Example #1
0
 def auth_complete(self, *args, **kwargs):
     """Returns user, might be logged in"""
     if 'code' in self.data:
         url = GITHUB_ACCESS_TOKEN_URL + '?' + urllib.urlencode({
               'client_id': setting('GITHUB_APP_ID'),
               'redirect_uri': self.redirect_uri,
               'client_secret': setting('GITHUB_API_SECRET'),
               'code': self.data['code']
         })
         response = cgi.parse_qs(urllib.urlopen(url).read())
         if response.get('error'):
             error = self.data.get('error') or 'unknown error'
             raise ValueError('Authentication error: %s' % error)
         access_token = response['access_token'][0]
         data = self.user_data(access_token)
         if data is not None:
             if 'error' in data:
                 error = self.data.get('error') or 'unknown error'
                 raise ValueError('Authentication error: %s' % error)
             data['access_token'] = access_token
         kwargs.update({'response': data, GithubBackend.name: True})
         return authenticate(*args, **kwargs)
     else:
         error = self.data.get('error') or 'unknown error'
         raise ValueError('Authentication error: %s' % error)
Example #2
0
def get_username(details, user=None, user_exists=UserSocialAuth.simple_user_exists, *args, **kwargs):
    """Return an username for new user. Return current user username
    if user was given.
    """
    if user:
        return {"username": user.username}

    if details.get(USERNAME):
        username = unicode(details[USERNAME])
    else:
        username = uuid4().get_hex()

    uuid_length = setting("SOCIAL_AUTH_UUID_LENGTH", 16)
    max_length = UserSocialAuth.username_max_length()
    do_slugify = setting("SOCIAL_AUTH_SLUGIFY_USERNAMES", False)
    short_username = username[: max_length - uuid_length]
    final_username = UserSocialAuth.clean_username(username[:max_length])
    if do_slugify:
        final_username = slugify(final_username)

    # Generate a unique username for current user using username
    # as base but adding a unique hash at the end. Original
    # username is cut to avoid any field max_length.
    while user_exists(username=final_username):
        username = short_username + uuid4().get_hex()[:uuid_length]
        final_username = UserSocialAuth.clean_username(username[:max_length])
        if do_slugify:
            final_username = slugify(final_username)

    return {"username": final_username}
Example #3
0
    def auth_complete(self, *args, **kwargs):
        if 'code' not in self.data:
            if self.data.get('error') == 'access_denied':
                raise AuthCanceled(self)
            else:
                raise AuthException(self)

        post_data = urlencode({
            'client_id': setting(self.SETTINGS_KEY_NAME),
            'redirect_uri': self.redirect_uri,
            'client_secret': setting(self.SETTINGS_SECRET_NAME),
            'code': self.data['code'],
            'grant_type': 'authorization_code'
        })
        try:
            response = simplejson.loads(urlopen(self.ACCESS_TOKEN_URL, post_data).read())
        except HTTPError:
            raise AuthFailed(self, 'There was an error authenticating the app')

        access_token = response['access_token']
        data = self.user_data(response)

        if data is not None:
            data['access_token'] = access_token
            # expires will not be part of response if offline access
            # premission was requested
            if 'expires_in' in response:
                data['expires_in'] = response['expires_in']

        kwargs.update({'auth': self,
                       'response': data,
                       self.AUTH_BACKEND.name: True})
        return authenticate(*args, **kwargs)
Example #4
0
 def __init__(self, request, redirect):
     """Init method"""
     super(BaseOAuth, self).__init__(request, redirect)
     if setting('VAGRANT_ENABLED'):
         self.redirect_uri = "http://localhost:" + str(setting('VAGRANT_PORT_FORWARD')) + self.redirect
     else:
         self.redirect_uri = self.build_absolute_uri(self.redirect)
Example #5
0
    def auth_complete(self, *args, **kwargs):
        """Completes loging process, must return user instance"""
        if 'code' in self.data:
            url = 'https://graph.facebook.com/oauth/access_token?' + \
                  urlencode({'client_id': setting(self.SETTINGS_KEY_NAME),
                             'redirect_uri': self.redirect_uri,
                             'client_secret': setting(self.SETTINGS_SECRET_NAME),
                             'code': self.data['code']})
            response = cgi.parse_qs(urlopen(url).read())
            access_token = response['access_token'][0]
            data = self.user_data(access_token)
            if data is not None:
                if 'error' in data:
                    error = self.data.get('error') or 'unknown error'
                    raise ValueError('Authentication error: %s' % error)
                data['access_token'] = access_token
                # expires will not be part of response if offline access
                # premission was requested
                if 'expires' in response:
                    data['expires'] = response['expires'][0]
            kwargs.update({
                'auth': self,
                'response': data,
                self.AUTH_BACKEND.name: True
            })
#            logger.info('%s %s' % (args, kwargs))
            return authenticate(*args, **kwargs)
        else:
            error = self.data.get('error') or 'unknown error'
            raise ValueError('Authentication error: %s' % error)
Example #6
0
def get_username(
                 user_exists=UserSocialAuth.simple_user_exists,
                 ):
    """Return an username for new user. Return current user username
    if user was given.
    """

    uuid_length = setting('SOCIAL_AUTH_UUID_LENGTH', 16)
    do_slugify = setting('SOCIAL_AUTH_SLUGIFY_USERNAMES', False)

    username = uuid4().get_hex()

    max_length = UserSocialAuth.username_max_length()
    short_username = username[:max_length - uuid_length]
    final_username = UserSocialAuth.clean_username(username[:max_length])
    if do_slugify:
        final_username = slugify(final_username)

    # Generate a unique username for current user using username
    # as base but adding a unique hash at the end. Original
    # username is cut to avoid any field max_length.
    while user_exists(username=final_username):
        username = short_username + uuid4().get_hex()[:uuid_length]
        username = username[:max_length]
        final_username = UserSocialAuth.clean_username(username)
        if do_slugify:
            final_username = slugify(final_username)
    print final_username
    return final_username
Example #7
0
        def wrapper(request, backend, *args, **kwargs):
            if redirect_name:
                redirect = reverse(redirect_name, args=(backend,))
            else:
                redirect = request.path
            backend = get_backend(backend, request, redirect)

            if not backend:
                return HttpResponseServerError('Incorrect authentication ' + \
                                               'service')

            try:
                return func(request, backend, *args, **kwargs)
            except Exception, e:  # some error ocurred
                if setting('DEBUG'):
                    raise
                backend_name = backend.AUTH_BACKEND.name

                log('error', unicode(e), exc_info=True,
                    extra=dict(request=request))

                if 'django.contrib.messages' in setting('INSTALLED_APPS'):
                    from django.contrib.messages.api import error
                    error(request, unicode(e), extra_tags=backend_name)
                else:
                    log('warn', 'Messages framework not in place, some '+
                                'errors have not been shown to the user.')

                url = setting('SOCIAL_AUTH_BACKEND_ERROR_URL', LOGIN_ERROR_URL)
                return HttpResponseRedirect(url)
Example #8
0
def vk_api(method, data, is_app=False):
    """Calls VK OpenAPI method
        https://vk.com/apiclub,
        https://vk.com/pages.php?o=-1&p=%C2%FB%EF%EE%EB%ED%E5%ED%E8%E5%20%E7'
                                        %E0%EF%F0%EE%F1%EE%E2%20%EA%20API
    """

    # We need to perform server-side call if no access_token
    if not 'access_token' in data:
        if not 'v' in data:
            data['v'] = VK_API_VERSION

        if not 'api_id' in data:
            data['api_id'] = setting('VKAPP_APP_ID' if is_app else 'VK_APP_ID')

        data['method'] = method
        data['format'] = 'json'

        url = VK_SERVER_API_URL
        secret = setting('VKAPP_API_SECRET' if is_app else 'VK_API_SECRET')

        param_list = sorted(list(item + '=' + data[item] for item in data))
        data['sig'] = md5(''.join(param_list) + secret).hexdigest()
    else:
        url = VK_API_URL + method

    params = urlencode(data)
    url += '?' + params
    try:
        return simplejson.load(dsa_urlopen(url))
    except (TypeError, KeyError, IOError, ValueError, IndexError):
        log('error', 'Could not load data from vk.com',
            exc_info=True, extra=dict(data=data))
        return None
Example #9
0
    def auth_complete(self, *args, **kwargs):
        """Returns user, might be logged in"""
        if 'code' not in self.data:
            error = self.data.get('error') or 'unknown error'
            raise AuthFailed(self, error)

        url = GITHUB_ACCESS_TOKEN_URL + urlencode({
              'client_id': setting('GITHUB_APP_ID'),
              'redirect_uri': self.redirect_uri,
              'client_secret': setting('GITHUB_API_SECRET'),
              'code': self.data['code']
        })
        response = cgi.parse_qs(urlopen(url).read())
        if response.get('error'):
            error = self.data.get('error') or 'unknown error'
            raise AuthFailed(self, error)

        access_token = response['access_token'][0]
        data = self.user_data(access_token)
        if data is not None:
            if 'error' in data:
                error = self.data.get('error') or 'unknown error'
                raise AuthFailed(self, error)
            data['access_token'] = access_token

        kwargs.update({
            'auth': self,
            'response': data,
            self.AUTH_BACKEND.name: True
        })
        return authenticate(*args, **kwargs)
Example #10
0
def vk_api(method, data, is_app=False):
    """Calls VK OpenAPI method
        https://vk.com/apiclub,
        https://vk.com/pages.php?o=-1&p=%C2%FB%EF%EE%EB%ED%E5%ED%E8%E5%20%E7'
                                        %E0%EF%F0%EE%F1%EE%E2%20%EA%20API
    """

    # We need to perform server-side call if no access_token
    if not "access_token" in data:
        if not "v" in data:
            data["v"] = VK_API_VERSION

        if not "api_id" in data:
            data["api_id"] = setting("VKAPP_APP_ID" if is_app else "VK_APP_ID")

        data["method"] = method
        data["format"] = "json"

        url = VK_SERVER_API_URL
        secret = setting("VKAPP_API_SECRET" if is_app else "VK_API_SECRET")

        param_list = sorted(list(item + "=" + data[item] for item in data))
        data["sig"] = md5("".join(param_list) + secret).hexdigest()
    else:
        url = VK_API_URL + method

    params = urlencode(data)
    url += "?" + params
    try:
        return simplejson.load(dsa_urlopen(url))
    except (TypeError, KeyError, IOError, ValueError, IndexError):
        log("error", "Could not load data from vk.com", exc_info=True, extra=dict(data=data))
        return None
Example #11
0
def complete_process(request, backend, *args, **kwargs):
    """Authentication complete process"""
    # pop redirect value before the session is trashed on login()
    redirect_value = request.session.get(REDIRECT_FIELD_NAME, '')
    user = auth_complete(request, backend, *args, **kwargs)

    if isinstance(user, HttpResponse):
        return user

    if not user and request.user.is_authenticated():
        return HttpResponseRedirect(redirect_value)

    if user:
        if getattr(user, 'is_active', True):
            # catch is_new flag before login() might reset the instance
            is_new = getattr(user, 'is_new', False)
            login(request, user)
            # user.social_user is the used UserSocialAuth instance defined
            # in authenticate process
            social_user = user.social_user
            if redirect_value:
                request.session[REDIRECT_FIELD_NAME] = redirect_value or \
                                                       DEFAULT_REDIRECT

            if setting('SOCIAL_AUTH_SESSION_EXPIRATION', True):
                # Set session expiration date if present and not disabled by
                # setting. Use last social-auth instance for current provider,
                # users can associate several accounts with a same provider.
                if social_user.expiration_delta():
                    try:
                        request.session.set_expiry(social_user.expiration_delta())
                    except OverflowError:
                        # Handle django time zone overflow, set default expiry.
                        request.session.set_expiry(None)

            # store last login backend name in session
            key = setting('SOCIAL_AUTH_LAST_LOGIN',
                          'social_auth_last_login_backend')
            request.session[key] = social_user.provider

            # Remove possible redirect URL from session, if this is a new
            # account, send him to the new-users-page if defined.
            new_user_redirect = backend_setting(backend,
                                           'SOCIAL_AUTH_NEW_USER_REDIRECT_URL')
            if new_user_redirect and is_new:
                url = new_user_redirect
            else:
                url = redirect_value or \
                      backend_setting(backend,
                                      'SOCIAL_AUTH_LOGIN_REDIRECT_URL') or \
                      DEFAULT_REDIRECT
        else:
            url = backend_setting(backend, 'SOCIAL_AUTH_INACTIVE_USER_URL',
                                  LOGIN_ERROR_URL)
    else:
        msg = setting('LOGIN_ERROR_MESSAGE', None)
        if msg:
            messages.error(request, msg)
        url = backend_setting(backend, 'LOGIN_ERROR_URL', LOGIN_ERROR_URL)
    return HttpResponseRedirect(url)
Example #12
0
    def setup_request(self, extra_params=None):
        """Setup request"""
        openid_request = self.openid_request(extra_params)
        # Request some user details. Use attribute exchange if provider
        # advertises support.
        if openid_request.endpoint.supportsType(ax.AXMessage.ns_uri):
            fetch_request = ax.FetchRequest()
            # Mark all attributes as required, Google ignores optional ones
            for attr, alias in AX_SCHEMA_ATTRS + OLD_AX_ATTRS:
                fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True))
        else:
            fetch_request = sreg.SRegRequest(optional=dict(SREG_ATTR).keys())
        openid_request.addExtension(fetch_request)

        # Add PAPE Extension for if configured
        preferred_policies = setting("SOCIAL_AUTH_OPENID_PAPE_PREFERRED_AUTH_POLICIES")
        preferred_level_types = setting("SOCIAL_AUTH_OPENID_PAPE_PREFERRED_AUTH_LEVEL_TYPES")
        max_age = setting("SOCIAL_AUTH_OPENID_PAPE_MAX_AUTH_AGE")
        if max_age is not None:
            try:
                max_age = int(max_age)
            except (ValueError, TypeError):
                max_age = None

        if max_age is not None or preferred_policies is not None or preferred_level_types is not None:
            pape_request = pape.Request(
                preferred_auth_policies=preferred_policies,
                max_auth_age=max_age,
                preferred_auth_level_types=preferred_level_types,
            )
            openid_request.addExtension(pape_request)

        return openid_request
Example #13
0
def create_beta_user(backend, details, response, uid, username, user=None,
                     *args, **kwargs):
    """Create user. Depends on get_username pipeline."""
    if user:
        return {'user': user}
    if not username:
        return None

    if setting('BETA_ENABLE_BETA', True):
        request = kwargs['request']
        invitation_code = request.COOKIES.get('invitation_code', False)
        if not invitation_code:
            return HttpResponseRedirect(setting('BETA_REDIRECT_URL'))
        valid, exists = InvitationCode.validate_code(invitation_code)
        if not valid:
            return HttpResponseRedirect(setting('BETA_REDIRECT_URL'))

    email = details.get('email')
    user = UserSocialAuth.objects.create_user(username=username, email=email)
    if setting('BETA_ENABLE_BETA', True):
        invite_used.send(sender=user, user=user, invitation_code=invitation_code)

    return {
        'user': user,
        'is_new': True
    }
Example #14
0
 def setUp(self, *args, **kwargs):
     super(FacebookTestCase, self).setUp(*args, **kwargs)
     self.user = setting('TEST_FACEBOOK_USER')
     self.passwd = setting('TEST_FACEBOOK_PASSWORD')
     # check that user and password are setup properly
     self.assertTrue(self.user)
     self.assertTrue(self.passwd)
Example #15
0
def auth_process(request, backend):
    """Authenticate using social backend"""
    print(backend)
    data = request.POST if request.method == 'POST' else request.GET

    # Save extra data into session.
    for field_name in setting('SOCIAL_AUTH_FIELDS_STORED_IN_SESSION', []):
        if field_name in data:
            request.session[field_name] = data[field_name]

    # Save any defined next value into session
    if REDIRECT_FIELD_NAME in data:
        # Check and sanitize a user-defined GET/POST next field value
        redirect = data[REDIRECT_FIELD_NAME]
        if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
            redirect = sanitize_redirect(request.get_host(), redirect)
        request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT

    # Clean any partial pipeline info before starting the process
    clean_partial_pipeline(request)
    if backend.uses_redirect:
        return HttpResponseRedirect(backend.auth_url())
    else:
        return HttpResponse(backend.auth_html(),
                            content_type='text/html;charset=UTF-8')
Example #16
0
def get_backends(force_load=False):
    """
    Entry point to the BACKENDS cache. If BACKENDSCACHE hasn't been
    populated, each of the modules referenced in
    AUTHENTICATION_BACKENDS is imported and checked for a BACKENDS
    definition and if enabled, added to the cache.

    Previously all backends were attempted to be loaded at
    import time of this module, which meant that backends that subclass
    bases found in this module would not have the chance to be loaded
    by the time they were added to this module's BACKENDS dict. See:
    https://github.com/omab/django-social-auth/issues/204

    This new approach ensures that backends are allowed to subclass from
    bases in this module and still be picked up.

    A force_load boolean arg is also provided so that get_backend
    below can retry a requested backend that may not yet be discovered.
    """
    if not BACKENDSCACHE or force_load:
        for auth_backend in setting('AUTHENTICATION_BACKENDS'):
            module = import_module(auth_backend.rsplit(".", 1)[0])
            backends = getattr(module, "BACKENDS", {})
            for name, backend in backends.items():
                if backend.enabled() and name in setting('SOCIAL_AUTH_ENABLED_BACKENDS'):
                    BACKENDSCACHE[name] = backend
    return BACKENDSCACHE
Example #17
0
    def auth_complete(self, *args, **kwargs):
        """Returns user, might be logged in"""
        if "code" not in self.data:
            error = self.data.get("error") or "unknown error"
            raise AuthFailed(self, error)

        url = GITHUB_ACCESS_TOKEN_URL + urlencode(
            {
                "client_id": setting("GITHUB_APP_ID"),
                "redirect_uri": self.redirect_uri,
                "client_secret": setting("GITHUB_API_SECRET"),
                "code": self.data["code"],
            }
        )
        response = cgi.parse_qs(urlopen(url).read())
        if response.get("error"):
            error = self.data.get("error") or "unknown error"
            raise AuthFailed(self, error)

        access_token = response["access_token"][0]
        data = self.user_data(access_token)
        if data is not None:
            if "error" in data:
                error = self.data.get("error") or "unknown error"
                raise AuthFailed(self, error)
            data["access_token"] = access_token

        kwargs.update({"auth": self, "response": data, self.AUTH_BACKEND.name: True})
        return authenticate(*args, **kwargs)
Example #18
0
    def auth_complete(self, *args, **kwargs):
        """Completes login process, must return user instance"""
        access_token = None
        if self.data.get('error'):
            error = self.data.get('error_description') or self.data['error']
            raise AuthFailed(self, error)

        client_id, client_secret = self.get_key_and_secret()
        try:
            shop_url = self.request.GET.get('shop')
            self.shopifyAPI.Session.setup(
                api_key=setting('SHOPIFY_APP_API_KEY'),
                secret=setting('SHOPIFY_SHARED_SECRET')
            )
            shopify_session = self.shopifyAPI.Session(shop_url,
                                                      self.request.REQUEST)
            access_token = shopify_session.token
        except self.shopifyAPI.ValidationException as e:
            raise AuthCanceled(self)
        except HTTPError as e:
            if e.code == 400:
                raise AuthCanceled(self)
            else:
                raise

        if not access_token:
            raise AuthFailed(self, 'Authentication Failed')
        return self.do_auth(access_token, shop_url, shopify_session.url,
                            *args, **kwargs)
Example #19
0
 def auth_url(self):
     """Returns redirect url"""
     args = {"client_id": setting("GITHUB_APP_ID"), "redirect_uri": self.redirect_uri}
     if setting("GITHUB_EXTENDED_PERMISSIONS"):
         args["scope"] = ",".join(setting("GITHUB_EXTENDED_PERMISSIONS"))
     args.update(self.auth_extra_arguments())
     return GITHUB_AUTHORIZATION_URL + urlencode(args)
Example #20
0
 def setUp(self, *args, **kwargs):
     super(GoogleTestCase, self).setUp(*args, **kwargs)
     self.user = setting('TEST_GOOGLE_USER')
     self.passwd = setting('TEST_GOOGLE_PASSWORD')
     # check that user and password are setup properly
     self.assertTrue(self.user)
     self.assertTrue(self.passwd)
Example #21
0
 def setUp(self, *args, **kwargs):
     super(TwitterTestCase, self).setUp(*args, **kwargs)
     self.user = setting('TEST_TWITTER_USER')
     self.passwd = setting('TEST_TWITTER_PASSWORD')
     # check that user and password are setup properly
     self.assertTrue(self.user)
     self.assertTrue(self.passwd)
Example #22
0
    def auth_complete(self, *args, **kwargs):
        """Completes loging process, must return user instance"""
        if 'code' not in self.data:
            if self.data.get('error') == 'access_denied':
                raise AuthCanceled(self)
            else:
                raise AuthException(self)

        url = ACCESS_TOKEN + urlencode({
            'client_id': setting('FACEBOOK_APP_ID'),
            'redirect_uri': self.redirect_uri,
            'client_secret': setting('FACEBOOK_API_SECRET'),
            'code': self.data['code']
        })
        try:
            response = cgi.parse_qs(urlopen(url).read())
        except HTTPError:
            raise AuthFailed(self, 'There was an error authenticating the app')

        access_token = response['access_token'][0]
        data = self.user_data(access_token)

        if data is not None:
            data['access_token'] = access_token
            # expires will not be part of response if offline access
            # premission was requested
            if 'expires' in response:
                data['expires'] = response['expires'][0]

        kwargs.update({'auth': self,
                       'response': data,
                       self.AUTH_BACKEND.name: True})
        return authenticate(*args, **kwargs)
Example #23
0
 def auth_url(self):
     """Returns redirect url"""
     args = {'client_id': setting('GITHUB_APP_ID'),
             'redirect_uri': self.redirect_uri}
     if setting('GITHUB_EXTENDED_PERMISSIONS'):
         args['scope'] = ','.join(setting('GITHUB_EXTENDED_PERMISSIONS'))
     args.update(self.auth_extra_arguments())
     return GITHUB_AUTHORIZATION_URL + '?' + urllib.urlencode(args)
Example #24
0
 def __init__(self, api_host, access_token):
     self._api_host = api_host
     self._access_token = access_token
     self._key = setting("BODYMEDIA_CONSUMER_KEY")
     self._secret = setting("BODYMEDIA_CONSUMER_SECRET")
     self._headers = {"Content-type": "application/json"}
     self._default_params = {"api_key": self._key,}
     self._user_info = self._get_user_info()
Example #25
0
 def _get(self, url, info_key):
     
     key = setting("IHEALTH_CONSUMER_KEY")
     secret = setting("IHEALTH_CONSUMER_SECRET")
     sc = setting('IHEALTH_USER_SN')
     params = {"Client_id": key, "client_secret": secret, "access_token":self._access_token, "sc": sc, "sv":info_key}
     response = requests.get(url, params=params)
     return response.json()
Example #26
0
    def _signature(self, params):
        """ See here: http://open.taobao.com/doc/detail.htm?id=111#s6 """
        parts = ["%s%s" % (n, params[n]) for n in sorted(params.keys())]
        parts.insert(0, setting(self.SETTINGS_SECRET_NAME))
        parts.append(setting(self.SETTINGS_SECRET_NAME))
        body = "".join(parts)

        if isinstance(body, unicode): body = body.encode("utf-8")
        return hashlib.md5(body).hexdigest().upper()
Example #27
0
 def oauth_request(self, token, url, extra_params=None):
     extra_params = extra_params or {}
     scope = GOOGLE_OAUTH_SCOPE + setting('GOOGLE_OAUTH_EXTRA_SCOPE', [])
     extra_params.update({
         'scope': ' '.join(scope),
     })
     if not self.registered():
         xoauth_displayname = setting('GOOGLE_DISPLAY_NAME', 'Social Auth')
         extra_params['xoauth_displayname'] = xoauth_displayname
     return super(GoogleOAuth, self).oauth_request(token, url, extra_params)
Example #28
0
    def auth_url(self):
        self.shopifyAPI.Session.setup(api_key=setting("SHOPIFY_APP_API_KEY"), secret=setting("SHOPIFY_SHARED_SECRET"))
        scope = self.get_scope()
        state = self.state_token()
        self.request.session[self.AUTH_BACKEND.name + "_state"] = state

        redirect_uri = self.get_redirect_uri(state)
        permission_url = self.shopifyAPI.Session.create_permission_url(
            self.request.GET.get("shop").strip(), scope=scope, redirect_uri=redirect_uri
        )
        return permission_url
Example #29
0
    def build_absolute_uri(self, path=None):
        """Build absolute URI for given path. Replace http:// schema with
        https:// if SOCIAL_AUTH_REDIRECT_IS_HTTPS is defined.
        """
        uri = self.request.build_absolute_uri(path)

        if setting('SOCIAL_ATUH_REDIRECT_REWRITE_FROM') and setting('SOCIAL_ATUH_REDIRECT_REWRITE_TO'):
            uri = re.sub(setting('SOCIAL_ATUH_REDIRECT_REWRITE_FROM'), setting('SOCIAL_ATUH_REDIRECT_REWRITE_TO'), uri)
        if setting('SOCIAL_AUTH_REDIRECT_IS_HTTPS'):
            uri = uri.replace('http://', 'https://')
        return uri
Example #30
0
def validate_whitelists(email):
    """Validates allowed domains and emails against the GOOGLE_WHITE_LISTED_DOMAINS 
    and GOOGLE_WHITE_LISTED_EMAILS settings.
    Allows all domains or emails if setting is an empty list.
    """
    emails = setting('GOOGLE_WHITE_LISTED_EMAILS', [])
    domains = setting('GOOGLE_WHITE_LISTED_DOMAINS', [])
    if emails and email in emails:
        return # you're good
    if domains and email.split('@', 1)[1] not in domains:
        raise ValueError('Domain not allowed')
Example #31
0
 def get_scope(self):
     return setting('MAILRU_OAUTH2_EXTRA_SCOPE', [])
Example #32
0
 def enabled(cls):
     """Return backend enabled status by checking basic settings"""
     return bool(setting(cls.SETTINGS_KEY_NAME) and setting(cls.SETTINGS_SECRET_NAME))
Example #33
0
    AuthStateMissing,
    AuthStateForbidden,
    BackendError,
)
from social_auth.backends.utils import build_consumer_oauth_request
from oauth2 import Consumer as OAuthConsumer, Token, Request as OAuthRequest

from sentry.utils import json

PIPELINE = setting(
    "SOCIAL_AUTH_PIPELINE",
    (
        "social_auth.backends.pipeline.social.social_auth_user",
        # Removed by default since it can be a dangerouse behavior that
        # could lead to accounts take over.
        # 'social_auth.backends.pipeline.associate.associate_by_email',
        "social_auth.backends.pipeline.user.get_username",
        "social_auth.backends.pipeline.user.create_user",
        "social_auth.backends.pipeline.social.associate_user",
        "social_auth.backends.pipeline.social.load_extra_data",
        "social_auth.backends.pipeline.user.update_user_details",
    ),
)

logger = logging.getLogger("social_auth")


class SocialAuthBackend(object):
    """A django.contrib.auth backend that authenticates the user based on
    a authentication provider response"""

    name = ""  # provider name, it's stored in database
Example #34
0
    ('http://axschema.org/namePerson/friendly', 'nickname'),
]
SREG_ATTR = [('email', 'email'), ('fullname', 'fullname'),
             ('nickname', 'nickname')]
OPENID_ID_FIELD = 'openid_identifier'
SESSION_NAME = 'openid'

# key for username in user details dict used around, see get_user_details
# method
USERNAME = '******'

PIPELINE = setting('SOCIAL_AUTH_PIPELINE', (
    'social_auth.backends.pipeline.social.social_auth_user',
    'social_auth.backends.pipeline.associate.associate_by_email',
    'social_auth.backends.pipeline.user.get_username',
    'social_auth.backends.pipeline.user.create_user',
    'social_auth.backends.pipeline.social.associate_user',
    'social_auth.backends.pipeline.social.load_extra_data',
    'social_auth.backends.pipeline.user.update_user_details',
))


class SocialAuthBackend(ModelBackend):
    """A django.contrib.auth backend that authenticates the user based on
    a authentication provider response"""
    name = ''  # provider name, it's stored in database

    def authenticate(self, *args, **kwargs):
        """Authenticate user using social credentials

        Authentication is made if this is the correct backend, backend
Example #35
0
from django.db.utils import IntegrityError

from social_auth.db.base import UserSocialAuthMixin, AssociationMixin, \
                                NonceMixin
from social_auth.fields import JSONField
from social_auth.utils import setting

# If User class is overridden, it *must* provide the following fields
# and methods work with django-social-auth:
#
#   username   = CharField()
#   last_login = DateTimeField()
#   is_active  = BooleanField()
#   def is_authenticated():
#       ...
USER_MODEL = setting('SOCIAL_AUTH_USER_MODEL') or \
             setting('AUTH_USER_MODEL') or \
             'auth.User'


class UserSocialAuth(models.Model, UserSocialAuthMixin):
    """Social Auth association model"""
    user = models.ForeignKey(USER_MODEL, related_name='social_auth')
    provider = models.CharField(max_length=32)
    uid = models.CharField(max_length=255)
    extra_data = JSONField(default='{}')

    class Meta:
        """Meta data"""
        unique_together = ('provider', 'uid')
        app_label = 'social_auth'
Example #36
0
    ('http://axschema.org/namePerson/first', 'first_name'),
    ('http://axschema.org/namePerson/last', 'last_name'),
    ('http://axschema.org/namePerson/friendly', 'nickname'),
]
SREG_ATTR = [('email', 'email'), ('fullname', 'fullname'),
             ('nickname', 'nickname')]
OPENID_ID_FIELD = 'openid_identifier'
SESSION_NAME = 'openid'

PIPELINE = setting(
    'SOCIAL_AUTH_PIPELINE',
    (
        'social_auth.backends.pipeline.social.social_auth_user',
        # Removed by default since it can be a dangerouse behavior that
        # could lead to accounts take over.
        #'social_auth.backends.pipeline.associate.associate_by_email',
        'social_auth.backends.pipeline.user.get_username',
        'social_auth.backends.pipeline.user.create_user',
        'social_auth.backends.pipeline.social.associate_user',
        'social_auth.backends.pipeline.social.load_extra_data',
        'social_auth.backends.pipeline.user.update_user_details',
    ))


class SocialAuthBackend(object):
    """A django.contrib.auth backend that authenticates the user based on
    a authentication provider response"""
    name = ''  # provider name, it's stored in database
    supports_inactive_user = False

    def authenticate(self, *args, **kwargs):
Example #37
0
 def get_scope(self):
     return setting(VKOAuth2.SCOPE_VAR_NAME) or \
            setting('VK_OAUTH2_EXTRA_SCOPE')
Example #38
0
                                   AuthCanceled, AuthFailed
from social_auth.utils import setting, log, dsa_urlopen

# vk configuration
VK_AUTHORIZATION_URL = 'http://oauth.vk.com/authorize'
VK_ACCESS_TOKEN_URL = 'https://oauth.vk.com/access_token'
VK_SERVER = 'vk.com'
VK_DEFAULT_DATA = [
    'first_name', 'last_name', 'screen_name', 'nickname', 'photo'
]

VK_API_URL = 'https://api.vk.com/method/'
VK_SERVER_API_URL = 'http://api.vk.com/api.php'
VK_API_VERSION = '3.0'

LOCAL_HTML = setting('VK_LOCAL_HTML',
                     setting('VKONTAKTE_LOCAL_HTML', 'vkontakte.html'))

USE_APP_AUTH = setting('VKAPP_APP_ID', False)


class VKOpenAPIBackend(SocialAuthBackend):
    """VK OpenAPI authentication backend"""
    name = 'vk-openapi'

    def get_user_id(self, details, response):
        """Return user unique id provided by VK"""
        return response['id']

    def get_user_details(self, response):
        """Return user details from VK request"""
        nickname = response.get('nickname') or response['id']
Example #39
0
      on third party providers that (if using POST) won't be sending csrf
      token back.
"""
from django.http import HttpResponseRedirect, HttpResponse
from django.contrib.auth import login, REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import login_required
from django.contrib import messages
from django.views.decorators.csrf import csrf_exempt

from social_auth.utils import sanitize_redirect, setting, \
                              backend_setting, clean_partial_pipeline, log
from social_auth.decorators import dsa_view

import time

DEFAULT_REDIRECT = setting('SOCIAL_AUTH_LOGIN_REDIRECT_URL') or \
                   setting('LOGIN_REDIRECT_URL')
LOGIN_ERROR_URL = setting('LOGIN_ERROR_URL', setting('LOGIN_URL'))


@dsa_view(setting('SOCIAL_AUTH_COMPLETE_URL_NAME', 'socialauth_complete'))
def auth(request, backend):
    """Start authentication process"""
    return auth_process(request, backend)


@csrf_exempt
@dsa_view()
def complete(request, backend, *args, **kwargs):
    """Authentication complete view, override this view if transaction
    management doesn't suit your needs."""
Example #40
0
 def get_scope(self):
     return setting(VKontakteOAuth2.SCOPE_VAR_NAME) or \
            setting('VKONTAKTE_OAUTH2_EXTRA_SCOPE')
Example #41
0
def _api_get_val_fun(name, conf):
    if USE_APP_AUTH:
        return USE_APP_AUTH.get(name)
    else:
        return setting(conf)
Example #42
0
def _ignore_field(name, is_new=False):
    return name in ('username', 'id', 'pk') or \
           (not is_new and
                name in setting('SOCIAL_AUTH_PROTECTED_USER_FIELDS', []))
Example #43
0
"""Admin settings"""
from social_auth.utils import setting

if setting('SOCIAL_AUTH_MODELS') in (None, 'social_auth.db.django_models'):
    from django.contrib import admin
    from social_auth.models import UserSocialAuth, Nonce, Association

    _User = UserSocialAuth.user_model()

    if isinstance(_User, str):
        from django.db.models.loading import get_model
        _User = get_model(*_User.split('.', 1))

    if hasattr(_User, 'USERNAME_FIELD'):
        username_field = _User.USERNAME_FIELD
    elif hasattr(_User, 'username'):
        username_field = 'username'
    else:
        username_field = None

    fieldnames = ('first_name', 'last_name', 'email') + (username_field, )
    all_names = _User._meta.get_all_field_names()
    user_search_fields = [
        'user__' + name for name in fieldnames if name in all_names
    ]

    class UserSocialAuthOption(admin.ModelAdmin):
        """Social Auth user options"""
        list_display = ('id', 'user', 'provider', 'uid')
        search_fields = user_search_fields
        list_filter = ('provider', )
Example #44
0
from functools import wraps

from django.conf import settings
from django.http import HttpResponseRedirect, HttpResponse, \
                        HttpResponseServerError
from django.core.urlresolvers import reverse
from django.contrib.auth import login, REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import login_required
from django.views.decorators.csrf import csrf_exempt

from social_auth.backends import get_backend
from social_auth.utils import sanitize_redirect, setting


DEFAULT_REDIRECT = setting('SOCIAL_AUTH_LOGIN_REDIRECT_URL') or \
                   setting('LOGIN_REDIRECT_URL')
NEW_USER_REDIRECT = setting('SOCIAL_AUTH_NEW_USER_REDIRECT_URL')
NEW_ASSOCIATION_REDIRECT = setting('SOCIAL_AUTH_NEW_ASSOCIATION_REDIRECT_URL')
DISCONNECT_REDIRECT_URL = setting('SOCIAL_AUTH_DISCONNECT_REDIRECT_URL')
LOGIN_ERROR_URL = setting('LOGIN_ERROR_URL', settings.LOGIN_URL)
COMPLETE_URL_NAME = setting('SOCIAL_AUTH_COMPLETE_URL_NAME',
                            'socialauth_complete')
ASSOCIATE_URL_NAME = setting('SOCIAL_AUTH_ASSOCIATE_URL_NAME',
                             'socialauth_associate_complete')
SOCIAL_AUTH_LAST_LOGIN = setting('SOCIAL_AUTH_LAST_LOGIN',
                                 'social_auth_last_login_backend')
SESSION_EXPIRATION = setting('SOCIAL_AUTH_SESSION_EXPIRATION', True)
BACKEND_ERROR_REDIRECT = setting('SOCIAL_AUTH_BACKEND_ERROR_URL',
                                 LOGIN_ERROR_URL)
SANITIZE_REDIRECTS = setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True)
Example #45
0
 def get_scope(self):
     return setting('ODNOKLASSNIKI_OAUTH2_EXTRA_SCOPE', [])
Example #46
0
    More information on scope can be found at:
    http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
"""
from urllib import urlencode

from django.utils import simplejson

from social_auth.backends import BaseOAuth2, OAuthBackend
from social_auth.utils import dsa_urlopen, setting

from oauth2 import Token

SALESFORCE_DOMAIN = 'login.salesforce.com'
SALESFORCE_TEST_DOMAIN = 'test.salesforce.com'

SALESFORCE_TESTING = setting('SALESFORCE_TESTING', False)
SALESFORCE_SERVER = "https://" + (SALESFORCE_TEST_DOMAIN
                                  if SALESFORCE_TESTING else SALESFORCE_DOMAIN)

SALESFORCE_AUTHORIZATION_PATH = '/services/oauth2/authorize'
SALESFORCE_ACCESS_TOKEN_PATH = '/services/oauth2/token'

SALESFORCE_AUTHORIZATION_URL = SALESFORCE_SERVER + SALESFORCE_AUTHORIZATION_PATH
SALESFORCE_ACCESS_TOKEN_URL = SALESFORCE_SERVER + SALESFORCE_ACCESS_TOKEN_PATH


class SalesforceBackend(OAuthBackend):
    name = 'salesforce'

    EXTRA_DATA = [
        ('user_id', 'user_id'),
Example #47
0
            return super(GoogleOAuth, cls).get_key_and_secret()
        except AttributeError:
            return 'anonymous', 'anonymous'

    @classmethod
    def enabled(cls):
        """Google OAuth is always enabled because of anonymous access"""
        return True

    def registered(self):
        """Check if Google OAuth Consumer Key and Consumer Secret are set"""
        return self.get_key_and_secret() != ('anonymous', 'anonymous')


# TODO: Remove this setting name check, keep for backward compatibility
_OAUTH2_KEY_NAME = setting('GOOGLE_OAUTH2_CLIENT_ID') and \
                   'GOOGLE_OAUTH2_CLIENT_ID' or \
                   'GOOGLE_OAUTH2_CLIENT_KEY'


class GoogleOAuth2(BaseOAuth2):
    """Google OAuth2 support"""
    AUTH_BACKEND = GoogleOAuth2Backend
    AUTHORIZATION_URL = 'https://accounts.google.com/o/oauth2/auth'
    ACCESS_TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'
    SETTINGS_KEY_NAME = _OAUTH2_KEY_NAME
    SETTINGS_SECRET_NAME = 'GOOGLE_OAUTH2_CLIENT_SECRET'
    SCOPE_VAR_NAME = 'GOOGLE_OAUTH_EXTRA_SCOPE'
    DEFAULT_SCOPE = GOOGLE_OAUTH2_SCOPE

    def user_data(self, access_token, *args, **kwargs):
Example #48
0
from __future__ import absolute_import

import six

from uuid import uuid4

from social_auth.utils import setting, module_member
from social_auth.models import UserSocialAuth
from social_auth.django_compat import get_all_field_names

slugify = module_member(
    setting("SOCIAL_AUTH_SLUGIFY_FUNCTION",
            "django.template.defaultfilters.slugify"))


def get_username(details,
                 user=None,
                 user_exists=UserSocialAuth.simple_user_exists,
                 *args,
                 **kwargs):
    """Return an username for new user. Return current user username
    if user was given.
    """
    if user:
        return {"username": UserSocialAuth.user_username(user)}

    email_as_username = setting("SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL", False)
    uuid_length = setting("SOCIAL_AUTH_UUID_LENGTH", 16)
    do_slugify = setting("SOCIAL_AUTH_SLUGIFY_USERNAMES", False)

    if email_as_username and details.get("email"):
Example #49
0
 def trust_root(self):
     """Return trust-root option"""
     return setting('OPENID_TRUST_ROOT') or \
            self.request.build_absolute_uri('/')
Example #50
0
from django.db.utils import IntegrityError

from social_auth.db.base import UserSocialAuthMixin, AssociationMixin, \
                                NonceMixin
from social_auth.fields import JSONField
from social_auth.utils import setting

# If User class is overridden, it *must* provide the following fields
# and methods work with django-social-auth:
#
#   username   = CharField()
#   last_login = DateTimeField()
#   is_active  = BooleanField()
#   def is_authenticated():
#       ...
USER_MODEL = setting('SOCIAL_AUTH_USER_MODEL') or \
             setting('AUTH_USER_MODEL') or \
             'auth.User'
UID_LENGTH = setting('SOCIAL_AUTH_UID_LENGTH', 255)
NONCE_SERVER_URL_LENGTH = setting('SOCIAL_AUTH_NONCE_SERVER_URL_LENGTH', 255)
ASSOCIATION_SERVER_URL_LENGTH = setting(
    'SOCIAL_AUTH_ASSOCIATION_SERVER_URL_LENGTH', 255)
ASSOCIATION_HANDLE_LENGTH = setting('SOCIAL_AUTH_ASSOCIATION_HANDLE_LENGTH',
                                    255)


class UserSocialAuth(models.Model, UserSocialAuthMixin):
    """Social Auth association model"""
    user = models.ForeignKey(USER_MODEL, related_name='social_auth')
    provider = models.CharField(max_length=32)
    uid = models.CharField(max_length=UID_LENGTH)
Example #51
0
 def get_key_and_secret(cls):
     """Return tuple with Consumer Key and Consumer Secret for current
     service provider. Must return (key, secret), order *must* be respected.
     """
     return (setting(cls.SETTINGS_KEY_NAME), setting(cls.SETTINGS_SECRET_NAME))
Example #52
0
 def setUp(self, *args, **kwargs):
     super(GoogleTestCase, self).setUp(*args, **kwargs)
     self.user = setting('TEST_GOOGLE_USER')
     self.passwd = setting('TEST_GOOGLE_PASSWORD')
Example #53
0
 def get_scope(self):
     """Return list with needed access scope"""
     scope = self.DEFAULT_SCOPE or []
     if self.SCOPE_VAR_NAME:
         scope = scope + setting(self.SCOPE_VAR_NAME, [])
     return scope
Example #54
0
      token back.
"""
from urllib2 import quote

from django.http import HttpResponseRedirect, HttpResponse
from django.contrib.auth import login, REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import login_required
from django.contrib import messages
from django.views.decorators.csrf import csrf_exempt
# from django.contrib.auth.models import AnonymousUser

from social_auth.utils import sanitize_redirect, setting, \
                              backend_setting, clean_partial_pipeline
from social_auth.decorators import dsa_view, disconnect_view

DEFAULT_REDIRECT = setting('SOCIAL_AUTH_LOGIN_REDIRECT_URL',
                           setting('LOGIN_REDIRECT_URL'))
LOGIN_ERROR_URL = setting('LOGIN_ERROR_URL', setting('LOGIN_URL'))
PIPELINE_KEY = setting('SOCIAL_AUTH_PARTIAL_PIPELINE_KEY', 'partial_pipeline')


@dsa_view(setting('SOCIAL_AUTH_COMPLETE_URL_NAME', 'socialauth_complete'))
def auth(request, backend):
    """Start authentication process"""
    platform = request.GET.get('platform')

    # Commenting this, as it was messing with the post-signup redirect
    # Not sure what it does, as there was no comment and the commit message was
    # unhelpful.
    # Originally added in: f83f7cfe8a3980a88a02b46cc6bc21b7692c22d0
    # request.session.flush()
    # request.user = AnonymousUser()
Example #55
0
"""Social auth models"""
import types
from importlib import import_module

from social_auth.utils import setting


SOCIAL_AUTH_MODELS_MODULE = import_module(setting('SOCIAL_AUTH_MODELS',
                                               'social_auth.db.django_models'))

globals().update((name, value) for name, value in
                    ((name, getattr(SOCIAL_AUTH_MODELS_MODULE, name))
                        for name in dir(SOCIAL_AUTH_MODELS_MODULE))
                    if isinstance(value, (type, types.ClassType)))
Example #56
0
def complete_process(request, backend, *args, **kwargs):
    """Authentication complete process"""
    # pop redirect value before the session is trashed on login()
    redirect_value = request.session.get(REDIRECT_FIELD_NAME, '') or \
                     request.REQUEST.get(REDIRECT_FIELD_NAME, '')
    user = auth_complete(request, backend, *args, **kwargs)

    if isinstance(user, HttpResponse):
        return user

    if not user and request.user.is_authenticated():
        return HttpResponseRedirect(redirect_value)

    msg = None
    if user:
        if getattr(user, 'is_active', True):
            # catch is_new flag before login() might reset the instance
            is_new = getattr(user, 'is_new', False)
            login(request, user)
            # user.social_user is the used UserSocialAuth instance defined
            # in authenticate process
            social_user = user.social_user
            if redirect_value:
                request.session[REDIRECT_FIELD_NAME] = redirect_value or \
                                                       DEFAULT_REDIRECT

            if setting('SOCIAL_AUTH_SESSION_EXPIRATION', True):
                # Set session expiration date if present and not disabled by
                # setting. Use last social-auth instance for current provider,
                # users can associate several accounts with a same provider.
                expiration = social_user.expiration_datetime()
                if expiration:
                    try:
                        request.session.set_expiry(expiration)
                    except OverflowError:
                        # Handle django time zone overflow, set default expiry.
                        request.session.set_expiry(None)

            # store last login backend name in session
            request.session['social_auth_last_login_backend'] = \
                    social_user.provider

            # Remove possible redirect URL from session, if this is a new
            # account, send him to the new-users-page if defined.
            new_user_redirect = backend_setting(
                backend, 'SOCIAL_AUTH_NEW_USER_REDIRECT_URL')
            if new_user_redirect and is_new:
                url = new_user_redirect
            else:
                url = redirect_value or \
                      backend_setting(backend,
                                      'SOCIAL_AUTH_LOGIN_REDIRECT_URL') or \
                      DEFAULT_REDIRECT
        else:
            msg = setting('SOCIAL_AUTH_INACTIVE_USER_MESSAGE', None)
            url = backend_setting(backend, 'SOCIAL_AUTH_INACTIVE_USER_URL',
                                  LOGIN_ERROR_URL)
    else:
        msg = setting('LOGIN_ERROR_MESSAGE', None)
        url = backend_setting(backend, 'LOGIN_ERROR_URL', LOGIN_ERROR_URL)
    if msg:
        messages.error(request, msg)

    if redirect_value and redirect_value != url:
        redirect_value = quote(redirect_value)
        if '?' in url:
            url += '&%s=%s' % (REDIRECT_FIELD_NAME, redirect_value)
        else:
            url += '?%s=%s' % (REDIRECT_FIELD_NAME, redirect_value)
    return HttpResponseRedirect(url)
Example #57
0
from uuid import uuid4

from social_auth.utils import setting, module_member
from social_auth.models import UserSocialAuth

slugify = module_member(
    setting('SOCIAL_AUTH_SLUGIFY_FUNCTION',
            'django.template.defaultfilters.slugify'))


def get_username(details,
                 user=None,
                 user_exists=UserSocialAuth.simple_user_exists,
                 *args,
                 **kwargs):
    """Return an username for new user. Return current user username
    if user was given.
    """
    if user:
        return {'username': UserSocialAuth.user_username(user)}

    email_as_username = setting('SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL', False)
    uuid_length = setting('SOCIAL_AUTH_UUID_LENGTH', 16)
    do_slugify = setting('SOCIAL_AUTH_SLUGIFY_USERNAMES', False)

    if email_as_username and details.get('email'):
        username = details['email']
    elif details.get('username'):
        username = unicode(details['username'])
    else:
        username = uuid4().get_hex()
Example #58
0
from social_auth.exceptions import AuthTokenRevoked, AuthException
from social_auth.utils import setting, log, dsa_urlopen

# Vkontakte configuration
VK_AUTHORIZATION_URL = 'http://oauth.vk.com/authorize'
VK_ACCESS_TOKEN_URL = 'https://oauth.vk.com/access_token'
VK_SERVER = 'vk.com'
VK_DEFAULT_DATA = [
    'first_name', 'last_name', 'screen_name', 'nickname', 'photo'
]

VKONTAKTE_API_URL = 'https://api.vkontakte.ru/method/'
VKONTAKTE_SERVER_API_URL = 'http://api.vkontakte.ru/api.php'
VKONTAKTE_API_VERSION = '3.0'

USE_APP_AUTH = setting('VKONTAKTE_APP_AUTH', False)
LOCAL_HTML = setting('VKONTAKTE_LOCAL_HTML', 'vkontakte.html')


class VKontakteBackend(SocialAuthBackend):
    """VKontakte OpenAPI authentication backend"""
    name = 'vkontakte'

    def get_user_id(self, details, response):
        """Return user unique id provided by VKontakte"""
        return response['id']

    def get_user_details(self, response):
        """Return user details from VKontakte request"""
        nickname = response.get('nickname') or response['id']
        if isinstance(nickname, (
Example #59
0
from django.db import models
from django.contrib.auth import authenticate
from django.contrib.auth.backends import ModelBackend
from django.utils import simplejson
from django.utils.importlib import import_module

from social_auth.utils import setting, log, model_to_ctype, ctype_to_model, \
                              clean_partial_pipeline
from social_auth.store import DjangoOpenIDStore
from social_auth.backends.exceptions import StopPipeline, AuthException, \
                                            AuthFailed, AuthCanceled, \
                                            AuthUnknownError, AuthTokenError, \
                                            AuthMissingParameter

if setting('SOCIAL_AUTH_USER_MODEL'):
    User = models.get_model(*setting('SOCIAL_AUTH_USER_MODEL').rsplit('.', 1))
else:
    from django.contrib.auth.models import User

# OpenID configuration
OLD_AX_ATTRS = [('http://schema.openid.net/contact/email', 'old_email'),
                ('http://schema.openid.net/namePerson', 'old_fullname'),
                ('http://schema.openid.net/namePerson/friendly',
                 'old_nickname')]
AX_SCHEMA_ATTRS = [
    # Request both the full name and first/last components since some
    # providers offer one but not the other.
    ('http://axschema.org/contact/email', 'email'),
    ('http://axschema.org/namePerson', 'fullname'),
    ('http://axschema.org/namePerson/first', 'first_name'),
Example #60
0
 def get_api_url(self):
     return setting('YANDEX_OAUTH2_API_URL')