def get_config():
myurl = os.getenv('APP_HOST_FQDN', "localhost")
proto = os.getenv('APP_HOST_PROTOCOL', "https://")
aw_type = "urn:actingweb:actingweb.org:spark-army-knife"
bot_token = os.getenv('APP_BOT_TOKEN', "")
bot_email = os.getenv('APP_BOT_EMAIL', "")
bot_secret = os.getenv('APP_BOT_SECRET', "")
bot_admin_room = os.getenv('APP_BOT_ADMIN_ROOM', "")
oauth = {
'client_id': os.getenv('APP_OAUTH_ID', ""),
'client_secret': os.getenv('APP_OAUTH_KEY', ""),
'redirect_uri': proto + myurl + "/oauth",
'scope': "spark:people_read spark:rooms_read spark:rooms_write spark:memberships_read "
"spark:memberships_write spark:messages_write spark:messages_read spark:teams_read "
"spark:teams_write",
'auth_uri': "https://api.ciscospark.com/v1/authorize",
'token_uri': "https://api.ciscospark.com/v1/access_token",
'response_type': "code",
'grant_type': "authorization_code",
'refresh_type': "refresh_token",
}
actors = {
'googlemail': {
'type': 'urn:actingweb:apps.actingweb.io:googlemail',
'factory': 'https://apps.actingweb.io/googlemail/',
'relationship': 'friend',
},
'boxbasic': {
'type': 'urn:actingweb:actingweb.org:boxbasic',
'factory': 'https://box-spark-dev.appspot.com/',
'relationship': 'friend',
},
'myself': {
'type': aw_type,
'factory': proto + myurl + '/',
'relationship': 'friend', # associate, friend, partner, admin
}
}
return config.Config(
database='dynamodb',
fqdn=myurl,
proto=proto,
aw_type=aw_type,
desc="Army Knife actor: ",
version="3.0",
devtest=True,
actors=actors,
force_email_prop_as_creator=True,
unique_creator=True,
www_auth="oauth",
logLevel=os.getenv('LOG_LEVEL', "INFO"),
ui=True,
bot={
"token": bot_token,
"email": bot_email,
"secret": bot_secret,
"admin_room": bot_admin_room
},
oauth=oauth
)
def __init__(self,
webobj=aw_web_request.AWWebObj(),
config=config_class.Config(),
on_aw=on_aw_class.OnAWBase()):
self.request = webobj.request
self.response = webobj.response
self.config = config
self.on_aw = on_aw
def get_config():
# Having settrace here will make sure the process reconnects to the debug server on each request
# which makes it easier to keep in sync when doing code changes
# pydevd_pycharm.settrace('docker.for.mac.localhost', port=3001, stdoutToServer=True, stderrToServer=True,
# suspend=False)
#
# The greger.ngrok.io address will be overriden by env variables from serverless.yml
myurl = os.getenv('APP_HOST_FQDN', "greger.ngrok.io")
proto = os.getenv('APP_HOST_PROTOCOL', "https://")
aw_type = "urn:actingweb:apps.actingweb.io:googlemail"
bot_token = os.getenv('APP_BOT_TOKEN', "")
bot_email = os.getenv('APP_BOT_EMAIL', "")
bot_secret = os.getenv('APP_BOT_SECRET', "")
bot_admin_room = os.getenv('APP_BOT_ADMIN_ROOM', "")
oauth = {
'client_id': os.getenv('APP_OAUTH_ID', ""),
'client_secret': os.getenv('APP_OAUTH_KEY', ""),
'redirect_uri': proto + myurl + "/oauth",
'scope': "https://www.googleapis.com/auth/gmail.readonly",
'auth_uri': "https://accounts.google.com/o/oauth2/v2/auth",
'token_uri': "https://www.googleapis.com/oauth2/v4/token",
'response_type': "code",
'grant_type': "authorization_code",
'refresh_type': "refresh_token",
'oauth_extras': {
'access_type': 'offline',
'include_granted_scopes': 'false',
'login_hint': 'dynamic:creator',
'prompt': 'consent'
}
}
actors = {
'myself': {
'type': aw_type,
'factory': proto + myurl + '/',
'relationship': 'friend', # associate, friend, partner, admin
}
}
return config.Config(database='dynamodb',
fqdn=myurl,
proto=proto,
aw_type=aw_type,
desc="Google mail actor: ",
version="1.0",
devtest=True,
actors=actors,
force_email_prop_as_creator=False,
unique_creator=False,
www_auth="oauth",
logLevel=os.getenv('LOG_LEVEL', "INFO"),
ui=True,
bot={
"token": bot_token,
"email": bot_email,
"secret": bot_secret,
"admin_room": bot_admin_room
},
oauth=oauth)
def __init__(self, actor_id, auth_type='basic', config=None):
if not config:
self.config = config_class.Config()
else:
self.config = config
self.token = None
self.cookie_redirect = None
self.cookie = None
self.type = auth_type
self.trust = None
self.oauth = None
# Proposed response code after check_authentication() or authorise() have been called
self.response = {'code': 403, 'text': "Forbidden", 'headers': {}}
# Whether authentication is complete or not (depends on flow)
self.authn_done = False
# acl stores the actual verified credentials and access rights after
# authentication and authorisation have been done
self.acl = {
"authenticated":
False, # Has authentication been verified and passed?
"authorised":
False, # Has authorisation been done and appropriate acls set?
"rights": '', # "a", "r" (approve or reject)
"relationship": None, # E.g. creator, friend, admin, etc
"peerid": '', # Peerid if there is a relationship
"approved": False, # True if the peer is approved
}
self.actor = actor.Actor(actor_id, config=self.config)
if not self.actor.id:
self.actor = None
self.oauth = oauth.OAuth(token=None, config=self.config)
self.token = None
self.expiry = None
self.refresh_expiry = None
self.refresh_token = None
return
# We need to initialise oauth for use towards the external oauth service
# Property name used to set self.token
self.oauth_token_property = 'oauth_token'
self.token = self.actor.store.oauth_token
if self.config.migrate_2_5_0 and not self.token:
self.token = self.actor.property.oauth_token
if self.token:
self.actor.store.oauth_token = self.token
self.actor.property.oauth_token = None
self.oauth = oauth.OAuth(token=self.token, config=self.config)
self.expiry = self.actor.store.oauth_token_expiry
self.refresh_expiry = self.actor.store.oauth_refresh_token_expiry
self.refresh_token = self.actor.store.oauth_refresh_token
if self.config.migrate_2_5_0:
if not self.expiry:
self.expiry = self.actor.property.oauth_token_expiry
if self.expiry:
self.actor.store.oauth_token_expiry = self.expiry
self.actor.property.oauth_token_expiry = None
if not self.refresh_expiry:
self.refresh_expiry = self.actor.property.oauth_refresh_token_expiry
if self.refresh_expiry:
self.actor.store.oauth_refresh_token_expiry = self.refresh_expiry
self.actor.property.oauth_refresh_token_expiry = None
if not self.refresh_token:
self.refresh_token = self.actor.property.oauth_refresh_token
if self.refresh_token:
self.actor.store.oauth_refresh_token = self.refresh_token
self.actor.property.oauth_refresh_token = None
if self.type == 'basic':
self.realm = self.config.auth_realm
elif self.type == 'oauth':
if self.oauth.enabled():
self.cookie = 'oauth_token'
redir = self.actor.store.cookie_redirect
if self.config.migrate_2_5_0 and not redir:
redir = self.actor.property.cookie_redirect
if redir:
self.actor.store.cookie_redirect = redir
self.actor.property.cookie_redirect = None
if redir:
self.cookie_redirect = self.config.root + redir
else:
self.cookie_redirect = None
self.redirect = str(self.config.root + self.actor.id +
'/oauth')
else:
self.type = 'none'