Example #1
0
def facebook_process(request):
    """Process the facebook redirect"""
    if request.GET.get('state') != request.session.get('facebook_state'):
        raise CSRFError(
            "CSRF Validation check failed. Request state %s is "
            "not the same as session state %s" %
            (request.GET.get('state'), request.session.get('state')))
    del request.session['facebook_state']

    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error_reason', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['facebook_id']
    client_secret = cfg['facebook_secret']

    # Now retrieve the access token with the code
    access_url = '{0}?{1}'.format(
        'https://graph.facebook.com/oauth/access_token',
        url_encode({
            'client_id': client_id,
            'client_secret': client_secret,
            'redirect_uri': request.route_url('facebook_process'),
            'code': code
        }))
    r = requests.get(access_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    access_token = urlparse.parse_qs(r.content)['access_token'][0]

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return FacebookAuthenticationComplete(entry)

    # Retrieve profile data
    graph_url = '{0}?{1}'.format('https://graph.facebook.com/me',
                                 url_encode({'access_token': access_token}))
    r = requests.get(graph_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    profile = json.loads(r.content)

    id = profile['id']
    name = profile['name']
    email = profile.get('email', '')
    verified = profile.get('verified', False)

    entry = Storage.create(access_token,
                           'facebook',
                           uid='{0}:{1}'.format('facebook', id),
                           name=name,
                           email=email,
                           verified=verified,
                           profile=profile)
    return FacebookAuthenticationComplete(entry)
Example #2
0
def live_process(request):
    """Process the Live redirect"""
    if 'error' in request.GET:
        raise ThirdPartyFailure(request.GET.get('error_description',
                                'No reason provided.'))

    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error_reason', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['live_id']
    client_secret = cfg['live_secret']

    # Now retrieve the access token with the code
    access_url = '{0}?{1}'.format(
        'https://oauth.live.com/token',
        url_encode({'client_id': client_id,
                    'client_secret': client_secret,
                    'redirect_uri': request.route_url('live_process'),
                    'grant_type': 'authorization_code',
                    'code': code}))

    r = requests.get(access_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    data = json.loads(r.content)
    access_token = data['access_token']

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return LiveAuthenticationComplete(entry)

    # Retrieve profile data
    url = '{0}?{1}'.format(
        'https://apis.live.net/v5.0/me',
        url_encode({'access_token': access_token}))
    r = requests.get(url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    profile = json.loads(r.content)

    id = profile['id']
    name = profile.get('name','')
    email = profile.get('emails',{}).get('preferred')
    verified = bool(email)

    entry = Storage.create(access_token, 'live',
                           uid = 'live:{0}'.format(id),
                           name = name,
                           email = email,
                           verified = verified,
                           profile = profile)

    return LiveAuthenticationComplete(entry)
Example #3
0
def facebook_process(request):
    """Process the facebook redirect"""
    if request.GET.get('state') != request.session.get('facebook_state'):
        raise CSRFError("CSRF Validation check failed. Request state %s is "
                        "not the same as session state %s" % (
                        request.GET.get('state'), request.session.get('state')
                        ))
    del request.session['facebook_state']

    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error_reason', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['facebook_id']
    client_secret = cfg['facebook_secret']

    # Now retrieve the access token with the code
    access_url = '{0}?{1}'.format(
        'https://graph.facebook.com/oauth/access_token',
        url_encode({'client_id': client_id,
                    'client_secret': client_secret,
                    'redirect_uri': request.route_url('facebook_process'),
                    'code': code}))
    r = requests.get(access_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    access_token = urlparse.parse_qs(r.content)['access_token'][0]

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return FacebookAuthenticationComplete(entry)

    # Retrieve profile data
    graph_url = '{0}?{1}'.format('https://graph.facebook.com/me',
                                 url_encode({'access_token': access_token}))
    r = requests.get(graph_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    profile = json.loads(r.content)

    id = profile['id']
    name = profile['name']
    email = profile.get('email','')
    verified = profile.get('verified', False)

    entry = Storage.create(access_token, 'facebook',
                           uid = '{0}:{1}'.format('facebook', id),
                           name = name,
                           email = email,
                           verified = verified,
                           profile = profile)
    return FacebookAuthenticationComplete(entry)
Example #4
0
def google_process(request):
    """Process the google redirect"""
    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['google_id']
    client_secret = cfg['google_secret']

    # Now retrieve the access token with the code
    r = requests.post('https://accounts.google.com/o/oauth2/token',
                      {'client_id': client_id,
                       'client_secret': client_secret,
                       'redirect_uri': request.route_url('google_process'),
                       'grant_type': 'authorization_code',
                       'code': code})
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    try:
        access_token = json.loads(r.content)['access_token']
    except:
        return AuthenticationDenied("Can't get access_token.")

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return GoogleAuthenticationComplete(entry)

    # Retrieve profile data
    graph_url = '{0}?{1}'.format(
        'https://www.googleapis.com/oauth2/v1/userinfo',
        url_encode({'access_token': access_token}))
    r = requests.get(graph_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    data = json.loads(r.content)

    id = data['id']
    name = data['name']
    email = data.get('email', '')

    entry = Storage.create(access_token, 'google',
                           uid = '{0}:{1}'.format('google', id),
                           name = name,
                           email = email,
                           verified = True,
                           profile = data)

    return GoogleAuthenticationComplete(entry)
Example #5
0
def google_process(request):
    """Process the google redirect"""
    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['google_id']
    client_secret = cfg['google_secret']

    # Now retrieve the access token with the code
    r = requests.post('https://accounts.google.com/o/oauth2/token',
                      {'client_id': client_id,
                       'client_secret': client_secret,
                       'redirect_uri': request.route_url('google_process'),
                       'grant_type': 'authorization_code',
                       'code': code})
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    try:
        access_token = json.loads(r.content)['access_token']
    except:
        return AuthenticationDenied("Can't get access_token.")

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return GoogleAuthenticationComplete(entry)

    # Retrieve profile data
    graph_url = '{0}?{1}'.format(
        'https://www.googleapis.com/oauth2/v1/userinfo',
        url_encode({'access_token': access_token}))
    r = requests.get(graph_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    data = json.loads(r.content)

    id = data['id']
    name = data['name']
    email = data.get('email', '')

    entry = Storage.create(access_token, 'google',
                           uid = '{0}:{1}'.format('google', id),
                           name = name,
                           email = email,
                           verified = True,
                           profile = data)

    return GoogleAuthenticationComplete(entry)
Example #6
0
def github_process(request):
    """Process the github redirect"""
    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['github_id']
    client_secret = cfg['github_secret']

    # Now retrieve the access token with the code
    access_url = '{0}?{1}'.format(
        'https://github.com/login/oauth/access_token',
        url_encode({
            'client_id': client_id,
            'client_secret': client_secret,
            'redirect_uri': request.route_url('github_process'),
            'code': code
        }))

    r = requests.get(access_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    try:
        access_token = urlparse.parse_qs(r.content)['access_token'][0]
    except:
        return AuthenticationDenied("Can't get access_token.")

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return GithubAuthenticationComplete(entry)

    # Retrieve profile data
    graph_url = '{0}?{1}'.format('https://github.com/api/v2/json/user/show',
                                 url_encode({'access_token': access_token}))
    r = requests.get(graph_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    profile = json.loads(r.content)

    entry = Storage.create(access_token,
                           'github',
                           uid='github:{0}'.format(profile['user']['id']),
                           name=profile['user']['name'],
                           email=profile['user'].get('email') or '',
                           profile=profile)

    return GithubAuthenticationComplete(entry)
Example #7
0
def github_process(request):
    """Process the github redirect"""
    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['github_id']
    client_secret = cfg['github_secret']

    # Now retrieve the access token with the code
    access_url ='{0}?{1}'.format(
        'https://github.com/login/oauth/access_token',
        url_encode({'client_id': client_id,
                    'client_secret': client_secret,
                    'redirect_uri': request.route_url('github_process'),
                    'code': code}))

    r = requests.get(access_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    try:
        access_token = urlparse.parse_qs(r.content)['access_token'][0]
    except:
        return AuthenticationDenied("Can't get access_token.")

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return GithubAuthenticationComplete(entry)

    # Retrieve profile data
    graph_url = '{0}?{1}'.format(
        'https://github.com/api/v2/json/user/show',
        url_encode({'access_token': access_token}))
    r = requests.get(graph_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    profile = json.loads(r.content)

    entry = Storage.create(access_token, 'github',
                           uid = 'github:{0}'.format(profile['user']['id']),
                           name = profile['user']['name'],
                           email = profile['user'].get('email') or '',
                           profile = profile)

    return GithubAuthenticationComplete(entry)
Example #8
0
def live_process(request):
    """Process the Live redirect"""
    if 'error' in request.GET:
        raise ThirdPartyFailure(
            request.GET.get('error_description', 'No reason provided.'))

    code = request.GET.get('code')
    if not code:
        reason = request.GET.get('error_reason', 'No reason provided.')
        return AuthenticationDenied(reason)

    cfg = ptah.get_settings(ptahcrowd.CFG_ID_AUTH, request.registry)

    client_id = cfg['live_id']
    client_secret = cfg['live_secret']

    # Now retrieve the access token with the code
    access_url = '{0}?{1}'.format(
        'https://oauth.live.com/token',
        url_encode({
            'client_id': client_id,
            'client_secret': client_secret,
            'redirect_uri': request.route_url('live_process'),
            'grant_type': 'authorization_code',
            'code': code
        }))

    r = requests.get(access_url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    data = json.loads(r.content)
    access_token = data['access_token']

    entry = Storage.get_by_token(access_token)
    if entry is not None:
        return LiveAuthenticationComplete(entry)

    # Retrieve profile data
    url = '{0}?{1}'.format('https://apis.live.net/v5.0/me',
                           url_encode({'access_token': access_token}))
    r = requests.get(url)
    if r.status_code != 200:
        raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content))

    profile = json.loads(r.content)

    id = profile['id']
    name = profile.get('name', '')
    email = profile.get('emails', {}).get('preferred')
    verified = bool(email)

    entry = Storage.create(access_token,
                           'live',
                           uid='live:{0}'.format(id),
                           name=name,
                           email=email,
                           verified=verified,
                           profile=profile)

    return LiveAuthenticationComplete(entry)