class TwitterProfileImagePlugin(object):
implements(IProfileImage)
adapts(IUser)
name = u'twitter_profile_image'
title = _('Twitter')
description = _(u'twitter_profile_image_description',
default=u"Your profile image is the same as the one you use on Twitter.")
def __init__(self, context):
self.context = context
def url(self, size):
if not 'twitter' in self.context.auth_domains:
return None
display_name = self.context.auth_domains['twitter']['display_name']
if not display_name:
return None
url = 'http://api.twitter.com/1/users/profile_image?screen_name=%(screen_name)s&size=bigger' % {'screen_name': display_name}
return url
def is_valid_for_user(self):
if 'twitter' in self.context.auth_domains:
oauth_userid = self.context.auth_domains['twitter']['oauth_userid']
if oauth_userid:
return True
return False
class FacebookProfileImagePlugin(object):
implements(IProfileImage)
adapts(IUser)
name = u'facebook_profile_image'
title = _('Facebook')
description = _(u'facebook_profile_image_description',
default=u"Your profile image is the same as the one you use on Facebook.")
def __init__(self, context):
self.context = context
def url(self, size):
if not 'facebook' in self.context.auth_domains:
return None
oauth_userid = self.context.auth_domains['facebook']['oauth_userid']
if not oauth_userid:
return None
url = 'http://graph.facebook.com/%(UID)s/picture' % {'UID': oauth_userid}
return url
def is_valid_for_user(self):
if 'facebook' in self.context.auth_domains:
oauth_userid = self.context.auth_domains['facebook']['oauth_userid']
if oauth_userid:
return True
return False
def openid_login_complete(context, request):
domain = context.profile['accounts'][0]['domain']
openid_identifier = context.profile['accounts'][0]['username']
force_domain = request.registry.settings.get('openid_domain', None)
if force_domain and domain != force_domain:
fm = request.registry.getAdapter(request, IFlashMessages)
msg = _(
u"openid_domain_not_allowed_error",
default=
u"OpenID logins only allowed from this domain: ${force_domain} - domain was: ${domain}",
mapping={
'force_domain': force_domain,
'domain': domain
})
fm.add(msg, type='error')
return HTTPFound(location='/')
schema = createSchema('CSORegisterUserOpenIDSchema').bind(context=context,
request=request)
form = Form(schema, action='/openid_register', buttons=(button_register, ))
appstruct = {
'openid_identifier': openid_identifier,
'domain': domain,
'came_from': request.session.get('came_from', '')
}
del request.session['came_from']
return {'form': form.render(appstruct=appstruct)}
def cloud_login_denied(context, request):
if 'came_from' in request.session:
del request.session['came_from']
fm = request.registry.getAdapter(request, IFlashMessages)
msg = _(u"authentication_error_msg",
default = u"Error in authentication from upstream server: ${reason} - Provider name: '${provider_name}' Provider type: '${provider_type}'",
mapping = {'reason': context.reason, 'provider_name': context.provider_name, 'provider_type': context.provider_type})
fm.add(msg, type = 'error')
raise HTTPFound(location = request.application_url)
def openid_login(context, request):
if request.POST:
request.session['came_from'] = request.POST.get('came_from', '')
provider = request.registry.velruse_providers['openid']
try:
return provider.login(request)
except Exception, e:
fm = request.registry.getAdapter(request, IFlashMessages)
msg = _(u"login_provider_exception_error",
default = u"Error when loggin in with 3rd party provider: '${error}'",
mapping = {'error': unicode(e)})
fm.add(msg, type = "error")
def openid_login(context, request):
if request.POST:
request.session['came_from'] = request.POST.get('came_from', '')
provider = request.registry.velruse_providers['openid']
try:
return provider.login(request)
except Exception, e:
fm = request.registry.getAdapter(request, IFlashMessages)
msg = _(
u"login_provider_exception_error",
default=
u"Error when loggin in with 3rd party provider: '${error}'",
mapping={'error': unicode(e)})
fm.add(msg, type="error")
def cloud_login_denied(context, request):
if 'came_from' in request.session:
del request.session['came_from']
fm = request.registry.getAdapter(request, IFlashMessages)
msg = _(
u"authentication_error_msg",
default=
u"Error in authentication from upstream server: ${reason} - Provider name: '${provider_name}' Provider type: '${provider_type}'",
mapping={
'reason': context.reason,
'provider_name': context.provider_name,
'provider_type': context.provider_type
})
fm.add(msg, type='error')
raise HTTPFound(location=request.application_url)
def openid_login_complete(context, request):
domain = context.profile['accounts'][0]['domain']
openid_identifier = context.profile['accounts'][0]['username']
force_domain = request.registry.settings.get('openid_domain', None)
if force_domain and domain != force_domain:
fm = request.registry.getAdapter(request, IFlashMessages)
msg = _(u"openid_domain_not_allowed_error",
default = u"OpenID logins only allowed from this domain: ${force_domain} - domain was: ${domain}",
mapping = {'force_domain': force_domain, 'domain': domain})
fm.add(msg, type = 'error')
return HTTPFound(location = '/')
schema = createSchema('CSORegisterUserOpenIDSchema').bind(context=context, request=request)
form = Form(schema, action='/openid_register', buttons=(button_register,))
appstruct = {'openid_identifier': openid_identifier,
'domain': domain,
'came_from': request.session.get('came_from', '')}
del request.session['came_from']
return {'form': form.render(appstruct=appstruct)}
def facebook_register(self):
schema = createSchema('CSORegisterUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
oauth_userid = post['oauth_userid']
oauth_access_token = post['oauth_access_token']
came_from = post['came_from']
# Logged in user, connect auth token to user
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_user_by_oauth_token(
'facebook', oauth_access_token)
if other_user and user != other_user:
raise Forbidden(
_("Another user has already registered with this token."
))
#setting domain stuff
user.auth_domains['facebook'] = {
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_user_by_oauth_token(
'facebook', oauth_access_token)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
name = appstruct['userid']
del appstruct['userid']
# removing domain data from appstruct
del appstruct['oauth_userid']
del appstruct['oauth_access_token']
# add facebook as selected profile image
appstruct['profile_image_plugin'] = 'facebook_profile_image'
del appstruct['came_from']
obj = createContent('User', creators=[name], **appstruct)
self.context.users[name] = obj
#setting domain stuff
obj.auth_domains['facebook'] = {
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
openid_identifier = post['openid_identifier']
domain = post['domain']
userid = post['userid']
came_from = post['came_from']
# Logged in user, connect openid_identifier
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_auth_domain_user(
'openid', 'openid_identifier', openid_identifier)
if other_user and user != other_user:
raise Forbidden(
_("Another user has already registered with this identifier."
))
#setting domain stuff
user.auth_domains['openid'] = {
'openid_identifier': openid_identifier,
'domain': domain
}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_auth_domain_user(
'openid', 'openid_identifier', openid_identifier)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid = appstruct['userid']
email = appstruct['email']
first_name = appstruct['first_name']
last_name = appstruct['last_name']
obj = createContent('User',
creators=[userid],
email=email,
first_name=first_name,
last_name=last_name)
self.context.users[userid] = obj
#setting domain stuff
obj.auth_domains['openid'] = {
'openid_identifier': openid_identifier,
'domain': domain
}
headers = remember(self.request, userid) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
'display_name': display_name,
}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
raise Forbidden(_("Unable to authenticate using Twitter"))
@view_config(context=ISiteRoot,
name='openid_register',
renderer="voteit.core.views:templates/base_edit.pt",
permission=NO_PERMISSION_REQUIRED)
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
#setting domain stuff
obj.auth_domains['twitter'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
'display_name': display_name,}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
raise Forbidden(_("Unable to authenticate using Twitter"))
@view_config(context=ISiteRoot, name='openid_register', renderer="voteit.core.views:templates/base_edit.pt",
permission=NO_PERMISSION_REQUIRED)
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
def facebook_register(self):
schema = createSchema('CSORegisterUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
oauth_userid = post['oauth_userid']
oauth_access_token = post['oauth_access_token']
came_from = post['came_from']
# Logged in user, connect auth token to user
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token)
if other_user and user != other_user:
raise Forbidden(_("Another user has already registered with this token."))
#setting domain stuff
user.auth_domains['facebook'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
name = appstruct['userid']
del appstruct['userid']
# removing domain data from appstruct
del appstruct['oauth_userid']
del appstruct['oauth_access_token']
# add facebook as selected profile image
appstruct['profile_image_plugin'] = 'facebook_profile_image'
del appstruct['came_from']
obj = createContent('User', creators=[name], **appstruct)
self.context.users[name] = obj
#setting domain stuff
obj.auth_domains['facebook'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
openid_identifier = post['openid_identifier']
domain = post['domain']
userid = post['userid']
came_from = post['came_from']
# Logged in user, connect openid_identifier
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier)
if other_user and user != other_user:
raise Forbidden(_("Another user has already registered with this identifier."))
#setting domain stuff
user.auth_domains['openid'] = {'openid_identifier': openid_identifier,
'domain': domain}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid = appstruct['userid']
email = appstruct['email']
first_name = appstruct['first_name']
last_name = appstruct['last_name']
obj = createContent('User', creators=[userid], email = email, first_name = first_name, last_name = last_name)
self.context.users[userid] = obj
#setting domain stuff
obj.auth_domains['openid'] = {'openid_identifier': openid_identifier,
'domain': domain}
headers = remember(self.request, userid) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
import colander
import deform
from betahaus.pyracont.decorators import schema_factory
from voteit.core.schemas.user import userid_node
from voteit.core.schemas.user import email_node
from voteit.core.schemas.user import first_name_node
from voteit.core.schemas.user import last_name_node
from voteit.core.schemas.user import came_from_node
from voteit.cloudsignon import VoteITCSO as _
@schema_factory('CSORegisterUserSchema',
title=_(u"Registration"),
description=_(
u"cso_complete_registration_notice",
default=u'Review or complete your registration below.'))
class CSORegisterUserSchema(colander.Schema):
""" CSO registration. """
userid = userid_node()
email = email_node()
first_name = first_name_node()
last_name = last_name_node()
domain = colander.SchemaNode(
colander.String(),
widget=deform.widget.HiddenWidget(),
missing=u"",
)
oauth_access_token = colander.SchemaNode(
colander.String(),
def login_provider(context, request, va, **kw):
providers = request.registry.settings.get('login_providers', ())
if va.name not in providers:
return u""
api = kw['api']
response = dict(
api=api,
came_from=request.GET.get('came_from', ''),
title=va.title,
)
return render(va.kwargs['template'], response, request=request)
@view_action('login_forms',
'facebook',
title=_(u"Facebook"),
template="templates/facebook.pt")
@view_action('login_forms',
'twitter',
title=_(u"Twitter"),
template="templates/twitter.pt")
@view_action('login_forms',
'openid',
title=_(u"OpenID"),
template="templates/openid.pt")
def login_va(context, request, va, **kw):
api = kw['api']
if not api.userid:
return login_provider(context, request, va, **kw)
return u""
from voteit.cloudsignon import VoteITCSO as _
def login_provider(context, request, va, **kw):
providers = request.registry.settings.get('login_providers', ())
if va.name not in providers:
return u""
api = kw['api']
response = dict(
api = api,
came_from = request.GET.get('came_from', ''),
title = va.title,
)
return render(va.kwargs['template'], response, request = request)
@view_action('login_forms', 'facebook', title = _(u"Facebook"), template="templates/facebook.pt")
@view_action('login_forms', 'twitter', title = _(u"Twitter"), template="templates/twitter.pt")
@view_action('login_forms', 'openid', title = _(u"OpenID"), template="templates/openid.pt")
def login_va(context, request, va, **kw):
api = kw['api']
if not api.userid:
return login_provider(context, request, va, **kw)
return u""
@view_action('connect_forms', 'facebook', title = _(u"Connect to Facebook"), template="templates/facebook.pt")
@view_action('connect_forms', 'twitter', title = _(u"Connect to Twitter"), template="templates/twitter.pt")
@view_action('connect_forms', 'openid', title = _(u"Connect to OpenID"), template="templates/openid.pt")
def connect_va(context, request, va, **kw):
api = kw['api']
if api.userid and va.name not in api.user_profile.auth_domains:
return login_provider(context, request, va, **kw)
import colander
import deform
from betahaus.pyracont.decorators import schema_factory
from voteit.core.schemas.user import userid_node
from voteit.core.schemas.user import email_node
from voteit.core.schemas.user import first_name_node
from voteit.core.schemas.user import last_name_node
from voteit.core.schemas.user import came_from_node
from voteit.cloudsignon import VoteITCSO as _
@schema_factory('CSORegisterUserSchema',
title = _(u"Registration"),
description=_(u"cso_complete_registration_notice",
default = u'Review or complete your registration below.'))
class CSORegisterUserSchema(colander.Schema):
""" CSO registration. """
userid = userid_node()
email = email_node()
first_name = first_name_node()
last_name = last_name_node()
domain = colander.SchemaNode(colander.String(),
widget = deform.widget.HiddenWidget(),
missing=u"",)
oauth_access_token = colander.SchemaNode(colander.String(),
widget = deform.widget.HiddenWidget(),)
oauth_userid = colander.SchemaNode(colander.String(),
widget = deform.widget.HiddenWidget(),
missing=u"",)
