def call_api(domain: str): if domain not in cache.sites_metadata: return abort(Response('Unrecognized domain', 400)) try: access_token = mwoauth.AccessToken(**session['access_token']) except KeyError: return abort(Response('Not authenticated', 403)) consumer_token = create_consumer_token() auth = OAuth1(consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) with cache.create_session(user_requested=True) as state: site = state.get_site(domain) params = request.get_json() # FIXME ? action = params.pop('action') if 'action' in params else 'query' if action == 'edit': print(f"Modifying page {params['title']} at {domain}") try: result = site(action, EXTRAS=dict(auth=auth), NO_LOGIN=True, POST=True, **params) except ApiError as err: print("----------------------------boom") print(repr(err.data)) if 'text' in err.data: print(err.data.text) print("----------------------end") return abort(Response('API boom', 500)) return jsonify(result)
def generate_auth(): access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) return requests_oauthlib.OAuth1( client_key=consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret, )
def authenticated_session(domain = 'meta.wikimedia.org'): if 'oauth_access_token' in flask.session: access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) auth = requests_oauthlib.OAuth1(client_key=app.config['CONSUMER_KEY'], client_secret=app.config['CONSUMER_SECRET'], resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) return mwapi.Session(host='https://'+domain, auth=auth, user_agent=user_agent) else: return None
def identify(): if 'oauth_access_token' in flask.session: access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) return mwoauth.identify('https://www.wikidata.org/w/index.php', consumer_token, access_token) else: return None
def authenticated_session(): if 'oauth_access_token' in flask.session: access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) auth = requests_oauthlib.OAuth1(client_key=consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) return mwapi.Session(host='https://www.wikidata.org', auth=auth, user_agent=user_agent) else: return None
def get_current_user(cached=True): if cached: return session.get('mwoauth_username') # Get user info identity = handshaker.identify( mwoauth.AccessToken(**session['mwoauth_access_token'])) # Store user info in session session['mwoauth_username'] = identity['username'] return session['mwoauth_username']
def userinfo(): try: access_token = mwoauth.AccessToken(**session['access_token']) except KeyError: return abort(Response('Not authenticated', 403)) identity = mwoauth.identify(app.config["OAUTH_MWURI"], create_consumer_token(), access_token) # TODO: remove this -- needed to track any changes being done while testing print(f"******************** {identity['username']}") return jsonify(identity)
def test_session_fits_in_cookie(): base_rev_id = 850000000 base_page_id = 60000000 with speedpatrolling.app.test_client() as client: with client.session_transaction() as session: for rev_id in range(base_rev_id, base_rev_id + 10000): speedpatrolling.ids.append(session, 'skipped_rev_ids', rev_id) for page_id in range(base_page_id, base_page_id + 10000): speedpatrolling.ids.append(session, 'acted_page_ids', page_id) for page_id in range(base_page_id + 10000, base_page_id + 20000): speedpatrolling.ids.append(session, 'skipped_page_ids', page_id) for page_id in range(base_page_id + 20000, base_page_id + 30000): speedpatrolling.ids.append(session, 'ignored_page_ids', page_id) for user_number in range(1000): user_name = ''.join( random.choice(string.ascii_letters + string.digits) for _ in range(32)) speedpatrolling.ids.append( session, 'acted_user_fake_ids', speedpatrolling.ids.user_fake_id(user_name)) for user_number in range(1000): user_name = ''.join( random.choice(string.ascii_letters + string.digits) for _ in range(32)) speedpatrolling.ids.append( session, 'skipped_user_fake_ids', speedpatrolling.ids.user_fake_id(user_name)) for user_number in range(1000): user_name = ''.join( random.choice(string.ascii_letters + string.digits) for _ in range(32)) speedpatrolling.ids.append( session, 'ignored_user_fake_ids', speedpatrolling.ids.user_fake_id(user_name)) session['csrf_token'] = ''.join( random.choice(string.ascii_letters + string.digits) for _ in range(64)) access_token = mwoauth.AccessToken('%x' % random.getrandbits(128), '%x' % random.getrandbits(128)) session['oauth_access_token'] = dict( zip(access_token._fields, access_token)) # oauth_request_token not tested session['supported_scripts'] = list(unicodescripts.all_scripts()) request = urllib.request.Request( 'http://localhost' + speedpatrolling.app.config.get('APPLICATION_ROOT', '/')) client.cookie_jar.add_cookie_header(request) header = request.get_header('Cookie') assert len(header) <= 4093
def authenticated_session(wiki: str) -> Optional[mwapi.Session]: if 'oauth_access_token' not in flask.session: return None access_token = mwoauth.AccessToken( **flask.session['oauth_access_token']) auth = requests_oauthlib.OAuth1(client_key=consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) return mwapi.Session(host='https://' + wiki, auth=auth, user_agent=user_agent)
def logged_in_user_name(): if 'user_name' in flask.g: return flask.g.user_name if 'oauth' not in app.config: return flask.g.setdefault('user_name', None) if 'oauth_access_token' not in flask.session: return flask.g.setdefault('user_name', None) access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) identity = mwoauth.identify('https://www.wikidata.org/w/index.php', consumer_token, access_token) return flask.g.setdefault('user_name', identity['username'])
def authenticated_session(domain): if 'oauth_access_token' not in flask.session: return None host = 'https://' + domain access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) auth = requests_oauthlib.OAuth1(client_key=consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) return mwapi.Session(host=host, auth=auth, user_agent=user_agent, formatversion=2)
def call_api(domain: str): _validate_not_stopping() print(f"++++ /api/{domain}") _validate_domain(domain) try: access_token = mwoauth.AccessToken(**session['access_token']) except KeyError: return abort(Response('Not authenticated', 403)) consumer_token = _create_consumer_token() auth = OAuth1(consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) with create_session(user_requested=True) as state: site = state.get_site(domain) params = request.get_json() action = params.pop('action') filename = f'{datetime.utcnow()}-{action}' if action == 'edit': modifying = 'nocreate' in params print( f"{'**** Modifying' if modifying else 'Creating'} page {params['title']} at {domain}" ) filename += ('modify' if modifying else 'create') is_token = action == 'query' and 'meta' in params and params[ 'meta'] == 'tokens' if not is_token: record_to_log(filename, domain, params) try: result = site(action, EXTRAS=dict(auth=auth), NO_LOGIN=True, POST=True, **params) if not is_token: record_to_log(filename, domain, result) except ApiError as err: print("----------------------------boom") print(repr(err.data)) if 'text' in err.data: record_to_log( filename, domain, dict(err=repr(err.data), text=repr(err.data.text))) print(err.data.text) else: record_to_log(filename, domain, dict(err=repr(err.data))) print("----------------------end") return abort(Response('API boom', 500)) return jsonify(result)
def authentication_area() -> flask.Markup: if 'oauth' not in app.config: return flask.Markup() if 'oauth_access_token' not in flask.session: return (flask.Markup(r'<a id="login" class="navbar-text" href="') + flask.Markup.escape(flask.url_for('login')) + flask.Markup(r'">Log in</a>')) access_token = mwoauth.AccessToken(**flask.session['oauth_access_token']) identity = mwoauth.identify(index_php, consumer_token, access_token) return (flask.Markup(r'<span class="navbar-text">Logged in as ') + user_link(identity['username']) + flask.Markup(r'</span>'))
def identity(self) -> Optional[dict]: """Get identifying information about a user via an authorized token.""" if self.access_token is None: pywikibot.error('Access token not set') return None consumer_token = mwoauth.ConsumerToken(*self.consumer_token) access_token = mwoauth.AccessToken(*self.access_token) try: identity = mwoauth.identify(self.site.base_url(self.site.path()), consumer_token, access_token) return identity except Exception as e: pywikibot.error(e) return None
def get_accesstoken(self): return mwoauth.AccessToken(self.oauthtoken.encode('utf-8'), self.oauthsecret.encode('utf-8'))
return (flask.Markup(r'<a id="login" class="navbar-text" href="') + flask.Markup.escape(flask.url_for('login')) + flask.Markup(r'">Log in</a>')) userinfo = session.get(action='query', meta='userinfo')['query']['userinfo'] return (flask.Markup(r'<span class="navbar-text">Logged in as ') + user_link(userinfo['name']) + flask.Markup(r'</span>')) def authenticated_session(){% if cookiecutter.set_up_mypy == "True" %} -> Optional[mwapi.Session]{% endif %}: if 'oauth_access_token' not in flask.session: return None access_token = mwoauth.AccessToken( **flask.session['oauth_access_token']) auth = requests_oauthlib.OAuth1(client_key=consumer_token.key, client_secret=consumer_token.secret, resource_owner_key=access_token.key, resource_owner_secret=access_token.secret) return mwapi.Session(host='https://{{ cookiecutter.wiki_domain }}', auth=auth, user_agent=user_agent) @app.route('/') def index(){% if cookiecutter.set_up_mypy == "True" %} -> str{% endif %}: return flask.render_template('index.html') @app.route('/greet/<name>')