def facebook_required(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, canvas=False):
"""
Decorator which makes the view require the given Facebook perms,
redirecting to the log-in page if necessary.
Note we don't actually query the permissions, we just try in the view
and upon a permission error redirect to login_url
Querying the permissions would slow down things
"""
from open_facebook import exceptions as open_facebook_exceptions
from django_facebook.utils import test_permissions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list)
#Normal facebook errors should be raised
#OAuthException s should cause a redirect for authorization
try:
permission_granted = test_permissions(request, scope_list, redirect_uri)
except open_facebook_exceptions.OAuthException, e:
permission_granted = False
if permission_granted:
return view_func(request, *args, **kwargs)
else:
logger.info('requesting access with redirect uri: %s',
redirect_uri)
response = response_redirect(oauth_url, canvas=canvas)
return response
return _wrapped_view
def facebook_required(view_func=None, scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, canvas=False):
"""
Decorator which makes the view require the given Facebook perms,
redirecting to the log-in page if necessary.
Note we don't actually query the permissions, we just try in the view
and upon a permission error redirect to login_url
Querying the permissions would slow down things
"""
from django_facebook.utils import test_permissions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
if canvas:
oauth_url, redirect_uri = generate_oauth_url(scope_list)
else:
oauth_url, redirect_uri = get_oauth_url(request, scope_list)
if test_permissions(request, scope_list, redirect_uri):
return view_func(request, *args, **kwargs)
else:
logger.info('requesting access with redirect uri: %s',
redirect_uri)
response = response_redirect(oauth_url, canvas=canvas)
return response
return _wrapped_view
if view_func:
return actual_decorator(view_func)
return actual_decorator
def facebook_required(view_func=None,
scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None):
"""
Decorator which makes the view require the given Facebook perms, redirecting
to the log-in page if necessary.
Note we don't actually query the permissions, we just try in the view
and upon a permission error redirect to login_url
Querying the permissions would slow down things
"""
from django_facebook.utils import test_permissions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list)
if test_permissions(request, scope_list, redirect_uri):
return view_func(request, *args, **kwargs)
else:
logger.info('requesting access with redirect uri: %s',
redirect_uri)
response = HttpResponseRedirect(oauth_url)
return response
return _wrapped_view
if view_func:
return actual_decorator(view_func)
return actual_decorator
def facebook_required(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None):
"""
Decorator which makes the view require the given Facebook perms, redirecting
to the log-in page if necessary.
Note we don't actually query the permissions, we just try in the view
and upon a permission error redirect to login_url
Querying the permissions would slow down things
"""
from django_facebook.utils import test_permissions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list)
if test_permissions(request, scope_list, redirect_uri):
return view_func(request, *args, **kwargs)
else:
logger.info('requesting access with redirect uri: %s', redirect_uri)
# response = HttpResponseRedirect(oauth_url)
redirect_script = '<html><body><script type="text/javascript">window.top.location.href="%s"</script></body></html>'%(oauth_url)
response = HttpResponse(redirect_script)
return response
return _wrapped_view
if view_func:
return actual_decorator(view_func)
return actual_decorator
def facebook_required_lazy(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None):
"""
Decorator which makes the view require the given Facebook perms, redirecting
to the log-in page if necessary.
Based on exceptions instead of a check up front
Faster, but more prone to bugs
"""
from django_facebook.utils import test_permissions
from open_facebook import exceptions as open_facebook_exceptions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params)
try:
#call get persistent graph and convert the token with correct redirect uri
get_persistent_graph(request, redirect_uri=redirect_uri)
return view_func(request, *args, **kwargs)
except open_facebook_exceptions.OpenFacebookException, e:
if test_permissions(request, scope_list, redirect_uri):
#an error if we already have permissions shouldn't have been caught
#raise to prevent bugs with error mapping to cause issues
raise
else:
logger.info('requesting access with redirect uri: %s', redirect_uri)
response = HttpResponseRedirect(oauth_url)
return response
return _wrapped_view
def facebook_required_lazy(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None, extra_params=None):
"""
Decorator which makes the view require the given Facebook perms, redirecting
to the log-in page if necessary.
Based on exceptions instead of a check up front
Faster, but more prone to bugs
"""
from django_facebook.utils import test_permissions
from open_facebook import exceptions as open_facebook_exceptions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params)
try:
#call get persistent graph and convert the token with correct redirect uri
get_persistent_graph(request, redirect_uri=redirect_uri)
return view_func(request, *args, **kwargs)
except open_facebook_exceptions.OpenFacebookException, e:
if test_permissions(request, scope_list, redirect_uri):
#an error if we already have permissions shouldn't have been caught
#raise to prevent bugs with error mapping to cause issues
raise
else:
logger.info('requesting access with redirect uri: %s', redirect_uri)
response = HttpResponseRedirect(oauth_url)
return response
return _wrapped_view
def __init__(self, fn, scope=None, canvas=False, extra_params=None):
self.fn = fn
scope = fb_settings.FACEBOOK_DEFAULT_SCOPE if scope is None else scope
self.scope = scope
self.scope_list = parse_scope(scope)
self.canvas = canvas
self.extra_params = extra_params
# canvas pages always need to be csrf excempt
csrf_exempt = canvas
self.csrf_exempt = csrf_exempt
def __init__(self, fn, scope=None, canvas=False, page_tab=False, extra_params=None):
self.fn = fn
scope = fb_settings.FACEBOOK_DEFAULT_SCOPE if scope is None else scope
self.scope = scope
self.scope_list = parse_scope(scope)
self.canvas = canvas
self.page_tab = page_tab
self.extra_params = extra_params
# canvas pages always need to be csrf excempt
csrf_exempt = canvas or page_tab
self.csrf_exempt = csrf_exempt
def facebook_required_lazy(view_func=None,
scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None,
extra_params=None,
canvas=False):
"""
Decorator which makes the view require the given Facebook perms,
redirecting to the log-in page if necessary.
Based on exceptions instead of a check up front
Faster, but more prone to bugs
Use this in combination with require_persistent_graph
"""
from django_facebook.utils import test_permissions
from open_facebook import exceptions as open_facebook_exceptions
scope_list = parse_scope(scope)
#canvas pages always need to be csrf excempt
csrf_exempt = canvas
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request,
scope_list,
extra_params=extra_params)
try:
# call get persistent graph and convert the
# token with correct redirect uri
get_persistent_graph(request, redirect_uri=redirect_uri)
#Note we're not requiring a persistent graph here
#You should require a persistent graph in the url when you start using this
return view_func(request, *args, **kwargs)
except open_facebook_exceptions.OpenFacebookException, e:
permission_granted = test_permissions(request, scope_list,
redirect_uri)
if permission_granted:
# an error if we already have permissions
# shouldn't have been caught
# raise to prevent bugs with error mapping to cause issues
raise
else:
logger.info(
u'requesting access with redirect uri: %s, error was %s',
redirect_uri, e)
response = response_redirect(oauth_url, canvas=canvas)
return response
return _wrapped_view
def generate_oauth_url(scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE,
next=None, extra_data=None):
query_dict = QueryDict('', True)
canvas_page = (next if next is not None else
facebook_settings.FACEBOOK_CANVAS_PAGE)
scope = parse_scope(scope)
query_dict.update(dict(client_id=facebook_settings.FACEBOOK_APP_ID,
redirect_uri=canvas_page, scope=','.join(scope)))
if extra_data:
query_dict.update(extra_data)
auth_url = 'http://www.facebook.com/dialog/oauth?%s' % (
query_dict.urlencode(), )
return auth_url, canvas_page
def facebook_required_lazy(view_func=None,
scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None, extra_params=None, canvas=None):
"""Decorator which makes the view require the given Facebook
permissions, redirecting to the authorization page if necessary.
This implementation performs redirect upon caught exception,
instead of checking before acting; faster, but more prone to bugs.
:param view_func: The view function that will be decorated
:param scope: List of names of permissions that will be required
:param redirect_field_name:
:param login_url: URL of the login page, in case permissions
checking fails.
:param extra_params: Extra paramters to be added to redirect_uri
:param canvas: Whether we are running inside canvas or not.
If not specified, its value will be determined at runtime
from ``request.fb_info['is_canvas']``.
"""
from django_facebook.utils import test_permissions
from open_facebook import exceptions as open_facebook_exceptions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params)
try:
## Call get_persistent_graph() and convert the
## token with correct redirect URI
get_persistent_graph(request, redirect_uri=redirect_uri)
return view_func(request, *args, **kwargs)
except open_facebook_exceptions.OpenFacebookException, e:
if test_permissions(request, scope_list, redirect_uri):
## An error if we already have permissions
## shouldn't have been caught
## raise to prevent bugs with error mapping to cause issues
raise
else:
logger.info(u'Requesting access with redirect_uri: %s, error was %s', redirect_uri, e)
_canvas = canvas # Bring into local scope
if _canvas is None:
_canvas = getattr(request, 'fb_info', {}).get('is_canvas', False)
response = response_redirect(oauth_url, canvas=_canvas)
return response
return _wrapped_view
def facebook_required_lazy(view_func=None,
scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None, extra_params=None, canvas=False):
"""
Decorator which makes the view require the given Facebook perms,
redirecting to the log-in page if necessary.
Based on exceptions instead of a check up front
Faster, but more prone to bugs
Use this in combination with require_persistent_graph
"""
from django_facebook.utils import test_permissions
from open_facebook import exceptions as open_facebook_exceptions
scope_list = parse_scope(scope)
#canvas pages always need to be csrf excempt
csrf_exempt = canvas
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, current_uri, redirect_uri = get_oauth_url(
request, scope_list,
extra_params=extra_params)
try:
# call get persistent graph and convert the
# token with correct redirect uri
get_persistent_graph(request, redirect_uri=current_uri)
#Note we're not requiring a persistent graph here
#You should require a persistent graph in the view when you start using this
return view_func(request, *args, **kwargs)
except open_facebook_exceptions.OpenFacebookException, e:
permission_granted = test_permissions(
request, scope_list, current_uri)
if permission_granted:
# an error if we already have permissions
# shouldn't have been caught
# raise to prevent bugs with error mapping to cause issues
raise
else:
logger.info(
u'requesting access with redirect uri: %s, error was %s',
redirect_uri, e)
response = response_redirect(oauth_url, canvas=canvas)
return response
return _wrapped_view
def facebook_required(view_func=None,
scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None, extra_params=None, canvas=None):
"""Decorator which makes the view require the given Facebook
permissions, redirecting to the authorization page if necessary.
.. NOTE::
This implementation sends a request to check that the user
has the required permissions before executing the view.
This should be able to prevent most failures, but it will slow
down things as an additional HTTP request will be performed
on each request..
:param view_func: The view function that will be decorated
:param scope: List of names of permissions that will be required
:param redirect_field_name:
:param login_url: URL of the login page, in case permissions
checking fails.
:param extra_params: Extra paramters to be added to redirect_uri
:param canvas: Whether we are running inside canvas or not.
If not specified, its value will be determined at runtime
from ``request.fb_info['is_canvas']``.
"""
from django_facebook.utils import test_permissions
scope_list = parse_scope(scope)
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, redirect_uri = get_oauth_url(request, scope_list)
if test_permissions(request, scope_list, redirect_uri):
return view_func(request, *args, **kwargs)
else:
logger.info('requesting access with redirect uri: %s', redirect_uri)
_canvas = canvas # Bring into local scope
if _canvas is None:
_canvas = getattr(request, 'fb_info', {}).get('is_canvas', False)
response = response_redirect(oauth_url, canvas=_canvas)
return response
return _wrapped_view
if view_func:
return actual_decorator(view_func)
return actual_decorator
def generate_oauth_url(scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE,
next=None,
extra_data=None):
query_dict = QueryDict('', True)
canvas_page = (next if next is not None else
facebook_settings.FACEBOOK_CANVAS_PAGE)
scope = parse_scope(scope)
query_dict.update(
dict(client_id=facebook_settings.FACEBOOK_APP_ID,
redirect_uri=canvas_page,
scope=','.join(scope)))
if extra_data:
query_dict.update(extra_data)
auth_url = 'http://www.facebook.com/dialog/oauth?%s' % (
query_dict.urlencode(), )
return auth_url, canvas_page
def facebook_required(view_func=None,
scope=fb_settings.FACEBOOK_DEFAULT_SCOPE,
redirect_field_name=REDIRECT_FIELD_NAME,
login_url=None,
canvas=False):
"""
Decorator which makes the view require the given Facebook perms,
redirecting to the log-in page if necessary.
Note we don't actually query the permissions, we just try in the view
and upon a permission error redirect to login_url
Querying the permissions would slow down things
"""
from open_facebook import exceptions as open_facebook_exceptions
from django_facebook.utils import test_permissions
scope_list = parse_scope(scope)
#canvas pages always need to be csrf excempt
csrf_exempt = canvas
def actual_decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
oauth_url, current_uri, redirect_uri = get_oauth_url(
request, scope_list)
#Normal facebook errors should be raised
#OAuthException s should cause a redirect for authorization
try:
permission_granted = test_permissions(request, scope_list,
current_uri)
except open_facebook_exceptions.OAuthException, e:
permission_granted = False
if permission_granted:
return view_func(request, *args, **kwargs)
else:
logger.info('requesting access with redirect uri: %s',
redirect_uri)
response = response_redirect(oauth_url, canvas=canvas)
return response
return _wrapped_view
def facebook_required(view_func=None, scope=facebook_settings.FACEBOOK_DEFAULT_SCOPE, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None):
"""
Decorator which makes the view require the given Facebook perms, redirecting
to the log-in page if necessary.
Note we don't actually query the permissions, we just try in the view
and upon a permission error redirect to login_url
Querying the permissions would slow down things
"""
scope_list = parse_scope(scope)
def test_permissions(request, redirect_uri=None):
'''
Call Facebook me/permissions to see if we are allowed to do this
'''
from django_facebook.api import get_persistent_graph
fb = get_persistent_graph(request, redirect_uri=redirect_uri)
permissions_dict = {}
if fb:
try:
permissions_response = fb.get('me/permissions')
permissions = permissions_response['data'][0]
except facebook_exceptions.OAuthException, e:
#this happens when someone revokes their permissions while the session
#is still stored
permissions = {}
permissions_dict = dict([(k,bool(int(v))) for k,v in permissions.items() if v == '1' or v == 1])
#see if we have all permissions
scope_allowed = True
for permission in scope_list:
if permission not in permissions_dict:
scope_allowed = False
#raise if this happens after a redirect though
if not scope_allowed and request.GET.get('attempt'):
raise ValueError, 'Somehow facebook is not giving us the permissions needed, lets break instead of endless redirects. Fb was %s and permissions %s' % (fb, permissions_dict)
return scope_allowed
