def oauth_callback(request): print 'In oauth_callback' oauth_token = request.GET['oauth_token'] oauth_secret = request.GET['oauth_token_secret'] oauth_verifier = request.GET['oauth_verifier'] request_token = OAuthToken(oauth_token, oauth_secret) request_token.set_verifier(oauth_verifier) request.session['request_token'] = request_token # We do this before we redirect so that there's no "limbo" state where the # user has a request token but no access token. access_token = CLIENT.fetch_access_token(request_token) request.session['oauth_token_string'] = access_token.to_string() print "Access token is %s" % access_token.to_string() profile = request.user.get_profile() profile.access_token = access_token.to_string() profile.save() print "Your account has been associated with Khan Academy username %s" % access_token.to_string() # We're done authenticating, and the credentials are now stored in the # session. We can redirect back home. return HttpResponseRedirect('/homeroom')
def do_GET(self): global REQUEST_TOKEN params = cgi.parse_qs(self.path.split('?', 1)[1], keep_blank_values=False) REQUEST_TOKEN = OAuthToken(params['oauth_token'][0], params['oauth_token_secret'][0]) REQUEST_TOKEN.set_verifier(params['oauth_verifier'][0]) self.send_response(200) self.send_header('Content-Type', 'text/plain') self.end_headers() self.wfile.write('OAuth request token fetched; you can close this window.')
def do_GET(self): global REQUEST_TOKEN params = cgi.parse_qs(self.path.split("?", 1)[1], keep_blank_values=False) REQUEST_TOKEN = OAuthToken(params["oauth_token"][0], params["oauth_token_secret"][0]) REQUEST_TOKEN.set_verifier(params["oauth_verifier"][0]) self.send_response(200) self.send_header("Content-Type", "text/plain") self.end_headers() self.wfile.write("OAuth request token fetched; you can close this window.")
def make_request_token_and_authorization_url(self, callback_url): response = self.get("/oauth/request_token", prefix="").read() print response token = OAuthToken.from_string(response) request = OAuthRequest.from_token_and_callback(token=token, callback=callback_url, http_url='http://%s/oauth/authorize' % self.authority) return [token, request.to_url()]
def exchange_request_token_for_access_token(self, request_token, verifier): parameters = {"oauth_verifier": verifier} oauth_request = self.build_oauth_request( self.get_access_token_url(), request_token, parameters=parameters ) response = self.execute(oauth_request) return OAuthToken.from_string(response)
def get_access_token(self, request_token): url = API_HOME + '/oauth/access_token' client = OAuthClient(self.consumer, token=request_token) resp, content = client.request(url) if resp['status'] != '200': raise Exception("Invalid response %s." % resp['status']) return OAuthToken.from_string(content)
def execute_khan_api_method(profile_access_token, api_method, cache_timeout=(60 * 60 * 2), force_refresh=False, return_raw_text=False, user_id=None, disk_cache=True, cache_per_user=True): cache_key = "" _chosen_cache = get_cache('default') if disk_cache: _chosen_cache = get_cache('disk') if cache_per_user: if user_id is not None: cache_key = "%s^%s^%s" % (user_id, api_method, return_raw_text) else: cache_key = "%s^%s^%s" % (profile_access_token, api_method, return_raw_text) else: cache_key = "%s^%s" % (api_method, return_raw_text) cache_key = cache_key.replace("/","^") cache_key = cache_key.replace(".","^") cache_key = cache_key.replace(":","^") cache_key = cache_key.replace(" ","^") cache_hit = False result_data = _chosen_cache.get(cache_key) if force_refresh or result_data is None: resource = CLIENT.access_api_resource( api_method, access_token = OAuthToken.from_string(profile_access_token), method = "GET" ) text = resource['body'] # Error messages can contain HTML. Escape them so they're not rendered. is_html = has_text_html_header(resource['headers']) if is_html: text = cgi.escape(text) print text try: if return_raw_text: result_data = text else: result_data = simplejson.loads(text) _chosen_cache.set(cache_key, result_data, cache_timeout) except: print "exception storing in cache" else: # print "Got json data from cache!" cache_hit = True if not cache_hit: # update local tables with fresh data print "(cache not hit or is empty: Update local tables with data)" return result_data
def fireeagle( request ): if request.user.fireeagle_token: if 'next' in request.session: next = request.session['next'] del request.session['next'] else: next = "/" return HttpResponseRedirect( next ) if not 'oauth_token' in request.GET: apptoken = fe.request_token() request.session['apptoken'] = apptoken.to_string() auth_url = fe.authorize( apptoken ) if request.session['mobile']: auth_url = re.sub(r'https://fireeagle.yahoo.net/', "https://m.fireeagle.yahoo.net/", auth_url) logging.info("Redirecting to %s for auth"%auth_url) return HttpResponseRedirect( auth_url ) else: apptoken = OAuthToken.from_string( request.session['apptoken'] ) user_token = fe.access_token( apptoken ) request.user.fireeagle_token = user_token.to_string() request.user.location_from_fireeagle( fe ) request.user.save() if 'next' in request.session: next = request.session['next'] del request.session['next'] else: next = "/" return HttpResponseRedirect( next )
def exchange_request_token_for_access_token(self, token): oauth_request = OAuthRequest.from_consumer_and_token(self.consumer, token=token, http_url=URL_OAUTH_ACCESS_TOKEN) oauth_request.sign_request(self.signature_method, self.consumer, token) resp = self.oauth_fetch(oauth_request, raw=True) self.access_token = OAuthToken.from_string(resp) return self.access_token
def get_request_token(self, callback=None): url = API_HOME + '/oauth/request_token' client = OAuthClient(self.consumer) resp, content = client.request(url, callback=callback, force_auth_header=False) if resp['status'] != '200': raise Exception("Invalid response %s." % resp['status']) return OAuthToken.from_string(content)
def fetch_request_token(self, oauth_request): # via headers # -> OAuthToken self.connection.request(oauth_request.http_method, self.request_token_url, headers=oauth_request.to_header()) response = self.connection.getresponse() if response.status != 200: raise Exception("Error making request: " + str(response.read())) return OAuthToken.from_string(response.read())
def oauth_callback(): oauth_token = request.args.get('oauth_token', '') oauth_secret = request.args.get('oauth_token_secret', '') oauth_verifier = request.args.get('oauth_verifier', '') request_token = OAuthToken(oauth_token, oauth_secret) request_token.set_verifier(oauth_verifier) session['request_token'] = request_token # We do this before we redirect so that there's no "limbo" state where the # user has a request token but no access token. access_token = CLIENT.fetch_access_token(request_token) session['oauth_token_string'] = access_token.to_string() # We're done authenticating, and the credentials are now stored in the # session. We can redirect back home. return redirect(url_for('.index'))
def get_unauthorized_request_token(self, oauth_callback=None): parameters = {} if oauth_callback: parameters = {"oauth_callback": oauth_callback} oauth_request = self.build_oauth_request( self.get_request_token_url(), parameters = parameters ) response = self.execute(oauth_request) return OAuthToken.from_string(response)
def is_authenticated(self, access_token): if not isinstance(access_token, OAuthToken): access_token = OAuthToken.from_string(access_token) oauth_request = self.build_oauth_request(self.check_auth_url, access_token) response = json.loads(self.execute(oauth_request)) if "screen_name" in response: self.set_access_token(access_token) return response["screen_name"] return False
def fetch_access_token(self, oauth_request): # via headers # -> OAuthToken self.connection.request(oauth_request.http_method, self.access_token_url, headers=oauth_request.to_header()) response = self.connection.getresponse() if response.status != 200: logging.warn("Error temp cred -- response from server:\n" + response.read()) raise Exception("Error: did not get a temp cred. Response code=" + str(response.status)) return OAuthToken.from_string(response.read())
def fetch_request_token(self, oauth_request): # via headers # -> OAuthToken self.connection.request(oauth_request.http_method, self.request_token_url, headers=oauth_request.to_header()) response = self.connection.getresponse() if (response.status != 200): raise Exception('Error making request: ' + str(response.read())) return OAuthToken.from_string(response.read())
def oauth_callback(): oauth_token = request.args.get("oauth_token", "") oauth_secret = request.args.get("oauth_token_secret", "") oauth_verifier = request.args.get("oauth_verifier", "") request_token = OAuthToken(oauth_token, oauth_secret) request_token.set_verifier(oauth_verifier) session["request_token"] = request_token.to_string() oauth_request = OAuthRequest.from_consumer_and_token( consumer, token=request_token, http_url='http://www.khanacademy.org/api/auth/access_token', callback=None, parameters=None, verifier=request_token.verifier ) oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, request_token) r = requests.get(oauth_request.to_url()) access_token = OAuthToken.from_string(r.text) session['oauth_token'] = access_token.to_string() return redirect(url_for("index"))
def fetch_access_token(self, request_token): oauth_request = OAuthRequest.from_consumer_and_token( self.consumer, token=request_token, http_url="%s/api/auth/access_token" % self.server_url ) oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), self.consumer, request_token) response = get_response(oauth_request.to_url()) return OAuthToken.from_string(response)
def access_token(): try: token_string = session['oauth_token_string'] except KeyError: token_string = None # Sanity check. if not token_string: clear_session() return None return OAuthToken.from_string(token_string)
def return_helper(self, request, **kwargs): from django.http import Http404 if not "request_token" in request.session: raise Http404() token = OAuthToken.from_string(request.session["request_token"]) del request.session["request_token"] if token.key != request.GET.get("oauth_token", "no-token"): raise Http404() verifier = request.GET["oauth_verifier"] access_token = self.exchange_request_token_for_access_token(token, verifier) request.session["access_token"] = access_token.to_string()
def get_request_token(): global REQUEST_TOKEN client = TestOAuthClient(SERVER_URL, CONSUMER_KEY, CONSUMER_SECRET) client.start_fetch_request_token() print "After logging in and authorizing, input token key and secret..." request_token_key = raw_input("request token: ") request_token_secret = raw_input("request token secret: ") REQUEST_TOKEN = OAuthToken(request_token_key, request_token_secret)
def fetch_access_token(self, request_token): oauth_request = OAuthRequest.from_consumer_and_token( self.consumer, token=request_token, http_url="%s/api/auth/access_token" % self.server_url) oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), self.consumer, request_token) response = get_response(oauth_request.to_url()) return OAuthToken.from_string(response)
def fetch_access_token(self, oauth_request): # via headers # -> OAuthToken self.connection.request(oauth_request.http_method, self.access_token_url, headers=oauth_request.to_header()) response = self.connection.getresponse() if response.status != 200: logging.warn('Error temp cred -- response from server:\n' + response.read()) raise Exception('Error: did not get a temp cred. Response code=' + str(response.status)) return OAuthToken.from_string(response.read())
def auth(self, request_token, verifier): self.request_token = OAuthToken.from_string(request_token) request = OAuthRequest.from_consumer_and_token( self.consumer, token=self.request_token, http_url=self.access_token_url, verifier=str(verifier) ) request.sign_request( OAuthSignatureMethod_HMAC_SHA1(), self.consumer, self.request_token ) #if mode == 'header': # resp = urllib2.urlopen(urllib2.Request(url, headers=request.to_header())) #else: # resp = urllib2.urlopen(urllib2.Request(request.to_url())) resp = urllib2.urlopen(urllib2.Request(request.to_url())) string = resp.read() access_token = OAuthToken.from_string(string) self.access_token = access_token self._process_access_token(string)
def access_token(session): try: token_string = session['oauth_token_string'] except KeyError: print 'Got key error' token_string = None # Sanity check. if not token_string: print 'Not token string' clear_session(session) return None oauth_token = OAuthToken.from_string(token_string) print 'Oauth token %s' % oauth_token return oauth_token
def get_auth_url(self): """ """ request = OAuthRequest.from_consumer_and_token( self.consumer, http_url = self.request_token_url, callback = self.callback) request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), self.consumer, None) resp = urllib2.urlopen(urllib2.Request( request.to_url())) token = resp.read() request_token = OAuthToken.from_string(token) self.request_token = request_token request = OAuthRequest.from_token_and_callback( token=request_token, http_url=self.authenticate_url, callback = self.callback ) return request.to_url()
def get_access_token_from_user(): client = TestOAuthClient(consts.SERVER_URL, consts.CONSUMER_KEY, consts.CONSUMER_SECRET) client.start_fetch_request_token() print "After logging in and authorizing, input token key and secret..." request_token_key = raw_input("request token: ") request_token_secret = raw_input("request token secret: ") request_token = OAuthToken(request_token_key, request_token_secret) if not request_token: raise IOError("Did not get request token.") print "Fetching access token..." access_token = client.fetch_access_token(request_token) if not access_token: raise IOError("Did not get access token.") return access_token
def finish_auth(request): """ Step 2 of the oauth authentication: use the REQUEST_TOKEN to get an ACCESS_TOKEN """ params = request.GET try: request.session["REQUEST_TOKEN"] = OAuthToken(params['oauth_token'], params['oauth_token_secret']) request.session["REQUEST_TOKEN"].set_verifier(params['oauth_verifier']) except MultiValueDictKeyError as e: # we just want to generate a 500 anyway; # nothing we could do here except give a slightly more meaningful error raise e logging.debug("Getting access token.") client = TestOAuthClient(KHAN_SERVER_URL, settings.KHAN_API_CONSUMER_KEY, settings.KHAN_API_CONSUMER_SECRET) request.session["ACCESS_TOKEN"] = client.fetch_access_token(request.session["REQUEST_TOKEN"]) if not request.session["ACCESS_TOKEN"]: raise Exception("Did not get access token.") return request.session["ACCESS_TOKEN"]
def index(): access_token = session.get('oauth_token') if access_token is None: return redirect(url_for('login')) full_url='http://www.khanacademy.org/api/v1/user' url=urlparse.urlparse(full_url) query_params = cgi.parse_qs(url.query) for key in query_params: query_params[key] = query_params[key][0] token=OAuthToken.from_string(access_token) oauth_request = OAuthRequest.from_consumer_and_token( consumer, token=token, http_url='http://www.khanacademy.org/api/v1/user', parameters=query_params, http_method='GET' ) oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, token) r = requests.get(oauth_request.to_url()).content data=json.loads(r) return render_template("index.html", email=str(data['student_summary']['email']))
def auth_return(request): """Get the access token back from Twitter and load user info""" auth_broken_msg = _(u"Authentication with Twitter went wrong." u" <a href=\"/\">Start over</a>.") unauthed_token = request.session.get("unauthed_token", None) if not unauthed_token: return fail(request, auth_broken_msg) token = OAuthToken.from_string(unauthed_token) if token.key != request.GET.get("oauth_token", "no-token"): return fail(request, auth_broken_msg) tw = Twitter() access_token = tw.exchange_request_token_for_access_token(token) request.session["access_token"] = access_token.to_string() u = tw.verify_credentials() log.info(u"%s logged in, following %s" % (u["screen_name"], u["friends_count"])) request.session["screen_name"] = u["screen_name"] return HttpResponseRedirect(reverse("home"))
def set_access_token(self, access_token): if isinstance(access_token, OAuthToken): self.access_token = access_token else: self.access_token = OAuthToken.from_string(access_token)
def __init__(self, access_token=None): self.consumer = OAuthConsumer(settings.TWITTER_OAUTH_CONSUMER_KEY, settings.TWITTER_OAUTH_CONSUMER_SECRET) self.signature_method = OAuthSignatureMethod_HMAC_SHA1() if access_token: self.access_token = OAuthToken.from_string(access_token)
def new_request_token(self): oauth_request = OAuthRequest.from_consumer_and_token(self.consumer, http_url=URL_OAUTH_REQUEST_TOKEN) oauth_request.sign_request(self.signature_method, self.consumer, None) resp = self.oauth_fetch(oauth_request, raw=True) return OAuthToken.from_string(resp)
def fetch_access_token(self, request_token): url = self.url_for_access_token(request_token) return OAuthToken.from_string(get_response(url))
def exchange_request_token_for_access_token(self, request_token): response = self.get("/oauth/access_token", request_token, prefix="").read() return OAuthToken.from_string(response)
def location_from_fireeagle(self, fe): logging.info("** getting location from fireeagle") token = OAuthToken.from_string( self.fireeagle_token ) bestguess = filter( lambda l: l['best_guess'], fe.user( token )[0]['location'] )[0] self.update_location( bestguess )
def _set_access_token(self, access_token): if type(access_token) in (str, unicode): self._access_token = OAuthToken.from_string(access_token) else: self._access_token = access_token
def get_stored_credentials(): """ Try to retrieve stored access credentials from a json file """ with open("access.json", "r") as f: credentials = json.load(f) return OAuthToken.from_string( credentials["ACCESS_TOKEN"] )