def gconnect():
# check that request is from the login page
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# exchange code for access token
code = request.data
try:
oauth_flow = flow_from_clientsecrets('client_secrets.json',
scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError as e:
response = make_response(
json.dumps('Failed to upgrade authorization code.'),
401)
response.headers['Content-Type'] = 'application/json'
return response
access_token = credentials.access_token
# make certain that we have the correct access token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?'
'access_token=%s' % access_token)
h = httplib2.Http()
res_headers, res_str = h.request(url, 'GET')
result = json.loads(res_str)
if ((result.get('error') is not None or
res_headers['status'] != '200')):
response = make_response(
json.dumps('token info error'),
500)
response.headers['Content-Type'] = 'application/json'
return response
if result['user_id'] != credentials.id_token['sub']:
response = make_response(
json.dumps('token/user-id mismatch'), 401)
response.headers['Content-Type'] = 'application/json'
return response
if result['issued_to'] != G_CLIENT_ID:
response = make_response(
json.dumps('token/client-id mismatch'), 401)
print 'token/client-id mismatch'
response.headers['Content-Type'] = 'application/json'
return response
# get google user info
userinfo_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
params = {'access_token': access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
# get or create user record
user_id = vh.get_create_user(data['name'], data['email'])
login_session['user_id'] = user_id
return 'logged in'
def gconnect():
# check that request is from the login page
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# exchange code for access token
code = request.data
try:
oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError as e:
response = make_response(
json.dumps('Failed to upgrade authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
access_token = credentials.access_token
# make certain that we have the correct access token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?'
'access_token=%s' % access_token)
h = httplib2.Http()
res_headers, res_str = h.request(url, 'GET')
result = json.loads(res_str)
if ((result.get('error') is not None or res_headers['status'] != '200')):
response = make_response(json.dumps('token info error'), 500)
response.headers['Content-Type'] = 'application/json'
return response
if result['user_id'] != credentials.id_token['sub']:
response = make_response(json.dumps('token/user-id mismatch'), 401)
response.headers['Content-Type'] = 'application/json'
return response
if result['issued_to'] != G_CLIENT_ID:
response = make_response(json.dumps('token/client-id mismatch'), 401)
print 'token/client-id mismatch'
response.headers['Content-Type'] = 'application/json'
return response
# get google user info
userinfo_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
params = {'access_token': access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
# get or create user record
user_id = vh.get_create_user(data['name'], data['email'])
login_session['user_id'] = user_id
return 'logged in'
def login_github():
# check random state string
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# get temporary access code
code = request.args.get('code')
if code is None:
response = make_response(
json.dumps("didn't get temporary code"), 401)
response.headers['Content-Type'] = 'application/json'
return response
# exchange access code for access token
token_url = 'https://github.com/login/oauth/access_token'
token_params = {
'client_id': current_app.config['GITHUB_CLIENT_ID'],
'client_secret': current_app.config['GITHUB_CLIENT_SECRET'],
'code': str(code),
}
token_headers = {
'Accept': 'application/json',
'content-type': 'application/json',
}
token_answer = requests.post(token_url,
data=json.dumps(token_params),
headers=token_headers)
token_json = token_answer.json()
access_token = token_json.get('access_token')
if access_token is None:
response = make_response(json.dumps('no access token'), 401)
response.headers['Content-Type'] = 'application/json'
return response
info_url = 'https://api.github.com/user'
info_params = {
'access_token': access_token,
}
info_answer = requests.get(info_url, params=info_params)
info_json = info_answer.json()
# todo: error if name and email not present
user_id = vh.get_create_user(info_json['name'], info_json['email'])
login_session['user_id'] = user_id
return redirect(bp_auth.home_url)
def login_github():
# check random state string
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# get temporary access code
code = request.args.get('code')
if code is None:
response = make_response(json.dumps("didn't get temporary code"), 401)
response.headers['Content-Type'] = 'application/json'
return response
# exchange access code for access token
token_url = 'https://github.com/login/oauth/access_token'
token_params = {
'client_id': app.config['GITHUB_CLIENT_ID'],
'client_secret': app.config['GITHUB_CLIENT_SECRET'],
'code': str(code),
}
token_headers = {
'Accept': 'application/json',
'content-type': 'application/json',
}
token_answer = requests.post(token_url,
data=json.dumps(token_params),
headers=token_headers)
token_json = token_answer.json()
access_token = token_json.get('access_token')
if access_token is None:
response = make_response(json.dumps('no access token'), 401)
response.headers['Content-Type'] = 'application/json'
return response
info_url = 'https://api.github.com/user'
info_params = {
'access_token': access_token,
}
info_answer = requests.get(info_url, params=info_params)
info_json = info_answer.json()
# todo: error if name and email not present
user_id = vh.get_create_user(info_json['name'], info_json['email'])
login_session['user_id'] = user_id
return redirect(url_for('home'))
