def callback(self):
try:
oauth2helper = oauth2.OAuth2Helper()
token = oauth2helper.get_token()
user_name = oauth2helper.identify(token)
oauth2helper.remember(user_name)
oauth2helper.update_token(user_name, token)
oauth2helper.redirect_from_callback()
except Exception as e:
# If the callback is called with an error, we must show the message
error_description = toolkit.request.GET.get('error_description')
if not error_description:
if e.message:
error_description = e.message
elif hasattr(e, 'description') and e.description:
error_description = e.description
elif hasattr(e, 'error') and e.error:
error_description = e.error
else:
error_description = type(e).__name__
toolkit.response.status_int = 302
redirect_url = oauth2.get_came_from(
toolkit.request.params.get('state'))
redirect_url = '/' if redirect_url == constants.INITIAL_PAGE else redirect_url
toolkit.response.location = redirect_url
helpers.flash_error(error_description)
def callback(self):
log.debug('calledback')
try:
token = self.oauth2helper.get_token()
log.debug('token {}'.format(token))
user_name = self.oauth2helper.identify(token)
self.oauth2helper.remember(user_name)
self.oauth2helper.update_token(user_name, token)
self.oauth2helper.redirect_from_callback()
except Exception as e:
# If the callback is called with an error, we must show the message
error_description = toolkit.request.GET.get('error_description')
if not error_description:
if e.message:
error_description = e.message
elif hasattr(e, 'description') and e.description:
error_description = e.description
elif hasattr(e, 'error') and e.error:
error_description = e.error
else:
error_description = type(e).__name__
toolkit.response.status_int = 302
redirect_url = oauth2.get_came_from(toolkit.request.params.get('state'))
redirect_url = '/' if redirect_url == constants.INITIAL_PAGE else redirect_url
toolkit.response.location = redirect_url
helpers.flash_error(error_description)
def callback(self):
try:
log.debug("callback")
token = self.oauth2helper.get_token()
user_name = self.oauth2helper.identify(token)
self.oauth2helper.remember(user_name)
self.oauth2helper.update_token(user_name, token)
self.oauth2helper.redirect_from_callback()
except Exception as e:
session.save()
# If the callback is called with an error, we must show the message
error_description = toolkit.request.GET.get("error_description")
if not error_description:
if e.message:
error_description = e.message
elif hasattr(e, "description") and e.description:
error_description = e.description
elif hasattr(e, "error") and e.error:
error_description = e.error
else:
error_description = type(e).__name__
toolkit.response.status_int = 302
redirect_url = oauth2.get_came_from(
toolkit.request.params.get("state"))
redirect_url = ("/" if redirect_url == constants.INITIAL_PAGE else
redirect_url)
toolkit.response.location = redirect_url
helpers.flash_error(error_description)
def callback(self):
try:
#token = self.oauth2helper.get_token()
#user_name = self.oauth2helper.identify(token)
#authorization_header = "x-goog-iap-jwt-assertion".lower()
authorization_header = toolkit.config.get(
"ckan.oauth2.authorization_header", 'Authorization').lower()
log.debug("-----AUTH_HEADER_KEY---" + authorization_header)
for h in toolkit.response.headers:
log.debug("----HEADERS:---" + h)
apikey = toolkit.request.headers.get(authorization_header, '')
user_name = None
# This API Key is not the one of CKAN, it's the one provided by the OAuth2 Service
if apikey:
# TODO let's see if firebase lib has a get_token()
token = {'access_token': apikey}
new_token = self.oauth2helper.validate_token(token)
user_name = self.oauth2helper.identify(new_token)
self.oauth2helper.save_token(user_name, new_token)
self.oauth2helper.remember(user_name, new_token)
self.oauth2helper.redirect_from_callback()
except Exception as e:
session.save()
# If the callback is called with an error, we must show the message
error_description = toolkit.request.GET.get('error_description')
if not error_description:
if e.message:
error_description = e.message
elif hasattr(e, 'description') and e.description:
error_description = e.description
elif hasattr(e, 'error') and e.error:
error_description = e.error
else:
error_description = type(e).__name__
log.exception("-----CALLBACK---EXC")
toolkit.response.status_int = 302
redirect_url = oauth2.get_came_from(
toolkit.request.params.get('state'))
redirect_url = '/' if redirect_url == constants.INITIAL_PAGE else redirect_url
toolkit.response.location = redirect_url
helpers.flash_error(error_description)
def identify(self):
log.debug('identify')
def _refresh_and_save_token(user_name):
new_token = self.oauth2helper.refresh_token(user_name)
if new_token:
toolkit.c.usertoken = new_token
environ = toolkit.request.environ
apikey = toolkit.request.headers.get(self.authorization_header, '')
user_name = None
# This API Key is not the one of CKAN, it's the one provided by the OAuth2 Service
if apikey:
try:
token = {'access_token': apikey}
user_name = self.oauth2helper.identify(token)
self.oauth2helper.validate_token(user_name, token)
except Exception:
log.exception("-----------EXCEPTION")
raise
# If the authentication via API fails, we can still log in the user using session.
if user_name is None and 'repoze.who.identity' in environ:
user_name = environ['repoze.who.identity']['repoze.who.userid']
#token = environ['repoze.who.identity']['userdata']
user_token = db.UserToken.by_user_name(user_name=user_name)
log.info('User %s logged using session' % user_name)
try:
self.oauth2helper.update_token(user_name, user_token)
log.debug("----------- SESSION VALIDATED")
except Exception as e:
g.user = None
toolkit.c.user = None
# If the callback is called with an error, we must show the message
error_description = toolkit.request.GET.get(
'error_description')
if not error_description:
if e.message:
error_description = e.message
elif hasattr(e, 'description') and e.description:
error_description = e.description
elif hasattr(e, 'error') and e.error:
error_description = e.error
else:
error_description = type(e).__name__
log.exception("-----CALLBACK---EXC")
toolkit.response.status_int = 302
redirect_url = oauth2.get_came_from(
toolkit.request.params.get('state'))
redirect_url = '/' if redirect_url == constants.INITIAL_PAGE else redirect_url
toolkit.response.location = redirect_url
helpers.flash_error(error_description)
# If we have been able to log in the user (via API or Session)
if user_name:
g.user = user_name
toolkit.c.user = user_name
log.warn("-------------GETSTOREDTOKEN")
toolkit.c.usertoken = self.oauth2helper.get_stored_token(user_name)
log.warn("-------------REFRESHTOKEN")
toolkit.c.usertoken_refresh = partial(_refresh_and_save_token,
user_name)
log.warn("-------------DONE")
else:
g.user = None
log.warn('The user is not currently logged...')
