def post(self): user = users.get_current_user() credentials = StorageByKeyName(Credentials, user.user_id(), 'credentials').get() if credentials is None or credentials.invalid == True: self.redirect("/") else: http = httplib2.Http() http = credentials.authorize(http) x = self.request.get("x") y = self.request.get("y") url = insertSQL % (datetime.utcnow().isoformat(' ')[:19], x, y) (response, content) = http.request(queryURL % urllib.quote(url), "POST") self.response.set_status(response['status']) self.response.out.write(content)
def GetCodeCredentials(request): """Create OAuth2.0 credentials by extracting a code and performing OAuth2.0. Args: request: HTTP request used for extracting an authorization code. Returns: OAuth2.0 credentials suitable for authorizing clients. """ code = request.get(CODE_PARAMETER) if code: oauth_flow = CreateOAuthFlow(request) creds = oauth_flow.step2_exchange(code) users_service = CreateService(USERS_DISCOVERY_DOC, creds) userid = users_service.userinfo().get().execute().get('id') request.session.set_secure_cookie(name='userid', value=userid) StorageByKeyName(Credentials, userid, 'credentials').put(creds) return creds
def push_command(self, message=None): """Handles /push requests""" if message.arg: id=XMPP_addr_access.get_id_from_addr(message.sender) if id is not None: creds=StorageByKeyName(Credentials, id, 'credentials').get() mirror_service = util.create_service('mirror', 'v1', creds) #logging.info('Main handler: cred: %s',creds) body= { 'creator': { 'displayName': 'Automatic Coffee Maker', 'id': 'Auto French Press Project' }, 'text': message.arg, 'notification': {'level': 'DEFAULT'}, } self.mirror_service.timeline().insert(body=body).execute()
def test_get_and_put_set_store_on_cache_retrieval(self): storage = StorageByKeyName(CredentialsModel, 'foo', 'credentials', cache=memcache) self.assertEqual(None, storage.get()) self.credentials.set_store(storage) storage.put(self.credentials) # Pre-bug 292 old_creds wouldn't have storage, and the _refresh wouldn't # be able to store the updated cred back into the storage. old_creds = storage.get() self.assertEqual(old_creds.access_token, 'foo') old_creds.invalid = True old_creds._refresh(_http_request) new_creds = storage.get() self.assertEqual(new_creds.access_token, 'bar')
def get(self): '''Process get requests.''' user = users.get_current_user() # Fetch stored server credentials. credentials = StorageByKeyName(CredentialsModel, USER_AGENT, 'credentials').locked_get() # If server credentials not found, trigger OAuth2.0 web server flow. if not credentials or credentials.invalid: # If no credentials and no user logged in, redirect to the reset, # which will force a login to make sure this user has permission # to initialize the shared server credentials. if not user: self.redirect("/reset") # Read and parse client secrets JSON file. secrets = parse_json_file(SECRETS_FILE) client_id = secrets['installed']['client_id'] client_secret = secrets['installed']['client_secret'] flow = OAuth2WebServerFlow(client_id=client_id, client_secret=client_secret, scope=SCOPE, user_agent=USER_AGENT, access_type = 'offline', approval_prompt='force') callback = self.request.relative_url('/backend/auth_return') authorize_url = flow.step1_get_authorize_url(callback) # Save flow object in memcache for later retrieval on OAuth callback, # and redirect this session to Google's OAuth 2.0 authorization site. #logging.info('saving flow for user ' + user.user_id()) memcache.set(user.user_id(), pickle.dumps(flow)) self.redirect(authorize_url) # Set django template and render home page. template_values = { 'user' : str(user) } self.response.out.write(template.render('home.html', template_values))
def get(self): try: # Read server-side OAuth 2.0 credentials from datastore and # raise an exception if credentials not found. credentials = StorageByKeyName(CredentialsModel, USER_AGENT, 'credentials').locked_get() if not credentials or credentials.invalid: raise Exception('missing OAuth 2.0 credentials') # Authorize HTTP session with server credentials and obtain # access to prediction API client library. http = credentials.authorize(httplib2.Http()) service = build('prediction', 'v1.4', http=http) papi = service.trainedmodels() # Read and parse JSON model description data. models = parse_json_file(MODELS_FILE) # Get reference to user's selected model. model_name = self.request.get('model') model = models[model_name] # Build prediction data (csvInstance) dynamically based on form input. vals = [] for field in model['fields']: label = field['label'] val = str(self.request.get(label)) vals.append(val) body = {'input': {'csvInstance': vals}} logging.info('model:' + model_name + ' body:' + str(body)) # Make a prediction and return JSON results to Javascript client. ret = papi.predict(id=model['model_id'], body=body).execute() self.response.out.write(json.dumps(ret)) except Exception, err: # Capture any API errors here and pass response from API back to # Javascript client embedded in a special error indication tag. err_str = str(err) if err_str[0:len(ERR_TAG)] != ERR_TAG: err_str = ERR_TAG + err_str + ERR_END self.response.out.write(err_str)
def get(self): user = users.get_current_user() credentials = StorageByKeyName(Credentials, user.user_id(), 'credentials').get() if credentials is None or credentials.invalid == True: callback = self.request.relative_url('/auth_return') authorize_url = FLOW.step1_get_authorize_url(callback) memcache.set(user.user_id(), pickle.dumps(FLOW)) self.redirect(authorize_url) else: http = httplib2.Http() http = credentials.authorize(http) resp, content = http.request('https://api.dailymotion.com/me') path = os.path.join(os.path.dirname(__file__), 'welcome.html') logout = users.create_logout_url('/') variables = {'content': content, 'logout': logout} self.response.out.write(template.render(path, variables))
def get(self): user = users.get_current_user() credentials = StorageByKeyName(Credentials, user.user_id(), 'credentials').get() if not credentials or credentials.invalid: return begin_oauth_flow(self, user) http = credentials.authorize(httplib2.Http()) # Build a service object for interacting with the API. Visit # the Google APIs Console <http://code.google.com/apis/console> # to get a developerKey for your own application. service = build("buzz", "v1", http=http) followers = service.people().list(userId='@me', groupId='@followers').execute() text = 'Hello, you have %s followers!' % followers['totalResults'] path = os.path.join(os.path.dirname(__file__), 'welcome.html') self.response.out.write(template.render(path, {'text': text}))
def get(self): request = webapp2.get_request() code = request.get('code') state_string = request.get('state') state = pickle.loads(state_string) api_client = state['api_client'] version = state['version'] scope = state['scope'] key = api_client + version + scope original_url = state['original_url'] # url of the original call flow = OAuth2WebServerFlow( client_id=google_credentials.CLIENT_ID, client_secret=google_credentials.CLIENT_SECRET, scope=scope, redirect_uri=request.path_url, access_type='offline') credentials = flow.step2_exchange(code) # store the credentials in the datastore storage = StorageByKeyName(CredentialsModel, key, 'credentials') storage.put(credentials) return webapp2.redirect(original_url)
def GetCurrentCredentials(): """Fetch current user's credentials, refreshing if possible.""" user = users.get_current_user() if not user: return None storage = StorageByKeyName(CredentialsModel, user.user_id(), 'credentials') credentials = storage.get() if not credentials or not credentials.access_token: return None if credentials.access_token_expired: http = httplib2.Http() try: logging.info('Refreshing OAuth2 Access Token.') credentials.refresh(http) except AccessTokenRefreshError: return None storage.put(credentials) return credentials
def get(self): """Handle the GET request for the OAuth callback page. Get the stored user's credentials flow and request the access token to finish the OAuth 2.0 dance. If successful, the user's OAuth 2.0 credentials are stored in the datastore. """ user = users.get_current_user() error = self.request.get('error') api = self.request.params.get('state') if (api not in SCOPES or SCOPES[api]['admin_required'] and not users.is_current_user_admin()): self.status(404) elif error and error == 'access_denied': logging.warning('%s (%s) has denied access to the APIs', user.email(), user.user_id()) else: pickled_flow = memcache.get(user.user_id() + api) if pickled_flow: flow = pickle.loads(pickled_flow) credentials = flow.step2_exchange(self.request.params) StorageByKeyName( SCOPES[api]['model'], SCOPES[api].get('key_name') or user.email(), SCOPES[api]['credentials_attribute']).put(credentials) if SCOPES[api].get('key_name'): # Add the email to the datastore Credentials entry. credentials = model.Credentials.get_by_key_name( settings.CREDENTIALS_KEYNAME) credentials.email = user.email() credentials.put() logging.info( 'Successfully stored OAuth 2.0 credentials for: %s (%s)', user.email(), user.user_id()) else: logging.warning('Unknown flow for user: %s (%s)', user.email(), user.user_id()) self.redirect('/') path = os.path.join(settings.TEMPLATE_BASE_PATH, 'oauth.html') self.response.out.write(template.render(path, {}))
def _insert_item_all_users(self): """Insert a timeline item to all authorized users.""" logging.info('Inserting timeline item to all users') users = Credentials.all() total_users = users.count() if total_users > 10: return 'Total user count is %d. Aborting broadcast to save your quota' % ( total_users) body = { 'text': 'Hello Everyone!', 'notification': {'level': 'DEFAULT'} } for user in users: creds = StorageByKeyName( Credentials, user.key().name(), 'credentials').get() mirror_service = util.create_service('mirror', 'v1', creds) try: mirror_service.timeline().insert(body=body).execute() except errors.HttpError, error: logging.error( 'Unable to send item to user %s: %s', user.key().name(), error)
def get(self): """Handle code exchange.""" code = self.request.get('code') if not code: # TODO: Display error. return None oauth_flow = self.create_oauth_flow() # Perform the exchange of the code. If there is a failure with exchanging # the code, return None. try: creds = oauth_flow.step2_exchange(code) except FlowExchangeError: # TODO: Display error. return None users_service = util.create_service('oauth2', 'v2', creds) # TODO: Check for errors. user = users_service.userinfo().get().execute() userid = user.get('id') # Store the credentials in the data store using the userid as the key. # TODO: Hash the userid the same way the userToken is. StorageByKeyName(Credentials, userid, 'credentials').put(creds) logging.info('Successfully stored credentials for user: %s', userid) util.store_userid(self, userid) User( family_name=user.get('family_name'), given_name=user.get('given_name'), name=user.get('name'), email=user.get('email'), userid=userid, created_at=datetime.now().date(), birthday=user.get('birthday'), ).put() self._perform_post_auth_tasks(userid, creds) self.redirect('/')
def post(self): xmpp_addr = self.request.get('xmpp_addr') msg = self.request.get('msg') logging.info('post test') #logging.info("ImagestoreHandler#post %s", self.request.path) fileupload = self.request.POST.get("file", None) if fileupload is None: return self.error(400) # it doesn't seem possible for webob to get the Content-Type header for the individual part, # so we'll infer it from the file name. contentType = getContentType(fileupload.filename) if contentType is None: self.error(400) self.response.headers['Content-Type'] = 'text/plain' self.response.out.write("Unsupported image type: " + fileupload.filename) return logging.info("File upload: %s, mime type: %s", fileupload.filename, contentType) file_data = fileupload.file.read() self.response.out.write('Got a ' + str(len(file_data)) + ' bytes file\n') if xmpp_addr: self.response.out.write('XMPP address: ' + xmpp_addr + '\n') id = XMPP_addr_access.get_id_from_addr(xmpp_addr) if id is not None: creds = StorageByKeyName(Credentials, id, 'credentials').get() mirror_service = util.create_service('mirror', 'v1', creds) logging.info('insert IMG') body = {'notification': {'level': 'DEFAULT'}} if msg is not None: body['text'] = msg media = MediaIoBaseUpload(io.BytesIO(file_data), mimetype='image/jpeg', resumable=True) mirror_service.timeline().insert(body=body, media_body=media).execute() else: self.response.out.write('no XMPP address')
def get(self): user = users.get_current_user() credentials = StorageByKeyName( models.Credentials, user.user_id(), 'credentials').get() if credentials is None or credentials.invalid == True: flow = OAuth2WebServerFlow( # Visit https://code.google.com/apis/console to # generate your client_id, client_secret and to # register your redirect_uri. client_id=GOOGLEAPI_CLIENT_ID, client_secret=GOOGLEAPI_CLIENT_SECRET, scope=GOOGLEAPI_SCOPE, user_agent=GOOGLEAPI_USER_AGENT, #domain='anonymous', xoauth_displayname=GOOGLEAPI_XOAUTH_DISPLAYNAME) callback = self.request.relative_url('/auth_return') authorize_url = flow.step1_get_authorize_url(callback) memcache.set(user.user_id(), pickle.dumps(flow)) self.redirect(authorize_url) else: self.redirect('/dashboard/')
def get_credentials (self, check_cookie=True): if check_cookie: creds = self.get_session_credentials() if creds: return creds code = self.request.REQUEST.get('code', '') if not code: return None oauth_flow = self.CreateOAuthFlow() try: creds = oauth_flow.step2_exchange(code) except FlowExchangeError: return None users_service = CreateService('oauth2', 'v2', creds) info = users_service.userinfo().get().execute() self.userid = info.get('id') StorageByKeyName(Credentials, self.userid, 'credentials').put(creds) return creds
def post(self): """Handles notification pings.""" #f = open('./output_text', 'r') #html= f.read() #f.close() #body = { #'html': html, #'location': location, ##'menuItems': [{'action': 'NAVIGATE'}], #'notification': {'level': 'DEFAULT'} #} #self.mirror_service.timeline().insert(body=body).execute() logging.info('Got a notification with payload %s', self.request.body) data = json.loads(self.request.body) userid = data['userToken'] # TODO: Check that the userToken is a valid userToken. self.mirror_service = util.create_service( 'mirror', 'v1', StorageByKeyName(Credentials, userid, 'credentials').get()) if data.get('collection') == 'locations': self._handle_locations_notification(data) elif data.get('collection') == 'timeline': self._handle_timeline_notification(data)
def post(self): printer = Printer.get_by_id(int(self.request.get("printer_key_id"))) account = printer.owner gcp_cred_storage = StorageByKeyName(GcpCredentials, account.id(), 'credentials') gcp_creds = gcp_cred_storage.get() if not gcp_creds: return logging.warning("Missing credentials for %s" % printer) data = { 'printerid': printer.cloudprint_id, 'title': self.request.get("title"), 'content': self.request.get("url"), 'contentType': 'url', } body = urllib.urlencode(data) http = gcp_creds.authorize(httplib2.Http()) resp, content = http.request( 'https://www.google.com/cloudprint/submit', method="POST", body=body) self.response.write(content)
def get_authorized_client(self): """Create an authorize service instance. The service can only ever retrieve the credentials from the session. Args: service: Service name (e.g 'drive', 'oauth2'). version: Service version (e.g 'v1'). Returns: Authorized service or redirect to authorization flow if no credentials. """ # For the service, the session holds the credentials logging.debug('Creating authorized Evernote client instance') creds = self.get_session_credentials() client = self.get_client() if creds: # If the session contains credentials, use them to create a Drive service # instance. client.token = creds return client elif 'oauth_token' in self.session and 'oauth_token_secret' in self.session and self.request.get( 'oauth_verifier'): # If no credentials could be loaded from the session, redirect the user to # the authorization page. access_token = client.get_access_token( self.session['oauth_token'], self.session['oauth_token_secret'], self.request.get('oauth_verifier')) user_store = client.get_user_store() self.session['evernote_user_id'] = str(user_store.getUser().id) StorageByKeyName(EvernoteCredentials, self.session['evernote_user_id'], 'credentials').put(access_token) return client else: return None
def build_credentials(scope, user=None): """ Builds service account credentials using the configuration stored in settings and masquerading as the provided user. """ config = get_config() if not user: user = config['default_user'] if not isinstance(scope, (list, tuple)): scope = [scope] key = generate_storage_key(config['client_email'], scope, user) storage = StorageByKeyName(ServiceAccountStorage, key, 'credentials') creds = SignedJwtAssertionCredentials( service_account_name=config['client_email'], private_key=config['private_key'], scope=scope, prn=user) creds.set_store(storage) return creds
def get(self): user = users.get_current_user() credentials = StorageByKeyName(Credentials, user.user_id(), 'credentials').get() if credentials is None or credentials.invalid == True: callback = self.request.relative_url('/oauth2callback') authorize_url = FLOW.step1_get_authorize_url(callback) memcache.set(user.user_id(), pickle.dumps(FLOW)) self.redirect(authorize_url) else: http = httplib2.Http() http = credentials.authorize(http) service = build("buzz", "v1", http=http) activities = service.activities() activitylist = activities.list(scope='@consumption', userId='@me').execute() path = os.path.join(os.path.dirname(__file__), 'welcome.html') logout = users.create_logout_url('/') self.response.out.write( template.render(path, { 'activitylist': activitylist, 'logout': logout }))
def test_get_and_put_cached(self): storage = StorageByKeyName( CredentialsModel, 'foo', 'credentials', cache=memcache) self.assertEqual(None, storage.get()) self.credentials.set_store(storage) self.credentials._refresh(_http_request) credmodel = CredentialsModel.get_by_key_name('foo') self.assertEqual('bar', credmodel.credentials.access_token) # Now remove the item from the cache. memcache.delete('foo') # Check that getting refreshes the cache. credentials = storage.get() self.assertEqual('bar', credentials.access_token) self.assertNotEqual(None, memcache.get('foo')) # Deleting should clear the cache. storage.delete() credentials = storage.get() self.assertEqual(None, credentials) self.assertEqual(None, memcache.get('foo'))
def get_credentials(gplus_id): storage = StorageByKeyName(utils.User, gplus_id, "credentials") credentials = storage.get() return credentials
def get_session_credentials(self): if 'evernote_user_id' in self.session: user_id = self.session['evernote_user_id'] return StorageByKeyName(EvernoteCredentials, user_id, 'credentials').get() else: return None
def get(self): # Store empty credentials in the datastore and redirect to main page. StorageByKeyName(CredentialsModel, USER_AGENT, 'credentials').locked_put(None) self.redirect('/')
def _process_incoming_mail(raw_message, recipients, mailing_list): """Process an incoming email message.""" recipients = [x[1] for x in email.utils.getaddresses([recipients])] incoming_msg = mail.InboundEmailMessage(raw_message) mailing_list_acronym = mailing_list.split('/')[3].split('@')[0] query = models.MailingList.all().filter('acronym =', mailing_list_acronym.lower()) mailing_list = query.get() if mailing_list is None: # Create a new mailing-list newml = models.MailingList(name=mailing_list_acronym, acronym=mailing_list_acronym.lower()) newml.put() mailing_list = newml logging.info("Received a message from: " + incoming_msg.sender + " TO: " + str(recipients) + " for ML " + mailing_list_acronym) if 'X-Google-Appengine-App-Id' in incoming_msg.original: raise InvalidIncomingEmailError('Mail sent by App Engine') subject = incoming_msg.subject or '' sender = email.utils.parseaddr(incoming_msg.sender)[1] original = str(incoming_msg.original) body = None for content_type, payload in incoming_msg.bodies('text/plain'): body = payload.decode() break if body is None or not body.strip(): raise InvalidIncomingEmailError('Ignoring empty message.') # We need to check if the header is internationalized try: decoded_subject = email.header.decode_header(subject) if decoded_subject[0][1]: subject = decoded_subject[0][0].decode(decoded_subject[0][1]) except: logging.error('Unable to decode subject: %r', subject) # If the subject is long, this might come wrapped into more than one line. subject = ' '.join([x.strip() for x in subject.splitlines()]) subject = subject.replace(mailing_list.clean_subject, '') query = models.MailingList.all() mailing_list = query.get() processed_subject = _process_string(subject) processed_body = _process_string(body) email_date = email.utils.parsedate_tz(incoming_msg.date) msg = models.Message(mailing_list=mailing_list, subject=subject, processed_body=processed_body, processed_subject=processed_subject, sender=db.Email(sender), original=db.Text(original), body=db.Text(body), spam=False) if email_date: msg.created = datetime.datetime(*email_date[:6]) - datetime.timedelta( seconds=email_date[-1]) # We now predict the type with Google Predict API credentials = StorageByKeyName(models.Credentials, "key_for_prediction_credentials", 'credentials').get() logging.info('CREDENTIALS: ' + str(credentials)) model = django_settings.GOOGLE_PREDICTION_MODEL if credentials: # Make the Google Prediction API call query = '"' + processed_subject + ' ' + processed_body + '"' [prediction, scores] = google_prediction.Predict(credentials, model, query) msg.prediction = prediction msg.scores = scores msg.put() user_address = '*****@*****.**' chat_message_sent = False msg = "Message '%s' from: %s\nPrediction: %s\n%s" % ( msg.key().id(), incoming_msg.sender, msg.prediction, msg.subject) status_code = xmpp.send_message(user_address, msg) chat_message_sent = (status_code == xmpp.NO_ERROR) if not chat_message_sent: logging.error("Unable to send XMPP message: %s" % msg)
def after_get(cls, key, item): if item and item.credentials: storage = StorageByKeyName(UserCredentials, key.id(), 'credentials') item.credentials.set_store(storage)
def store_credentials(gplus_id, credentials): storage = StorageByKeyName(utils.User, gplus_id, "credentials") storage.put(credentials)
def _credentials_for_user(userid): """Find the location of the user's credentials in NDB.""" return (StorageByKeyName(CredentialsModel, userid, 'credentials'))