def post(self):
user = users.get_current_user()
credentials = StorageByKeyName(Credentials, user.user_id(),
'credentials').get()
if credentials is None or credentials.invalid == True:
self.redirect("/")
else:
http = httplib2.Http()
http = credentials.authorize(http)
x = self.request.get("x")
y = self.request.get("y")
url = insertSQL % (datetime.utcnow().isoformat(' ')[:19], x, y)
(response, content) = http.request(queryURL % urllib.quote(url),
"POST")
self.response.set_status(response['status'])
self.response.out.write(content)
def GetCodeCredentials(request):
"""Create OAuth2.0 credentials by extracting a code and performing OAuth2.0.
Args:
request: HTTP request used for extracting an authorization code.
Returns:
OAuth2.0 credentials suitable for authorizing clients.
"""
code = request.get(CODE_PARAMETER)
if code:
oauth_flow = CreateOAuthFlow(request)
creds = oauth_flow.step2_exchange(code)
users_service = CreateService(USERS_DISCOVERY_DOC, creds)
userid = users_service.userinfo().get().execute().get('id')
request.session.set_secure_cookie(name='userid', value=userid)
StorageByKeyName(Credentials, userid, 'credentials').put(creds)
return creds
def push_command(self, message=None):
"""Handles /push requests"""
if message.arg:
id=XMPP_addr_access.get_id_from_addr(message.sender)
if id is not None:
creds=StorageByKeyName(Credentials, id, 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
#logging.info('Main handler: cred: %s',creds)
body= {
'creator': {
'displayName': 'Automatic Coffee Maker',
'id': 'Auto French Press Project'
},
'text': message.arg,
'notification': {'level': 'DEFAULT'},
}
self.mirror_service.timeline().insert(body=body).execute()
def test_get_and_put_set_store_on_cache_retrieval(self):
storage = StorageByKeyName(CredentialsModel,
'foo',
'credentials',
cache=memcache)
self.assertEqual(None, storage.get())
self.credentials.set_store(storage)
storage.put(self.credentials)
# Pre-bug 292 old_creds wouldn't have storage, and the _refresh wouldn't
# be able to store the updated cred back into the storage.
old_creds = storage.get()
self.assertEqual(old_creds.access_token, 'foo')
old_creds.invalid = True
old_creds._refresh(_http_request)
new_creds = storage.get()
self.assertEqual(new_creds.access_token, 'bar')
def get(self):
'''Process get requests.'''
user = users.get_current_user()
# Fetch stored server credentials.
credentials = StorageByKeyName(CredentialsModel, USER_AGENT,
'credentials').locked_get()
# If server credentials not found, trigger OAuth2.0 web server flow.
if not credentials or credentials.invalid:
# If no credentials and no user logged in, redirect to the reset,
# which will force a login to make sure this user has permission
# to initialize the shared server credentials.
if not user:
self.redirect("/reset")
# Read and parse client secrets JSON file.
secrets = parse_json_file(SECRETS_FILE)
client_id = secrets['installed']['client_id']
client_secret = secrets['installed']['client_secret']
flow = OAuth2WebServerFlow(client_id=client_id,
client_secret=client_secret,
scope=SCOPE,
user_agent=USER_AGENT,
access_type = 'offline',
approval_prompt='force')
callback = self.request.relative_url('/backend/auth_return')
authorize_url = flow.step1_get_authorize_url(callback)
# Save flow object in memcache for later retrieval on OAuth callback,
# and redirect this session to Google's OAuth 2.0 authorization site.
#logging.info('saving flow for user ' + user.user_id())
memcache.set(user.user_id(), pickle.dumps(flow))
self.redirect(authorize_url)
# Set django template and render home page.
template_values = {
'user' : str(user)
}
self.response.out.write(template.render('home.html', template_values))
def get(self):
try:
# Read server-side OAuth 2.0 credentials from datastore and
# raise an exception if credentials not found.
credentials = StorageByKeyName(CredentialsModel, USER_AGENT,
'credentials').locked_get()
if not credentials or credentials.invalid:
raise Exception('missing OAuth 2.0 credentials')
# Authorize HTTP session with server credentials and obtain
# access to prediction API client library.
http = credentials.authorize(httplib2.Http())
service = build('prediction', 'v1.4', http=http)
papi = service.trainedmodels()
# Read and parse JSON model description data.
models = parse_json_file(MODELS_FILE)
# Get reference to user's selected model.
model_name = self.request.get('model')
model = models[model_name]
# Build prediction data (csvInstance) dynamically based on form input.
vals = []
for field in model['fields']:
label = field['label']
val = str(self.request.get(label))
vals.append(val)
body = {'input': {'csvInstance': vals}}
logging.info('model:' + model_name + ' body:' + str(body))
# Make a prediction and return JSON results to Javascript client.
ret = papi.predict(id=model['model_id'], body=body).execute()
self.response.out.write(json.dumps(ret))
except Exception, err:
# Capture any API errors here and pass response from API back to
# Javascript client embedded in a special error indication tag.
err_str = str(err)
if err_str[0:len(ERR_TAG)] != ERR_TAG:
err_str = ERR_TAG + err_str + ERR_END
self.response.out.write(err_str)
def get(self):
user = users.get_current_user()
credentials = StorageByKeyName(Credentials, user.user_id(),
'credentials').get()
if credentials is None or credentials.invalid == True:
callback = self.request.relative_url('/auth_return')
authorize_url = FLOW.step1_get_authorize_url(callback)
memcache.set(user.user_id(), pickle.dumps(FLOW))
self.redirect(authorize_url)
else:
http = httplib2.Http()
http = credentials.authorize(http)
resp, content = http.request('https://api.dailymotion.com/me')
path = os.path.join(os.path.dirname(__file__), 'welcome.html')
logout = users.create_logout_url('/')
variables = {'content': content, 'logout': logout}
self.response.out.write(template.render(path, variables))
def get(self):
user = users.get_current_user()
credentials = StorageByKeyName(Credentials, user.user_id(),
'credentials').get()
if not credentials or credentials.invalid:
return begin_oauth_flow(self, user)
http = credentials.authorize(httplib2.Http())
# Build a service object for interacting with the API. Visit
# the Google APIs Console <http://code.google.com/apis/console>
# to get a developerKey for your own application.
service = build("buzz", "v1", http=http)
followers = service.people().list(userId='@me',
groupId='@followers').execute()
text = 'Hello, you have %s followers!' % followers['totalResults']
path = os.path.join(os.path.dirname(__file__), 'welcome.html')
self.response.out.write(template.render(path, {'text': text}))
def get(self):
request = webapp2.get_request()
code = request.get('code')
state_string = request.get('state')
state = pickle.loads(state_string)
api_client = state['api_client']
version = state['version']
scope = state['scope']
key = api_client + version + scope
original_url = state['original_url'] # url of the original call
flow = OAuth2WebServerFlow(
client_id=google_credentials.CLIENT_ID,
client_secret=google_credentials.CLIENT_SECRET,
scope=scope,
redirect_uri=request.path_url,
access_type='offline')
credentials = flow.step2_exchange(code)
# store the credentials in the datastore
storage = StorageByKeyName(CredentialsModel, key, 'credentials')
storage.put(credentials)
return webapp2.redirect(original_url)
def GetCurrentCredentials():
"""Fetch current user's credentials, refreshing if possible."""
user = users.get_current_user()
if not user:
return None
storage = StorageByKeyName(CredentialsModel, user.user_id(), 'credentials')
credentials = storage.get()
if not credentials or not credentials.access_token:
return None
if credentials.access_token_expired:
http = httplib2.Http()
try:
logging.info('Refreshing OAuth2 Access Token.')
credentials.refresh(http)
except AccessTokenRefreshError:
return None
storage.put(credentials)
return credentials
def get(self):
"""Handle the GET request for the OAuth callback page.
Get the stored user's credentials flow and request the access token to
finish the OAuth 2.0 dance.
If successful, the user's OAuth 2.0 credentials are stored in the datastore.
"""
user = users.get_current_user()
error = self.request.get('error')
api = self.request.params.get('state')
if (api not in SCOPES or SCOPES[api]['admin_required']
and not users.is_current_user_admin()):
self.status(404)
elif error and error == 'access_denied':
logging.warning('%s (%s) has denied access to the APIs',
user.email(), user.user_id())
else:
pickled_flow = memcache.get(user.user_id() + api)
if pickled_flow:
flow = pickle.loads(pickled_flow)
credentials = flow.step2_exchange(self.request.params)
StorageByKeyName(
SCOPES[api]['model'], SCOPES[api].get('key_name')
or user.email(),
SCOPES[api]['credentials_attribute']).put(credentials)
if SCOPES[api].get('key_name'):
# Add the email to the datastore Credentials entry.
credentials = model.Credentials.get_by_key_name(
settings.CREDENTIALS_KEYNAME)
credentials.email = user.email()
credentials.put()
logging.info(
'Successfully stored OAuth 2.0 credentials for: %s (%s)',
user.email(), user.user_id())
else:
logging.warning('Unknown flow for user: %s (%s)', user.email(),
user.user_id())
self.redirect('/')
path = os.path.join(settings.TEMPLATE_BASE_PATH, 'oauth.html')
self.response.out.write(template.render(path, {}))
def _insert_item_all_users(self):
"""Insert a timeline item to all authorized users."""
logging.info('Inserting timeline item to all users')
users = Credentials.all()
total_users = users.count()
if total_users > 10:
return 'Total user count is %d. Aborting broadcast to save your quota' % (
total_users)
body = {
'text': 'Hello Everyone!',
'notification': {'level': 'DEFAULT'}
}
for user in users:
creds = StorageByKeyName(
Credentials, user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
try:
mirror_service.timeline().insert(body=body).execute()
except errors.HttpError, error:
logging.error(
'Unable to send item to user %s: %s', user.key().name(), error)
def get(self):
"""Handle code exchange."""
code = self.request.get('code')
if not code:
# TODO: Display error.
return None
oauth_flow = self.create_oauth_flow()
# Perform the exchange of the code. If there is a failure with exchanging
# the code, return None.
try:
creds = oauth_flow.step2_exchange(code)
except FlowExchangeError:
# TODO: Display error.
return None
users_service = util.create_service('oauth2', 'v2', creds)
# TODO: Check for errors.
user = users_service.userinfo().get().execute()
userid = user.get('id')
# Store the credentials in the data store using the userid as the key.
# TODO: Hash the userid the same way the userToken is.
StorageByKeyName(Credentials, userid, 'credentials').put(creds)
logging.info('Successfully stored credentials for user: %s', userid)
util.store_userid(self, userid)
User(
family_name=user.get('family_name'),
given_name=user.get('given_name'),
name=user.get('name'),
email=user.get('email'),
userid=userid,
created_at=datetime.now().date(),
birthday=user.get('birthday'),
).put()
self._perform_post_auth_tasks(userid, creds)
self.redirect('/')
def post(self):
xmpp_addr = self.request.get('xmpp_addr')
msg = self.request.get('msg')
logging.info('post test')
#logging.info("ImagestoreHandler#post %s", self.request.path)
fileupload = self.request.POST.get("file", None)
if fileupload is None: return self.error(400)
# it doesn't seem possible for webob to get the Content-Type header for the individual part,
# so we'll infer it from the file name.
contentType = getContentType(fileupload.filename)
if contentType is None:
self.error(400)
self.response.headers['Content-Type'] = 'text/plain'
self.response.out.write("Unsupported image type: " +
fileupload.filename)
return
logging.info("File upload: %s, mime type: %s", fileupload.filename,
contentType)
file_data = fileupload.file.read()
self.response.out.write('Got a ' + str(len(file_data)) +
' bytes file\n')
if xmpp_addr:
self.response.out.write('XMPP address: ' + xmpp_addr + '\n')
id = XMPP_addr_access.get_id_from_addr(xmpp_addr)
if id is not None:
creds = StorageByKeyName(Credentials, id, 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
logging.info('insert IMG')
body = {'notification': {'level': 'DEFAULT'}}
if msg is not None: body['text'] = msg
media = MediaIoBaseUpload(io.BytesIO(file_data),
mimetype='image/jpeg',
resumable=True)
mirror_service.timeline().insert(body=body,
media_body=media).execute()
else:
self.response.out.write('no XMPP address')
def get(self):
user = users.get_current_user()
credentials = StorageByKeyName(
models.Credentials, user.user_id(), 'credentials').get()
if credentials is None or credentials.invalid == True:
flow = OAuth2WebServerFlow(
# Visit https://code.google.com/apis/console to
# generate your client_id, client_secret and to
# register your redirect_uri.
client_id=GOOGLEAPI_CLIENT_ID,
client_secret=GOOGLEAPI_CLIENT_SECRET,
scope=GOOGLEAPI_SCOPE,
user_agent=GOOGLEAPI_USER_AGENT,
#domain='anonymous',
xoauth_displayname=GOOGLEAPI_XOAUTH_DISPLAYNAME)
callback = self.request.relative_url('/auth_return')
authorize_url = flow.step1_get_authorize_url(callback)
memcache.set(user.user_id(), pickle.dumps(flow))
self.redirect(authorize_url)
else:
self.redirect('/dashboard/')
def get_credentials (self, check_cookie=True):
if check_cookie:
creds = self.get_session_credentials()
if creds:
return creds
code = self.request.REQUEST.get('code', '')
if not code:
return None
oauth_flow = self.CreateOAuthFlow()
try:
creds = oauth_flow.step2_exchange(code)
except FlowExchangeError:
return None
users_service = CreateService('oauth2', 'v2', creds)
info = users_service.userinfo().get().execute()
self.userid = info.get('id')
StorageByKeyName(Credentials, self.userid, 'credentials').put(creds)
return creds
def post(self):
"""Handles notification pings."""
#f = open('./output_text', 'r')
#html= f.read()
#f.close()
#body = {
#'html': html,
#'location': location,
##'menuItems': [{'action': 'NAVIGATE'}],
#'notification': {'level': 'DEFAULT'}
#}
#self.mirror_service.timeline().insert(body=body).execute()
logging.info('Got a notification with payload %s', self.request.body)
data = json.loads(self.request.body)
userid = data['userToken']
# TODO: Check that the userToken is a valid userToken.
self.mirror_service = util.create_service(
'mirror', 'v1',
StorageByKeyName(Credentials, userid, 'credentials').get())
if data.get('collection') == 'locations':
self._handle_locations_notification(data)
elif data.get('collection') == 'timeline':
self._handle_timeline_notification(data)
def post(self):
printer = Printer.get_by_id(int(self.request.get("printer_key_id")))
account = printer.owner
gcp_cred_storage = StorageByKeyName(GcpCredentials, account.id(),
'credentials')
gcp_creds = gcp_cred_storage.get()
if not gcp_creds:
return logging.warning("Missing credentials for %s" % printer)
data = {
'printerid': printer.cloudprint_id,
'title': self.request.get("title"),
'content': self.request.get("url"),
'contentType': 'url',
}
body = urllib.urlencode(data)
http = gcp_creds.authorize(httplib2.Http())
resp, content = http.request(
'https://www.google.com/cloudprint/submit',
method="POST",
body=body)
self.response.write(content)
def get_authorized_client(self):
"""Create an authorize service instance.
The service can only ever retrieve the credentials from the session.
Args:
service: Service name (e.g 'drive', 'oauth2').
version: Service version (e.g 'v1').
Returns:
Authorized service or redirect to authorization flow if no credentials.
"""
# For the service, the session holds the credentials
logging.debug('Creating authorized Evernote client instance')
creds = self.get_session_credentials()
client = self.get_client()
if creds:
# If the session contains credentials, use them to create a Drive service
# instance.
client.token = creds
return client
elif 'oauth_token' in self.session and 'oauth_token_secret' in self.session and self.request.get(
'oauth_verifier'):
# If no credentials could be loaded from the session, redirect the user to
# the authorization page.
access_token = client.get_access_token(
self.session['oauth_token'],
self.session['oauth_token_secret'],
self.request.get('oauth_verifier'))
user_store = client.get_user_store()
self.session['evernote_user_id'] = str(user_store.getUser().id)
StorageByKeyName(EvernoteCredentials,
self.session['evernote_user_id'],
'credentials').put(access_token)
return client
else:
return None
def build_credentials(scope, user=None):
"""
Builds service account credentials using the configuration stored in settings
and masquerading as the provided user.
"""
config = get_config()
if not user:
user = config['default_user']
if not isinstance(scope, (list, tuple)):
scope = [scope]
key = generate_storage_key(config['client_email'], scope, user)
storage = StorageByKeyName(ServiceAccountStorage, key, 'credentials')
creds = SignedJwtAssertionCredentials(
service_account_name=config['client_email'],
private_key=config['private_key'],
scope=scope,
prn=user)
creds.set_store(storage)
return creds
def get(self):
user = users.get_current_user()
credentials = StorageByKeyName(Credentials, user.user_id(),
'credentials').get()
if credentials is None or credentials.invalid == True:
callback = self.request.relative_url('/oauth2callback')
authorize_url = FLOW.step1_get_authorize_url(callback)
memcache.set(user.user_id(), pickle.dumps(FLOW))
self.redirect(authorize_url)
else:
http = httplib2.Http()
http = credentials.authorize(http)
service = build("buzz", "v1", http=http)
activities = service.activities()
activitylist = activities.list(scope='@consumption',
userId='@me').execute()
path = os.path.join(os.path.dirname(__file__), 'welcome.html')
logout = users.create_logout_url('/')
self.response.out.write(
template.render(path, {
'activitylist': activitylist,
'logout': logout
}))
def test_get_and_put_cached(self):
storage = StorageByKeyName(
CredentialsModel, 'foo', 'credentials', cache=memcache)
self.assertEqual(None, storage.get())
self.credentials.set_store(storage)
self.credentials._refresh(_http_request)
credmodel = CredentialsModel.get_by_key_name('foo')
self.assertEqual('bar', credmodel.credentials.access_token)
# Now remove the item from the cache.
memcache.delete('foo')
# Check that getting refreshes the cache.
credentials = storage.get()
self.assertEqual('bar', credentials.access_token)
self.assertNotEqual(None, memcache.get('foo'))
# Deleting should clear the cache.
storage.delete()
credentials = storage.get()
self.assertEqual(None, credentials)
self.assertEqual(None, memcache.get('foo'))
def get_credentials(gplus_id):
storage = StorageByKeyName(utils.User, gplus_id, "credentials")
credentials = storage.get()
return credentials
def get_session_credentials(self):
if 'evernote_user_id' in self.session:
user_id = self.session['evernote_user_id']
return StorageByKeyName(EvernoteCredentials, user_id, 'credentials').get()
else:
return None
def get(self):
# Store empty credentials in the datastore and redirect to main page.
StorageByKeyName(CredentialsModel, USER_AGENT,
'credentials').locked_put(None)
self.redirect('/')
def _process_incoming_mail(raw_message, recipients, mailing_list):
"""Process an incoming email message."""
recipients = [x[1] for x in email.utils.getaddresses([recipients])]
incoming_msg = mail.InboundEmailMessage(raw_message)
mailing_list_acronym = mailing_list.split('/')[3].split('@')[0]
query = models.MailingList.all().filter('acronym =',
mailing_list_acronym.lower())
mailing_list = query.get()
if mailing_list is None:
# Create a new mailing-list
newml = models.MailingList(name=mailing_list_acronym,
acronym=mailing_list_acronym.lower())
newml.put()
mailing_list = newml
logging.info("Received a message from: " + incoming_msg.sender + " TO: " +
str(recipients) + " for ML " + mailing_list_acronym)
if 'X-Google-Appengine-App-Id' in incoming_msg.original:
raise InvalidIncomingEmailError('Mail sent by App Engine')
subject = incoming_msg.subject or ''
sender = email.utils.parseaddr(incoming_msg.sender)[1]
original = str(incoming_msg.original)
body = None
for content_type, payload in incoming_msg.bodies('text/plain'):
body = payload.decode()
break
if body is None or not body.strip():
raise InvalidIncomingEmailError('Ignoring empty message.')
# We need to check if the header is internationalized
try:
decoded_subject = email.header.decode_header(subject)
if decoded_subject[0][1]:
subject = decoded_subject[0][0].decode(decoded_subject[0][1])
except:
logging.error('Unable to decode subject: %r', subject)
# If the subject is long, this might come wrapped into more than one line.
subject = ' '.join([x.strip() for x in subject.splitlines()])
subject = subject.replace(mailing_list.clean_subject, '')
query = models.MailingList.all()
mailing_list = query.get()
processed_subject = _process_string(subject)
processed_body = _process_string(body)
email_date = email.utils.parsedate_tz(incoming_msg.date)
msg = models.Message(mailing_list=mailing_list,
subject=subject,
processed_body=processed_body,
processed_subject=processed_subject,
sender=db.Email(sender),
original=db.Text(original),
body=db.Text(body),
spam=False)
if email_date:
msg.created = datetime.datetime(*email_date[:6]) - datetime.timedelta(
seconds=email_date[-1])
# We now predict the type with Google Predict API
credentials = StorageByKeyName(models.Credentials,
"key_for_prediction_credentials",
'credentials').get()
logging.info('CREDENTIALS: ' + str(credentials))
model = django_settings.GOOGLE_PREDICTION_MODEL
if credentials:
# Make the Google Prediction API call
query = '"' + processed_subject + ' ' + processed_body + '"'
[prediction,
scores] = google_prediction.Predict(credentials, model, query)
msg.prediction = prediction
msg.scores = scores
msg.put()
user_address = '*****@*****.**'
chat_message_sent = False
msg = "Message '%s' from: %s\nPrediction: %s\n%s" % (
msg.key().id(), incoming_msg.sender, msg.prediction, msg.subject)
status_code = xmpp.send_message(user_address, msg)
chat_message_sent = (status_code == xmpp.NO_ERROR)
if not chat_message_sent:
logging.error("Unable to send XMPP message: %s" % msg)
def after_get(cls, key, item):
if item and item.credentials:
storage = StorageByKeyName(UserCredentials, key.id(),
'credentials')
item.credentials.set_store(storage)
def store_credentials(gplus_id, credentials):
storage = StorageByKeyName(utils.User, gplus_id, "credentials")
storage.put(credentials)
def _credentials_for_user(userid):
"""Find the location of the user's credentials in NDB."""
return (StorageByKeyName(CredentialsModel, userid, 'credentials'))
