def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { 'grant_type': 'authorization_code', # request auth code 'code': self.data.get('code', ''), # server response code 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': self.get_redirect_uri(state) } headers = {'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json'} request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=headers) try: response = json.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def auth_complete(self, *args, **kwargs): """Completes logging process, must return user instance""" if not 'assertion' in self.data: raise AuthMissingParameter(self, 'assertion') data = urlencode({ 'assertion': self.data['assertion'], 'audience': self.request.get_host() }) try: response = json.load(dsa_urlopen(BROWSER_ID_SERVER, data=data)) except ValueError: log('error', 'Could not load user data from BrowserID.', exc_info=True) else: if response.get('status') == 'failure': log('debug', 'Authentication failed.') raise AuthFailed(self) kwargs.update({ 'auth': self, 'response': response, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if not 'assertion' in self.data: raise AuthMissingParameter(self, 'assertion') data = urlencode({ 'assertion': self.data['assertion'], 'audience': self.request.get_host() }) try: response = json.load(dsa_urlopen(BROWSER_ID_SERVER, data=data)) except ValueError: log('error', 'Could not load user data from BrowserID.', exc_info=True) else: if response.get('status') == 'failure': log('debug', 'Authentication failed.') raise AuthFailed(self) kwargs.update({ 'auth': self, 'response': response, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def vkontakte_api(method, data): """Calls VKontakte OpenAPI method http://vkontakte.ru/apiclub, http://vkontakte.ru/pages.php?o=-1&p=%C2%FB%EF%EE%EB%ED%E5%ED%E8%E5%20 %E7%E0%EF%F0%EE%F1%EE%E2%20%EA%20 API """ # We need to perform server-side call if no access_token if not 'access_token' in data: if not 'v' in data: data['v'] = VKONTAKTE_API_VERSION if not 'api_id' in data: data['api_id'] = _api_get_val_fun('id', 'VKONTAKTE_APP_ID') data['method'] = method data['format'] = 'json' url = VKONTAKTE_SERVER_API_URL secret = _api_get_val_fun('key', 'VKONTAKTE_APP_SECRET') param_list = sorted(list(item + '=' + data[item] for item in data)) data['sig'] = md5(''.join(param_list) + secret).hexdigest() else: url = VKONTAKTE_API_URL + method params = urlencode(data) url += '?' + params try: return json.load(dsa_urlopen(url)) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from VKontakte.', exc_info=True, extra=dict(data=data)) return None
def mixcloud_profile(access_token): data = {'access_token': access_token, 'alt': 'json'} request = Request(MIXCLOUD_PROFILE_URL + '?' + urlencode(data)) try: return json.loads(dsa_urlopen(request).read()) except (ValueError, KeyError, IOError): return None
def vkontakte_api(method, data): """Calls VKontakte OpenAPI method http://vkontakte.ru/apiclub, http://vkontakte.ru/pages.php?o=-1&p=%C2%FB%EF%EE%EB%ED%E5%ED%E8%E5%20 %E7%E0%EF%F0%EE%F1%EE%E2%20%EA%20 API """ # We need to perform server-side call if no access_token if not "access_token" in data: if not "v" in data: data["v"] = VKONTAKTE_API_VERSION if not "api_id" in data: data["api_id"] = _api_get_val_fun("id", "VKONTAKTE_APP_ID") data["method"] = method data["format"] = "json" url = VKONTAKTE_SERVER_API_URL secret = _api_get_val_fun("key", "VKONTAKTE_APP_SECRET") param_list = sorted(list(item + "=" + data[item] for item in data)) data["sig"] = md5("".join(param_list) + secret).hexdigest() else: url = VKONTAKTE_API_URL + method params = urlencode(data) url += "?" + params try: return json.load(dsa_urlopen(url)) except (TypeError, KeyError, IOError, ValueError, IndexError): log("error", "Could not load data from VKontakte.", exc_info=True, extra=dict(data=data)) return None
def mixcloud_profile(access_token): data = {'access_token': access_token, 'alt': 'json'} request = Request(MIXCLOUD_PROFILE_URL + '?' + urlencode(data)) try: return json.loads(dsa_urlopen(request).read()) except (ValueError, KeyError, IOError): return None
def auth_complete(self, *args, **kwargs): """Completes logging process, must return user instance""" if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { 'grant_type': 'authorization_code', # request auth code 'code': self.data.get('code', ''), # server response code 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': self.get_redirect_uri(state) } headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json' } request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=headers) try: response = json.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def auth_complete(self, *args, **kwargs): """Completes logging process, must return user instance""" if self.data.get("error"): error = self.data.get("error_description") or self.data["error"] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { "grant_type": "authorization_code", # request auth code "code": self.data.get("code", ""), # server response code "client_id": client_id, "client_secret": client_secret, "redirect_uri": self.get_redirect_uri(state), } headers = {"Content-Type": "application/x-www-form-urlencoded", "Accept": "application/json"} request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=headers) try: response = json.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" params = {'oauth_token': access_token} url = FOURSQUARE_CHECK_AUTH + '?' + urlencode(params) try: return json.load(dsa_urlopen(url)) except ValueError: return None
def user_data(self, access_token, *args, **kwargs): uid = args[0]['uid'] data = {'access_token': access_token, 'uid': uid} url = 'https://api.weibo.com/2/users/show.json?' + urlencode(data) try: return json.loads(dsa_urlopen(url).read()) except (ValueError, KeyError, IOError): return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = GITHUB_USER_DATA_URL + '?' + urlencode( {'access_token': access_token}) try: return json.load(dsa_urlopen(url)) except ValueError: return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = LIVE_USER_DATA_URL + '?' + urlencode( {'access_token': access_token}) try: return json.load(dsa_urlopen(url)) except (ValueError, IOError): raise AuthUnknownError( 'Error during profile retrieval, please, try again later')
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = GITHUB_USER_DATA_URL + '?' + urlencode({ 'access_token': access_token }) try: return json.load(dsa_urlopen(url)) except ValueError: return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" url = LIVE_USER_DATA_URL + '?' + urlencode({ 'access_token': access_token }) try: return json.load(dsa_urlopen(url)) except (ValueError, IOError): raise AuthUnknownError('Error during profile retrieval, please, try again later')
def googleapis_profile(url, access_token): """ Loads user data from googleapis service, such as name, given_name, family_name, etc. as it's described in: https://developers.google.com/accounts/docs/OAuth2Login """ data = {'access_token': access_token, 'alt': 'json'} request = Request(url + '?' + urlencode(data)) try: return json.loads(dsa_urlopen(request).read()) except (ValueError, KeyError, IOError): return None
def googleapis_profile(url, access_token): """ Loads user data from googleapis service, such as name, given_name, family_name, etc. as it's described in: https://developers.google.com/accounts/docs/OAuth2Login """ data = {'access_token': access_token, 'alt': 'json'} request = Request(url + '?' + urlencode(data)) try: return json.loads(dsa_urlopen(request).read()) except (ValueError, KeyError, IOError): return None
def googleapis_email(url, params): """Loads user data from googleapis service, only email so far as it's described in http://sites.google.com/site/oauthgoog/Home/emaildisplayscope Parameters must be passed in queryset and Authorization header as described on Google OAuth documentation at: http://groups.google.com/group/oauth/browse_thread/thread/d15add9beb418ebc and: http://code.google.com/apis/accounts/docs/OAuth2.html#CallingAnAPI """ request = Request(url + '?' + params, headers={'Authorization': params}) try: return json.loads(dsa_urlopen(request).read())['data'] except (ValueError, KeyError, IOError): return None
def googleapis_email(url, params): """Loads user data from googleapis service, only email so far as it's described in http://sites.google.com/site/oauthgoog/Home/emaildisplayscope Parameters must be passed in queryset and Authorization header as described on Google OAuth documentation at: http://groups.google.com/group/oauth/browse_thread/thread/d15add9beb418ebc and: http://code.google.com/apis/accounts/docs/OAuth2.html#CallingAnAPI """ request = Request(url + '?' + params, headers={'Authorization': params}) try: return json.loads(dsa_urlopen(request).read())['data'] except (ValueError, KeyError, IOError): return None
def user_data(self, access_token, response, *args, **kwargs): """Loads user data from service""" params = {'oauth_token': access_token, 'format': 'json', 'text': 1, } url = self.get_api_url() + '?' + urlencode(params) try: return json.load(dsa_urlopen(url)) except (ValueError, IndexError): log('error', 'Could not load data from Yandex.', exc_info=True, extra=dict(data=params)) return None
def mailru_api(data): """ Calls Mail.ru REST API method http://api.mail.ru/docs/guides/restapi/ """ data.update({'app_id': settings.MAILRU_OAUTH2_CLIENT_KEY, 'secure': '1'}) data['sig'] = mailru_sig(data) params = urlencode(data) request = Request(MAILRU_API_URL, params) try: return json.loads(dsa_urlopen(request).read()) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from Mail.ru.', exc_info=True, extra=dict(data=params)) return None
def user_data(self, access_token, response, *args, **kwargs): """Loads user data from service""" params = { 'oauth_token': access_token, 'format': 'json', 'text': 1, } url = self.get_api_url() + '?' + urlencode(params) try: return json.load(dsa_urlopen(url)) except (ValueError, IndexError): log('error', 'Could not load data from Yandex.', exc_info=True, extra=dict(data=params)) return None
def mailru_api(data): """ Calls Mail.ru REST API method http://api.mail.ru/docs/guides/restapi/ """ data.update({'app_id': settings.MAILRU_OAUTH2_CLIENT_KEY, 'secure': '1'}) data['sig'] = mailru_sig(data) params = urlencode(data) request = Request(MAILRU_API_URL, params) try: return json.loads(dsa_urlopen(request).read()) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from Mail.ru.', exc_info=True, extra=dict(data=params)) return None
def odnoklassniki_api(data): """ Calls Odnoklassniki REST API method http://dev.odnoklassniki.ru/wiki/display/ok/Odnoklassniki+Rest+API """ data.update({ 'application_key': settings.ODNOKLASSNIKI_OAUTH2_APP_KEY, 'format': 'JSON' }) data['sig'] = odnoklassniki_sig(data) params = urlencode(data) request = Request(ODNOKLASSNIKI_API_URL + '?' + params) try: return json.loads(dsa_urlopen(request).read()) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from Odnoklassniki.', exc_info=True, extra=dict(data=params)) return None
def odnoklassniki_api(data): """ Calls Odnoklassniki REST API method http://dev.odnoklassniki.ru/wiki/display/ok/Odnoklassniki+Rest+API """ data.update({ 'application_key': settings.ODNOKLASSNIKI_OAUTH2_APP_KEY, 'format': 'JSON' }) data['sig'] = odnoklassniki_sig(data) params = urlencode(data) request = Request(ODNOKLASSNIKI_API_URL + '?' + params) try: return json.loads(dsa_urlopen(request).read()) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from Odnoklassniki.', exc_info=True, extra=dict(data=params)) return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from Orkut service""" fields = ORKUT_DEFAULT_DATA if setting("ORKUT_EXTRA_DATA"): fields += "," + setting("ORKUT_EXTRA_DATA") scope = ORKUT_SCOPE + setting("ORKUT_EXTRA_SCOPE", []) params = { "method": "people.get", "id": "myself", "userId": "@me", "groupId": "@self", "fields": fields, "scope": " ".join(scope), } request = self.oauth_request(access_token, ORKUT_REST_ENDPOINT, params) response = dsa_urlopen(request.to_url()).read() try: return json.loads(response)["data"] except (ValueError, KeyError): return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from Orkut service""" fields = ORKUT_DEFAULT_DATA if setting('ORKUT_EXTRA_DATA'): fields += ',' + setting('ORKUT_EXTRA_DATA') scope = ORKUT_SCOPE + setting('ORKUT_EXTRA_SCOPE', []) params = { 'method': 'people.get', 'id': 'myself', 'userId': '@me', 'groupId': '@self', 'fields': fields, 'scope': ' '.join(scope) } request = self.oauth_request(access_token, ORKUT_REST_ENDPOINT, params) response = dsa_urlopen(request.to_url()).read() try: return json.loads(response)['data'] except (ValueError, KeyError): return None
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" data = None params = backend_setting(self, self.EXTRA_PARAMS_VAR_NAME, {}) params['access_token'] = access_token url = FACEBOOK_ME + urlencode(params) try: data = json.load(dsa_urlopen(url)) except ValueError: extra = {'access_token': sanitize_log_data(access_token)} log('error', 'Could not load user data from Facebook.', exc_info=True, extra=extra) except HTTPError: extra = {'access_token': sanitize_log_data(access_token)} log('error', 'Error validating access token.', exc_info=True, extra=extra) raise AuthTokenError(self) else: log('debug', 'Found user data for token %s', sanitize_log_data(access_token), extra={'data': data}) return data
def user_data(self, access_token, *args, **kwargs): """Loads user data from service""" data = None params = backend_setting(self, self.EXTRA_PARAMS_VAR_NAME, {}) params['access_token'] = access_token url = FACEBOOK_ME + urlencode(params) try: data = json.load(dsa_urlopen(url)) except ValueError: extra = {'access_token': sanitize_log_data(access_token)} log('error', 'Could not load user data from Facebook.', exc_info=True, extra=extra) except HTTPError: extra = {'access_token': sanitize_log_data(access_token)} log('error', 'Error validating access token.', exc_info=True, extra=extra) raise AuthTokenError(self) else: log('debug', 'Found user data for token %s', sanitize_log_data(access_token), extra={'data': data}) return data
def vkontakte_api(method, data): """Calls VKontakte OpenAPI method http://vkontakte.ru/apiclub, http://vkontakte.ru/pages.php?o=-1&p=%C2%FB%EF%EE%EB%ED%E5%ED%E8%E5%20 %E7%E0%EF%F0%EE%F1%EE%E2%20%EA%20 API """ # We need to perform server-side call if no access_token if not 'access_token' in data: if not 'v' in data: data['v'] = VKONTAKTE_API_VERSION if not 'api_id' in data: data['api_id'] = _api_get_val_fun('id', 'VKONTAKTE_APP_ID') data['method'] = method data['format'] = 'json' url = VKONTAKTE_SERVER_API_URL secret = _api_get_val_fun('key', 'VKONTAKTE_APP_SECRET') param_list = sorted(list(item + '=' + data[item] for item in data)) data['sig'] = md5(''.join(param_list) + secret).hexdigest() else: url = VKONTAKTE_API_URL + method params = urlencode(data) url += '?' + params try: return json.load(dsa_urlopen(url)) except (TypeError, KeyError, IOError, ValueError, IndexError): log('error', 'Could not load data from VKontakte.', exc_info=True, extra=dict(data=data)) return None
def user_data(self, access_token): """Return user data provided""" # Bitbucket has a bit of an indirect route to obtain user data from an # authenticated query: First obtain the user's email via an # authenticated GET url = BITBUCKET_EMAIL_DATA_URL request = self.oauth_request(access_token, url) response = self.fetch_response(request) try: # Then retrieve the user's primary email address or the top email email_addresses = json.loads(response) for email_address in reversed(email_addresses): if email_address['active']: email = email_address['email'] if email_address['primary']: break # Then return the user data using a normal GET with the # BITBUCKET_USER_DATA_URL and the user's email response = dsa_urlopen(BITBUCKET_USER_DATA_URL + email) user_details = json.load(response)['user'] user_details['email'] = email return user_details except ValueError: return None
def user_data(self, access_token): """Return user data provided""" # Bitbucket has a bit of an indirect route to obtain user data from an # authenticated query: First obtain the user's email via an # authenticated GET url = BITBUCKET_EMAIL_DATA_URL request = self.oauth_request(access_token, url) response = self.fetch_response(request) try: # Then retrieve the user's primary email address or the top email email_addresses = json.loads(response) for email_address in reversed(email_addresses): if email_address['active']: email = email_address['email'] if email_address['primary']: break # Then return the user data using a normal GET with the # BITBUCKET_USER_DATA_URL and the user's email response = dsa_urlopen(BITBUCKET_USER_DATA_URL + email) user_details = json.load(response)['user'] user_details['email'] = email return user_details except ValueError: return None
def auth_complete(self, *args, **kwargs): """Completes logging process, must return user instance""" access_token = None expires = None if 'code' in self.data: state = self.validate_state() url = ACCESS_TOKEN + urlencode({ 'client_id': backend_setting(self, self.SETTINGS_KEY_NAME), 'redirect_uri': self.get_redirect_uri(state), 'client_secret': backend_setting(self, self.SETTINGS_SECRET_NAME), 'code': self.data['code'] }) try: response = urlparse.parse_qs(dsa_urlopen(url).read()) except HTTPError: raise AuthFailed(self, 'There was an error authenticating the app') access_token = response['access_token'][0] if 'expires' in response: expires = response['expires'][0] if 'signed_request' in self.data: response = load_signed_request(self.data.get('signed_request'), backend_setting(self, self.SETTINGS_SECRET_NAME)) if response is not None: access_token = response.get('access_token') or response.get('oauth_token') or \ self.data.get('access_token') if 'expires' in response: expires = response['expires'] if access_token: data = self.user_data(access_token) if not isinstance(data, dict): # From time to time Facebook responds back a JSON with just # False as value, the reason is still unknown, but since the # data is needed (it contains the user ID used to identify the # account on further logins), this app cannot allow it to # continue with the auth process. raise AuthUnknownError(self, 'An error occurred while retrieving users Facebook data') data['access_token'] = access_token # expires will not be part of response if offline access # permission was requested if expires: data['expires'] = expires kwargs.update({'auth': self, 'response': data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs) else: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self)
def fetch_response(self, request): """Executes request and fetchs service response""" response = dsa_urlopen(request.to_url()) return '\n'.join(response.readlines())
def fetch_response(self, request): """Executes request and fetched service response""" response = dsa_urlopen(request.to_url()) return '\n'.join(response.readlines())
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" access_token = None expires = None if 'code' in self.data: state = self.validate_state() url = ACCESS_TOKEN + urlencode({ 'client_id': backend_setting(self, self.SETTINGS_KEY_NAME), 'redirect_uri': self.get_redirect_uri(state), 'client_secret': backend_setting(self, self.SETTINGS_SECRET_NAME), 'code': self.data['code'] }) try: response = urlparse.parse_qs(dsa_urlopen(url).read()) except HTTPError: raise AuthFailed(self, 'There was an error authenticating the app') access_token = response['access_token'][0] if 'expires' in response: expires = response['expires'][0] if 'signed_request' in self.data: response = load_signed_request(self.data.get('signed_request'), backend_setting(self, self.SETTINGS_SECRET_NAME)) if response is not None: access_token = response.get('access_token') or \ response.get('oauth_token') or \ self.data.get('access_token') if 'expires' in response: expires = response['expires'] if access_token: data = self.user_data(access_token) if not isinstance(data, dict): # From time to time Facebook responds back a JSON with just # False as value, the reason is still unknown, but since the # data is needed (it contains the user ID used to identify the # account on further logins), this app cannot allow it to # continue with the auth process. raise AuthUnknownError(self, 'An error ocurred while retrieving users Facebook data') data['access_token'] = access_token # expires will not be part of response if offline access # premission was requested if expires: data['expires'] = expires kwargs.update({'auth': self, 'response': data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs) else: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self)