class TwitterProfileImagePlugin(object): implements(IProfileImage) adapts(IUser) name = u'twitter_profile_image' title = _('Twitter') description = _(u'twitter_profile_image_description', default=u"Your profile image is the same as the one you use on Twitter.") def __init__(self, context): self.context = context def url(self, size): if not 'twitter' in self.context.auth_domains: return None display_name = self.context.auth_domains['twitter']['display_name'] if not display_name: return None url = 'http://api.twitter.com/1/users/profile_image?screen_name=%(screen_name)s&size=bigger' % {'screen_name': display_name} return url def is_valid_for_user(self): if 'twitter' in self.context.auth_domains: oauth_userid = self.context.auth_domains['twitter']['oauth_userid'] if oauth_userid: return True return False
class FacebookProfileImagePlugin(object): implements(IProfileImage) adapts(IUser) name = u'facebook_profile_image' title = _('Facebook') description = _(u'facebook_profile_image_description', default=u"Your profile image is the same as the one you use on Facebook.") def __init__(self, context): self.context = context def url(self, size): if not 'facebook' in self.context.auth_domains: return None oauth_userid = self.context.auth_domains['facebook']['oauth_userid'] if not oauth_userid: return None url = 'http://graph.facebook.com/%(UID)s/picture' % {'UID': oauth_userid} return url def is_valid_for_user(self): if 'facebook' in self.context.auth_domains: oauth_userid = self.context.auth_domains['facebook']['oauth_userid'] if oauth_userid: return True return False
def openid_login_complete(context, request): domain = context.profile['accounts'][0]['domain'] openid_identifier = context.profile['accounts'][0]['username'] force_domain = request.registry.settings.get('openid_domain', None) if force_domain and domain != force_domain: fm = request.registry.getAdapter(request, IFlashMessages) msg = _( u"openid_domain_not_allowed_error", default= u"OpenID logins only allowed from this domain: ${force_domain} - domain was: ${domain}", mapping={ 'force_domain': force_domain, 'domain': domain }) fm.add(msg, type='error') return HTTPFound(location='/') schema = createSchema('CSORegisterUserOpenIDSchema').bind(context=context, request=request) form = Form(schema, action='/openid_register', buttons=(button_register, )) appstruct = { 'openid_identifier': openid_identifier, 'domain': domain, 'came_from': request.session.get('came_from', '') } del request.session['came_from'] return {'form': form.render(appstruct=appstruct)}
def cloud_login_denied(context, request): if 'came_from' in request.session: del request.session['came_from'] fm = request.registry.getAdapter(request, IFlashMessages) msg = _(u"authentication_error_msg", default = u"Error in authentication from upstream server: ${reason} - Provider name: '${provider_name}' Provider type: '${provider_type}'", mapping = {'reason': context.reason, 'provider_name': context.provider_name, 'provider_type': context.provider_type}) fm.add(msg, type = 'error') raise HTTPFound(location = request.application_url)
def openid_login(context, request): if request.POST: request.session['came_from'] = request.POST.get('came_from', '') provider = request.registry.velruse_providers['openid'] try: return provider.login(request) except Exception, e: fm = request.registry.getAdapter(request, IFlashMessages) msg = _(u"login_provider_exception_error", default = u"Error when loggin in with 3rd party provider: '${error}'", mapping = {'error': unicode(e)}) fm.add(msg, type = "error")
def openid_login(context, request): if request.POST: request.session['came_from'] = request.POST.get('came_from', '') provider = request.registry.velruse_providers['openid'] try: return provider.login(request) except Exception, e: fm = request.registry.getAdapter(request, IFlashMessages) msg = _( u"login_provider_exception_error", default= u"Error when loggin in with 3rd party provider: '${error}'", mapping={'error': unicode(e)}) fm.add(msg, type="error")
def cloud_login_denied(context, request): if 'came_from' in request.session: del request.session['came_from'] fm = request.registry.getAdapter(request, IFlashMessages) msg = _( u"authentication_error_msg", default= u"Error in authentication from upstream server: ${reason} - Provider name: '${provider_name}' Provider type: '${provider_type}'", mapping={ 'reason': context.reason, 'provider_name': context.provider_name, 'provider_type': context.provider_type }) fm.add(msg, type='error') raise HTTPFound(location=request.application_url)
def openid_login_complete(context, request): domain = context.profile['accounts'][0]['domain'] openid_identifier = context.profile['accounts'][0]['username'] force_domain = request.registry.settings.get('openid_domain', None) if force_domain and domain != force_domain: fm = request.registry.getAdapter(request, IFlashMessages) msg = _(u"openid_domain_not_allowed_error", default = u"OpenID logins only allowed from this domain: ${force_domain} - domain was: ${domain}", mapping = {'force_domain': force_domain, 'domain': domain}) fm.add(msg, type = 'error') return HTTPFound(location = '/') schema = createSchema('CSORegisterUserOpenIDSchema').bind(context=context, request=request) form = Form(schema, action='/openid_register', buttons=(button_register,)) appstruct = {'openid_identifier': openid_identifier, 'domain': domain, 'came_from': request.session.get('came_from', '')} del request.session['came_from'] return {'form': form.render(appstruct=appstruct)}
def facebook_register(self): schema = createSchema('CSORegisterUserSchema') add_csrf_token(self.context, self.request, schema) schema = schema.bind(context=self.context, request=self.request, api=self.api) form = Form(schema, buttons=( button_register, button_cancel, )) self.api.register_form_resources(form) if 'cancel' in self.request.POST: self.api.flash_messages.add(_(u"Canceled")) url = self.request.resource_url(self.api.root) return HTTPFound(location=url) if self.request.POST: post = dict(self.request.POST) oauth_userid = post['oauth_userid'] oauth_access_token = post['oauth_access_token'] came_from = post['came_from'] # Logged in user, connect auth token to user if self.api.userid: user = self.api.user_profile #check that no other user has this token already other_user = self.api.root.users.get_user_by_oauth_token( 'facebook', oauth_access_token) if other_user and user != other_user: raise Forbidden( _("Another user has already registered with this token." )) #setting domain stuff user.auth_domains['facebook'] = { 'oauth_userid': oauth_userid, 'oauth_access_token': oauth_access_token, } url = self.request.resource_url(user) return HTTPFound(location=url) else: # Find user with auth token and log it in user = self.api.root.users.get_user_by_oauth_token( 'facebook', oauth_access_token) if IUser.providedBy(user): headers = remember(self.request, user.__name__) url = self.request.resource_url(self.context) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) if 'register' in self.request.POST: controls = self.request.POST.items() try: appstruct = form.validate(controls) except ValidationFailure, e: self.response['form'] = e.render() return self.response name = appstruct['userid'] del appstruct['userid'] # removing domain data from appstruct del appstruct['oauth_userid'] del appstruct['oauth_access_token'] # add facebook as selected profile image appstruct['profile_image_plugin'] = 'facebook_profile_image' del appstruct['came_from'] obj = createContent('User', creators=[name], **appstruct) self.context.users[name] = obj #setting domain stuff obj.auth_domains['facebook'] = { 'oauth_userid': oauth_userid, 'oauth_access_token': oauth_access_token, } headers = remember(self.request, name) # login user url = self.request.resource_url(self.api.root) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) else: self.response['form'] = form.render(self.request.POST) return self.response
def openid_register(self): schema = createSchema('CSORegisterUserOpenIDSchema') add_csrf_token(self.context, self.request, schema) schema = schema.bind(context=self.context, request=self.request, api=self.api) form = Form(schema, buttons=( button_register, button_cancel, )) self.api.register_form_resources(form) if 'cancel' in self.request.POST: self.api.flash_messages.add(_(u"Canceled")) url = self.request.resource_url(self.api.root) return HTTPFound(location=url) if self.request.POST: post = dict(self.request.POST) openid_identifier = post['openid_identifier'] domain = post['domain'] userid = post['userid'] came_from = post['came_from'] # Logged in user, connect openid_identifier if self.api.userid: user = self.api.user_profile #check that no other user has this token already other_user = self.api.root.users.get_auth_domain_user( 'openid', 'openid_identifier', openid_identifier) if other_user and user != other_user: raise Forbidden( _("Another user has already registered with this identifier." )) #setting domain stuff user.auth_domains['openid'] = { 'openid_identifier': openid_identifier, 'domain': domain } url = self.request.resource_url(user) return HTTPFound(location=url) else: # Find user with auth token and log it in user = self.api.root.users.get_auth_domain_user( 'openid', 'openid_identifier', openid_identifier) if IUser.providedBy(user): headers = remember(self.request, user.__name__) url = self.request.resource_url(self.context) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) if 'register' in self.request.POST: controls = self.request.POST.items() try: appstruct = form.validate(controls) except ValidationFailure, e: self.response['form'] = e.render() return self.response userid = appstruct['userid'] email = appstruct['email'] first_name = appstruct['first_name'] last_name = appstruct['last_name'] obj = createContent('User', creators=[userid], email=email, first_name=first_name, last_name=last_name) self.context.users[userid] = obj #setting domain stuff obj.auth_domains['openid'] = { 'openid_identifier': openid_identifier, 'domain': domain } headers = remember(self.request, userid) # login user url = self.request.resource_url(self.api.root) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) else: self.response['form'] = form.render(self.request.POST) return self.response
'oauth_userid': oauth_userid, 'oauth_access_token': oauth_access_token, 'display_name': display_name, } headers = remember(self.request, name) # login user url = self.request.resource_url(self.api.root) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) else: self.response['form'] = form.render(self.request.POST) return self.response raise Forbidden(_("Unable to authenticate using Twitter")) @view_config(context=ISiteRoot, name='openid_register', renderer="voteit.core.views:templates/base_edit.pt", permission=NO_PERMISSION_REQUIRED) def openid_register(self): schema = createSchema('CSORegisterUserOpenIDSchema') add_csrf_token(self.context, self.request, schema) schema = schema.bind(context=self.context, request=self.request, api=self.api) form = Form(schema, buttons=( button_register, button_cancel, ))
#setting domain stuff obj.auth_domains['twitter'] = {'oauth_userid': oauth_userid, 'oauth_access_token': oauth_access_token, 'display_name': display_name,} headers = remember(self.request, name) # login user url = self.request.resource_url(self.api.root) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) else: self.response['form'] = form.render(self.request.POST) return self.response raise Forbidden(_("Unable to authenticate using Twitter")) @view_config(context=ISiteRoot, name='openid_register', renderer="voteit.core.views:templates/base_edit.pt", permission=NO_PERMISSION_REQUIRED) def openid_register(self): schema = createSchema('CSORegisterUserOpenIDSchema') add_csrf_token(self.context, self.request, schema) schema = schema.bind(context=self.context, request=self.request, api = self.api) form = Form(schema, buttons=(button_register, button_cancel,)) self.api.register_form_resources(form) if 'cancel' in self.request.POST: self.api.flash_messages.add(_(u"Canceled")) url = self.request.resource_url(self.api.root) return HTTPFound(location=url)
def facebook_register(self): schema = createSchema('CSORegisterUserSchema') add_csrf_token(self.context, self.request, schema) schema = schema.bind(context=self.context, request=self.request, api = self.api) form = Form(schema, buttons=(button_register, button_cancel,)) self.api.register_form_resources(form) if 'cancel' in self.request.POST: self.api.flash_messages.add(_(u"Canceled")) url = self.request.resource_url(self.api.root) return HTTPFound(location=url) if self.request.POST: post = dict(self.request.POST) oauth_userid = post['oauth_userid'] oauth_access_token = post['oauth_access_token'] came_from = post['came_from'] # Logged in user, connect auth token to user if self.api.userid: user = self.api.user_profile #check that no other user has this token already other_user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token) if other_user and user != other_user: raise Forbidden(_("Another user has already registered with this token.")) #setting domain stuff user.auth_domains['facebook'] = {'oauth_userid': oauth_userid, 'oauth_access_token': oauth_access_token,} url = self.request.resource_url(user) return HTTPFound(location=url) else: # Find user with auth token and log it in user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token) if IUser.providedBy(user): headers = remember(self.request, user.__name__) url = self.request.resource_url(self.context) if came_from: url = urllib.unquote(came_from) return HTTPFound(location = url, headers = headers) if 'register' in self.request.POST: controls = self.request.POST.items() try: appstruct = form.validate(controls) except ValidationFailure, e: self.response['form'] = e.render() return self.response name = appstruct['userid'] del appstruct['userid'] # removing domain data from appstruct del appstruct['oauth_userid'] del appstruct['oauth_access_token'] # add facebook as selected profile image appstruct['profile_image_plugin'] = 'facebook_profile_image' del appstruct['came_from'] obj = createContent('User', creators=[name], **appstruct) self.context.users[name] = obj #setting domain stuff obj.auth_domains['facebook'] = {'oauth_userid': oauth_userid, 'oauth_access_token': oauth_access_token,} headers = remember(self.request, name) # login user url = self.request.resource_url(self.api.root) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) else: self.response['form'] = form.render(self.request.POST) return self.response
def openid_register(self): schema = createSchema('CSORegisterUserOpenIDSchema') add_csrf_token(self.context, self.request, schema) schema = schema.bind(context=self.context, request=self.request, api = self.api) form = Form(schema, buttons=(button_register, button_cancel,)) self.api.register_form_resources(form) if 'cancel' in self.request.POST: self.api.flash_messages.add(_(u"Canceled")) url = self.request.resource_url(self.api.root) return HTTPFound(location=url) if self.request.POST: post = dict(self.request.POST) openid_identifier = post['openid_identifier'] domain = post['domain'] userid = post['userid'] came_from = post['came_from'] # Logged in user, connect openid_identifier if self.api.userid: user = self.api.user_profile #check that no other user has this token already other_user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier) if other_user and user != other_user: raise Forbidden(_("Another user has already registered with this identifier.")) #setting domain stuff user.auth_domains['openid'] = {'openid_identifier': openid_identifier, 'domain': domain} url = self.request.resource_url(user) return HTTPFound(location=url) else: # Find user with auth token and log it in user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier) if IUser.providedBy(user): headers = remember(self.request, user.__name__) url = self.request.resource_url(self.context) if came_from: url = urllib.unquote(came_from) return HTTPFound(location = url, headers = headers) if 'register' in self.request.POST: controls = self.request.POST.items() try: appstruct = form.validate(controls) except ValidationFailure, e: self.response['form'] = e.render() return self.response userid = appstruct['userid'] email = appstruct['email'] first_name = appstruct['first_name'] last_name = appstruct['last_name'] obj = createContent('User', creators=[userid], email = email, first_name = first_name, last_name = last_name) self.context.users[userid] = obj #setting domain stuff obj.auth_domains['openid'] = {'openid_identifier': openid_identifier, 'domain': domain} headers = remember(self.request, userid) # login user url = self.request.resource_url(self.api.root) if came_from: url = urllib.unquote(came_from) return HTTPFound(location=url, headers=headers) else: self.response['form'] = form.render(self.request.POST) return self.response
import colander import deform from betahaus.pyracont.decorators import schema_factory from voteit.core.schemas.user import userid_node from voteit.core.schemas.user import email_node from voteit.core.schemas.user import first_name_node from voteit.core.schemas.user import last_name_node from voteit.core.schemas.user import came_from_node from voteit.cloudsignon import VoteITCSO as _ @schema_factory('CSORegisterUserSchema', title=_(u"Registration"), description=_( u"cso_complete_registration_notice", default=u'Review or complete your registration below.')) class CSORegisterUserSchema(colander.Schema): """ CSO registration. """ userid = userid_node() email = email_node() first_name = first_name_node() last_name = last_name_node() domain = colander.SchemaNode( colander.String(), widget=deform.widget.HiddenWidget(), missing=u"", ) oauth_access_token = colander.SchemaNode( colander.String(),
def login_provider(context, request, va, **kw): providers = request.registry.settings.get('login_providers', ()) if va.name not in providers: return u"" api = kw['api'] response = dict( api=api, came_from=request.GET.get('came_from', ''), title=va.title, ) return render(va.kwargs['template'], response, request=request) @view_action('login_forms', 'facebook', title=_(u"Facebook"), template="templates/facebook.pt") @view_action('login_forms', 'twitter', title=_(u"Twitter"), template="templates/twitter.pt") @view_action('login_forms', 'openid', title=_(u"OpenID"), template="templates/openid.pt") def login_va(context, request, va, **kw): api = kw['api'] if not api.userid: return login_provider(context, request, va, **kw) return u""
from voteit.cloudsignon import VoteITCSO as _ def login_provider(context, request, va, **kw): providers = request.registry.settings.get('login_providers', ()) if va.name not in providers: return u"" api = kw['api'] response = dict( api = api, came_from = request.GET.get('came_from', ''), title = va.title, ) return render(va.kwargs['template'], response, request = request) @view_action('login_forms', 'facebook', title = _(u"Facebook"), template="templates/facebook.pt") @view_action('login_forms', 'twitter', title = _(u"Twitter"), template="templates/twitter.pt") @view_action('login_forms', 'openid', title = _(u"OpenID"), template="templates/openid.pt") def login_va(context, request, va, **kw): api = kw['api'] if not api.userid: return login_provider(context, request, va, **kw) return u"" @view_action('connect_forms', 'facebook', title = _(u"Connect to Facebook"), template="templates/facebook.pt") @view_action('connect_forms', 'twitter', title = _(u"Connect to Twitter"), template="templates/twitter.pt") @view_action('connect_forms', 'openid', title = _(u"Connect to OpenID"), template="templates/openid.pt") def connect_va(context, request, va, **kw): api = kw['api'] if api.userid and va.name not in api.user_profile.auth_domains: return login_provider(context, request, va, **kw)
import colander import deform from betahaus.pyracont.decorators import schema_factory from voteit.core.schemas.user import userid_node from voteit.core.schemas.user import email_node from voteit.core.schemas.user import first_name_node from voteit.core.schemas.user import last_name_node from voteit.core.schemas.user import came_from_node from voteit.cloudsignon import VoteITCSO as _ @schema_factory('CSORegisterUserSchema', title = _(u"Registration"), description=_(u"cso_complete_registration_notice", default = u'Review or complete your registration below.')) class CSORegisterUserSchema(colander.Schema): """ CSO registration. """ userid = userid_node() email = email_node() first_name = first_name_node() last_name = last_name_node() domain = colander.SchemaNode(colander.String(), widget = deform.widget.HiddenWidget(), missing=u"",) oauth_access_token = colander.SchemaNode(colander.String(), widget = deform.widget.HiddenWidget(),) oauth_userid = colander.SchemaNode(colander.String(), widget = deform.widget.HiddenWidget(), missing=u"",)