def github_connect():
state = request.args.get('state')
if login_session['state'] != state:
abort(403)
code = request.args.get('code')
params = {
"client_id": GIT_CLIENT_ID,
"client_secret": GIT_CLIENT_SECRET,
"code": code,
"state": login_session['state']
}
params_data = urllib.urlencode(params)
auth_url = "https://github.com/login/oauth/access_token"
http = httplib2.Http()
auth_response = http.request(auth_url, 'POST', body=params_data)
#TODO handle response errors
#TODO handle user-granted limited scopes
#TODO add user agent to requests https://developer.github.com/v3/
#TODO add explicit api version (v3) to requests https://developer.github.com/v3/
data = dict(urlparse.parse_qsl(auth_response[1]))
# print data
login_session['provider'] = 'github'
login_session['access_token'] = data['access_token']
login_session['scope'] = data['scope']
access_token_param = "access_token=" + login_session['access_token']
github_user_api = 'https://api.github.com/user'
user_request = github_user_api + "?" + access_token_param
http = httplib2.Http()
user_response = http.request(user_request, 'GET')
#TODO handle profile response errors
profile = json.loads(user_response[1])
login_session['github_username'] = profile['login']
login_session['full_name'] = profile['name']
login_session['picture'] = profile['avatar_url']
user_email_request = github_user_api + "/emails?" + access_token_param
http = httplib2.Http()
email_response = http.request(user_email_request, 'GET')
emails = json.loads(email_response[1])
for email in emails:
if email['primary'] == True and email['verified'] == True:
login_session['email'] = email['email']
else:
#TODO handle unverified email addresses
pass
if login_session.get('email') is not None:
user_id = user_tools.get_user_id(login_session['email'])
if not user_id:
user_id = user_tools.create_user(login_session)
login_session['user_id'] = user_id
flash("Logged in as %s" % login_session['email'])
return redirect(url_for('catalog.show_catalog'))
def gconnect():
code = request.data
try:
g_secrets_file = G_CLIENT_FILE
oauth_flow = flow_from_clientsecrets(g_secrets_file,
scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError:
response = make_response(json.dumps('Failed to upgrade the '
'authorization code.'), 401)
response.headers['content-type'] = 'application/json'
return response
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s'
% access_token)
http = httplib2.Http()
result = json.loads(http.request(url, 'GET')[1])
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['content-type'] = 'application/json'
return response
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(json.dumps("Token's user ID doesn't match "
"given user ID."), 401)
response.headers['content-type'] = 'application/json'
return response
if result['issued_to'] != G_CLIENT_ID:
response = make_response(json.dumps("Token's client ID does not "
"match app's."), 401)
response.headers['content-type'] = 'application/json'
return response
stored_credentials = login_session.get('credentials')
stored_gplus_id = login_session.get('gplus_id')
if stored_credentials is not None and gplus_id == stored_gplus_id:
response = make_response(json.dumps('Current user is already '
'connected'), 200)
response.headers['content-type'] = 'application/json'
return response
login_session['access_token'] = credentials.access_token
login_session['gplus_id'] = gplus_id
# USING URLLIB2
# userinfo_connection = urllib2.urlopen(userinfo_request)
# answer = userinfo_connection.read()
# userinfo_connection.close()
# USING REQUESTS
# answer = requests.get(userinfo_url, params=params)
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
param_data = urllib.urlencode(params)
userinfo_request = userinfo_url + "?" + param_data
http = httplib2.Http()
answer = http.request(userinfo_request, 'GET')
data = json.loads(answer[1])
login_session['provider'] = 'google'
login_session['full_name'] = data['name']
login_session['given_name'] = data['given_name']
login_session['family_name'] = data['family_name']
login_session['picture'] = data['picture']
login_session['email'] = data['email']
user_id = user_tools.get_user_id(login_session['email'])
if not user_id:
user_id = user_tools.create_user(login_session)
login_session['user_id'] = user_id
output = ''
output += '<h4>Welcome ' + login_session['given_name'] + '<h4>'
flash('You are now logged in as %s' % login_session['email'])
return output
