def facebook_process(request): """Process the facebook redirect""" if request.GET.get('state') != request.session.get('state'): raise CSRFError( "CSRF Validation check failed. Request state %s is " "not the same as session state %s" % (request.GET.get('state'), request.session.get('state'))) config = request.registry.settings code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code access_url = flat_url('https://graph.facebook.com/oauth/access_token', client_id=config['velruse.facebook.app_id'], client_secret=config['velruse.facebook.app_secret'], redirect_uri=request.route_url('facebook_process'), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://graph.facebook.com/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) fb_profile = loads(r.content) profile = extract_fb_data(fb_profile) cred = {'oauthAccessToken': access_token} return FacebookAuthenticationComplete(profile=profile, credentials=cred)
def callback(self, request): """Process the github redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state)) code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason=reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url( '%s://%s/login/oauth/access_token' % (self.protocol, self.domain), client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('%s://api.%s/user' % (self.protocol, self.domain), access_token=access_token) graph_headers = dict(Accept='application/vnd.github.v3+json') r = requests.get(graph_url, headers=graph_headers) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) profile = {} profile['accounts'] = [{ 'domain': self.domain, 'username': data['login'], 'userid': data['id'] }] profile['preferredUsername'] = data['login'] profile['displayName'] = data.get('name', profile['preferredUsername']) # We don't add this to verifiedEmail because ppl can change email # addresses without verifying them if 'email' in data: profile['emails'] = [{'value': data['email']}] cred = {'oauthAccessToken': access_token} return GithubAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the qq redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url('https://graph.qq.com/oauth2.0/token', client_id=self.consumer_key, client_secret=self.consumer_secret, grant_type='authorization_code', redirect_uri=request.route_url( self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://graph.qq.com/oauth2.0/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content[10:-3]) openid = data.get('openid', '') user_info_url = flat_url('https://graph.qq.com/user/get_user_info', access_token=access_token, oauth_consumer_key=self.consumer_key, openid=openid) r = requests.get(user_info_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) profile = { 'accounts': [{ 'domain': 'qq.com', 'userid': openid }], 'displayName': data['nickname'], 'preferredUsername': data['nickname'], } cred = {'oauthAccessToken': access_token} return QQAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the github redirect""" if request.GET.get('state') != request.session.get('state'): raise CSRFError( 'CSRF Validation check failed. Request state %s is not ' 'the same as session state %s' % ( request.GET.get('state'), request.session.get('state'))) code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason=reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url( '%s://%s/login/oauth/access_token' % (self.protocol, self.domain), client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('%s://api.%s/user' % (self.protocol, self.domain), access_token=access_token) graph_headers = dict(Accept='application/vnd.github.v3+json') r = requests.get(graph_url, headers=graph_headers) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) profile = {} profile['accounts'] = [{ 'domain':self.domain, 'username':data['login'], 'userid':data['id'] }] profile['displayName'] = data['name'] profile['preferredUsername'] = data['login'] # We don't add this to verifiedEmail because ppl can change email # addresses without verifying them if 'email' in data: profile['emails'] = [{'value':data['email']}] cred = {'oauthAccessToken': access_token} return GithubAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the qq redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url( 'https://graph.qq.com/oauth2.0/token', client_id=self.consumer_key, client_secret=self.consumer_secret, grant_type='authorization_code', redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://graph.qq.com/oauth2.0/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content[10:-3]) openid = data.get('openid', '') user_info_url = flat_url('https://graph.qq.com/user/get_user_info', access_token=access_token, oauth_consumer_key=self.consumer_key, openid=openid) r = requests.get(user_info_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) profile = { 'accounts': [{'domain':'qq.com', 'userid':openid}], 'displayName': data['nickname'], 'preferredUsername': data['nickname'], } cred = {'oauthAccessToken': access_token} return QQAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the VK redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state)) code = request.GET.get('code') if not code: reason = request.GET.get('error_description', 'No reason provided.') return AuthenticationDenied(reason=reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url(PROVIDER_ACCESS_TOKEN_URL, client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url( self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure('Status {status}: {content}'.format( status=r.status_code, content=r.content)) data = json.loads(r.content) access_token = data['access_token'] # Retrieve profile data graph_url = flat_url( PROVIDER_USER_PROFILE_URL, access_token=access_token, uids=data['user_id'], fields= ('first_name,last_name,nickname,domain,sex,bdate,city,country,timezone,' 'photo,photo_medium,photo_big,photo_rec,has_mobile,mobile_phone,home_phone,' 'rate,contacts,education')) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure('Status {status}: {content}'.format( status=r.status_code, content=r.content)) vk_profile = json.loads(r.content)['response'][0] vk_profile['uid'] = data['user_id'] profile = extract_normalize_vk_data(vk_profile) cred = {'oauthAccessToken': access_token} return VKAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the github redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code access_url = flat_url( 'https://github.com/login/oauth/access_token', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) content = r.content.decode('UTF-8') if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, content)) access_token = parse_qs(content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://github.com/api/v2/json/user/show', access_token=access_token) r = requests.get(graph_url) content = r.content.decode('UTF-8') if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, content)) data = loads(content)['user'] profile = {} profile['accounts'] = [{ 'domain':'github.com', 'username':data['login'], 'userid':data['id'] }] profile['displayName'] = data['name'] profile['preferredUsername'] = data['login'] # We don't add this to verifiedEmail because ppl can change email # addresses without verifying them if 'email' in data: profile['emails'] = [{'value':data['email']}] cred = {'oauthAccessToken': access_token} return GithubAuthenticationComplete(profile=profile, credentials=cred)
def login(self, request): """Initiate a taobao login""" gh_url = flat_url('https://oauth.taobao.com/authorize', client_id=self.consumer_key, response_type='code', redirect_uri=request.route_url(self.callback_route)) return HTTPFound(location=gh_url)
def callback(self, request): """Process the renren redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason) access_url = flat_url( 'https://graph.renren.com/oauth/token', client_id=self.consumer_key, client_secret=self.consumer_secret, grant_type='authorization_code', redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] profile = { 'accounts': [ {'domain': 'renren.com', 'userid': data['user']['id']}, ], 'displayName': data['user']['name'], 'preferredUsername': data['user']['name'], } cred = {'oauthAccessToken': access_token} return RenrenAuthenticationComplete(profile=profile, credentials=cred)
def callback(self, request): """Process the weibo redirect""" state=request.GET.get('state') statedata=None if state: statedata=urlparse.parse_qs(state) #print 'statedata:%s'%statedata if 'state_code' in statedata: state_code=statedata["state_code"][0] if state_code != request.session.get('state_code'): raise CSRFError("CSRF Validation check failed. Request state %s is " "not the same as session state %s" % ( state_code, request.session.get('state_code') )) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code r = requests.post( 'https://api.weibo.com/oauth2/access_token', dict( client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), grant_type='authorization_code', code=code, ), ) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] uid = data['uid'] # Retrieve profile data graph_url = flat_url('https://api.weibo.com/2/users/show.json', access_token=access_token, uid=uid) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) profile = { 'accounts': [{'domain':'weibo.com', 'userid':data['id']}], 'gender': data.get('gender'), 'displayName': data['screen_name'], 'preferredUsername': data['name'], 'profile_image_url':data['profile_image_url'], 'access_token':access_token } if statedata is not None and 'next' in statedata: profile['next']=statedata['next'][0] cred = {'oauthAccessToken': access_token} return WeiboAuthenticationComplete(profile=profile, credentials=cred)
def renren_process(request): """Process the renren redirect""" config = request.registry.settings code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason) access_url = flat_url('https://graph.renren.com/oauth/token', client_id=config['velruse.renren.app_id'], client_secret=config['velruse.renren.app_secret'], grant_type='authorization_code', redirect_uri=request.route_url('renren_process'), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] profile = { 'accounts': [{ 'domain': 'renren.com', 'userid': data['user']['id'] }], 'displayName': data['user']['name'], 'preferredUsername': data['user']['name'], } cred = {'oauthAccessToken': access_token} return RenrenAuthenticationComplete(profile=profile, credentials=cred)
def callback(self, request): """Process the google redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state ) ) code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason=reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code r = requests.post('%s://%s/o/oauth2/token' % (self.protocol, self.domain), data={ 'client_id': self.consumer_key, 'client_secret': self.consumer_secret, 'redirect_uri': request.route_url(self.callback_route), 'code': code, 'grant_type': 'authorization_code' }) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) token_data = loads(r.content) access_token = token_data['access_token'] refresh_token = token_data.get('refresh_token') # Retrieve profile data if scopes allow profile = {} user_url = flat_url( '%s://www.googleapis.com/oauth2/v1/userinfo' % self.protocol, access_token=access_token) r = requests.get(user_url) if r.status_code == 200: data = loads(r.content) profile['accounts'] = [{ 'domain': self.domain, 'username': data['email'], 'userid': data['id'] }] profile['displayName'] = data['name'] profile['preferredUsername'] = data['email'] profile['verifiedEmail'] = data['email'] profile['emails'] = [{'value': data['email']}] cred = {'oauthAccessToken': access_token, 'oauthRefreshToken': refresh_token} return Google2AuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the facebook redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state ) ) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason=reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url( 'https://graph.facebook.com/oauth/access_token', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://graph.facebook.com/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) fb_profile = loads(r.content) profile = extract_fb_data(fb_profile) cred = {'oauthAccessToken': access_token} return FacebookAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the weibo redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state)) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code r = requests.post( 'https://api.weibo.com/oauth2/access_token', dict( client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), grant_type='authorization_code', code=code, ), ) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] uid = data['uid'] # Retrieve profile data graph_url = flat_url('https://api.weibo.com/2/users/show.json', access_token=access_token, uid=uid) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) profile = { 'accounts': [{ 'domain': 'weibo.com', 'userid': data['id'] }], 'gender': data.get('gender'), 'displayName': data['screen_name'], 'preferredUsername': data['name'], } cred = {'oauthAccessToken': access_token} return WeiboAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the Yandex redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state ) ) code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied( reason=reason, provider_name=self.name, provider_type=self.type ) # Now retrieve the access token with the code token_params = { 'grant_type': 'authorization_code', 'code': code, 'client_id': self.consumer_key, 'client_secret': self.consumer_secret, } r = requests.post(PROVIDER_ACCESS_TOKEN_URL, token_params) if r.status_code != 200: raise ThirdPartyFailure( 'Status {status}: {content}'.format( status=r.status_code, content=r.content ) ) data =json.loads(r.content) access_token = data['access_token'] # Retrieve profile data profile_url = flat_url( PROVIDER_USER_PROFILE_URL, format='json', oauth_token=access_token ) r = requests.get(profile_url) if r.status_code != 200: raise ThirdPartyFailure( 'Status {status}: {content}'.format( status=r.status_code, content=r.content ) ) profile = json.loads(r.content) profile = extract_normalize_yandex_data(profile) cred = {'oauthAccessToken': access_token} return YandexAuthenticationComplete( profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type )
def callback(self, request): """Process the weibo redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state ) ) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code r = requests.post( 'https://api.weibo.com/oauth2/access_token', dict( client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), grant_type='authorization_code', code=code, ), ) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] uid = data['uid'] # Retrieve profile data graph_url = flat_url('https://api.weibo.com/2/users/show.json', access_token=access_token, uid=uid) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) profile = { 'accounts': [{'domain':'weibo.com', 'userid':data['id']}], 'gender': data.get('gender'), 'displayName': data['screen_name'], 'preferredUsername': data['name'], } cred = {'oauthAccessToken': access_token} return WeiboAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the github redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code access_url = flat_url( 'https://github.com/login/oauth/access_token', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://github.com/api/v2/json/user/show', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content)['user'] profile = {} profile['accounts'] = [{ 'domain':'github.com', 'username':data['login'], 'userid':data['id'] }] profile['displayName'] = data['name'] profile['preferredUsername'] = data['login'] # We don't add this to verifiedEmail because ppl can change email # addresses without verifying them if 'email' in data: profile['emails'] = [{'value':data['email']}] cred = {'oauthAccessToken': access_token} return GithubAuthenticationComplete(profile=profile, credentials=cred)
def login(self, request): """Initiate a weibo login""" request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url('https://api.weibo.com/oauth2/authorize', client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), state=state) return HTTPFound(location=fb_url)
def login(self, request): """Initiate a Yandex login""" request.session['state'] = state = uuid.uuid4().hex auth_url = flat_url(PROVIDER_AUTH_URL, client_id=self.consumer_key, response_type='code', state=state) return HTTPFound(location=auth_url)
def taobao_login(request): """Initiate a taobao login""" config = request.registry.settings gh_url = flat_url('https://oauth.taobao.com/authorize', client_id=config['velruse.taobao.app_id'], response_type='code', redirect_uri=request.route_url('taobao_process')) return HTTPFound(location=gh_url)
def callback(self, request): """Process the taobao redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code r = requests.post( 'https://oauth.taobao.com/token', dict(grant_type='authorization_code', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code)) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] # Retrieve profile data params = { 'method': 'taobao.user.get', 'timestamp': time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()), 'format': 'json', 'app_key': self.consumer_key, 'v': '2.0', 'sign_method': 'md5', 'fields': 'user_id,nick', 'session': access_token } src = self.consumer_secret\ + ''.join(["%s%s" % (k, v) for k, v in sorted(params.items())])\ + self.consumer_secret params['sign'] = md5(src).hexdigest().upper() get_user_info_url = flat_url('http://gw.api.taobao.com/router/rest', **params) r = requests.get(get_user_info_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) username = data['user_get_response']['user']['nick'] userid = data['user_get_response']['user']['user_id'] profile = { 'accounts': [{ 'domain': 'taobao.com', 'userid': userid }], 'displayName': username, 'preferredUsername': username, } cred = {'oauthAccessToken': access_token} return TaobaoAuthenticationComplete(profile=profile, credentials=cred)
def callback(self, request): """Process the taobao redirect""" code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code r = requests.post('https://oauth.taobao.com/token', dict(grant_type='authorization_code', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), code=code)) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] # Retrieve profile data params = { 'method': 'taobao.user.get', 'timestamp': time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()), 'format': 'json', 'app_key': self.consumer_key, 'v': '2.0', 'sign_method': 'md5', 'fields': 'user_id,nick,avatar,sex', 'session': access_token } src = self.consumer_secret\ + ''.join(["%s%s" % (k, v) for k, v in sorted(params.items())])\ + self.consumer_secret params['sign'] = md5(src).hexdigest().upper() get_user_info_url = flat_url('http://gw.api.taobao.com/router/rest', **params) r = requests.get(get_user_info_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) username = data['user_get_response']['user']['nick'] userid = data['user_get_response']['user']['user_id'] profile_image_url=data['user_get_response']['user']['avatar'] sex='m' if 'sex' in data['user_get_response']['user']: sex =data['user_get_response']['user']['sex'] profile = { 'accounts': [{'domain':'taobao.com', 'userid':userid}], 'displayName': username, 'gender':sex, 'preferredUsername': username, 'profile_image_url':profile_image_url, 'access_token':access_token } cred = {'oauthAccessToken': access_token} return TaobaoAuthenticationComplete(profile=profile, credentials=cred)
def github_process(request): """Process the github redirect""" config = request.registry.settings code = request.GET.get('code') if not code: reason = request.GET.get('error', 'No reason provided.') raise AuthenticationDenied(reason) # Now retrieve the access token with the code access_url = flat_url('https://github.com/login/oauth/access_token', client_id=config['velruse.github.app_id'], client_secret=config['velruse.github.app_secret'], redirect_uri=request.route_url('github_process'), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] c = r.content # Retrieve profile data graph_url = flat_url('https://github.com/api/v2/json/user/show', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content)['user'] profile = {} profile['providerName'] = 'GitHub' profile['displayName'] = data['name'] profile['identifier'] = profile['preferredUsername'] = data['login'] if 'email' in data: profile['emails'] = [data['email']] profile['verifiedEmail'] = data['email'] cred = {'oauthAccessToken': access_token} # Create and raise our AuthenticationComplete exception with the # appropriate data to be passed complete = AuthenticationComplete() complete.profile = profile complete.credentials = { 'oauthAccessToken': access_token } raise complete
def github_login(request): """Initiate a github login""" config = request.registry.settings scope = config.get('velruse.github.scope', request.POST.get('scope', '')) gh_url = flat_url('https://github.com/login/oauth/authorize', scope=scope, client_id=config['velruse.github.app_id'], redirect_uri=request.route_url('github_process')) return HTTPFound(location=gh_url)
def login(self, request): """Initiate a github login""" scope = request.POST.get('scope', self.scope) gh_url = flat_url( 'https://github.com/login/oauth/authorize', scope=scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route)) return HTTPFound(location=gh_url)
def weibo_login(request): """Initiate a weibo login""" config = request.registry.settings request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url('https://api.weibo.com/oauth2/authorize', client_id=config['velruse.weibo.app_id'], redirect_uri=request.route_url('weibo_process'), state=state) return HTTPFound(location=fb_url)
def login(self, request): """Initiate a qq login""" scope = request.POST.get('scope', self.scope) gh_url = flat_url('https://graph.qq.com/oauth2.0/authorize', scope=scope, client_id=self.consumer_key, response_type='code', redirect_uri=request.route_url(self.callback_route)) return HTTPFound(location=gh_url)
def login(self, request): """Initiate a Live login""" scope = request.POST.get('scope', self.scope or 'wl.basic wl.emails wl.signin') fb_url = flat_url('https://oauth.live.com/authorize', scope=scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), response_type="code") return HTTPFound(location=fb_url)
def login(self, request): """Initiate a github login""" scope = request.POST.get('scope', self.scope) gh_url = flat_url( '%s://%s/login/oauth/authorize' % (self.protocol, self.domain), scope=scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route)) return HTTPFound(location=gh_url)
def callback(self, request): """Process the Live redirect""" if 'error' in request.GET: raise ThirdPartyFailure(request.GET.get('error_description', 'No reason provided.')) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url( 'https://oauth.live.com/token', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url(self.callback_route), grant_type="authorization_code", code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] # Retrieve profile data graph_url = flat_url('https://apis.live.net/v5.0/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % ( r.status_code, r.content)) live_profile = loads(r.content) profile = extract_live_data(live_profile) cred = {'oauthAccessToken': access_token} if 'refresh_token' in data: cred['oauthRefreshToken'] = data['refresh_token'] return LiveAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the Live redirect""" if 'error' in request.GET: raise ThirdPartyFailure( request.GET.get('error_description', 'No reason provided.')) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url('https://oauth.live.com/token', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url( self.callback_route), grant_type="authorization_code", code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] # Retrieve profile data graph_url = flat_url('https://apis.live.net/v5.0/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) live_profile = loads(r.content) profile = extract_live_data(live_profile) cred = {'oauthAccessToken': access_token} if 'refresh_token' in data: cred['oauthRefreshToken'] = data['refresh_token'] return LiveAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def callback(self, request): """Process the facebook redirect""" sess_state = request.session.get('state') req_state = request.GET.get('state') if not sess_state or sess_state != req_state: raise CSRFError( 'CSRF Validation check failed. Request state {req_state} is not ' 'the same as session state {sess_state}'.format( req_state=req_state, sess_state=sess_state)) code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason=reason, provider_name=self.name, provider_type=self.type) # Now retrieve the access token with the code access_url = flat_url('https://graph.facebook.com/oauth/access_token', client_id=self.consumer_key, client_secret=self.consumer_secret, redirect_uri=request.route_url( self.callback_route), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url('https://graph.facebook.com/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) fb_profile = loads(r.content) profile = extract_fb_data(fb_profile) cred = {'oauthAccessToken': access_token} return FacebookAuthenticationComplete(profile=profile, credentials=cred, provider_name=self.name, provider_type=self.type)
def live_login(request): """Initiate a Live login""" config = request.registry.settings scope = config.get('velruse.live.scope', request.POST.get('scope', 'wl.basic wl.emails wl.signin')) fb_url = flat_url('https://oauth.live.com/authorize', scope=scope, client_id=config['velruse.live.client_id'], redirect_uri=request.route_url('live_process'), response_type="code") return HTTPFound(location=fb_url)
def renren_login(request): """Initiate a renren login""" config = request.registry.settings scope = config.get('velruse.renren.scope', request.POST.get('scope', '')) url = flat_url('https://graph.renren.com/oauth/authorize', scope=scope, client_id=config['velruse.renren.app_id'], response_type='code', redirect_uri=request.route_url('renren_process')) return HTTPFound(url)
def login(self, request): """Initiate a VK login""" request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url(PROVIDER_AUTH_URL, scope=self.scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), response_type='code', state=state) return HTTPFound(location=fb_url)
def login(self, request): """Initiate a facebook login""" scope = request.POST.get('scope', self.scope) request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url('https://www.facebook.com/dialog/oauth/', scope=scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), state=state) return HTTPFound(location=fb_url)
def login(self, request): request.session['velruse.state'] = state = uuid.uuid4().hex auth_url = flat_url('https://nid.naver.com/oauth2.0/authorize', response_type='code', client_id=self.consumer_key, redirect_uri=request.route_url( self.callback_route), state=state) return HTTPFound(location=auth_url)
def qq_login(request): """Initiate a qq login""" config = request.registry.settings scope = config.get('velruse.qq.scope', request.POST.get('scope', '')) gh_url = flat_url('https://graph.qq.com/oauth2.0/authorize', scope=scope, client_id=config['velruse.qq.app_id'], response_type='code', redirect_uri=request.route_url('qq_process')) return HTTPFound(location=gh_url)
def login(self, request): """Initiate a Yandex login""" request.session['state'] = state = uuid.uuid4().hex auth_url = flat_url( PROVIDER_AUTH_URL, client_id=self.consumer_key, response_type='code', state=state ) return HTTPFound(location=auth_url)
def login(self, request): """Initiate a VK login""" request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url( PROVIDER_AUTH_URL, scope=self.scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), response_type='code', state=state) return HTTPFound(location=fb_url)
def login(self, request): """Initiate a github login""" scope = request.POST.get('scope', self.scope) request.session['state'] = state = uuid.uuid4().hex gh_url = flat_url('%s://%s/login/oauth/authorize' % (self.protocol, self.domain), scope=scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), state=state) return HTTPFound(location=gh_url)
def facebook_login(request): """Initiate a facebook login""" config = request.registry.settings scope = config.get('velruse.facebook.scope', request.POST.get('scope', '')) request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url('https://www.facebook.com/dialog/oauth/', scope=scope, client_id=config['velruse.facebook.app_id'], redirect_uri=request.route_url('facebook_process'), state=state) return HTTPFound(location=fb_url)
def login(self, request): """Initiate a facebook login""" scope = request.POST.get('scope', self.scope) request.session['state'] = state = uuid.uuid4().hex fb_url = flat_url( 'https://www.facebook.com/dialog/oauth/', scope=scope, client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), state=state) return HTTPFound(location=fb_url)
def login(self, request): """Initiate a renren login""" referer=request.referer request.session['opennexturl']=referer scope = request.POST.get('scope', self.scope) url = flat_url('https://graph.renren.com/oauth/authorize', scope=scope, client_id=self.consumer_key, response_type='code', redirect_uri=request.route_url(self.callback_route)) return HTTPFound(url)
def login(self, request): """Initiate a alfresco login""" scope = request.POST.get('scope', self.scope) request.session['state'] = state = uuid.uuid4().hex gh_url = flat_url( '%s://%s/auth/oauth/versions/2/authorize' % (self.protocol, self.domain), scope=scope, response_type='code', client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), state=state) return HTTPFound(location=gh_url)
def facebook_process(request): """Process the facebook redirect""" if request.GET.get('state') != request.session.get('state'): raise CSRFError( "CSRF Validation check failed. Request state %s is " "not the same as session state %s" % (request.GET.get('state'), request.session.get('state'))) config = request.registry.settings code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') raise AuthenticationDenied(reason) # Now retrieve the access token with the code access_url = flat_url( 'https://graph.facebook.com/oauth/access_token', client_id=config['velruse.facebook.app_id'], client_secret=config['velruse.facebook.app_secret'], redirect_uri=request.route_url('facebook_process'), code=code) r = requests.get(access_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) access_token = parse_qs(r.content)['access_token'][0] # Retrieve profile data graph_url = flat_url( 'https://graph.facebook.com/me', access_token=access_token) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) fb_profile = loads(r.content) profile = extract_fb_data(fb_profile) # Create and raise our AuthenticationComplete exception with the # appropriate data to be passed complete = AuthenticationComplete() complete.profile = profile complete.credentials = {'oauthAccessToken': access_token} raise complete
def weibo_process(request): """Process the weibo redirect""" if request.GET.get('state') != request.session.get('state'): raise CSRFError( "CSRF Validation check failed. Request state %s is " "not the same as session state %s" % (request.GET.get('state'), request.session.get('state'))) config = request.registry.settings code = request.GET.get('code') if not code: reason = request.GET.get('error_reason', 'No reason provided.') return AuthenticationDenied(reason) # Now retrieve the access token with the code r = requests.post( 'https://api.weibo.com/oauth2/access_token', dict(client_id=config['velruse.weibo.app_id'], client_secret=config['velruse.weibo.app_secret'], redirect_uri=request.route_url('weibo_process'), grant_type='authorization_code', code=code)) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) access_token = data['access_token'] uid = data['uid'] # Retrieve profile data graph_url = flat_url('https://api.weibo.com/2/users/show.json', access_token=access_token, uid=uid) r = requests.get(graph_url) if r.status_code != 200: raise ThirdPartyFailure("Status %s: %s" % (r.status_code, r.content)) data = loads(r.content) profile = { 'accounts': [{ 'domain': 'weibo.com', 'userid': data['id'] }], 'gender': data.get('gender'), 'displayName': data['screen_name'], 'preferredUsername': data['name'], } cred = {'oauthAccessToken': access_token} return WeiboAuthenticationComplete(profile=profile, credentials=cred)
def login(self, request): """Initiate a google login""" scope = ' '.join(request.POST.getall('scope')) or self.scope request.session['state'] = state = uuid.uuid4().hex approval_prompt = request.POST.get('approval_prompt', 'auto') auth_url = flat_url( '%s://%s/o/oauth2/auth' % (self.protocol, self.domain), scope=scope, response_type='code', client_id=self.consumer_key, redirect_uri=request.route_url(self.callback_route), approval_prompt=approval_prompt, access_type='offline', state=state) return HTTPFound(location=auth_url)