def _request_authorize_code(self, application):
oauth2 = self.OAUTH2_PARAMETER
oauth2["client_id"] = application.app_key
oauth2["redirect_uri"] = application.redirect_uri
oauth2["userId"] = self._username
oauth2["passwd"] = self._password
curl = _Curl()
curl.set_option(pycurl.FOLLOWLOCATION, False) # don't follow redirect
curl.set_option(pycurl.REFERER, self.AUTHORIZE_URL) # required for auth
try:
curl.post(self.AUTHORIZE_URL, oauth2)
except pycurl.error:
raise NetworkError
# After post the OAUTH2 information, if success,
# Sina will return "302 Moved Temporarily", the target is "http://redirect_uri/?code=xxxxxx",
# xxxxxx is the authorize code.
redirect_url = curl.get_info(pycurl.REDIRECT_URL)
if not redirect_url:
raise AuthorizeFailed("Invalid Application() or wrong username/password.")
authorize_code = redirect_url.split("=")[1]
self.authorize_code = authorize_code
return authorize_code
def _request_authorize_code(self, application):
# Encode the username to a URL-encoded string.
# Then, calculate its base64, we need it later
username_encoded = urllib.parse.quote(self._username)
username_encoded = username_encoded.encode("UTF-8") # convert to UTF-8-encoded byte string
username_encoded = base64.b64encode(username_encoded)
# First, we need to request prelogin.php for some necessary parameters.
prelogin = self.PRELOGIN_PARAMETER
prelogin['su'] = username_encoded
curl = _Curl()
try:
prelogin_result = curl.get(self.PRELOGIN_URL, prelogin)
except pycurl.error:
raise NetworkError
# The result is a piece of JavaScript code, in the format of
# sinaSSOController.preloginCallBack({json here})
prelogin_json = prelogin_result.replace("sinaSSOController.preloginCallBack(", "")[0:-1]
prelogin_json = json.loads(prelogin_json)
# Second, we request login.php to request for a authenticate ticket
login = self.LOGIN_PARAMETER
login['su'] = username_encoded
login['servertime'] = prelogin_json['servertime']
login['nonce'] = prelogin_json['nonce']
login['rsakv'] = prelogin_json['rsakv']
# One more thing, we need to encrypt the password with extra token
# using RSA-1024 public key which the server has sent us.
rsa_pubkey_bignum = int(prelogin_json['pubkey'], 16) # the public key is a big number in Hex
rsa_pubkey = rsa.PublicKey(rsa_pubkey_bignum, 65537) # RFC requires e == 65537 for RSA algorithm
plain_msg = "%s\t%s\n%s" % (prelogin_json['servertime'], prelogin_json['nonce'], self._password)
plain_msg = plain_msg.encode('UTF-8') # to byte string
cipher_msg = rsa.encrypt(plain_msg, rsa_pubkey)
cipher_msg = base64.b16encode(cipher_msg) # to Hex
login['sp'] = cipher_msg
curl = _Curl()
try:
login_result = curl.post(self.LOGIN_URL % "ssologin.js(v1.4.15)", login)
except pycurl.error:
raise NetworkError
# the result is a JSON string
# if success, Sina will give us a ticket for this authorized session
login_json = json.loads(login_result)
if "ticket" not in login_json:
raise AuthorizeFailed(str(login_json))
oauth2 = self.OAUTH2_PARAMETER
oauth2['ticket'] = login_json['ticket'] # it's what all we need
oauth2['client_id'] = application.app_key
oauth2['redirect_uri'] = application.redirect_uri
curl = _Curl()
curl.set_option(pycurl.FOLLOWLOCATION, False) # don't follow redirect
curl.set_option(pycurl.REFERER, self.AUTHORIZE_URL) # required for auth
try:
curl.post(self.AUTHORIZE_URL, oauth2)
except pycurl.error:
raise NetworkError
# After post the OAuth2 information, if success,
# Sina will return "302 Moved Temporarily", the target is "http://redirect_uri/?code=xxxxxx",
# xxxxxx is the authorize code.
redirect_url = curl.get_info(pycurl.REDIRECT_URL)
if not redirect_url:
raise AuthorizeFailed("Invalid Application() or wrong username/password.")
authorize_code = redirect_url.split("=")[1]
self.authorize_code = authorize_code
return authorize_code
def _request_authorize_code(self, application):
# Encode the username to a URL-encoded string.
# Then, calculate its base64, we need it later
username_encoded = urllib.parse.quote(self._username)
username_encoded = username_encoded.encode(
"UTF-8") # convert to UTF-8-encoded byte string
username_encoded = base64.b64encode(username_encoded)
# First, we need to request prelogin.php for some necessary parameters.
prelogin = self.PRELOGIN_PARAMETER
prelogin['su'] = username_encoded
curl = _Curl()
try:
prelogin_result = curl.get(self.PRELOGIN_URL, prelogin)
except pycurl.error:
raise NetworkError
# The result is a piece of JavaScript code, in the format of
# sinaSSOController.preloginCallBack({json here})
prelogin_json = prelogin_result.replace(
"sinaSSOController.preloginCallBack(", "")[0:-1]
prelogin_json = json.loads(prelogin_json)
# Second, we request login.php to request for a authenticate ticket
login = self.LOGIN_PARAMETER
login['su'] = username_encoded
login['servertime'] = prelogin_json['servertime']
login['nonce'] = prelogin_json['nonce']
login['rsakv'] = prelogin_json['rsakv']
# One more thing, we need to encrypt the password with extra token
# using RSA-1024 public key which the server has sent us.
rsa_pubkey_bignum = int(prelogin_json['pubkey'],
16) # the public key is a big number in Hex
rsa_pubkey = rsa.PublicKey(
rsa_pubkey_bignum,
65537) # RFC requires e == 65537 for RSA algorithm
plain_msg = "%s\t%s\n%s" % (prelogin_json['servertime'],
prelogin_json['nonce'], self._password)
plain_msg = plain_msg.encode('UTF-8') # to byte string
cipher_msg = rsa.encrypt(plain_msg, rsa_pubkey)
cipher_msg = base64.b16encode(cipher_msg) # to Hex
login['sp'] = cipher_msg
curl = _Curl()
try:
login_result = curl.post(self.LOGIN_URL % "ssologin.js(v1.4.15)",
login)
except pycurl.error:
raise NetworkError
# the result is a JSON string
# if success, Sina will give us a ticket for this authorized session
login_json = json.loads(login_result)
if "ticket" not in login_json:
raise AuthorizeFailed(str(login_json))
oauth2 = self.OAUTH2_PARAMETER
oauth2['ticket'] = login_json['ticket'] # it's what all we need
oauth2['client_id'] = application.app_key
oauth2['redirect_uri'] = application.redirect_uri
curl = _Curl()
curl.set_option(pycurl.FOLLOWLOCATION, False) # don't follow redirect
curl.set_option(pycurl.REFERER,
self.AUTHORIZE_URL) # required for auth
try:
curl.post(self.AUTHORIZE_URL, oauth2)
except pycurl.error:
raise NetworkError
# After post the OAuth2 information, if success,
# Sina will return "302 Moved Temporarily", the target is "http://redirect_uri/?code=xxxxxx",
# xxxxxx is the authorize code.
redirect_url = curl.get_info(pycurl.REDIRECT_URL)
if not redirect_url:
raise AuthorizeFailed(
"Invalid Application() or wrong username/password.")
authorize_code = redirect_url.split("=")[1]
self.authorize_code = authorize_code
return authorize_code
