def facebook_process(request):
"""Process the facebook redirect"""
if request.GET.get('state') != request.session.get('facebook_state'):
raise CSRFError(
"CSRF Validation check failed. Request state %s is "
"not the same as session state %s" %
(request.GET.get('state'), request.session.get('state')))
del request.session['facebook_state']
code = request.GET.get('code')
if not code:
reason = request.GET.get('error_reason', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['facebook_id']
client_secret = cfg['facebook_secret']
# Now retrieve the access token with the code
access_url = '{0}?{1}'.format(
'https://graph.facebook.com/oauth/access_token',
url_encode({
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('facebook_process'),
'code': code
}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
access_token = urlparse.parse_qs(r.content)['access_token'][0]
entry = Storage.get_by_token(access_token)
if entry is not None:
return FacebookAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format('https://graph.facebook.com/me',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
id = profile['id']
name = profile['name']
email = profile.get('email', '')
verified = profile.get('verified', False)
entry = Storage.create(access_token,
'facebook',
uid='{0}:{1}'.format('facebook', id),
name=name,
email=email,
verified=verified,
profile=profile)
return FacebookAuthenticationComplete(entry)
def live_process(request):
"""Process the Live redirect"""
if 'error' in request.GET:
raise ThirdPartyFailure(request.GET.get('error_description',
'No reason provided.'))
code = request.GET.get('code')
if not code:
reason = request.GET.get('error_reason', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['live_id']
client_secret = cfg['live_secret']
# Now retrieve the access token with the code
access_url = '{0}?{1}'.format(
'https://oauth.live.com/token',
url_encode({'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('live_process'),
'grant_type': 'authorization_code',
'code': code}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
data = json.loads(r.content)
access_token = data['access_token']
entry = Storage.get_by_token(access_token)
if entry is not None:
return LiveAuthenticationComplete(entry)
# Retrieve profile data
url = '{0}?{1}'.format(
'https://apis.live.net/v5.0/me',
url_encode({'access_token': access_token}))
r = requests.get(url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
id = profile['id']
name = profile.get('name','')
email = profile.get('emails',{}).get('preferred')
verified = bool(email)
entry = Storage.create(access_token, 'live',
uid = 'live:{0}'.format(id),
name = name,
email = email,
verified = verified,
profile = profile)
return LiveAuthenticationComplete(entry)
def facebook_process(request):
"""Process the facebook redirect"""
if request.GET.get('state') != request.session.get('facebook_state'):
raise CSRFError("CSRF Validation check failed. Request state %s is "
"not the same as session state %s" % (
request.GET.get('state'), request.session.get('state')
))
del request.session['facebook_state']
code = request.GET.get('code')
if not code:
reason = request.GET.get('error_reason', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['facebook_id']
client_secret = cfg['facebook_secret']
# Now retrieve the access token with the code
access_url = '{0}?{1}'.format(
'https://graph.facebook.com/oauth/access_token',
url_encode({'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('facebook_process'),
'code': code}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
access_token = urlparse.parse_qs(r.content)['access_token'][0]
entry = Storage.get_by_token(access_token)
if entry is not None:
return FacebookAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format('https://graph.facebook.com/me',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
id = profile['id']
name = profile['name']
email = profile.get('email','')
verified = profile.get('verified', False)
entry = Storage.create(access_token, 'facebook',
uid = '{0}:{1}'.format('facebook', id),
name = name,
email = email,
verified = verified,
profile = profile)
return FacebookAuthenticationComplete(entry)
def google_process(request):
"""Process the google redirect"""
code = request.GET.get('code')
if not code:
reason = request.GET.get('error', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['google_id']
client_secret = cfg['google_secret']
# Now retrieve the access token with the code
r = requests.post('https://accounts.google.com/o/oauth2/token',
{'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('google_process'),
'grant_type': 'authorization_code',
'code': code})
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
try:
access_token = json.loads(r.content)['access_token']
except:
return AuthenticationDenied("Can't get access_token.")
entry = Storage.get_by_token(access_token)
if entry is not None:
return GoogleAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format(
'https://www.googleapis.com/oauth2/v1/userinfo',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
data = json.loads(r.content)
id = data['id']
name = data['name']
email = data.get('email', '')
entry = Storage.create(access_token, 'google',
uid = '{0}:{1}'.format('google', id),
name = name,
email = email,
verified = True,
profile = data)
return GoogleAuthenticationComplete(entry)
def google_process(request):
"""Process the google redirect"""
code = request.GET.get('code')
if not code:
reason = request.GET.get('error', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['google_id']
client_secret = cfg['google_secret']
# Now retrieve the access token with the code
r = requests.post('https://accounts.google.com/o/oauth2/token',
{'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('google_process'),
'grant_type': 'authorization_code',
'code': code})
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
try:
access_token = json.loads(r.content)['access_token']
except:
return AuthenticationDenied("Can't get access_token.")
entry = Storage.get_by_token(access_token)
if entry is not None:
return GoogleAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format(
'https://www.googleapis.com/oauth2/v1/userinfo',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
data = json.loads(r.content)
id = data['id']
name = data['name']
email = data.get('email', '')
entry = Storage.create(access_token, 'google',
uid = '{0}:{1}'.format('google', id),
name = name,
email = email,
verified = True,
profile = data)
return GoogleAuthenticationComplete(entry)
def github_process(request):
"""Process the github redirect"""
code = request.GET.get('code')
if not code:
reason = request.GET.get('error', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['github_id']
client_secret = cfg['github_secret']
# Now retrieve the access token with the code
access_url = '{0}?{1}'.format(
'https://github.com/login/oauth/access_token',
url_encode({
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('github_process'),
'code': code
}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
try:
access_token = urlparse.parse_qs(r.content)['access_token'][0]
except:
return AuthenticationDenied("Can't get access_token.")
entry = Storage.get_by_token(access_token)
if entry is not None:
return GithubAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format('https://github.com/api/v2/json/user/show',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
entry = Storage.create(access_token,
'github',
uid='github:{0}'.format(profile['user']['id']),
name=profile['user']['name'],
email=profile['user'].get('email') or '',
profile=profile)
return GithubAuthenticationComplete(entry)
def github_process(request):
"""Process the github redirect"""
code = request.GET.get('code')
if not code:
reason = request.GET.get('error', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['github_id']
client_secret = cfg['github_secret']
# Now retrieve the access token with the code
access_url ='{0}?{1}'.format(
'https://github.com/login/oauth/access_token',
url_encode({'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('github_process'),
'code': code}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
try:
access_token = urlparse.parse_qs(r.content)['access_token'][0]
except:
return AuthenticationDenied("Can't get access_token.")
entry = Storage.get_by_token(access_token)
if entry is not None:
return GithubAuthenticationComplete(entry)
# Retrieve profile data
graph_url = '{0}?{1}'.format(
'https://github.com/api/v2/json/user/show',
url_encode({'access_token': access_token}))
r = requests.get(graph_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
entry = Storage.create(access_token, 'github',
uid = 'github:{0}'.format(profile['user']['id']),
name = profile['user']['name'],
email = profile['user'].get('email') or '',
profile = profile)
return GithubAuthenticationComplete(entry)
def live_process(request):
"""Process the Live redirect"""
if 'error' in request.GET:
raise ThirdPartyFailure(
request.GET.get('error_description', 'No reason provided.'))
code = request.GET.get('code')
if not code:
reason = request.GET.get('error_reason', 'No reason provided.')
return AuthenticationDenied(reason)
cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)
client_id = cfg['live_id']
client_secret = cfg['live_secret']
# Now retrieve the access token with the code
access_url = '{0}?{1}'.format(
'https://oauth.live.com/token',
url_encode({
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': request.route_url('live_process'),
'grant_type': 'authorization_code',
'code': code
}))
r = requests.get(access_url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
data = json.loads(r.content)
access_token = data['access_token']
entry = Storage.get_by_token(access_token)
if entry is not None:
return LiveAuthenticationComplete(entry)
# Retrieve profile data
url = '{0}?{1}'.format('https://apis.live.net/v5.0/me',
url_encode({'access_token': access_token}))
r = requests.get(url)
if r.status_code != 200:
raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))
profile = json.loads(r.content)
id = profile['id']
name = profile.get('name', '')
email = profile.get('emails', {}).get('preferred')
verified = bool(email)
entry = Storage.create(access_token,
'live',
uid='live:{0}'.format(id),
name=name,
email=email,
verified=verified,
profile=profile)
return LiveAuthenticationComplete(entry)