Beispiel #1
0
    def authorized(self, resp):
        csrf = session.pop('%s_oauthcsrf' % self.name, None)
        state = request.args.get('state')
        if state and urllib.unquote(state) !=  csrf:
            return redirect(url_for('index'))
        if not session:
            return redirect(url_for('index'))
        next_url = session.pop('%s_oauthnext' % self.name) or url_for('index')
        logger.info(resp)
        if not resp or not resp.get(self.uid_str, None) \
                or not resp.get(self.token_str, None):
            return redirect(next_url)
        #safe escape
        uid = resp.get(self.uid_str, None)
        token = resp.get(self.token_str, None)

        oauth = get_oauth_by(oauth_uid=resp[self.uid_str])
        if oauth is None:
            oauth = OAuth(None, resp[self.uid_str], self.name)

        old_token = oauth.oauth_token
        oauth.oauth_token = token
        if not get_current_user() and oauth.uid:
            #need profile!
            user = get_user(oauth.uid)
            if user:
                account_login(user)

                if old_token != oauth.oauth_token:
                    logger.info(old_token)
                    logger.info(oauth.oauth_token)
                    self.update_token(oauth)

                return redirect(url_for('index'))

        session['from_oauth'] = oauth
        return redirect(next_url)
Beispiel #2
0
def create_oauth(uid, ouid, otype):
    return OAuth.create(uid, ouid, otype)