def post(self): url = "github.com" # authorize_url = \ # "http://test-backend.example-project-13.appspot.com/api/oauth/github?action=request_token" access_token_url = "/login/oauth/access_token" client_id = "1f21e4d820abd2cb5a7a" client_secret = "b24d6b5f298e85514bebc70abcbf100a8ef8a5f4" access_token = "" connection = httplib.HTTPSConnection(url) # Cogemos el codigo de la peticion code = self.request.get("code") # Indicamos los parametros de la peticion a github params_token = urllib.urlencode({"client_id": client_id, "client_secret": client_secret, "code": code}) # Realizamos la peticion en la conexion connection.request("POST", access_token_url, params_token) # Cogemos la respuesta de la peticion y realizamos un split # para coger el valor del token response_token = connection.getresponse() data_token = response_token.read() access_token = data_token.split("&") access_token = access_token[0].split("=")[1] # Gestion de la respuesta de webapp self.response.content_type = "application/json" response = {"token": "" + access_token + ""} self.response.write(json.dumps(response)) connection.close() self.response.set_status(200) # Obtenemos los detalles del usuario autenticado connectionAPI = httplib.HTTPSConnection("api.github.com") headers = {"Accept": "application/vnd.github.v3+json", "User-Agent": "PicBit-App", "Authorization": "token GITHUB_TOKEN"} connectionAPI.request("GET", "/user", params_token, headers) response = connectionAPI.getresponse() aux = response.read() user_details = json.loads(aux) # Buscamos el par id usuario/token autenticado en la base stored_credentials = ndb_pb.searchToken(str(user_details["id" ]), "github") if stored_credentials == None: # Almacena las credenciales en una entidad Token user_credentials = ndb_pb.insertUser("github", str(user_details["id"]), access_token) self.response.set_status(201) else: # Almacenamos el access token recibido user_id = ndb_pb.modifyToken(str(user_details["id"]), access_token, "github") self.response.set_status(200)
def post(self): oauth_verifier = self.request.get("oauth_verifier", default_value="None") user_identifier = self.request.get("user_identifier", default_value="") if not oauth_verifier == "": key_verifier = "oauth_verifier_" + oauth_verifier twitter_user_data = memcache.get(key_verifier) if not twitter_user_data == None: # Checks if the username was stored previously stored_credentials = ndb_pb.searchToken(twitter_user_data["token_id"], "twitter") if not stored_credentials == None: # We store the new set of credentials user_key = ndb_pb.modifyToken(twitter_user_data["token_id"], twitter_user_data["access_token"], "twitter") user_id = ndb_pb.getUserId(user_key) session_id = self.login(user_key) # Gets the user_id to generate the user cookie user_id = ndb_pb.getUserId(user_key) # Returns the session, social_network and user cookie self.response.set_cookie("session", session_id, path="/", domain=domain, secure=True) self.response.set_cookie("social_network", value="twitter", path="/", domain=domain, secure=True) self.response.set_cookie("user", value=user_id, path="/", domain=domain, secure=True) # Builds the response response = {"status": "User logged successfully", "user_id": user_id} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(200) else: response = \ {"error": "The token_id provided does not belong to a registered user in the system. Consider perform a signup request instead"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(400) else: response = \ {"error": "There isn\"t any session in the system for the oauth_verifier value specified"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(404) else: response = \ {"error": "You must specify a value for the oauth_verifier param in the request"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(400)
def post_credentials(self, social_network): cookie_value = self.request.cookies.get("session") if not cookie_value == None: user = self.getUserInfo(cookie_value) if not user == None: try: # Gets the data from the request form access_token = self.request.POST["access_token"] token_id = self.request.POST["token_id"] # Checks if the username was stored previously stored_credentials = ndb_pb.getToken(token_id, social_network) if stored_credentials == None: # Adds the token to the user credentials list ndb_pb.insertToken(user, social_network, access_token, token_id) #Builds the response user_id = ndb_pb.getUserId(user) response = {"user_id": user_id} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(201) else: # We update the user credentials user_id = ndb_pb.modifyToken(token_id, access_token, social_network) # Builds the response response = {"user_id": stored_credentials["user_id"]} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(200) except KeyError: response = \ {"error": "You must provide a valid pair of access_token and token_id in the request"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(400) else: response = \ {"error": "The cookie session provided does not belongs to any active user"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(400) else: response = \ {"error": "You must provide a session cookie"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(401)
def post_login(self, social_network): try: # We get the params from the POST data access_token = self.request.POST["access_token"] token_id = self.request.POST["token_id"] # Checks if the username was stored previously stored_credentials = ndb_pb.searchToken(token_id, social_network) if not stored_credentials == None: # We store the new set of credentials user_key = ndb_pb.modifyToken(token_id, access_token, social_network) user_id = ndb_pb.getUserId(user_key) session_id = self.login(user_key) # Gets the user_id to generate the user cookie user_id = ndb_pb.getUserId(user_key) # Returns the session cookie self.response.set_cookie("session", session_id, path="/", domain=domain, secure=True) self.response.set_cookie("social_network", social_network, path="/", domain=domain, secure=True) self.response.set_cookie("user", user_id, path="/", domain=domain, secure=True) # Builds the response response = {"status": "User logged successfully", "user_id": user_id} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(200) else: response = \ {"error": "The token_id provided does not belong to any user in the system. Consider perform a signup request instead"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(400) except KeyError: response = \ {"error": "You must provide a valid pair of access_token and token_id in the request"} self.response.content_type = "application/json" self.response.write(json.dumps(response)) self.response.set_status(400)