def fbconnect():
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state parameter.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
access_token = request.data
# Exchange client token for long-lived server-side token
secret_data = json.loads(open('fb_client_secrets.json', 'r').read())
app_id = secret_data['web']['app_id']
app_secret = secret_data['web']['app_secret']
url = 'https://graph.facebook.com/oauth/access_token?'
url += 'grant_type=fb_exchange_token'
url += '&client_id={0}&client_secret={1}&fb_exchange_token={2}'.format(
app_id, app_secret, access_token)
h = httplib2.Http()
result = h.request(url, 'GET')[1]
# Strip expire tag from access_token
token = result.split('&')[0]
url = 'https://graph.facebook.com/v2.5/me?'
url += '{0}&fields=name,id,email,picture'.format(
token)
h = httplib2.Http()
result = h.request(url, 'GET')[1]
data = json.loads(result)
print 'ddddddaata', data
login_session['provider'] = 'facebook'
login_session['username'] = data['name']
login_session['email'] = data['email']
login_session['facebook_id'] = data['id']
login_session['picture'] = data['picture']['data']['url']
login_session['access_token'] = token
user_id = dbo.get_user_id(data['email'])
if user_id is None:
user_id = dbo.create_user(login_session)
login_session['user_id'] = user_id
flash('you are now logged in as {username}'.format(
username=login_session['username']))
print "done!"
return _get_welcome_message()
def fbconnect():
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state parameter.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
access_token = request.data
# Exchange client token for long-lived server-side token
secret_data = json.loads(open('fb_client_secrets.json', 'r').read())
app_id = secret_data['web']['app_id']
app_secret = secret_data['web']['app_secret']
url = 'https://graph.facebook.com/oauth/access_token?'
url += 'grant_type=fb_exchange_token'
url += '&client_id={0}&client_secret={1}&fb_exchange_token={2}'.format(
app_id, app_secret, access_token)
h = httplib2.Http()
result = h.request(url, 'GET')[1]
# Strip expire tag from access_token
token = result.split('&')[0]
url = 'https://graph.facebook.com/v2.5/me?'
url += '{0}&fields=name,id,email,picture'.format(token)
h = httplib2.Http()
result = h.request(url, 'GET')[1]
data = json.loads(result)
print 'ddddddaata', data
login_session['provider'] = 'facebook'
login_session['username'] = data['name']
login_session['email'] = data['email']
login_session['facebook_id'] = data['id']
login_session['picture'] = data['picture']['data']['url']
login_session['access_token'] = token
user_id = dbo.get_user_id(data['email'])
if user_id is None:
user_id = dbo.create_user(login_session)
login_session['user_id'] = user_id
flash('you are now logged in as {username}'.format(
username=login_session['username']))
print "done!"
return _get_welcome_message()
def gconnect():
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state parameter'), 401)
response.headers['Content-Type'] = 'application/json'
return response
code = request.data
try:
oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError:
response = make_response(
json.dumps('Failed to upgrade the authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
print 'Failed to upgrade the authorization code.'
return response
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' %
access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
# Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(
json.dumps("Token's user ID doesn't match given user ID."), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Verify that the access token is valid for this app.
if result['issued_to'] != client_id:
response = make_response(
json.dumps("Token's client ID does not match app's."), 401)
print "Token's client ID does not match app's."
response.headers['Content-Type'] = 'application/json'
return response
# Store the access token in the session for later use.
login_session['credentials'] = credentials
login_session['gplus_id'] = gplus_id
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
login_session['provider'] = 'google'
login_session['username'] = data['name']
login_session['picture'] = data['picture']
login_session['email'] = data['email']
user_id = dbo.get_user_id(data['email'])
if user_id is None:
user_id = dbo.create_user(login_session)
login_session['user_id'] = user_id
flash('you are now logged in as {username}'.format(
username=login_session['username']))
return _get_welcome_message()
def gconnect():
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state parameter'), 401)
response.headers['Content-Type'] = 'application/json'
return response
code = request.data
try:
oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError:
response = make_response(json.dumps(
'Failed to upgrade the authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
print 'Failed to upgrade the authorization code.'
return response
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s'
% access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
# Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(
json.dumps("Token's user ID doesn't match given user ID."), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Verify that the access token is valid for this app.
if result['issued_to'] != client_id:
response = make_response(
json.dumps("Token's client ID does not match app's."), 401)
print "Token's client ID does not match app's."
response.headers['Content-Type'] = 'application/json'
return response
# Store the access token in the session for later use.
login_session['credentials'] = credentials
login_session['gplus_id'] = gplus_id
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
login_session['provider'] = 'google'
login_session['username'] = data['name']
login_session['picture'] = data['picture']
login_session['email'] = data['email']
user_id = dbo.get_user_id(data['email'])
if user_id is None:
user_id = dbo.create_user(login_session)
login_session['user_id'] = user_id
flash('you are now logged in as {username}'.format(
username=login_session['username']))
return _get_welcome_message()
