def google_call(hashid): form = Form.get_with(hashid=hashid) session["ggl:form"] = form.hashid hint = form.email if not form.email.endswith("@gmail.com") and current_user.email.endswith( "@gmail.com" ): hint = current_user.email flow = google_auth_oauthlib.flow.Flow.from_client_config( settings.GOOGLE_CLIENT_CONFIG, scopes=["https://www.googleapis.com/auth/drive.file"], ) flow.redirect_uri = url_for( "google_callback", _external=True, _scheme="https", # can't figure out how to get this to honor PREFERRED_URL_SCHEME ) authorization_url, _ = flow.authorization_url( access_type="offline", login_hint=hint, prompt="consent", state=hashid, include_granted_scopes="true", ) return redirect(authorization_url)
def auth(): app.logger.debug(request.url_root) flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( CLIENT_SECRETS_FILE, scopes=SCOPES) flow.redirect_uri = url_for('oauth2callback', _external=True) authorization_url, state = flow.authorization_url( access_type='offline', login_hint=app.config['GOOGLE_USER_HINT'], include_granted_scopes='true') session['state'] = state return redirect(authorization_url)
def authorize(): flow = get_flow() flow.redirect_uri = flask.url_for('oauth2callback', _external=True) authorization_url, state = flow.authorization_url( access_type='offline', include_granted_scopes='true') # Store the state so the callback can verify the auth server response. flask.session['state'] = state return flask.redirect(authorization_url)
def authorize(): # Create flow instance to manage the OAuth 2.0 Authorization Grant Flow steps. flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(CLIENT_SECRETS_FILE, scopes=SCOPES) flow.redirect_uri = 'http://yourjobtracker.com/oauth2callback' authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. access_type='offline', # Enable incremental authorization. Recommended as a best practice. include_granted_scopes='true') # Store the state so the callback can verify the auth server response. session['state'] = state return redirect(authorization_url)
def authorize(): # Create a flow instance to manage the OAuth 2.0 Authorization Grant Flow # steps. flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( CLIENT_SECRETS_FILE, scopes=SCOPES) flow.redirect_uri = flask.url_for('oauth2callback', _external=True) authorization_url, state = flow.authorization_url( # This parameter enables offline access which gives your application # both an access and refresh token. access_type='offline', # This parameter enables incremental auth. include_granted_scopes='true') # Store the state in the session so that the callback can verify that # the authorization server response. flask.session['state'] = state return flask.redirect(authorization_url)
def google_authorize(store: OAuthStore): # Create flow instance to manage the OAuth 2.0 Authorization Grant Flow steps. flow = get_flow() # The URI created here must exactly match one of the authorized redirect URIs # for the OAuth 2.0 client, which you configured in the API Console. If this # value doesn't match an authorized URI, you will get a 'redirect_uri_mismatch' # error. flow.redirect_uri = flask.url_for('nisseoauthcallback', _external=True, _scheme=get_request_scheme()) authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. access_type='offline', prompt='consent', # Enable incremental authorization. Recommended as a best practice. include_granted_scopes='true') # Store the state so the callback can verify the auth server response. store.set_state(state) return flask.redirect(authorization_url)
def get(self, request, *args, **kwargs): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( gsheets_settings.CLIENT_SECRETS, scopes=gsheets_settings.SCOPES) # The URI created here must exactly match one of the authorized redirect URIs # for the OAuth 2.0 client, which you configured in the API Console. If this # value doesn't match an authorized URI, you will get a 'redirect_uri_mismatch' # error. flow.redirect_uri = get_oauth_cb_url( request, cb_hostname=gsheets_settings.OAUTH_REDIRECT_HOSTNAME) logger.debug(f'flow redirect URI is {flow.redirect_uri}') authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. access_type='offline', prompt='consent', # Enable incremental authorization. Recommended as a best practice. include_granted_scopes='true') # Store the state so the callback can verify the auth server response. request.session['state'] = state return redirect(authorization_url)
def setup(): raw_input(""" Google Drive C2 Setup --------------------- You'll need a Google Account to continue. You may want to create a new Google Account for c2. Create a New Project here: https://console.developers.google.com/apis [continue]""") raw_input(""" Create Credentials for your project. Select OAuth Client ID Credentials of type "Other". Click "Download JSON" and place the .json file in this directory. It must be named "client_secrets.json" [continue]""") # verbose("Creating flow object from client_secrets.json...") flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( 'client_secrets.json', scopes=[ 'https://www.googleapis.com/auth/drive', 'https://www.googleapis.com/auth/spreadsheets' ]) flow.redirect_uri = 'urn:ietf:wg:oauth:2.0:oob' auth_uri, state = flow.authorization_url(access_type='offline') debug("state: %s" % state) print "\nOpen this URL in your browser: \n\n" + auth_uri + "\n" auth_code = raw_input('Enter the authentication code: ') # verbose("Retrieving full credentials...") flow.fetch_token(code=auth_code) credentials = flow.credentials raw_input(""" Success! API Credentials Created! Copy and Paste this code in the top of this script to save this credential credentials.append(google.oauth2.credentials.Credentials( "", refresh_token="%s", client_id="%s", client_secret="%s", token_uri="https://accounts.google.com/o/oauth2/token")) When you run this script, you can specify which credentials to use via -c [continue] """ % (credentials.refresh_token, credentials.client_id, credentials.client_secret)) raw_input(""" Enable the Google Drive API: https://console.developers.google.com/apis/api/drive.googleapis.com/overview [continue] """) raw_input(""" IMPORTANT PERFORMANCE TIP: 1. Create a second Drive API project 2. Run --setup again 3. Use one credential for each running script, avoiding rate limits [continue] """) print "\nSetup success!" exit()
import google.oauth2.credentials import google_auth_oauthlib.flow flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( 'client_secert.json', scopes=['https://www.googleapis.com/auth/yt-analytics.readonly']) flow.redirect_uri = "http://127.0.0.1:5000/hello" authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. access_type='offline', # Enable incremental authorization. Recommended as a best practice. include_granted_scopes='true')
def main(): # Disable OAuthlib's HTTPS verification when running locally. # *DO NOT* leave this option enabled in production. os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1" api_service_name = "youtube" api_version = "v3" # How to create cred https://stackoverflow.com/a/52222827/2138792 client_secrets_file = get_client_secrets_file() destination_play_list = get_dest_playlist() source_play_list = 'LM' # Replace if not using liked music # Get credentials and create an API client flow = google_auth_oauthlib.flow.InstalledAppFlow.from_client_secrets_file( client_secrets_file, scopes,redirect_uri='urn:ietf:wg:oauth:2.0:oob') # credentials = flow.run_local_server() auth_url, _ = flow.authorization_url(prompt='consent') print(auth_url) code = input('Enter the authorization code: ') flow.fetch_token(code=code) credentials=flow.credentials youtube = googleapiclient.discovery.build( api_service_name, api_version, credentials=credentials) def getplaylistvids(pid): request = youtube.playlistItems().list( part='contentDetails', playlistId="LM" ) response = request.execute() if 'pageInfo' in response: pageInfo = response['pageInfo'] if 'totalResults' in pageInfo: maxResults = pageInfo['totalResults'] request = youtube.playlistItems().list( part='contentDetails', playlistId=pid, maxResults=50 if maxResults > 50 else maxResults ) response = request.execute() print(response) vids = [] if 'items' in response: items = response['items'] for item in items: if "contentDetails" in item: vids.append(item['contentDetails']['videoId']) while len(vids) < maxResults: sleep(1) if 'nextPageToken' in response: request = youtube.playlistItems().list( part='contentDetails', playlistId=pid, maxResults=50, pageToken= response['nextPageToken'], ) else: request = youtube.playlistItems().list( part='contentDetails', playlistId=pid, maxResults=50, ) response = request.execute() print(response) if 'items' in response: items = response['items'] for item in items: if "contentDetails" in item: vids.append(item['contentDetails']['videoId']) if 'nextPageToken' in response: nextPageToken = response['nextPageToken'] else: break return vids source_vids = getplaylistvids(source_play_list) destination_vids = getplaylistvids(destination_play_list) vids = set(source_vids) - set(destination_vids) print(vids) for vid in vids: try: request = youtube.playlistItems().insert( part="snippet", body={ "snippet": { "playlistId": destination_play_list, "resourceId": { "videoId": vid, "kind": "youtube#video" } } } ) response = request.execute() print(response) sleep(1) except Exception as e: print(e)
def get_authentication_url(callback_uri): flow = google_auth_oauthlib.flow.Flow.from_client_config( CLIENT_CONFIG, scopes=SCOPES, redirect_uri=callback_uri) return flow.authorization_url(access_type='offline')
def calendar(field): # https://www.googleapis.com/auth/calendar.readonly # Successfully installed cachetools-4.1.0 google-auth-1.14.0 google-auth-httplib2-0.0.3 google-auth-oauthlib-0.4.1 httplib2-0.17.2 oauthlib-3.1.0 pyasn1-modules-0.2.8 requests-oauthlib-1.3.0 rsa-4.0 # 4/ywEX3hVZgLcTCxzQf9qAMRS_GJTLEhMtDfhTpeNCACYZWAVl31ecVho ready = False subfields = [{ "name": "credentials", "description": "\n".join([ "Go to the Link below.", "Create a new project.", "Enable Calendar API.", "Create credentials (OAuth, Other).", "Download the JSON and paste it above." ]), "link": { "name": "Google API's", "url": "https://console.developers.google.com/apis/" } }] credentials = json.loads( field.value['credentials'] ) if field.value and field.value.get("credentials") else {} if credentials and "token" not in credentials: if not field.value.get("code"): flow = google_auth_oauthlib.flow.Flow.from_client_config( credentials, scopes=[ 'https://www.googleapis.com/auth/calendar.readonly' ], redirect_uri='urn:ietf:wg:oauth:2.0:oob') url, state = flow.authorization_url( prompt='consent', access_type='offline', include_granted_scopes='true') credentials["state"] = state subfields.append({ "name": "code", "description": "\n".join([ "Go to the Link below.", "Click Advanced.", "Authorise access to your Calendars.", "Copy the Code and paste it above." ]), "link": { "name": "Authorize Calendar Access", "url": url } }) else: flow = google_auth_oauthlib.flow.Flow.from_client_config( credentials, scopes=[ 'https://www.googleapis.com/auth/calendar.readonly' ], redirect_uri='urn:ietf:wg:oauth:2.0:oob', state=credentials['state']) flow.fetch_token(code=field.value["code"]) credentials = json.loads(flow.credentials.to_json()) if credentials and "token" in credentials: service = googleapiclient.discovery.build( 'calendar', 'v3', credentials=google.oauth2.credentials.Credentials( **credentials)) options = [] labels = {} page_token = None while True: calendar_list = service.calendarList().list( pageToken=page_token).execute() for calendar in calendar_list['items']: options.append(calendar['id']) labels[calendar['id']] = calendar["summary"] page_token = calendar_list.get('nextPageToken') if not page_token: break subfields.append({ "name": "watch", "description": "The Calendar you'd like to watch.", "options": options, "labels": labels }) ready = True field.fields = opengui.Fields(field.value, field.original, subfields) if credentials: field.fields["credentials"].value = json.dumps(credentials) return ready
{ "installed": { "client_id": "YOUR_CLIENT_ID_HERE", "client_secret": "YOUR_CLIENT_SECRET_HERE", "redirect_uris": ["http://*****:*****@app.route('/') def root(): return flask.redirect(authorization_url) @app.route('/redirect') def redirect(): flow.fetch_token(authorization_response=flask.request.url) result = { 'access_token': flow.credentials.token, 'refresh_token': flow.credentials.refresh_token, } return result
def oauth2callback(): ''' oauth2callback ''' if 'r' in request.args and request.args['r'].startswith('/'): session['r'] = request.args['r'] flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( './client_secret.json', scopes=( 'openid', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', ), redirect_uri=f'https://{setting.DOMAIN}/oauth2callback', ) if 'code' not in request.args: authorization_url, state = flow.authorization_url( access_type='offline', include_granted_scopes='true', state=hashlib.sha256(os.urandom(2048)).hexdigest(), ) session['state'] = state return redirect(authorization_url) url = request.url.replace('http://', 'https://') url_query = parse_qs(urlparse(url).query) if 'state' in url_query and url_query['state'] and \ url_query['state'][0] == session.get('state'): flow.fetch_token(authorization_response=url) auth_client = discovery.build('oauth2', 'v2', credentials=flow.credentials, cache_discovery=False) user_info = auth_client.userinfo().get().execute() # ----- save oauth info ----- # OAuth.add(mail=user_info['email'], data=user_info, token=flow.credentials) # ----- Check account or create ----- # owner = OAuth.owner(mail=user_info['email']) if owner: user = User(uid=owner).get() else: user = User.create(mail=user_info['email']) MailLetterDB().create(uid=user['_id']) user_session = USession.make_new(uid=user['_id'], header=dict(request.headers)) session['sid'] = user_session.inserted_id if 'r' in session: redirect_path = session['r'] logging.info('login r: %s', redirect_path) session.pop('r', None) session.pop('state', None) return redirect(redirect_path) return redirect(url_for('index', _scheme='https', _external=True)) session.pop('state', None) return redirect(url_for('oauth2callback', _scheme='https', _external=True))
def start_google_flow() -> str: '''Start Google flow and generate authorization url.''' flow = google_auth_oauthlib.flow.Flow.from_client_config( client_config, scopes=scopes, redirect_uri=redirect_uri) return flow.authorization_url()
def auth(): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file('credentials.json', scopes=['https://www.googleapis.com/auth/drive.metadata.readonly']) flow.redirect_uri = url_for('callback', _external=True, _scheme="https") authorization_url, state = flow.authorization_url(access_type="offline", include_granted_scopes="true") session["state"] = state return redirect(authorization_url)
from google.auth.transport import requests api = Blueprint('google', __name__) auth_engine = AuthEngine() # setup a flow object to manage OAuth exchange. flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( GOOGLE_SECRETS, scopes=[ 'https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/plus.me', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', ]) flow.redirect_uri = 'http://*****:*****@api.route('/', methods=['GET']) def google_login() -> redirect or tuple: """ Google OAuth login resource for initiating OAuth Protocol. Returns: redirect to google login page if no auth token provided, otherwise, api will return api access and refresh tokens if google token is valid along with 200 status code, or 400 status code with error message if google token. """
def auth_begin(request): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( client_json_path, scopes=['email']) flow.redirect_uri = 'http://cursdb.com:8000/redirect' authorization_url, state = flow.authorization_url(access_type='offline', ) return redirect(authorization_url)