def persona_login(request):
if request.method != 'POST':
return HTTPMethodNotAllowed('Only POST is allowed')
assertion = request.POST.get('assertion', None)
if assertion is None:
return HTTPBadRequest('The assertion parameter is required')
if 'next_url' in request.params and request.params['next_url']:
request.session['next_url'] = request.params['next_url']
settings = request.registry.settings
data = {
'assertion': assertion,
'audience': get_audience(settings['public_url_root'])
}
response = requests.post(settings['persona_verifier_url'],
data=data,
verify=True)
if response.ok:
verification_data = response.json()
if verification_data['status'] == 'okay':
email = verification_data['email']
info = {'email': email}
user_id = hashlib.sha1(email.encode('utf-8')).hexdigest()
return register_or_update(request, 'persona', user_id, info,
request.route_path('home'))
else:
return HTTPForbidden(
'Mozilla Persona verifier can not verify your identity')
else:
return HTTPBadGateway(
'Mozilla Persona verifier is not working properly')
def persona_login(request):
if request.method != "POST":
return HTTPMethodNotAllowed("Only POST is allowed")
assertion = request.POST.get("assertion", None)
if assertion is None:
return HTTPBadRequest("The assertion parameter is required")
if "next_url" in request.params and request.params["next_url"]:
request.session["next_url"] = request.params["next_url"]
settings = request.registry.settings
data = {"assertion": assertion, "audience": get_audience(settings["public_url_root"])}
response = requests.post(settings["persona_verifier_url"], data=data, verify=True)
if response.ok:
verification_data = response.json()
if verification_data["status"] == "okay":
email = verification_data["email"]
info = {"email": email}
user_id = hashlib.sha1(email.encode("utf-8")).hexdigest()
return register_or_update(request, "persona", user_id, info, request.route_path("home"))
else:
return HTTPForbidden("Mozilla Persona verifier can not verify your identity")
else:
return HTTPServerError("Mozilla Persona verifier is not working properly")
def test_register_or_update_new_user(self):
request = testing.DummyRequest()
request.session = {}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(
request,
"twitter",
"1",
{
"screen_name": "JohnDoe",
"first_name": "John",
"last_name": "Doe",
"invented_attribute": "foo", # this will not be in the output
},
"/next",
)
self.assertEqual(response.status, "302 Found")
self.assertEqual(response.location, "/register")
self.assertEqual(request.session["next_url"], "/next")
self.assertEqual(
request.session["user_info"],
{
"screen_name": "JohnDoe",
"first_name": "John",
"last_name": "Doe",
"email": "",
"provider": "twitter",
"external_id": "1",
},
)
def test_register_or_update_existing_user(self):
user = User(screen_name='JohnDoe',
first_name='John',
last_name='')
identity = ExternalIdentity(provider='twitter',
external_id='1',
user=user)
Session.add(user)
Session.add(identity)
Session.flush()
user_id = user.id
request = testing.DummyRequest()
request.session = {USER_ATTR: True}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'twitter', '1', {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '*****@*****.**',
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/next')
user = Session.query(User).filter(User.id == user_id).one()
self.assertEqual(user.email, '*****@*****.**')
self.assertEqual(user.last_name, 'Doe')
self.assertEqual(user.allow_google_analytics, True)
def persona_login(request):
if request.method != 'POST':
return HTTPMethodNotAllowed('Only POST is allowed')
assertion = request.POST.get('assertion', None)
if assertion is None:
return HTTPBadRequest('The assertion parameter is required')
if 'next_url' in request.params and request.params['next_url']:
request.session['next_url'] = request.params['next_url']
settings = request.registry.settings
data = {'assertion': assertion,
'audience': get_audience(settings['public_url_root'])}
response = requests.post(settings['persona_verifier_url'],
data=data, verify=True)
if response.ok:
verification_data = response.json
if verification_data['status'] == 'okay':
email = verification_data['email']
info = {'email': email}
user_id = hashlib.sha1(email.encode('utf-8')).hexdigest()
return register_or_update(request, 'persona', user_id,
info, request.route_path('home'))
else:
return HTTPForbidden('Mozilla Persona verifier can not verify your identity')
else:
return HTTPServerError('Mozilla Persona verifier is not working properly')
def facebook_callback(request):
settings = request.registry.settings
access_token = oauth2_step2(
request=request,
token_uri=settings['facebook_access_token_url'],
client_id=settings['facebook_app_id'],
client_secret=settings['facebook_app_secret'],
redirect_url=request.route_url('facebook_callback'),
scope=_get_scope(),
)
info = get_user_info(settings['facebook_basic_information_url'],
access_token)
user_id = info['id']
info['screen_name'] = info['name']
return register_or_update(request, 'facebook', user_id, info,
request.route_path('home'))
def test_register_or_update_next_url_in_session(self):
user = User(screen_name="JohnDoe", first_name="John", last_name="")
identity = ExternalIdentity(provider="twitter", external_id="1", user=user)
Session.add(user)
Session.add(identity)
Session.flush()
request = testing.DummyRequest()
request.session = {"next_url": "/foo"}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(
request,
"twitter",
"1",
{"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"},
"/next",
)
self.assertEqual(response.status, "302 Found")
self.assertEqual(response.location, "/foo")
def test_register_or_update_new_user(self):
request = testing.DummyRequest()
request.session = {}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'twitter', '1', {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'invented_attribute': 'foo', # this will not be in the output
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/register')
self.assertEqual(request.session['next_url'], '/next')
self.assertEqual(request.session['user_info'], {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '',
'provider': 'twitter',
'external_id': '1',
})
def google_callback(request):
settings = request.registry.settings
access_token = oauth2_step2(
request=request,
token_uri=settings['google_token_uri'],
client_id=settings['google_client_id'],
client_secret=settings['google_client_secret'],
redirect_url=request.route_url('google_callback'),
scope=_get_scope(),
)
info = get_user_info(settings['google_user_info_uri'], access_token)
user_id = info['id']
new_info = {
'screen_name': info.get('name', ''),
'first_name': info.get('given_name', ''),
'last_name': info.get('family_name', ''),
'email': info.get('email', ''),
}
return register_or_update(request, 'google', user_id, new_info,
request.route_path('home'))
def test_register_or_update_next_url_in_session(self):
user = User(screen_name='JohnDoe',
first_name='John',
last_name='')
identity = ExternalIdentity(provider='twitter',
external_id='1',
user=user)
Session.add(user)
Session.add(identity)
Session.flush()
request = testing.DummyRequest()
request.session = {'next_url': '/foo'}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'twitter', '1', {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '*****@*****.**',
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/foo')
def test_register_or_update_existing_user(self):
user = User(screen_name="JohnDoe", first_name="John", last_name="")
identity = ExternalIdentity(provider="twitter", external_id="1", user=user)
Session.add(user)
Session.add(identity)
Session.flush()
user_id = user.id
request = testing.DummyRequest()
request.session = {USER_ATTR: True}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(
request,
"twitter",
"1",
{"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"},
"/next",
)
self.assertEqual(response.status, "302 Found")
self.assertEqual(response.location, "/next")
user = Session.query(User).filter(User.id == user_id).one()
self.assertEqual(user.email, "*****@*****.**")
self.assertEqual(user.last_name, "Doe")
self.assertEqual(user.allow_google_analytics, True)
def twitter_callback(request):
settings = request.registry.settings
try:
oauth_token = request.params['oauth_token']
except KeyError:
return HTTPBadRequest('Missing required oauth_token')
try:
oauth_verifier = request.params['oauth_verifier']
except KeyError:
return HTTPBadRequest('Missing required oauth_verifier')
try:
saved_oauth_token = request.session['oauth_token']
except KeyError:
return HTTPBadRequest('No oauth_token was found in the session')
if saved_oauth_token != oauth_token:
return HTTPUnauthorized("OAuth tokens don't match")
else:
del request.session['oauth_token']
access_token_url = settings['twitter_access_token_url']
params = (
('oauth_token', oauth_token),
)
auth = auth_header('POST', access_token_url, params, settings, oauth_token)
response = requests.post(access_token_url,
data='oauth_verifier=%s' % oauth_verifier,
headers={'Authorization': auth})
if response.status_code != 200:
return HTTPUnauthorized(response.text)
response_args = dict(urlparse.parse_qsl(response.text))
#oauth_token_secret = response_args['oauth_token_secret']
oauth_token = response_args['oauth_token']
user_id = response_args['user_id']
screen_name = response_args['screen_name']
existing_user = user_from_provider_id(request.db, 'twitter', user_id)
if existing_user is None:
# fetch Twitter info only if this is the first time for
# the user sice Twitter has very strong limits for using
# its APIs
twitter_info = get_user_info(settings, user_id, oauth_token)
first_name, last_name = split_name(twitter_info['name'])
info = {
'screen_name': screen_name,
'first_name': first_name,
'last_name': last_name,
}
else:
info = {}
return register_or_update(request, 'twitter', user_id, info,
request.route_path('home'))
def twitter_callback(request):
settings = request.registry.settings
try:
oauth_token = request.params['oauth_token']
except KeyError:
return HTTPBadRequest('Missing required oauth_token')
try:
oauth_verifier = request.params['oauth_verifier']
except KeyError:
return HTTPBadRequest('Missing required oauth_verifier')
try:
saved_oauth_token = request.session['oauth_token']
except KeyError:
return HTTPBadRequest('No oauth_token was found in the session')
if saved_oauth_token != oauth_token:
return HTTPUnauthorized("OAuth tokens don't match")
else:
del request.session['oauth_token']
access_token_url = settings['twitter_access_token_url']
params = (
('oauth_token', oauth_token),
('oauth_verifier', oauth_verifier),
)
auth = auth_header('POST', access_token_url, params, settings, oauth_token)
response = requests.post(access_token_url,
headers={'Authorization': auth})
if response.status_code != 200:
return HTTPUnauthorized(response.text)
response_args = dict(urlparse.parse_qsl(response.text))
# moauth_token_secret = response_args['oauth_token_secret']
oauth_token = response_args['oauth_token']
user_id = response_args['user_id']
screen_name = response_args['screen_name']
existing_user = user_from_provider_id('twitter', user_id)
if existing_user is None:
# fetch Twitter info only if this is the first time for
# the user sice Twitter has very strong limits for using
# its APIs
twitter_info = get_user_info(settings, user_id)
first_name, last_name = split_name(twitter_info['name'])
info = {
'screen_name': screen_name,
'first_name': first_name,
'last_name': last_name,
}
else:
info = {}
return register_or_update(request, 'twitter', user_id, info,
request.route_path('home'))
def test_register_or_update(self):
os.environ["YITH_FAKE_DATETIME"] = "2013-1-2-10-11-02"
request = testing.DummyRequest()
request.db = self.db
request.session = {}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(
request,
"skynet",
1,
{
"screen_name": "JohnDoe",
"first_name": "John",
"last_name": "Doe",
"invented_attribute": "foo", # this will not be in the output
},
"/next",
)
self.assertEqual(response.status, "302 Found")
self.assertEqual(response.location, "/register")
self.assertEqual(request.session["next_url"], "/next")
self.assertEqual(
request.session["user_info"],
{
"screen_name": "JohnDoe",
"first_name": "John",
"last_name": "Doe",
"email": "",
"provider": "skynet",
"skynet_id": 1,
},
)
# try with an existing user
user_id = self.db.users.insert(
{"skynet_id": 1, "screen_name": "JohnDoe", "first_name": "John", "last_name": ""}, safe=True
)
request = testing.DummyRequest()
request.db = self.db
request.session = {USER_ATTR: True}
request.google_analytics = GoogleAnalytics(request)
request.datetime_service = FakeDatetimeService(request)
response = register_or_update(
request,
"skynet",
1,
{"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"},
"/next",
)
self.assertEqual(response.status, "302 Found")
self.assertEqual(response.location, "/next")
user = self.db.users.find_one({"_id": user_id})
self.assertEqual(user["email"], "*****@*****.**")
self.assertEqual(user["last_name"], "Doe")
self.assertEqual(user[USER_ATTR], True)
# maybe there is a next_url in the session
request = testing.DummyRequest()
request.db = self.db
request.session = {"next_url": "/foo"}
request.google_analytics = GoogleAnalytics(request)
request.datetime_service = FakeDatetimeService(request)
response = register_or_update(
request,
"skynet",
1,
{"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"},
"/next",
)
self.assertEqual(response.status, "302 Found")
self.assertEqual(response.location, "/foo")
del os.environ["YITH_FAKE_DATETIME"]
def liveconnect_callback(request, user_id, info):
return register_or_update(request, 'liveconnect', user_id, info,
request.route_path('home'))
def facebook_callback(request, user_id, info):
return register_or_update(request, 'facebook', user_id, info,
request.route_path('home'))
def google_callback(request, user_id, new_info):
return register_or_update(request, 'google', user_id, new_info,
request.route_path('home'))
def test_register_or_update(self):
request = testing.DummyRequest()
request.db = self.db
request.session = {}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'skynet', 1, {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'invented_attribute': 'foo', # this will not be in the output
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/register')
self.assertEqual(request.session['next_url'], '/next')
self.assertEqual(request.session['user_info'], {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '',
'provider': 'skynet',
'skynet_id': 1,
})
# try with an existing user
user_id = self.db.users.insert({
'skynet_id': 1,
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': '',
}, safe=True)
request = testing.DummyRequest()
request.db = self.db
request.session = {USER_ATTR: True}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'skynet', 1, {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '*****@*****.**',
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/next')
user = self.db.users.find_one({'_id': user_id})
self.assertEqual(user['email'], '*****@*****.**')
self.assertEqual(user['last_name'], 'Doe')
self.assertEqual(user[USER_ATTR], True)
# maybe there is a next_url in the session
request = testing.DummyRequest()
request.db = self.db
request.session = {'next_url': '/foo'}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'skynet', 1, {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '*****@*****.**',
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/foo')
