def twitter_auth_url():
callback_uri = urls.absurl("/redirects/twitter/")
oauth = OAuth1(settings.TWITTER_CONSUMER_KEY,
settings.TWITTER_CONSUMER_SECRET,
callback_uri=callback_uri)
response = requests.post(url=twitter_request_token_url, auth=oauth)
try:
response.raise_for_status()
except requests.exceptions.HTTPError as exc:
logger.exception(exc)
raise TwitterVerificationError('Invalid response from Twitter.')
as_bytes = urllib.parse.parse_qs(response.content)
token_bytes = as_bytes[b'oauth_token'][0]
token_secret_bytes = as_bytes[b'oauth_token_secret'][0]
request_token = {}
request_token['oauth_token'] = token_bytes.decode('utf-8')
request_token['oauth_token_secret'] = token_secret_bytes.decode(
'utf-8')
session['request_token'] = request_token
url = '{}?oauth_token={}'.format(twitter_authenticate_url,
request_token['oauth_token'])
return VerificationServiceResponse({'url': url})
def verify_facebook(code, eth_address):
base_url = 'graph.facebook.com'
client_id = settings.FACEBOOK_CLIENT_ID
client_secret = settings.FACEBOOK_CLIENT_SECRET
redirect_uri = urls.absurl("/redirects/facebook/")
code = code
path = ('/v2.12/oauth/access_token?client_id={}'
'&client_secret={}&redirect_uri={}&code={}').format(
client_id, client_secret, redirect_uri, code)
conn = http.client.HTTPSConnection(base_url)
conn.request('GET', path)
response = json.loads(conn.getresponse().read())
has_access_token = ('access_token' in response)
if not has_access_token or 'error' in response:
raise FacebookVerificationError(
'The code you provided is invalid.')
# TODO: determine what the text should be
data = 'facebook verified'
# TODO: determine claim type integer code for phone verification
signature = attestations.generate_signature(signing_key, eth_address,
CLAIM_TYPES['facebook'],
data)
return VerificationServiceResponse({
'signature':
signature,
'claim_type':
CLAIM_TYPES['facebook'],
'data':
data
})
def verify_facebook(code, eth_address):
base_url = "https://graph.facebook.com"
response = requests.get("{}/v2.12/oauth/access_token".format(base_url),
params={
"client_id":
settings.FACEBOOK_CLIENT_ID,
"client_secret":
settings.FACEBOOK_CLIENT_SECRET,
"redirect_uri":
urls.absurl("/redirects/facebook/"),
"code":
code
})
if "access_token" not in response.json() or "error" in response.json():
if "error" in response.json():
logger.error(response.json()["error"])
raise FacebookVerificationError(
"The code you provided is invalid.")
access_token = response.json()["access_token"]
response = requests.get("{}/me".format(base_url),
params={"access_token": access_token})
# TODO: determine what the text should be
data = 'facebook verified'
# TODO: determine claim type integer code for phone verification
signature = attestations.generate_signature(signing_key, eth_address,
CLAIM_TYPES['facebook'],
data)
attestation = Attestation(method=AttestationTypes.FACEBOOK,
eth_address=eth_address,
value=response.json()['name'],
signature=signature,
remote_ip_address=request.remote_addr)
db.session.add(attestation)
db.session.commit()
return VerificationServiceResponse({
'signature':
signature,
'claim_type':
CLAIM_TYPES['facebook'],
'data':
data
})
def twitter_auth_url():
callback_uri = urls.absurl("/redirects/twitter/")
oauth = OAuth1(settings.TWITTER_CONSUMER_KEY,
settings.TWITTER_CONSUMER_SECRET,
callback_uri=callback_uri)
r = requests.post(url=twitter_request_token_url, auth=oauth)
if r.status_code != 200:
raise TwitterVerificationError('Invalid response from Twitter.')
as_bytes = dict(cgi.parse_qsl(r.content))
token_b = as_bytes[b'oauth_token']
token_secret_b = as_bytes[b'oauth_token_secret']
request_token = {}
request_token['oauth_token'] = token_b.decode('utf-8')
request_token['oauth_token_secret'] = token_secret_b.decode('utf-8')
session['request_token'] = request_token
url = '{}?oauth_token={}'.format(twitter_authenticate_url,
request_token['oauth_token'])
return VerificationServiceResponse({'url': url})
def verify_facebook(code, eth_address):
base_url = "https://graph.facebook.com"
response = requests.get("{}/v2.12/oauth/access_token".format(base_url),
params={
"client_id":
settings.FACEBOOK_CLIENT_ID,
"client_secret":
settings.FACEBOOK_CLIENT_SECRET,
"redirect_uri":
urls.absurl("/redirects/facebook/"),
"code":
code
})
if "access_token" not in response.json() or "error" in response.json():
if "error" in response.json():
logger.error(response.json()["error"])
raise FacebookVerificationError(
"The code you provided is invalid.")
access_token = response.json()["access_token"]
response = requests.get("{}/me".format(base_url),
params={"access_token": access_token})
data = {
'issuer': ISSUER,
'issueDate': current_time(),
'attestation': {
'verificationMethod': {
'oAuth': True
},
'site': {
'siteName': 'facebook.com',
'userId': {
'verified': True
}
}
}
}
# Note: use sort_keys option to make the output deterministic for hashing purposes.
json_data = json.dumps(data, separators=(',', ':'), sort_keys=True)
signature = {
'bytes':
attestations.generate_signature(signing_key, eth_address,
json_data),
'version':
'1.0.0'
}
attestation = Attestation(method=AttestationTypes.FACEBOOK,
eth_address=eth_address,
value=response.json()['name'],
signature=signature['bytes'],
remote_ip_address=request.remote_addr)
db.session.add(attestation)
db.session.commit()
return VerificationServiceResponse({
'schemaId':
'https://schema.originprotocol.com/attestation_1.0.0.json',
'data': data,
'signature': signature
})
def facebook_auth_url():
client_id = settings.FACEBOOK_CLIENT_ID
redirect_uri = urls.absurl("/redirects/facebook/")
url = ('https://www.facebook.com/v2.12/dialog/oauth?client_id={}'
'&redirect_uri={}').format(client_id, redirect_uri)
return VerificationServiceResponse({'url': url})
