def fbconnect():
''' Connect with facebook Oauth2 API
Taken from Udacity Authentication and Authorization Restaurant Menus example
'''
access_token = request.data
app.logger.debug("Access token received %s", access_token)
app_id = json.loads(open(FBCLIENTS, 'r').read())['web']['app_id']
app_secret = json.loads(open(FBCLIENTS, 'r').read())['web']['app_secret']
url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=%s&client_secret=%s&fb_exchange_token=%s' % (
app_id, app_secret, access_token)
h = httplib2.Http()
result = h.request(url, 'GET')[1]
# strip expire tag from access token
token = result.split("&")[0]
utils.fb_load_user_info(token)
# If user doesn't exist, add to database
utils.register_user()
return render_template('login_welcome.html',
username=session['username'],
picture_url=session['picture'])
def fbconnect():
''' Connect with facebook Oauth2 API
Taken from Udacity Authentication and Authorization Restaurant Menus example
'''
access_token = request.data
app.logger.debug("Access token received %s", access_token)
app_id = json.loads(open(FBCLIENTS, 'r').read())[
'web']['app_id']
app_secret = json.loads(
open(FBCLIENTS, 'r').read())['web']['app_secret']
url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=%s&client_secret=%s&fb_exchange_token=%s' % (
app_id, app_secret, access_token)
h = httplib2.Http()
result = h.request(url, 'GET')[1]
# strip expire tag from access token
token = result.split("&")[0]
utils.fb_load_user_info(token)
# If user doesn't exist, add to database
utils.register_user()
return render_template('login_welcome.html',
username=session['username'],
picture_url=session['picture'])
def gconnect():
''' Connect with google Oauth2 API
Taken from Udacity Authentication and Authorization Restaurant Menus example
'''
# Obtain authorization code
auth_code = request.data
try:
# Upgrade the authorization code into a credentials object
oauth_flow = flow_from_clientsecrets(GCLIENTS, scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(auth_code)
except FlowExchangeError:
response = make_response(
json.dumps('Failed to upgrade the authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Check that the access token is valid.
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' %
access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
# Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(
json.dumps("Token's user ID doesn't match given user ID."), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Verify that the access token is valid for this app.
client_id = json.loads(open(GCLIENTS, 'r').read())['web']['client_id']
if result['issued_to'] != client_id:
response = make_response(
json.dumps("Token's client ID does not match app's."), 401)
app.logger.warning("Token's client ID does not match app's.")
response.headers['Content-Type'] = 'application/json'
return response
stored_token = session.get('access_token')
stored_gplus_id = session.get('gplus_id')
if stored_token is not None and gplus_id == stored_gplus_id:
response = make_response(
json.dumps('Current user is already connected.'), 200)
response.headers['Content-Type'] = 'application/json'
return response
utils.ggl_load_user_info(credentials)
# If user doesn't exist, add to database
utils.register_user()
return render_template('login_welcome.html',
username=session['username'],
picture_url=session['picture'])
def gconnect():
''' Connect with google Oauth2 API
Taken from Udacity Authentication and Authorization Restaurant Menus example
'''
# Obtain authorization code
auth_code = request.data
try:
# Upgrade the authorization code into a credentials object
oauth_flow = flow_from_clientsecrets(GCLIENTS, scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(auth_code)
except FlowExchangeError:
response = make_response(
json.dumps('Failed to upgrade the authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Check that the access token is valid.
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s'
% access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
# Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(
json.dumps("Token's user ID doesn't match given user ID."), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Verify that the access token is valid for this app.
client_id = json.loads(
open(GCLIENTS, 'r').read())['web']['client_id']
if result['issued_to'] != client_id:
response = make_response(
json.dumps("Token's client ID does not match app's."), 401)
app.logger.warning("Token's client ID does not match app's.")
response.headers['Content-Type'] = 'application/json'
return response
stored_token = session.get('access_token')
stored_gplus_id = session.get('gplus_id')
if stored_token is not None and gplus_id == stored_gplus_id:
response = make_response(
json.dumps('Current user is already connected.'), 200)
response.headers['Content-Type'] = 'application/json'
return response
utils.ggl_load_user_info(credentials)
# If user doesn't exist, add to database
utils.register_user()
return render_template('login_welcome.html',
username=session['username'],
picture_url=session['picture'])
