def access_token(self, request): oauth_token = request.session.get('flickr_token_session') if not oauth_token: raise FlickrError, 'No saved oauth_token from previous request, are sessions enabled?' token = Token.from_string(oauth_token) if token.key != request.GET.get('oauth_token', 'no-no-no'): raise FlickrError, 'oauth_token mismatch!' """ Access token """ params = {'oauth_verifier': request.GET.get('oauth_verifier') } rq = self.get_oauth_request(url=self.ACCESS_TOKEN_URL, token=token, **params) response = self.get_response(rq) self.token = Token.from_string(response).to_string() """ Check token """ data = self.get('flickr.auth.oauth.checkToken') data['token'] = self.token return data
def access_token(self, token): """Return request for access token value""" request = self.oauth_request(token, self.ACCESS_TOKEN_URL) try: return Token.from_string(self.fetch_response(request)) except TypeError: raise AuthException(self, 'Couldn\'t get a token')
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" name = self.AUTH_BACKEND.name + 'unauthorized_token_name' try: unauthed_token, access_type = self.request.session.get(name) except ValueError: unauthed_token = self.request.session.get(name) access_type = 'read' if not unauthed_token: raise ValueError('Missing unauthorized token') token = Token.from_string(unauthed_token) if token.key != self.data.get('oauth_token', 'no-token'): raise ValueError( 'Incorrect tokens, %s != %s (%s, %s)', (token.key, self.data.get('oauth_token', 'no-token'), self.request.GET.get('oauth_token'), self.request.POST.get('oauth_token')) ) access_token = self.access_token(token) data = self.user_data(access_token) if data is not None: data['access_token'] = access_token.to_string() data['access_type'] = access_type kwargs.update({'response': data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs)
class EvernoteAuth(ConsumerBasedOAuth): """Evernote OAuth authentication mechanism""" AUTHORIZATION_URL = EVERNOTE_AUTHORIZATION_URL REQUEST_TOKEN_URL = EVERNOTE_REQUEST_TOKEN_URL ACCESS_TOKEN_URL = EVERNOTE_ACCESS_TOKEN_URL SERVER_URL = '%s' % EVERNOTE_SERVER AUTH_BACKEND = EvernoteBackend SETTINGS_KEY_NAME = 'EVERNOTE_CONSUMER_KEY' SETTINGS_SECRET_NAME = 'EVERNOTE_CONSUMER_SECRET' def access_token(self, token): """Return request for access token value""" request = self.oauth_request(token, self.ACCESS_TOKEN_URL) try: response = self.fetch_response(request) except HTTPError, e: # Evernote returns a 401 error when AuthCanceled if e.code == 401: raise exceptions.AuthCanceled(self) else: raise params = parse_qs(response) # evernote sents a empty secret token, this way it doesn't fires up the # exception response = response.replace('oauth_token_secret=', 'oauth_token_secret=None') token = Token.from_string(response) token.user_info = params return token
def unauthorized_token(self): """Return request for unauthorized token (first stage)""" request = self.oauth_request( token=None, url=self.REQUEST_TOKEN_URL, extra_params=self.request_token_extra_arguments() ) response = self.fetch_response(request) return Token.from_string(response)
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" # Multiple unauthorized tokens are supported (see #521) name = self.AUTH_BACKEND.name + 'unauthorized_token_name' token = None unauthed_tokens = self.request.session.get(name) or [] if not unauthed_tokens: raise AuthTokenError(self, 'Missing unauthorized token') for unauthed_token in unauthed_tokens: token = Token.from_string(unauthed_token) if token.key == self.data.get('oauth_token', 'no-token'): unauthed_tokens = list( set(unauthed_tokens) - set([unauthed_token])) self.request.session[name] = unauthed_tokens self.request.session.modified = True break else: raise AuthTokenError(self, 'Incorrect tokens') try: access_token = self.access_token(token) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def unauthorized_token(self): """Return request for unauthorized token (first stage)""" request = self.oauth_request( token=None, url=self.REQUEST_TOKEN_URL, extra_params=self.request_token_extra_arguments()) return Token.from_string(self.fetch_response(request))
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" # Multiple unauthorized tokens are supported (see #521) name = self.AUTH_BACKEND.name + 'unauthorized_token_name' token = None unauthed_tokens = self.request.session.get(name) or [] if not unauthed_tokens: raise AuthTokenError(self, 'Missing unauthorized token') for unauthed_token in unauthed_tokens: token = Token.from_string(unauthed_token) if token.key == self.data.get('oauth_token', 'no-token'): unauthed_tokens = list(set(unauthed_tokens) - set([unauthed_token])) self.request.session[name] = unauthed_tokens self.request.session.modified = True break else: raise AuthTokenError(self, 'Incorrect tokens') try: access_token = self.access_token(token) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def get_token(self): try: return Token.from_string(self.token) except ValueError, e: if self.token: raise FlickrInvalidTokenAuth(e) else: raise FlickrError, 'Error when calling flickr API: trying to build a token from an empty string'
def fetch(self, oauth_request, url): # via headers # -> Token self.connection.request(oauth_request.method, url, headers=oauth_request.to_header()) response = self.connection.getresponse() res = response.read() return Token.from_string(res)
def access_token(self, request): oauth_token = request.session.get('flickr_token_session') if not oauth_token: raise FlickrError, 'No saved oauth_token from previous request, are sessions enabled?' token = Token.from_string(oauth_token) if token.key != request.GET.get('oauth_token', 'no-no-no'): raise FlickrError, 'oauth_token mismatch!' """ Access token """ params = {'oauth_verifier': request.GET.get('oauth_verifier')} rq = self.get_oauth_request(url=self.ACCESS_TOKEN_URL, token=token, **params) response = self.get_response(rq) self.token = Token.from_string(response).to_string() """ Check token """ data = self.get('flickr.auth.oauth.checkToken') data['token'] = self.token return data
def make_api_call(self, kind, url, token, method="GET", **kwargs): if isinstance(token, basestring): token = Token.from_string(token) client = Client(self.consumer, token=token) request_kwargs = dict(method=method) if method == "POST": request_kwargs["body"] = urlencode(kwargs["params"]) response, content = client.request(url, **request_kwargs) return self._process_response(kind, response, content)
def begin(self, request, data): """ Try to get Request Token from OAuth Provider and redirect user to provider's site for approval. """ request = self.get_request( http_url = self.REQUEST_TOKEN_URL, parameters = dict(oauth_callback = self.get_callback(request))) content = self.load_request(request) request = self.get_request(token = Token.from_string(content), http_url=self.AUTHORIZE_URL) raise RedirectException(request.to_url())
def fetch_token(self, request): resp, content = self.request(request.url, headers=request.to_header()) if 200 == int(resp['status']): token = Token.from_string(content) params = cgi.parse_qs(content, keep_blank_values=False) user_id = params.get('douban_user_id',[None])[0] return token.key,token.secret, user_id else: raise Exception('{}: {}'.format(resp['status'], content))
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri="/", json=True): """Builds and retrieves an OAuth signed response.""" user = UserSocialAuth.resolve_user_or_id(user_or_id) oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0] token = Token.from_string(oauth_info.tokens["access_token"]) request = build_consumer_oauth_request(backend, token, url, redirect_uri) response = "\n".join(dsa_urlopen(request.to_url()).readlines()) if json: response = simplejson.loads(response) return response
def begin(self, request, data): """ Try to get Request Token from OAuth Provider and redirect user to provider's site for approval. """ request = self.get_request( http_url=self.REQUEST_TOKEN_URL, parameters=dict(oauth_callback=self.get_callback(request))) content = self.load_request(request) request = self.get_request(token=Token.from_string(content), http_url=self.AUTHORIZE_URL) raise RedirectException(request.to_url())
def do_auth(self, access_token, *args, **kwargs): """Finish the auth process once the access_token was retrieved""" if isinstance(access_token, six.string_types): access_token = Token.from_string(access_token) data = self.user_data(access_token) if data is not None: data["access_token"] = access_token.to_string() kwargs.update({"auth": self, "response": data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs)
def fetch(self, oauth_request, url): """ via headers :returns: Token (by oauth2) instance :rtype: Token """ self.connection.request(oauth_request.method, url, headers=oauth_request.to_header()) response = self.connection.getresponse() res = response.read() return Token.from_string(res)
def do_auth(self, access_token, *args, **kwargs): """Finish the auth process once the access_token was retrieved""" if isinstance(access_token, basestring): access_token = Token.from_string(access_token) data = self.user_data(access_token) if data is not None: data["access_token"] = access_token.to_string() kwargs.update({"auth": self, "response": data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs)
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri='/', json=True): """Builds and retrieves an OAuth signed response.""" user = UserSocialAuth.resolve_user_or_id(user_or_id) oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0] token = Token.from_string(oauth_info.tokens['access_token']) request = build_consumer_oauth_request(backend, token, url, redirect_uri) response = '\n'.join(dsa_urlopen(request.to_url()).readlines()) if json: response = simplejson.loads(response) return response
def auth_url(self, request, perms='read', callback=None): """ Request token """ params = {'oauth_callback': callback} rq = self.get_oauth_request(url=self.REQUEST_TOKEN_URL, token=None, **params) response = self.get_response(rq) token = Token.from_string(response) request.session['flickr_token_session'] = token.to_string() """ User auth """ params = {'perms': perms, } rq = self.get_oauth_request(url=self.AUTHORIZATION_URL, token=token, **params) return rq.to_url()
def access_token(self, token): """Return request for access token value""" # Fitbit is a bit different - it passes user information along with # the access token, so temporarily store it to vie the user_data # method easy access later in the flow! request = self.oauth_request(token, self.ACCESS_TOKEN_URL) response = self.fetch_response(request) token = Token.from_string(response) params = parse_qs(response) token.encoded_user_id = params.get("encoded_user_id", [None])[0] token.fullname = params.get("fullname", [None])[0] token.username = params.get("username", [None])[0] return token
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" unauthed_token = self.request.session.get(self.unauthorized_token_name) if not unauthed_token: raise ValueError('Missing unauthorized token') token = Token.from_string(unauthed_token) if token.key != self.data.get('oauth_token', 'no-token'): raise ValueError('Incorrect tokens') access_token = self.access_token(token) return access_token.to_string()
def unauthorized_token(self): """Makes first request to oauth. Returns an unauthorized Token.""" request_token_url = self.REQUEST_TOKEN_URL scope = self.get_scope() if scope: qs = "scope=" + self.SCOPE_SEPARATOR.join(scope) request_token_url = request_token_url + "?" + qs request = self.oauth_request( token=None, url=request_token_url, extra_params=self.request_token_extra_arguments() ) response = self.fetch_response(request) return Token.from_string(response)
def unauthorized_token(self): """Makes first request to oauth. Returns an unauthorized Token.""" request_token_url = self.REQUEST_TOKEN_URL scope = self.get_scope_argument() if scope: request_token_url = request_token_url + '?' + urlencode(scope) request = self.oauth_request( token=None, url=request_token_url, extra_params=self.request_token_extra_arguments()) response = self.fetch_response(request) return Token.from_string(response)
def unauthorized_token(self): """Makes first request to oauth. Returns an unauthorized Token.""" request_token_url = self.REQUEST_TOKEN_URL scope = self.get_scope_argument() if scope: request_token_url = request_token_url + '?' + urlencode(scope) request = self.oauth_request( token=None, url=request_token_url, extra_params=self.request_token_extra_arguments() ) response = self.fetch_response(request) return Token.from_string(response)
def unauthorized_token(self): """Makes first request to oauth. Returns an unauthorized Token.""" request_token_url = self.REQUEST_TOKEN_URL scope = self.get_scope() if scope: qs = 'scope=' + self.SCOPE_SEPARATOR.join(scope) request_token_url = request_token_url + '?' + qs request = self.oauth_request( token=None, url=request_token_url, extra_params=self.request_token_extra_arguments()) response = self.fetch_response(request) return Token.from_string(response)
def auth_complete(self, oauth_token, oauth_verifier): """Return user, might be logged in""" name = self.AUTH_BACKEND_NAME + 'unauthorized_token_name' unauthed_token = self.request.session[name] del self.request.session[name] if not unauthed_token: raise ValueError('Missing unauthorized token') token = Token.from_string(unauthed_token) if token.key != oauth_token: raise ValueError('Incorrect tokens') access_token, user_data = self.access_token(token, oauth_verifier) return user_data
def access_token(self, token, oauth_verifier): """Return request for access token value""" request = self.oauth_request(token, self.ACCESS_TOKEN_URL, oauth_verifier) response = self.fetch_response(request) params = parse_qs(response, keep_blank_values=False) user_data = dict() for key in 'user_id', 'screen_name': try: user_data[key] = params[key][0] except Exception: raise ValueError("'%s' not found in OAuth response." % key) return Token.from_string(response), user_data
def oauth_req(backend, token, url, http_method="GET", post_body=None, http_headers=None): consumer = OAuthConsumer(*backend.get_key_and_secret()) token = Token.from_string(token) client = Client(consumer, token) resp, content = client.request( url, method=http_method, body=post_body, headers=http_headers, force_auth_header=True ) return content
def access_token(self, token): """Return request for access token value""" # Flickr is a bit different - it passes user information along with # the access token, so temporarily store it to view the user_data # method easy access later in the flow! request = self.oauth_request(token, self.ACCESS_TOKEN_URL) response = self.fetch_response(request) token = Token.from_string(response) params = parse_qs(response) token.user_nsid = params["user_nsid"][0] if "user_nsid" in params else None token.fullname = params["fullname"][0] if "fullname" in params else None token.username = params["username"][0] if "username" in params else None return token
def access_token(self, token): """Return request for access token value""" request = self.oauth_request(token, self.ACCESS_TOKEN_URL) response = self.fetch_response(request) params = parse_qs(response) # evernote sents a empty secret token, this way it doesn't fires up the # exception response = response.replace('oauth_token_secret=', 'oauth_token_secret=None') token = Token.from_string(response) token.user_info = params return token
def access_token(self, token): """Return request for access token value""" # Fitbit is a bit different - it passes user information along with # the access token, so temporarily store it to vie the user_data # method easy access later in the flow! request = self.oauth_request(token, self.ACCESS_TOKEN_URL) response = self.fetch_response(request) token = Token.from_string(response) params = parse_qs(response) token.encoded_user_id = params.get('encoded_user_id', [None])[0] token.fullname = params.get('fullname', [None])[0] token.username = params.get('username', [None])[0] return token
def do_auth(self, access_token, *args, **kwargs): """Finish the auth process once the access_token was retrieved""" if isinstance(access_token, basestring): access_token = Token.from_string(access_token) data = self.user_data(access_token) if data is not None: data['access_token'] = access_token.to_string() kwargs.update({ 'auth': self, 'response': data, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def do_auth(self, access_token, *args, **kwargs): """Finish the auth process once the access_token was retrieved""" if isinstance(access_token, six.string_types): access_token = Token.from_string(access_token) data = self.user_data(access_token) if data is not None: data['access_token'] = access_token.to_string() kwargs.update({ 'auth': self, 'response': data, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri='/', json=True): """Builds and retrieves an OAuth signed response.""" if isinstance(user_or_id, User): user = user_or_id else: user = User.objects.get(pk=user_or_id) oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0] token = Token.from_string(oauth_info.tokens['access_token']) request = build_consumer_oauth_request(backend, token, url, redirect_uri) response = '\n'.join(urlopen(request.to_url()).readlines()) if json: response = simplejson.loads(response) return response
def fetch_access_token(self): """ Fetch an access token. Note that you should have already fetched and verified a request token before calling this method. Returns a :class:`oauth2.Token` instance. """ response, content = self._request(self.ACCESS_TOKEN_URL) try: token = Token.from_string(content) except ValueError: raise errors.ApiServerError(response, content) else: self.set_access_token(token) return token
def on_response(response): """Response callback handler""" if hasattr(response, "error") and response.error: # We may had non HTTPErrors generated by tornado. (For # example, when a host can't be resolved. For that # cases, we create a wrapper arount response exception # and throw that new Exception if not isinstance(response.error, HTTPError): errcode = response.code message = repr(response.error) response.error = HTTPError(errcode, message, response) # Now rethrow it response.rethrow() # No error case callback = http_request["callback"] return callback(Token.from_string(response.buffer.read()))
def _get(self, service_uri, params={} ): token = Token.from_string(self._access_token) consumer = OAuthConsumer(self._key, self._secret) client = oauth.Client(consumer, token) client.set_signature_method(oauth.SignatureMethod_PLAINTEXT()) url = self._api_host + service_uri + "?api_key=%s" % (self._key) # and launch the request resp, content = client.request(url, "GET", headers=self._headers) if resp['status'] != '200': print content raise Exception("Invalid response from BodyMedia.") # return the interpreted data return simplejson.loads(content)
def auth_url(self, request, perms='read', callback=None): """ Request token """ params = {'oauth_callback': callback} rq = self.get_oauth_request(url=self.REQUEST_TOKEN_URL, token=None, **params) response = self.get_response(rq) token = Token.from_string(response) request.session['flickr_token_session'] = token.to_string() """ User auth """ params = { 'perms': perms, } rq = self.get_oauth_request(url=self.AUTHORIZATION_URL, token=token, **params) return rq.to_url()
def access_token(self, token): """Return request for access token value""" # Flickr is a bit different - it passes user information along with # the access token, so temporarily store it to view the user_data # method easy access later in the flow! request = self.oauth_request(token, self.ACCESS_TOKEN_URL) response = self.fetch_response(request) token = Token.from_string(response) params = parse_qs(response) token.user_nsid = params['user_nsid'][0] if 'user_nsid' in params \ else None token.fullname = params['fullname'][0] if 'fullname' in params \ else None token.username = params['username'][0] if 'username' in params \ else None return token
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" name = self.AUTH_BACKEND.name + 'unauthorized_token_name' unauthed_token = self.request.session.get(name) if not unauthed_token: raise ValueError('Missing unauthorized token') token = Token.from_string(unauthed_token) if token.key != self.data.get('oauth_token', 'no-token'): raise ValueError('Incorrect tokens') access_token = self.access_token(token) data = self.user_data(access_token) if data is not None: data['access_token'] = access_token.to_string() kwargs.update({'response': data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" name = self.AUTH_BACKEND.name + 'unauthorized_token_name' unauthed_token = self.request.session.get(name) if not unauthed_token: raise AuthTokenError('Missing unauthorized token') token = Token.from_string(unauthed_token) if token.key != self.data.get('oauth_token', 'no-token'): raise AuthTokenError('Incorrect tokens') try: access_token = self.access_token(token) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def auth_callback(): """ Flickr auth callback view """ token = session.get('token') oauth_verifier = request.args.get('oauth_verifier') if not oauth_verifier: return redirect(url_for('home')) token = Token.from_string(token) token.set_verifier(oauth_verifier) flickr = FlickrAuth() flickr.exchange_token(token, oauth_verifier) return redirect(url_for('home'))
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" name = self.AUTH_BACKEND.name + "unauthorized_token_name" unauthed_token = self.request.session.get(name) if not unauthed_token: raise ValueError("Missing unauthorized token") token = Token.from_string(unauthed_token) if token.key != self.data.get("oauth_token", "no-token"): raise ValueError("Incorrect tokens") try: access_token = self.access_token(token) except HTTPError, e: if e.code == 400: raise ValueError("User denied access") else: raise
def access_token(self, token): """Return request for access token value""" request = self.oauth_request(token, self.ACCESS_TOKEN_URL) try: response = self.fetch_response(request) except HTTPError as e: # Evernote returns a 401 error when AuthCanceled if e.code == 401: raise AuthCanceled(self) else: raise params = parse_qs(response) # evernote sents a empty secret token, this way it doesn't fires up the # exception response = response.replace('oauth_token_secret=', 'oauth_token_secret=None') token = Token.from_string(response) token.user_info = params return token
def access_token(self, token): """Return request for access token value""" request = self.oauth_request(token, self.ACCESS_TOKEN_URL) return Token.from_string(self.fetch_response(request))
def unauthorized_token(self): """Return request for unauthorized token (first stage)""" request = self.oauth_request(token=None, url=self.REQUEST_TOKEN_URL) response = self.fetch_response(request) return Token.from_string(response)
def unauthorized_token(self): request = self.oauth_request(token=None, url=self.REQUEST_TOKEN_URL) response = self.fetch_response(request) return OAuthToken.from_string(response)