def get(self):
"""Handles an API GET.
Request path is of the form /site/user_id/group_id/app_id/activity_id ,
where each element except site is an optional string object id.
"""
# parse path
args = urllib.unquote(self.request.path).strip('/').split('/')
if not args or len(args) > MAX_PATH_LEN:
raise exc.HTTPNotFound('Expected 1-%d path elements; found %d' %
(MAX_PATH_LEN, len(args)))
# make source instance
site = args.pop(0)
if site == 'twitter':
src = twitter.Twitter(
access_token_key=util.get_required_param(self, 'access_token_key'),
access_token_secret=util.get_required_param(self, 'access_token_secret'))
elif site == 'facebook':
src = facebook.Facebook(
access_token=util.get_required_param(self, 'access_token'))
elif site == 'flickr':
src = flickr.Flickr(
access_token_key=util.get_required_param(self, 'access_token_key'),
access_token_secret=util.get_required_param(self, 'access_token_secret'))
elif site == 'instagram':
src = instagram.Instagram(
access_token=util.get_required_param(self, 'access_token'))
elif site == 'google+':
auth_entity = util.get_required_param(self, 'auth_entity')
src = googleplus.GooglePlus(auth_entity=ndb.Key(urlsafe=auth_entity).get())
else:
src_cls = source.sources.get(site)
if not src_cls:
raise exc.HTTPNotFound('Unknown site %r' % site)
src = src_cls(**self.request.params)
# handle default path elements
args = [None if a in defaults else a
for a, defaults in zip(args, PATH_DEFAULTS)]
user_id = args[0] if args else None
# fetch actor if necessary
actor = None
if self.request.get('format') == 'atom':
# atom needs actor
args = [None if a in defaults else a # handle default path elements
for a, defaults in zip(args, PATH_DEFAULTS)]
user_id = args[0] if args else None
actor = src.get_actor(user_id) if src else {}
# get activities and write response
response = src.get_activities_response(*args, **self.get_kwargs())
self.write_response(response, actor=actor)
def new(handler, auth_entity=None, **kwargs):
"""Creates and returns a :class:`FacebookPage` for the logged in user.
Args:
handler: the current :class:`webapp2.RequestHandler`
auth_entity: :class:`oauth_dropins.facebook.FacebookAuth`
kwargs: property values
"""
user = json.loads(auth_entity.user_json)
gr_source = gr_facebook.Facebook(access_token=auth_entity.access_token())
actor = gr_source.user_to_actor(user)
return FacebookPage(id=user['id'],
auth_entity=auth_entity.key,
name=actor.get('displayName'),
username=actor.get('username'),
picture=actor.get('image', {}).get('url'),
url=actor.get('url'),
**kwargs)
def get(self):
"""Handles an API GET.
Request path is of the form /site/user_id/group_id/app_id/activity_id ,
where each element except site is an optional string object id.
"""
# parse path
args = urllib.unquote(self.request.path).strip('/').split('/')
if not args or len(args) > MAX_PATH_LEN:
raise exc.HTTPNotFound('Expected 1-%d path elements; found %d' %
(MAX_PATH_LEN, len(args)))
# make source instance
site = args.pop(0)
if site == 'twitter':
src = twitter.Twitter(access_token_key=util.get_required_param(
self, 'access_token_key'),
access_token_secret=util.get_required_param(
self, 'access_token_secret'))
elif site == 'facebook':
src = facebook.Facebook(
access_token=util.get_required_param(self, 'access_token'))
elif site == 'flickr':
src = flickr.Flickr(access_token_key=util.get_required_param(
self, 'access_token_key'),
access_token_secret=util.get_required_param(
self, 'access_token_secret'))
elif site == 'instagram':
src = instagram.Instagram(scrape=True)
elif site == 'google+':
auth_entity = util.get_required_param(self, 'auth_entity')
src = googleplus.GooglePlus(auth_entity=ndb.Key(
urlsafe=auth_entity).get())
else:
src_cls = source.sources.get(site)
if not src_cls:
raise exc.HTTPNotFound('Unknown site %r' % site)
src = src_cls(**self.request.params)
# decode tag URI ids
for i, arg in enumerate(args):
parsed = util.parse_tag_uri(arg)
if parsed:
domain, id = parsed
if domain != src.DOMAIN:
raise exc.HTTPBadRequest(
'Expected domain %s in tag URI %s, found %s' %
(src.DOMAIN, arg, domain))
args[i] = id
# check if request is cached
cache = self.request.get('cache', '').lower() != 'false'
if cache:
cache_key = 'R %s' % self.request.path
cached = memcache.get(cache_key)
if cached:
logging.info('Serving cached response %r', cache_key)
self.write_response(cached['response'],
actor=cached['actor'],
url=src.BASE_URL)
return
# handle default path elements
args = [
None if a in defaults else a
for a, defaults in zip(args, PATH_DEFAULTS)
]
user_id = args[0] if args else None
# get activities (etc)
try:
if len(args) >= 2 and args[1] == '@blocks':
response = {'items': src.get_blocklist()}
else:
response = src.get_activities_response(*args,
**self.get_kwargs(src))
except (NotImplementedError, ValueError) as e:
self.abort(400, str(e))
# other exceptions are handled by webutil.handlers.handle_exception(),
# which uses interpret_http_exception(), etc.
# fetch actor if necessary
actor = response.get('actor')
if not actor and self.request.get('format') == 'atom':
# atom needs actor
args = [
None if a in defaults else a # handle default path elements
for a, defaults in zip(args, PATH_DEFAULTS)
]
user_id = args[0] if args else None
actor = src.get_actor(user_id) if src else {}
self.write_response(response, actor=actor, url=src.BASE_URL)
# cache response
if cache:
logging.info('Caching response in %r', cache_key)
memcache.set(cache_key, {
'response': response,
'actor': actor
}, src.RESPONSE_CACHE_TIME)
def get(self):
"""Handles an API GET.
Request path is of the form /site/user_id/group_id/app_id/activity_id ,
where each element except site is an optional string object id.
"""
# parse path
args = urllib.unquote(self.request.path).strip('/').split('/')
if not args or len(args) > MAX_PATH_LEN:
raise exc.HTTPNotFound('Expected 1-%d path elements; found %d' %
(MAX_PATH_LEN, len(args)))
# make source instance
site = args.pop(0)
if site == 'twitter':
src = twitter.Twitter(
access_token_key=util.get_required_param(self, 'access_token_key'),
access_token_secret=util.get_required_param(self, 'access_token_secret'))
elif site == 'facebook':
src = facebook.Facebook(
access_token=util.get_required_param(self, 'access_token'))
elif site == 'flickr':
src = flickr.Flickr(
access_token_key=util.get_required_param(self, 'access_token_key'),
access_token_secret=util.get_required_param(self, 'access_token_secret'))
elif site == 'github':
src = github.GitHub(
access_token=util.get_required_param(self, 'access_token'))
elif site == 'instagram':
src = instagram.Instagram(scrape=True)
else:
src_cls = source.sources.get(site)
if not src_cls:
raise exc.HTTPNotFound('Unknown site %r' % site)
src = src_cls(**self.request.params)
# decode tag URI ids
for i, arg in enumerate(args):
parsed = util.parse_tag_uri(arg)
if parsed:
domain, id = parsed
if domain != src.DOMAIN:
raise exc.HTTPBadRequest('Expected domain %s in tag URI %s, found %s' %
(src.DOMAIN, arg, domain))
args[i] = id
# handle default path elements
args = [None if a in defaults else a
for a, defaults in zip(args, PATH_DEFAULTS)]
user_id = args[0] if args else None
# get activities (etc)
try:
if len(args) >= 2 and args[1] == '@blocks':
try:
response = {'items': src.get_blocklist()}
except source.RateLimited as e:
if not e.partial:
self.abort(429, str(e))
response = {'items': e.partial}
else:
response = src.get_activities_response(*args, **self.get_kwargs())
except (NotImplementedError, ValueError) as e:
self.abort(400, str(e))
# other exceptions are handled by webutil.handlers.handle_exception(),
# which uses interpret_http_exception(), etc.
# fetch actor if necessary
actor = response.get('actor')
if not actor and self.request.get('format') == 'atom':
# atom needs actor
args = [None if a in defaults else a # handle default path elements
for a, defaults in zip(args, PATH_DEFAULTS)]
actor = src.get_actor(user_id) if src else {}
self.write_response(response, actor=actor, url=src.BASE_URL)
class Facebook(browser.BrowserSource):
"""A Facebook account.
The key name is the Facebook global user id.
"""
GR_CLASS = gr_facebook.Facebook
SHORT_NAME = 'facebook'
OAUTH_START_HANDLER = oauth_facebook.StartHandler
URL_CANONICALIZER = util.UrlCanonicalizer(
domain=GR_CLASS.DOMAIN,
subdomain='www',
query=True,
approve=r'https://www\.facebook\.com/[^/?]+/posts/[^/?]+$',
headers=util.REQUEST_HEADERS)
# no reject regexp; non-private FB post URLs just 404
# blank granary Facebook object, shared across all instances
gr_source = gr_facebook.Facebook()
# unique name used in FB URLs, e.g. facebook.com/[username]
username = ndb.StringProperty()
@classmethod
def new(cls, handler, auth_entity=None, actor=None, **kwargs):
"""Creates and returns an entity based on an AS1 actor."""
src = super().new(handler, auth_entity=None, actor=actor, **kwargs)
src.username = actor.get('username')
return src
@classmethod
def key_id_from_actor(cls, actor):
"""Returns the actor's numeric_id field to use as this entity's key id.
numeric_id is the Facebook global user id.
"""
return actor['numeric_id']
@classmethod
def lookup(cls, id):
"""Returns the entity with the given id or username."""
return ndb.Key(cls, id).get() or cls.query(cls.username == id).get()
def silo_url(self):
"""Returns the Facebook profile URL, e.g. https://facebook.com/foo.
Facebook profile URLS with app-scoped user ids (eg www.facebook.com/ID) no
longer work as of April 2018, so if that's all we have, return None instead.
https://developers.facebook.com/blog/post/2018/04/19/facebook-login-changes-address-abuse/
"""
if self.username:
return self.gr_source.user_url(self.username)
user_id = self.key.id()
if util.is_int(id) and int(id) < MIN_APP_SCOPED_ID:
return self.gr_source.user_url(user_id)
@classmethod
def button_html(cls, feature, **kwargs):
return super(cls, cls).button_html(feature,
form_method='get',
**kwargs)
return oauth_instagram.StartHandler.button_html(
'/about#browser-extension',
form_method='get',
image_prefix='/oauth_dropins/static/')
def canonicalize_url(self, url, **kwargs):
"""Facebook-specific standardization of syndicated urls.
Canonical form is https://www.facebook.com/USERID/posts/POSTID
Args:
url: a string, the url of the syndicated content
kwargs: unused
Return:
a string, the canonical form of the syndication url
"""
if util.domain_from_link(url) != self.gr_source.DOMAIN:
return None
def post_url(id):
return 'https://www.facebook.com/%s/posts/%s' % (self.key.id(), id)
parsed = urllib.parse.urlparse(url)
params = urllib.parse.parse_qs(parsed.query)
path = parsed.path.strip('/').split('/')
url_id = self.gr_source.post_id(url)
ids = params.get('story_fbid') or params.get('fbid')
post_id = ids[0] if ids else url_id
if post_id:
url = post_url(post_id)
url = url.replace('facebook.com/%s/' % self.username,
'facebook.com/%s/' % self.key.id())
return super(Facebook, self).canonicalize_url(url)
def get_comment(self, id, **kwargs):
resp = ndb.Key('Response', self.gr_source.tag_uri(id))
email = FacebookEmail.query(FacebookEmail.response == resp).get()
if email:
return gr_facebook.Facebook().email_to_object(email.htmls[0])
def receive(self, email):
addr = self.request.path.split('/')[-1]
message_id = email.original.get('message-id').strip('<>')
sender = getattr(email, 'sender', None)
to = getattr(email, 'to', None)
cc = getattr(email, 'cc', None)
subject = getattr(email, 'subject', None)
logging.info('Received %s from %s to %s (%s) cc %s: %s', message_id,
sender, to, addr, cc, subject)
addr = self.request.path.split('/')[-1]
user = addr.split('@')[0]
source = FacebookEmailAccount.query(
FacebookEmailAccount.email_user == user).get()
logging.info('Source for %s is %s', user, source)
util.email_me(subject='New email from %s: %s' % (sender, subject),
body='Source: %s' %
(source.bridgy_url(self) if source else None))
htmls = list(body.decode() for _, body in email.bodies('text/html'))
fbe = FacebookEmail.get_or_insert(
message_id, source=source.key if source else None, htmls=htmls)
logging.info('FacebookEmail created %s: %s', fbe.created,
fbe.key.urlsafe())
if not source:
self.response.status_code = 404
self.response.write(
'No Facebook email user found with address %s' % addr)
return
for html in htmls:
obj = gr_facebook.Facebook().email_to_object(html)
if obj:
break
else:
self.response.status_code = 400
self.response.write('No HTML body could be parsed')
return
logging.info('Converted to AS1: %s', json_dumps(obj, indent=2))
base_obj = source.gr_source.base_object(obj)
# note that this ignores the id query param (the post's user id) and uses
# the source object's user id instead.
base_obj['url'] = source.canonicalize_url(base_obj['url'])
# also note that base_obj['id'] is not a tag URI, it's the raw Facebook post
# id, eg '104790764108207'. we don't use it from activities_json much,
# though, just in PropagateResponse.source_url(), which handles this fine.
original_post_discovery.refetch(source)
targets, mentions = original_post_discovery.discover(source,
base_obj,
fetch_hfeed=False)
logging.info('Got targets %s mentions %s', targets, mentions)
resp = Response(id=obj['id'],
source=source.key,
type=Response.get_type(obj),
response_json=json_dumps(obj),
activities_json=[json_dumps(base_obj)],
unsent=targets)
resp.get_or_save(source, restart=True)
fbe.response = resp.key
fbe.put()