def vkontakte_api(method, data): """Calls VKontakte OpenAPI method http://vkontakte.ru/apiclub, http://vkontakte.ru/pages.php?o=-1&p=%C2%FB%EF%EE%EB%ED%E5%ED%E8%E5%20 %E7%E0%EF%F0%EE%F1%EE%E2%20%EA%20 API """ # We need to perform server-side call if no access_token if not 'access_token' in data: if not 'v' in data: data['v'] = VKONTAKTE_API_VERSION if not 'api_id' in data: data['api_id'] = _api_get_val_fun('id', 'VKONTAKTE_APP_ID') data['method'] = method data['format'] = 'json' url = VKONTAKTE_SERVER_API_URL secret = _api_get_val_fun('key', 'VKONTAKTE_APP_SECRET') param_list = sorted(list(item + '=' + data[item] for item in data)) data['sig'] = md5(''.join(param_list) + secret).hexdigest() else: url = VKONTAKTE_API_URL + method params = urlencode(data) url += '?' + params try: return simplejson.load(dsa_urlopen(url)) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from VKontakte.', exc_info=True, extra=dict(data=data)) return None
def mixcloud_profile(access_token): data = {'access_token': access_token, 'alt': 'json'} request = Request(MIXCLOUD_PROFILE_URL + '?' + urlencode(data)) try: return simplejson.loads(dsa_urlopen(request).read()) except (ValueError, KeyError, IOError): return None
def user_data(self, access_token): """Return user data provided""" # Bitbucket has a bit of an indirect route to obtain user data from an # authenticated query: First obtain the user's email via an # authenticated GET url = BITBUCKET_EMAIL_DATA_URL request = self.oauth_request(access_token, url) response = self.fetch_response(request) try: # Then retrieve the user's primary email address or the top email email_addresses = simplejson.loads(response) for email_address in reversed(email_addresses): if email_address['active']: email = email_address['email'] if email_address['primary']: break # Then return the user data using a normal GET with the # BITBUCKET_USER_DATA_URL and the user's email response = dsa_urlopen(BITBUCKET_USER_DATA_URL + email) user_details = simplejson.load(response)['user'] user_details['email'] = email return user_details except ValueError: return None return None
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if not 'assertion' in self.data: raise AuthMissingParameter(self, 'assertion') data = urlencode({ 'assertion': self.data['assertion'], 'audience': self.request.get_host() }) try: response = simplejson.load(dsa_urlopen(BROWSER_ID_SERVER, data=data)) except ValueError: log('error', 'Could not load user data from BrowserID.', exc_info=True) else: if response.get('status') == 'failure': log('debug', 'Authentication failed.') raise AuthFailed(self) kwargs.update({ 'auth': self, 'response': response, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { 'grant_type': 'authorization_code', # request auth code 'code': self.data.get('code', ''), # server response code 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': self.get_redirect_uri(state) } headers = {'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json'} request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=headers) try: response = simplejson.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def odnoklassniki_api(data, api_url, public_key, client_secret, request_type='oauth'): ''' Calls Odnoklassniki REST API method http://dev.odnoklassniki.ru/wiki/display/ok/Odnoklassniki+Rest+API ''' data.update({ 'application_key': public_key, 'format': 'JSON' }) if request_type == 'oauth': data['sig'] = odnoklassniki_oauth_sig(data, client_secret) elif request_type == 'iframe_session': data['sig'] = odnoklassniki_iframe_sig(data, data['session_secret_key']) elif request_type == 'iframe_nosession': data['sig'] = odnoklassniki_iframe_sig(data, client_secret) else: msg = 'Unknown request type {0}. How should it be signed?' raise AuthFailed(msg.format(request_type)) params = urlencode(data) request = Request('{0}fb.do?{1}'.format(api_url, params)) try: return simplejson.loads(dsa_urlopen(request).read()) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from Odnoklassniki.', exc_info=True, extra=dict(data=params)) return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" data = None params = backend_setting(self, self.EXTRA_PARAMS_VAR_NAME, {}) params['access_token'] = access_token url = FACEBOOK_ME + urlencode(params) try: data = simplejson.load(dsa_urlopen(url)) except ValueError: extra = {'access_token': sanitize_log_data(access_token)} log('error', 'Could not load user data from Facebook.', exc_info=True, extra=extra) except HTTPError: extra = {'access_token': sanitize_log_data(access_token)} log('error', 'Error validating access token.', exc_info=True, extra=extra) raise AuthTokenError(self) else: log('debug', 'Found user data for token %s', sanitize_log_data(access_token), extra={'data': data}) return data
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if not 'assertion' in self.data: raise AuthMissingParameter(self, 'assertion') data = urlencode({ 'assertion': self.data['assertion'], 'audience': self.request.get_host() }) try: response = simplejson.load( dsa_urlopen(BROWSER_ID_SERVER, data=data)) except ValueError: log('error', 'Could not load user data from BrowserID.', exc_info=True) else: if response.get('status') == 'failure': log('debug', 'Authentication failed.') raise AuthFailed(self) kwargs.update({ 'auth': self, 'response': response, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" params = {'oauth_token': access_token} url = FOURSQUARE_CHECK_AUTH + '?' + urlencode(params) try: return simplejson.load(dsa_urlopen(url)) except ValueError: return None
def user_data(self, access_token, *args, **kwargs): uid = args[0]['uid'] data = {'access_token': access_token, 'uid': uid} url = 'https://api.weibo.com/2/users/show.json?' + urlencode(data) try: return simplejson.loads(dsa_urlopen(url).read()) except (ValueError, KeyError, IOError): return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" params = {'access_token': access_token} url = INSTAGRAM_CHECK_AUTH + '?' + urlencode(params) try: return simplejson.load(dsa_urlopen(url)) except ValueError: return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = GITHUB_USER_DATA_URL + '?' + urlencode({ 'access_token': access_token }) try: return simplejson.load(dsa_urlopen(url)) except ValueError: return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = LIVE_USER_DATA_URL + '?' + urlencode( {'access_token': access_token}) try: return simplejson.load(dsa_urlopen(url)) except (ValueError, IOError): raise AuthUnknownError('Error during profile retrieval, ' 'please, try again later')
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = LIVE_USER_DATA_URL + '?' + urlencode({ 'access_token': access_token }) try: return simplejson.load(dsa_urlopen(url)) except (ValueError, IOError): raise AuthUnknownError('Error during profile retrieval, ' 'please, try again later')
def user_data(self, access_token, response, *args, **kwargs): """Loads user data from service""" params = {"oauth_token": access_token, "format": "json", "text": 1} url = self.get_api_url() + "?" + urlencode(params) try: return simplejson.load(dsa_urlopen(url)) except (ValueError, IndexError): log("error", "Could not load data from Yandex.", exc_info=True, extra=dict(data=params)) return None
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri="/", json=True): """Builds and retrieves an OAuth signed response.""" user = UserSocialAuth.resolve_user_or_id(user_or_id) oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0] token = Token.from_string(oauth_info.tokens["access_token"]) request = build_consumer_oauth_request(backend, token, url, redirect_uri) response = "\n".join(dsa_urlopen(request.to_url()).readlines()) if json: response = simplejson.loads(response) return response
def googleapis_profile(url, access_token): """ Loads user data from googleapis service, such as name, given_name, family_name, etc. as it's described in: https://developers.google.com/accounts/docs/OAuth2Login """ data = {'access_token': access_token, 'alt': 'json'} request = Request(url + '?' + urlencode(data)) try: return simplejson.loads(dsa_urlopen(request).read()) except (ValueError, KeyError, IOError): return None
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri='/', json=True): """Builds and retrieves an OAuth signed response.""" user = UserSocialAuth.resolve_user_or_id(user_or_id) oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0] token = Token.from_string(oauth_info.tokens['access_token']) request = build_consumer_oauth_request(backend, token, url, redirect_uri) response = '\n'.join(dsa_urlopen(request.to_url()).readlines()) if json: response = simplejson.loads(response) return response
def googleapis_email(url, params): """Loads user data from googleapis service, only email so far as it's described in http://sites.google.com/site/oauthgoog/Home/emaildisplayscope Parameters must be passed in queryset and Authorization header as described on Google OAuth documentation at: http://groups.google.com/group/oauth/browse_thread/thread/d15add9beb418ebc and: http://code.google.com/apis/accounts/docs/OAuth2.html#CallingAnAPI """ request = Request(url + '?' + params, headers={'Authorization': params}) try: return simplejson.loads(dsa_urlopen(request).read())['data'] except (ValueError, KeyError, IOError): return None
def user_data(self, access_token, response, *args, **kwargs): """Loads user data from service""" params = {'oauth_token': access_token, 'format': 'json', 'text': 1, } url = self.get_api_url() + '?' + urlencode(params) try: return simplejson.load(dsa_urlopen(url)) except (ValueError, IndexError): log('error', 'Could not load data from Yandex.', exc_info=True, extra=dict(data=params)) return None
def mailru_api(data): """ Calls Mail.ru REST API method http://api.mail.ru/docs/guides/restapi/ """ data.update({'app_id': settings.MAILRU_OAUTH2_CLIENT_KEY, 'secure': '1'}) data['sig'] = mailru_sig(data) params = urlencode(data) request = Request(MAILRU_API_URL, params) try: return simplejson.loads(dsa_urlopen(request).read()) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from Mail.ru.', exc_info=True, extra=dict(data=params)) return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from Orkut service""" fields = ORKUT_DEFAULT_DATA if setting('ORKUT_EXTRA_DATA'): fields += ',' + setting('ORKUT_EXTRA_DATA') scope = ORKUT_SCOPE + setting('ORKUT_EXTRA_SCOPE', []) params = {'method': 'people.get', 'id': 'myself', 'userId': '@me', 'groupId': '@self', 'fields': fields, 'scope': ' '.join(scope)} request = self.oauth_request(access_token, ORKUT_REST_ENDPOINT, params) response = dsa_urlopen(request.to_url()).read() try: return simplejson.loads(response)['data'] except (ValueError, KeyError): return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" data = None params = backend_setting(self, self.EXTRA_PARAMS_VAR_NAME, {}) params["access_token"] = access_token url = FACEBOOK_ME + urlencode(params) try: data = simplejson.load(dsa_urlopen(url)) except ValueError: extra = {"access_token": sanitize_log_data(access_token)} log("error", "Could not load user data from Facebook.", exc_info=True, extra=extra) except HTTPError: extra = {"access_token": sanitize_log_data(access_token)} log("error", "Error validating access token.", exc_info=True, extra=extra) raise AuthTokenError(self) else: log("debug", "Found user data for token %s", sanitize_log_data(access_token), extra={"data": data}) return data
def user_data(self, access_token, *args, **kwargs): """Loads user data from Orkut service""" fields = ORKUT_DEFAULT_DATA if setting('ORKUT_EXTRA_DATA'): fields += ',' + setting('ORKUT_EXTRA_DATA') scope = ORKUT_SCOPE + setting('ORKUT_EXTRA_SCOPE', []) params = { 'method': 'people.get', 'id': 'myself', 'userId': '@me', 'groupId': '@self', 'fields': fields, 'scope': ' '.join(scope) } request = self.oauth_request(access_token, ORKUT_REST_ENDPOINT, params) response = dsa_urlopen(request.to_url()).read() try: return simplejson.loads(response)['data'] except (ValueError, KeyError): return None
def fetch_response(self, request): """Executes request and fetchs service response""" response = dsa_urlopen(request.to_url()) return '\n'.join(response.readlines())
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" access_token = None expires = None if 'code' in self.data: state = self.validate_state() url = ACCESS_TOKEN + urlencode({ 'client_id': backend_setting(self, self.SETTINGS_KEY_NAME), 'redirect_uri': self.get_redirect_uri(state), 'client_secret': backend_setting(self, self.SETTINGS_SECRET_NAME), 'code': self.data['code'] }) try: response = cgi.parse_qs(dsa_urlopen(url).read()) except HTTPError: raise AuthFailed( self, 'There was an error authenticating ' 'the app') access_token = response['access_token'][0] if 'expires' in response: expires = response['expires'][0] if 'signed_request' in self.data: response = load_signed_request( self.data.get('signed_request'), backend_setting(self, self.SETTINGS_SECRET_NAME)) if response is not None: access_token = response.get('access_token') or \ response.get('oauth_token') or \ self.data.get('access_token') if 'expires' in response: expires = response['expires'] if access_token: data = self.user_data(access_token) if not isinstance(data, dict): # From time to time Facebook responds back a JSON with just # False as value, the reason is still unknown, but since the # data is needed (it contains the user ID used to identify the # account on further logins), this app cannot allow it to # continue with the auth process. raise AuthUnknownError( self, 'An error ocurred while ' 'retrieving users Facebook ' 'data') data['access_token'] = access_token # expires will not be part of response if offline access # premission was requested if expires: data['expires'] = expires kwargs.update({ 'auth': self, 'response': data, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs) else: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" access_token = None expires = None if "code" in self.data: state = self.validate_state() url = ACCESS_TOKEN + urlencode( { "client_id": backend_setting(self, self.SETTINGS_KEY_NAME), "redirect_uri": self.get_redirect_uri(state), "client_secret": backend_setting(self, self.SETTINGS_SECRET_NAME), "code": self.data["code"], } ) try: response = cgi.parse_qs(dsa_urlopen(url).read()) except HTTPError: raise AuthFailed(self, "There was an error authenticating " "the app") access_token = response["access_token"][0] if "expires" in response: expires = response["expires"][0] if "signed_request" in self.data: response = load_signed_request( self.data.get("signed_request"), backend_setting(self, self.SETTINGS_SECRET_NAME) ) if response is not None: access_token = ( response.get("access_token") or response.get("oauth_token") or self.data.get("access_token") ) if "expires" in response: expires = response["expires"] if access_token: data = self.user_data(access_token) if not isinstance(data, dict): # From time to time Facebook responds back a JSON with just # False as value, the reason is still unknown, but since the # data is needed (it contains the user ID used to identify the # account on further logins), this app cannot allow it to # continue with the auth process. raise AuthUnknownError(self, "An error ocurred while " "retrieving users Facebook " "data") data["access_token"] = access_token # expires will not be part of response if offline access # premission was requested if expires: data["expires"] = expires kwargs.update({"auth": self, "response": data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs) else: if self.data.get("error") == "access_denied": raise AuthCanceled(self) else: raise AuthException(self)