def get_email_confirmation_redirect_url(self, request, badgr_app=None): """ The URL to return to after successful e-mail confirmation. """ if badgr_app is None: badgr_app = BadgrApp.objects.get_current(request) if not badgr_app: logger = logging.getLogger(self.__class__.__name__) logger.warning("Could not determine authorized badgr app") return super(BadgrAccountAdapter, self).get_email_confirmation_redirect_url(request) try: resolverMatch = resolve(request.path) confirmation = EmailConfirmationHMAC.from_key( resolverMatch.kwargs.get('confirm_id')) # publish changes to cache email_address = CachedEmailAddress.objects.get( pk=confirmation.email_address.pk) email_address.save() redirect_url = urlparse.urljoin( badgr_app.email_confirmation_redirect.rstrip('/') + '/', urllib.quote(email_address.user.first_name.encode('utf8'))) redirect_url = set_url_query_params( redirect_url, email=email_address.email.encode('utf8')) return redirect_url except Resolver404, EmailConfirmation.DoesNotExist: return badgr_app.email_confirmation_redirect
def get_email_confirmation_redirect_url(self, request, badgr_app=None): """ The URL to return to after successful e-mail confirmation. """ if badgr_app is None: badgr_app = BadgrApp.objects.get_current(request) if not badgr_app: logger = logging.getLogger(self.__class__.__name__) logger.warning("Could not determine authorized badgr app") return super(BadgrAccountAdapter, self).get_email_confirmation_redirect_url(request) try: resolverMatch = resolve(request.path) confirmation = EmailConfirmationHMAC.from_key(resolverMatch.kwargs.get('confirm_id')) # publish changes to cache email_address = CachedEmailAddress.objects.get(pk=confirmation.email_address.pk) email_address.save() redirect_url = urlparse.urljoin( badgr_app.email_confirmation_redirect.rstrip('/') + '/', urllib.quote(email_address.user.first_name.encode('utf8')) ) redirect_url = set_url_query_params(redirect_url, email=email_address.email.encode('utf8')) return redirect_url except Resolver404, EmailConfirmation.DoesNotExist: return badgr_app.email_confirmation_redirect
def get_redirect_url(self): badgr_app = get_session_badgr_app(self.request) if badgr_app is not None: return set_url_query_params( badgr_app.ui_login_redirect, authError= 'An account already exists with provided email address')
def get_redirect_url(self): provider_name = self.request.GET.get('provider', None) if provider_name is None: raise ValidationError('No provider specified') badgr_app = BadgrApp.objects.get_current(request=self.request) if badgr_app is not None: set_session_badgr_app(self.request, badgr_app) else: raise ValidationError('Unable to save BadgrApp in session') try: redirect_url = reverse('{}_login'.format( self.request.GET.get('provider'))) except NoReverseMatch: raise ValidationError('No {} provider found'.format(provider_name)) auth_token = self.request.GET.get('authToken', None) if auth_token is not None: get_verified_user( auth_token ) # Raises AuthenticationFailed if auth token is invalid set_session_auth_token(self.request, auth_token) return set_url_query_params(redirect_url, process=AuthProcess.CONNECT) else: return redirect_url
def get(self, request, **kwargs): """ Confirm an email address with a token provided in an email --- parameters: - name: token type: string paramType: form description: The token received in the recovery email required: true """ token = request.query_params.get('token') badgrapp_id = request.query_params.get('a', None) if badgrapp_id is None: badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1) try: badgrapp = BadgrApp.objects.get(id=badgrapp_id) except BadgrApp.DoesNotExist: return Response(status=HTTP_404_NOT_FOUND) emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id')) if emailconfirmation is None: return Response(status=HTTP_404_NOT_FOUND) try: email_address = CachedEmailAddress.cached.get(pk=emailconfirmation.email_address.pk) except CachedEmailAddress.DoesNotExist: return Response(status=HTTP_404_NOT_FOUND) matches = re.search(r'([0-9A-Za-z]+)-(.*)', token) if not matches: return Response(status=HTTP_404_NOT_FOUND) uidb36 = matches.group(1) key = matches.group(2) if not (uidb36 and key): return Response(status=HTTP_404_NOT_FOUND) user = self._get_user(uidb36) if user is None or not default_token_generator.check_token(user, key): return Response(status=HTTP_404_NOT_FOUND) if email_address.user != user: return Response(status=HTTP_404_NOT_FOUND) old_primary = CachedEmailAddress.objects.get_primary(user) if old_primary is None: email_address.primary = True email_address.verified = True email_address.save() process_email_verification.delay(email_address.pk) # get badgr_app url redirect redirect_url = get_adapter().get_email_confirmation_redirect_url(request, badgr_app=badgrapp) redirect_url = set_url_query_params(redirect_url, authToken=user.auth_token) return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def error_redirect_url(self): if self.badgrapp is None: try: self.badgrapp = BadgrApp.objects.get(id=getattr(settings, 'BADGR_APP_ID', 1)) except BadgrApp.DoesNotExist: return OriginSetting.HTTP return set_url_query_params( self.badgrapp.ui_login_redirect.rstrip('/'), authError='Error validating request.' )
def error_redirect_url(self): if self.badgrapp is None: try: self.badgrapp = BadgrApp.objects.get( id=getattr(settings, 'BADGR_APP_ID', 1)) except BadgrApp.DoesNotExist: return OriginSetting.HTTP return set_url_query_params( self.badgrapp.ui_login_redirect.rstrip('/'), authError='Error validating request.')
def get_login_redirect_url(self, request): """ If successfully logged in, redirect to the front-end, including an authToken query parameter. """ if request.user.is_authenticated(): badgr_app = get_session_badgr_app(request) if badgr_app is not None: return set_url_query_params(badgr_app.ui_login_redirect, authToken=request.user.auth_token) else: return '/'
def get_redirect_url(self): provider_name = self.request.GET.get('provider', None) if provider_name is None: raise ValidationError('No provider specified') badgr_app = BadgrApp.objects.get_current(request=self.request) if badgr_app is not None: set_session_badgr_app(self.request, badgr_app) else: raise ValidationError('Unable to save BadgrApp in session') try: redirect_url = reverse('{}_login'.format(self.request.GET.get('provider'))) except NoReverseMatch: raise ValidationError('No {} provider found'.format(provider_name)) authcode = self.request.GET.get('authCode', None) if authcode is not None: set_session_authcode(self.request, authcode) return set_url_query_params(redirect_url, process=AuthProcess.CONNECT) else: validate_name = self.request.GET.get('validateName', "false").lower() == "true" return set_url_query_params(redirect_url, validateName=validate_name)
def get_redirect_url(self, *args, **kwargs): authcode = kwargs.get('authcode', None) if not authcode: return self.error_redirect_url() user_info = decrypt_authcode(authcode) try: user_info = json.loads(user_info) except ( TypeError, ValueError, ): user_info = None if not user_info: return self.error_redirect_url() badgrapp_id = user_info.get('badgrapp_id') if badgrapp_id is None: badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1) try: self.badgrapp = BadgrApp.objects.get(id=badgrapp_id) except BadgrApp.DoesNotExist: return self.error_redirect_url() try: email_address = CachedEmailAddress.cached.get( email=user_info.get('email')) except CachedEmailAddress.DoesNotExist: return self.error_redirect_url() user = email_address.user user.first_name = user_info.get('first_name', user.first_name) user.last_name = user_info.get('last_name', user.last_name) user.badgrapp = self.badgrapp user.marketing_opt_in = user_info.get('marketing_opt_in', user.marketing_opt_in) user.agreed_terms_version = TermsVersion.cached.latest_version() user.email_verified = True if user_info.get('plaintext_password'): user.set_password(user_info['plaintext_password']) user.save() redirect_url = urlparse.urljoin( self.badgrapp.email_confirmation_redirect.rstrip('/') + '/', urllib.quote(user.first_name.encode('utf8'))) redirect_url = set_url_query_params( redirect_url, email=email_address.email.encode('utf8')) return redirect_url
def get_redirect_url(self, *args, **kwargs): authcode = kwargs.get('authcode', None) if not authcode: return self.error_redirect_url() user_info = decrypt_authcode(authcode) try: user_info = json.loads(user_info) except (TypeError, ValueError,): user_info = None if not user_info: return self.error_redirect_url() badgrapp_id = user_info.get('badgrapp_id') if badgrapp_id is None: badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1) try: self.badgrapp = BadgrApp.objects.get(id=badgrapp_id) except BadgrApp.DoesNotExist: return self.error_redirect_url() try: email_address = CachedEmailAddress.cached.get(email=user_info.get('email')) except CachedEmailAddress.DoesNotExist: return self.error_redirect_url() user = email_address.user user.first_name = user_info.get('first_name', user.first_name) user.last_name = user_info.get('last_name', user.last_name) user.badgrapp = self.badgrapp user.marketing_opt_in = user_info.get('marketing_opt_in', user.marketing_opt_in) user.agreed_terms_version = TermsVersion.cached.latest_version() user.email_verified = True if user_info.get('plaintext_password'): user.set_password(user_info['plaintext_password']) user.save() redirect_url = urlparse.urljoin( self.badgrapp.email_confirmation_redirect.rstrip('/') + '/', urllib.quote(user.first_name.encode('utf8')) ) redirect_url = set_url_query_params(redirect_url, email=email_address.email.encode('utf8')) return redirect_url
def get_login_redirect_url(self, request): """ If successfully logged in, redirect to the front-end, including an authToken query parameter. """ if request.user.is_authenticated(): badgr_app = get_session_badgr_app(request) if badgr_app is not None: accesstoken = BadgrAccessToken.objects.generate_new_token_for_user( request.user, application=badgr_app.oauth_application if badgr_app.oauth_application_id else None, scope='rw:backpack rw:profile rw:issuer') if badgr_app.use_auth_code_exchange: authcode = authcode_for_accesstoken(accesstoken) params = dict(authCode=authcode) else: params = dict(authToken=accesstoken.token) return set_url_query_params(badgr_app.ui_login_redirect, **params) else: return '/'
def get_redirect_url(self): provider_name = self.request.GET.get('provider', None) if provider_name is None: raise ValidationError('No provider specified') badgr_app = BadgrApp.objects.get_current(request=self.request) if badgr_app is not None: set_session_badgr_app(self.request, badgr_app) else: raise ValidationError('Unable to save BadgrApp in session') try: redirect_url = reverse('{}_login'.format(self.request.GET.get('provider'))) except NoReverseMatch: raise ValidationError('No {} provider found'.format(provider_name)) authcode = self.request.GET.get('authCode', None) if authcode is not None: set_session_authcode(self.request, authcode) return set_url_query_params(redirect_url, process=AuthProcess.CONNECT) else: return redirect_url
def get_login_redirect_url(self, request): """ If successfully logged in, redirect to the front-end, including an authToken query parameter. """ if request.user.is_authenticated: badgr_app = get_session_badgr_app(request) if badgr_app is not None: accesstoken = BadgrAccessToken.objects.generate_new_token_for_user( request.user, application=badgr_app.oauth_application if badgr_app.oauth_application_id else None, scope='rw:backpack rw:profile rw:issuer') if badgr_app.use_auth_code_exchange: authcode = authcode_for_accesstoken(accesstoken) params = dict(authCode=authcode) else: params = dict(authToken=accesstoken.token) return set_url_query_params(badgr_app.ui_login_redirect, **params) else: return '/'
def get_redirect_url(self): badgr_app = get_session_badgr_app(self.request) if badgr_app is not None: return set_url_query_params(badgr_app.ui_connect_success_redirect)
def get(self, request, **kwargs): """ Confirm an email address with a token provided in an email --- parameters: - name: token type: string paramType: form description: The token received in the recovery email required: true """ token = request.query_params.get('token') badgrapp_id = request.query_params.get('a', None) if badgrapp_id is None: badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1) try: badgrapp = BadgrApp.objects.get(id=badgrapp_id) except BadgrApp.DoesNotExist: return Response(status=HTTP_404_NOT_FOUND) emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id')) if emailconfirmation is None: return Response(status=HTTP_404_NOT_FOUND) try: email_address = CachedEmailAddress.cached.get(pk=emailconfirmation.email_address.pk) except CachedEmailAddress.DoesNotExist: return Response(status=HTTP_404_NOT_FOUND) matches = re.search(r'([0-9A-Za-z]+)-(.*)', token) if not matches: return Response(status=HTTP_404_NOT_FOUND) uidb36 = matches.group(1) key = matches.group(2) if not (uidb36 and key): return Response(status=HTTP_404_NOT_FOUND) user = self._get_user(uidb36) if user is None or not default_token_generator.check_token(user, key): return Response(status=HTTP_404_NOT_FOUND) if email_address.user != user: return Response(status=HTTP_404_NOT_FOUND) old_primary = CachedEmailAddress.objects.get_primary(user) if old_primary is None: email_address.primary = True email_address.verified = True email_address.save() process_email_verification.delay(email_address.pk) # get badgr_app url redirect redirect_url = get_adapter().get_email_confirmation_redirect_url(request, badgr_app=badgrapp) # generate an AccessToken for the user accesstoken = BadgrAccessToken.objects.generate_new_token_for_user( user, application=badgrapp.oauth_application if badgrapp.oauth_application_id else None, scope='rw:backpack rw:profile rw:issuer') if badgrapp.use_auth_code_exchange: authcode = authcode_for_accesstoken(accesstoken) redirect_url = set_url_query_params(redirect_url, authCode=authcode) else: redirect_url = set_url_query_params(redirect_url, authToken=accesstoken.token) return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def get_redirect_url(self): badgr_app = get_session_badgr_app(self.request) if badgr_app is not None: return set_url_query_params(badgr_app.ui_login_redirect, authError='An account already exists with provided email address')