def facebook_required(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, canvas=False): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Note we don't actually query the permissions, we just try in the view and upon a permission error redirect to login_url Querying the permissions would slow down things """ from open_facebook import exceptions as open_facebook_exceptions from django_facebook.utils import test_permissions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list) #Normal facebook errors should be raised #OAuthException s should cause a redirect for authorization try: permission_granted = test_permissions(request, scope_list, redirect_uri) except open_facebook_exceptions.OAuthException, e: permission_granted = False if permission_granted: return view_func(request, *args, **kwargs) else: logger.info('requesting access with redirect uri: %s', redirect_uri) response = response_redirect(oauth_url, canvas=canvas) return response return _wrapped_view
def facebook_required(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, canvas=False): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Note we don't actually query the permissions, we just try in the view and upon a permission error redirect to login_url Querying the permissions would slow down things """ from django_facebook.utils import test_permissions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): if canvas: oauth_url, redirect_uri = generate_oauth_url(scope_list) else: oauth_url, redirect_uri = get_oauth_url(request, scope_list) if test_permissions(request, scope_list, redirect_uri): return view_func(request, *args, **kwargs) else: logger.info('requesting access with redirect uri: %s', redirect_uri) response = response_redirect(oauth_url, canvas=canvas) return response return _wrapped_view if view_func: return actual_decorator(view_func) return actual_decorator
def facebook_required(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Note we don't actually query the permissions, we just try in the view and upon a permission error redirect to login_url Querying the permissions would slow down things """ from django_facebook.utils import test_permissions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list) if test_permissions(request, scope_list, redirect_uri): return view_func(request, *args, **kwargs) else: logger.info('requesting access with redirect uri: %s', redirect_uri) response = HttpResponseRedirect(oauth_url) return response return _wrapped_view if view_func: return actual_decorator(view_func) return actual_decorator
def facebook_required(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Note we don't actually query the permissions, we just try in the view and upon a permission error redirect to login_url Querying the permissions would slow down things """ from django_facebook.utils import test_permissions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list) if test_permissions(request, scope_list, redirect_uri): return view_func(request, *args, **kwargs) else: logger.info('requesting access with redirect uri: %s', redirect_uri) # response = HttpResponseRedirect(oauth_url) redirect_script = '<html><body><script type="text/javascript">window.top.location.href="%s"</script></body></html>'%(oauth_url) response = HttpResponse(redirect_script) return response return _wrapped_view if view_func: return actual_decorator(view_func) return actual_decorator
def facebook_required_lazy(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Based on exceptions instead of a check up front Faster, but more prone to bugs """ from django_facebook.utils import test_permissions from open_facebook import exceptions as open_facebook_exceptions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params) try: #call get persistent graph and convert the token with correct redirect uri get_persistent_graph(request, redirect_uri=redirect_uri) return view_func(request, *args, **kwargs) except open_facebook_exceptions.OpenFacebookException, e: if test_permissions(request, scope_list, redirect_uri): #an error if we already have permissions shouldn't have been caught #raise to prevent bugs with error mapping to cause issues raise else: logger.info('requesting access with redirect uri: %s', redirect_uri) response = HttpResponseRedirect(oauth_url) return response return _wrapped_view
def __init__(self, fn, scope=None, canvas=False, extra_params=None): self.fn = fn scope = fb_settings.FACEBOOK_DEFAULT_SCOPE if scope is None else scope self.scope = scope self.scope_list = parse_scope(scope) self.canvas = canvas self.extra_params = extra_params # canvas pages always need to be csrf excempt csrf_exempt = canvas self.csrf_exempt = csrf_exempt
def __init__(self, fn, scope=None, canvas=False, page_tab=False, extra_params=None): self.fn = fn scope = fb_settings.FACEBOOK_DEFAULT_SCOPE if scope is None else scope self.scope = scope self.scope_list = parse_scope(scope) self.canvas = canvas self.page_tab = page_tab self.extra_params = extra_params # canvas pages always need to be csrf excempt csrf_exempt = canvas or page_tab self.csrf_exempt = csrf_exempt
def facebook_required_lazy(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None, canvas=False): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Based on exceptions instead of a check up front Faster, but more prone to bugs Use this in combination with require_persistent_graph """ from django_facebook.utils import test_permissions from open_facebook import exceptions as open_facebook_exceptions scope_list = parse_scope(scope) #canvas pages always need to be csrf excempt csrf_exempt = canvas def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params) try: # call get persistent graph and convert the # token with correct redirect uri get_persistent_graph(request, redirect_uri=redirect_uri) #Note we're not requiring a persistent graph here #You should require a persistent graph in the url when you start using this return view_func(request, *args, **kwargs) except open_facebook_exceptions.OpenFacebookException, e: permission_granted = test_permissions(request, scope_list, redirect_uri) if permission_granted: # an error if we already have permissions # shouldn't have been caught # raise to prevent bugs with error mapping to cause issues raise else: logger.info( u'requesting access with redirect uri: %s, error was %s', redirect_uri, e) response = response_redirect(oauth_url, canvas=canvas) return response return _wrapped_view
def generate_oauth_url(scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, next=None, extra_data=None): query_dict = QueryDict('', True) canvas_page = (next if next is not None else facebook_settings.FACEBOOK_CANVAS_PAGE) scope = parse_scope(scope) query_dict.update(dict(client_id=facebook_settings.FACEBOOK_APP_ID, redirect_uri=canvas_page, scope=','.join(scope))) if extra_data: query_dict.update(extra_data) auth_url = 'http://www.facebook.com/dialog/oauth?%s' % ( query_dict.urlencode(), ) return auth_url, canvas_page
def facebook_required_lazy(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None, canvas=None): """Decorator which makes the view require the given Facebook permissions, redirecting to the authorization page if necessary. This implementation performs redirect upon caught exception, instead of checking before acting; faster, but more prone to bugs. :param view_func: The view function that will be decorated :param scope: List of names of permissions that will be required :param redirect_field_name: :param login_url: URL of the login page, in case permissions checking fails. :param extra_params: Extra paramters to be added to redirect_uri :param canvas: Whether we are running inside canvas or not. If not specified, its value will be determined at runtime from ``request.fb_info['is_canvas']``. """ from django_facebook.utils import test_permissions from open_facebook import exceptions as open_facebook_exceptions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params) try: ## Call get_persistent_graph() and convert the ## token with correct redirect URI get_persistent_graph(request, redirect_uri=redirect_uri) return view_func(request, *args, **kwargs) except open_facebook_exceptions.OpenFacebookException, e: if test_permissions(request, scope_list, redirect_uri): ## An error if we already have permissions ## shouldn't have been caught ## raise to prevent bugs with error mapping to cause issues raise else: logger.info(u'Requesting access with redirect_uri: %s, error was %s', redirect_uri, e) _canvas = canvas # Bring into local scope if _canvas is None: _canvas = getattr(request, 'fb_info', {}).get('is_canvas', False) response = response_redirect(oauth_url, canvas=_canvas) return response return _wrapped_view
def facebook_required_lazy(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None, canvas=False): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Based on exceptions instead of a check up front Faster, but more prone to bugs Use this in combination with require_persistent_graph """ from django_facebook.utils import test_permissions from open_facebook import exceptions as open_facebook_exceptions scope_list = parse_scope(scope) #canvas pages always need to be csrf excempt csrf_exempt = canvas def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, current_uri, redirect_uri = get_oauth_url( request, scope_list, extra_params=extra_params) try: # call get persistent graph and convert the # token with correct redirect uri get_persistent_graph(request, redirect_uri=current_uri) #Note we're not requiring a persistent graph here #You should require a persistent graph in the view when you start using this return view_func(request, *args, **kwargs) except open_facebook_exceptions.OpenFacebookException, e: permission_granted = test_permissions( request, scope_list, current_uri) if permission_granted: # an error if we already have permissions # shouldn't have been caught # raise to prevent bugs with error mapping to cause issues raise else: logger.info( u'requesting access with redirect uri: %s, error was %s', redirect_uri, e) response = response_redirect(oauth_url, canvas=canvas) return response return _wrapped_view
def facebook_required(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None, canvas=None): """Decorator which makes the view require the given Facebook permissions, redirecting to the authorization page if necessary. .. NOTE:: This implementation sends a request to check that the user has the required permissions before executing the view. This should be able to prevent most failures, but it will slow down things as an additional HTTP request will be performed on each request.. :param view_func: The view function that will be decorated :param scope: List of names of permissions that will be required :param redirect_field_name: :param login_url: URL of the login page, in case permissions checking fails. :param extra_params: Extra paramters to be added to redirect_uri :param canvas: Whether we are running inside canvas or not. If not specified, its value will be determined at runtime from ``request.fb_info['is_canvas']``. """ from django_facebook.utils import test_permissions scope_list = parse_scope(scope) def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, redirect_uri = get_oauth_url(request, scope_list) if test_permissions(request, scope_list, redirect_uri): return view_func(request, *args, **kwargs) else: logger.info('requesting access with redirect uri: %s', redirect_uri) _canvas = canvas # Bring into local scope if _canvas is None: _canvas = getattr(request, 'fb_info', {}).get('is_canvas', False) response = response_redirect(oauth_url, canvas=_canvas) return response return _wrapped_view if view_func: return actual_decorator(view_func) return actual_decorator
def generate_oauth_url(scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, next=None, extra_data=None): query_dict = QueryDict('', True) canvas_page = (next if next is not None else facebook_settings.FACEBOOK_CANVAS_PAGE) scope = parse_scope(scope) query_dict.update( dict(client_id=facebook_settings.FACEBOOK_APP_ID, redirect_uri=canvas_page, scope=','.join(scope))) if extra_data: query_dict.update(extra_data) auth_url = 'http://www.facebook.com/dialog/oauth?%s' % ( query_dict.urlencode(), ) return auth_url, canvas_page
def facebook_required(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, canvas=False): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Note we don't actually query the permissions, we just try in the view and upon a permission error redirect to login_url Querying the permissions would slow down things """ from open_facebook import exceptions as open_facebook_exceptions from django_facebook.utils import test_permissions scope_list = parse_scope(scope) #canvas pages always need to be csrf excempt csrf_exempt = canvas def actual_decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): oauth_url, current_uri, redirect_uri = get_oauth_url( request, scope_list) #Normal facebook errors should be raised #OAuthException s should cause a redirect for authorization try: permission_granted = test_permissions(request, scope_list, current_uri) except open_facebook_exceptions.OAuthException, e: permission_granted = False if permission_granted: return view_func(request, *args, **kwargs) else: logger.info('requesting access with redirect uri: %s', redirect_uri) response = response_redirect(oauth_url, canvas=canvas) return response return _wrapped_view
def facebook_required(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator which makes the view require the given Facebook perms, redirecting to the log-in page if necessary. Note we don't actually query the permissions, we just try in the view and upon a permission error redirect to login_url Querying the permissions would slow down things """ scope_list = parse_scope(scope) def test_permissions(request, redirect_uri=None): ''' Call Facebook me/permissions to see if we are allowed to do this ''' from django_facebook.api import get_persistent_graph fb = get_persistent_graph(request, redirect_uri=redirect_uri) permissions_dict = {} if fb: try: permissions_response = fb.get('me/permissions') permissions = permissions_response['data'][0] except facebook_exceptions.OAuthException, e: #this happens when someone revokes their permissions while the session #is still stored permissions = {} permissions_dict = dict([(k,bool(int(v))) for k,v in permissions.items() if v == '1' or v == 1]) #see if we have all permissions scope_allowed = True for permission in scope_list: if permission not in permissions_dict: scope_allowed = False #raise if this happens after a redirect though if not scope_allowed and request.GET.get('attempt'): raise ValueError, 'Somehow facebook is not giving us the permissions needed, lets break instead of endless redirects. Fb was %s and permissions %s' % (fb, permissions_dict) return scope_allowed