def post_auth(auth_type):
if auth_type != 'google':
return 'only google oauth2 currently', 400
access_token_url = 'https://accounts.google.com/o/oauth2/token'
people_api_url = 'https://www.googleapis.com/oauth2/v1/userinfo?alt=json'
payload = dict(client_id=request.json['clientId'],
redirect_uri=request.json['redirectUri'],
client_secret=auth_config.client_secret,
code=request.json['code'],
grant_type='authorization_code')
# Step 1. Exchange authorization code for access token.
r = requests.post(access_token_url, data=payload)
token = json.loads(r.text)
headers = {'Authorization': 'Bearer {0}'.format(token['access_token'])}
# Step 2. Retrieve information about the current user.
r = requests.get(people_api_url, headers=headers)
profile = json.loads(r.text)
print(profile)
user = User.get_by_oauth2_id(profile['id'])
if user is None:
user = User(profile['name'], profile['email'], profile['picture'], profile['id']).add()
token = create_token(user)
return jsonify(token=token)
def test_save_user_and_find(self):
User('Jan', 'email', 'picture', OAUTH2_ID).add()
user = User.get_by_oauth2_id(OAUTH2_ID)
assert user is not None
def test_get_by_oauth2_id(self):
user = User.get_by_oauth2_id(OAUTH2_ID)
assert user is None
def test_save_user_and_find(self):
User('Jan', 'email', 'picture', OAUTH2_ID).add()
user = User.get_by_oauth2_id(OAUTH2_ID)
assert user is not None
def test_get_by_oauth2_id(self):
user = User.get_by_oauth2_id(OAUTH2_ID)
assert user is None
