def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') request_token = request.args.get('oauth_token') if not verifier or not request_token: # user declined return {'error': 'Flickr authorization declined'} request_token_secret = session.get('oauth_token_secret') oauth = OAuth1Session( client_key=current_app.config['FLICKR_CLIENT_KEY'], client_secret=current_app.config['FLICKR_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret) oauth.parse_authorization_response(request.url) # get the access token and secret r = oauth.fetch_access_token(ACCESS_TOKEN_URL) current_app.logger.debug('response from access token: %r', r) token = r.get('oauth_token') secret = r.get('oauth_token_secret') user_id = r.get('user_nsid') username = r.get('fullname') r = call_api_method('GET', 'flickr.people.getInfo', {'user_id': user_id}, token, secret) user_info = r.json() account = Account.query.filter_by(service=SERVICE_NAME, user_id=user_id).first() if not account: account = Account(service=SERVICE_NAME, user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = token account.token_secret = secret account.update_sites([ Flickr(url='https://flickr.com/{}'.format(account.user_id), domain='flickr.com/{}'.format(account.user_id), site_id=account.user_id) ]) db.session.commit() flash('Authorized {}: {}'.format( account.username, ', '.join(s.domain for s in account.sites))) util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') request_token = request.args.get('oauth_token') if not verifier or not request_token: # user declined return {'error': 'Flickr authorization declined'} request_token_secret = session.get('oauth_token_secret') oauth = OAuth1Session( client_key=current_app.config['FLICKR_CLIENT_KEY'], client_secret=current_app.config['FLICKR_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret) oauth.parse_authorization_response(request.url) # get the access token and secret r = oauth.fetch_access_token(ACCESS_TOKEN_URL) current_app.logger.debug('response from access token: %r', r) token = r.get('oauth_token') secret = r.get('oauth_token_secret') user_id = r.get('user_nsid') username = r.get('fullname') r = call_api_method('GET', 'flickr.people.getInfo', { 'user_id': user_id }, token, secret) user_info = r.json() account = Account.query.filter_by( service=SERVICE_NAME, user_id=user_id).first() if not account: account = Account(service=SERVICE_NAME, user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = token account.token_secret = secret account.update_sites([Flickr( url='https://flickr.com/{}'.format(account.user_id), domain='flickr.com/{}'.format(account.user_id), site_id=account.user_id)]) db.session.commit() flash('Authorized {}: {}'.format(account.username, ', '.join( s.domain for s in account.sites))) util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') request_token = request.args.get('oauth_token') if not verifier or not request_token: # user declined return {'error': 'Tumblr authorization declined'} request_token_secret = session.get('oauth_token_secret') oauth = OAuth1Session( client_key=current_app.config['TUMBLR_CLIENT_KEY'], client_secret=current_app.config['TUMBLR_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret) oauth.parse_authorization_response(request.url) # get the access token and secret r = oauth.fetch_access_token(ACCESS_TOKEN_URL) token = r.get('oauth_token') secret = r.get('oauth_token_secret') info_resp = oauth.get(USER_INFO_URL).json() user_info = info_resp.get('response', {}).get('user') user_id = username = user_info.get('name') account = Account.query.filter_by( service='tumblr', user_id=user_id).first() if not account: account = Account(service='tumblr', user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = token account.token_secret = secret sites = [] for blog in user_info.get('blogs', []): sites.append(Tumblr( url=blog.get('url'), domain=util.domain_for_url(blog.get('url')), site_id=blog.get('name'), site_info=blog)) account.update_sites(sites) db.session.commit() util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') request_token = request.args.get('oauth_token') if not verifier or not request_token: # user declined return {'error': 'Tumblr authorization declined'} request_token_secret = session.get('oauth_token_secret') oauth = OAuth1Session( client_key=current_app.config['TUMBLR_CLIENT_KEY'], client_secret=current_app.config['TUMBLR_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret) oauth.parse_authorization_response(request.url) # get the access token and secret r = oauth.fetch_access_token(ACCESS_TOKEN_URL) token = r.get('oauth_token') secret = r.get('oauth_token_secret') info_resp = oauth.get(USER_INFO_URL).json() user_info = info_resp.get('response', {}).get('user') user_id = username = user_info.get('name') account = Account.query.filter_by(service='tumblr', user_id=user_id).first() if not account: account = Account(service='tumblr', user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = token account.token_secret = secret sites = [] for blog in user_info.get('blogs', []): sites.append( Tumblr(url=blog.get('url'), domain=util.domain_for_url(blog.get('url')), site_id=blog.get('name'), site_info=blog)) account.update_sites(sites) db.session.commit() util.set_authed(account.sites) return {'account': account}
def callback(): try: callback_uri = url_for(".callback", _external=True) result = process_authenticate_callback(callback_uri) if "error" in result: flash(result["error"], category="danger") return redirect(url_for("views.index")) account = Account.query.filter_by(service="tumblr", user_id=result["user_id"]).first() if not account: account = Account(service="tumblr", user_id=result["user_id"]) db.session.add(account) account.username = result["username"] account.user_info = result["user_info"] account.token = result["token"] account.token_secret = result["secret"] sites = [] for blog in result["user_info"].get("blogs", []): sites.append( Tumblr( url=blog.get("url"), domain=util.domain_for_url(blog.get("url")), site_id=blog.get("name"), site_info=blog, ) ) account.update_sites(sites) db.session.commit() flash("Authorized {}: {}".format(account.username, ", ".join(s.domain for s in account.sites))) util.set_authed(account.sites) return redirect(url_for("views.setup_account", service=SERVICE_NAME, user_id=account.user_id)) except: current_app.logger.exception("During Tumblr authorization callback") flash(html.escape(str(sys.exc_info()[0])), "danger") return redirect(url_for("views.index"))
def callback(): try: callback_uri = url_for('.callback', _external=True) result = process_authenticate_callback(callback_uri) if 'error' in result: flash(result['error'], category='danger') return redirect(url_for('views.index')) account = Account.query.filter_by( service=SERVICE_NAME, user_id=result['user_id']).first() if not account: account = Account(service=SERVICE_NAME, user_id=result['user_id']) db.session.add(account) account.username = result['username'] account.token = result['token'] account.token_secret = result['secret'] account.user_info = fetch_user_info(account.user_id) url = 'https://www.goodreads.com/user/show/' + account.user_id account.update_sites([Goodreads( url=url, domain='goodreads.com/' + account.user_id, site_id=account.user_id)]) db.session.commit() flash('Authorized {} ({}): {}'.format( account.user_id, account.username, ', '.join( site.url for site in account.sites))) util.set_authed(account.sites) return redirect(url_for('views.setup_account', service=SERVICE_NAME, user_id=account.user_id)) except: current_app.logger.exception('goodreads authorization callback') flash(html.escape(str(sys.exc_info()[0])), 'danger') return redirect(url_for('views.index'))
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') if not verifier: # user declined return {'error': 'Twitter authorization declined'} request_token = session.get('oauth_token') request_token_secret = session.get('oauth_token_secret') oauth_session = OAuth1Session( client_key=current_app.config['TWITTER_CLIENT_KEY'], client_secret=current_app.config['TWITTER_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret, callback_uri=callback_uri) oauth_session.parse_authorization_response(request.url) # get the access token and secret r = oauth_session.fetch_access_token(ACCESS_TOKEN_URL) access_token = r.get('oauth_token') access_token_secret = r.get('oauth_token_secret') current_app.logger.debug('request token: %s, secret: %s', request_token, request_token_secret) current_app.logger.debug('access token: %s, secret: %s', access_token, access_token_secret) auth = OAuth1(client_key=current_app.config['TWITTER_CLIENT_KEY'], client_secret=current_app.config['TWITTER_CLIENT_SECRET'], resource_owner_key=access_token, resource_owner_secret=access_token_secret) user_info = requests.get(VERIFY_CREDENTIALS_URL, auth=auth).json() if 'errors' in user_info: return { 'error': 'Error fetching credentials %r' % user_info.get('errors') } user_id = user_info.get('id_str') username = user_info.get('screen_name') current_app.logger.debug('verified credentials. user_id=%s, username=%s', user_id, username) current_app.logger.debug('user_info: %r', user_info) account = Account.query.filter_by(service='twitter', user_id=user_id).first() if not account: account = Account(service='twitter', user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = access_token account.token_secret = access_token_secret account.update_sites([ Twitter(url='https://twitter.com/{}'.format(account.username), domain='twitter.com/{}'.format(account.username), site_id=account.user_id) ]) db.session.commit() util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): if request.args.get('authorize') != '1': return {'error': 'Goodreads user declined'} request_token = session.get('oauth_token') request_token_secret = session.get('oauth_token_secret') if request_token != request.args.get('oauth_token'): return {'error': 'oauth_token does not match'} oauth_session = OAuth1Session( client_key=current_app.config['GOODREADS_CLIENT_KEY'], client_secret=current_app.config['GOODREADS_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret, callback_uri=callback_uri, # Goodreads does not use a verifier, put something here so that # the library doesn't error verifier='unused') oauth_session.parse_authorization_response(request.url) # get the access token and secret r = oauth_session.fetch_access_token(ACCESS_TOKEN_URL) access_token = r.get('oauth_token') access_token_secret = r.get('oauth_token_secret') r = oauth_session.get('https://www.goodreads.com/api/auth_user') if r.status_code // 100 != 2: return { 'error': 'unexpected response from auth.user. status={}, body={}'.format( r.status_code, r.text) } # EXAMPLE RESPONSE """<?xml version="1.0" encoding="UTF-8"?> <GoodreadsResponse> <Request> <authentication>true</authentication> <key><![CDATA[qRuT5Xit4xERHQGzyq9QSw]]></key> <method><![CDATA[api_auth_user]]></method> </Request> <user id="4544167"> <name>Kyle Mahan</name> <link><![CDATA[https://www.goodreads.com/user/show/4544167-kyle?utm_medium=api]]></link> </user> </GoodreadsResponse>""" root = ETree.fromstring(r.content) user = root.find('user') user_id = user.attrib['id'] user_name = user.findtext('name') account = Account.query.filter_by(service=SERVICE_NAME, user_id=user_id).first() if not account: account = Account(service=SERVICE_NAME, user_id=user_id) db.session.add(account) account.username = user_name account.token = access_token account.token_secret = access_token_secret account.user_info = fetch_user_info(account.user_id) url = 'https://www.goodreads.com/user/show/' + account.user_id account.update_sites([ Goodreads(url=url, domain='goodreads.com/' + account.user_id, site_id=account.user_id) ]) db.session.commit() util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') if not verifier: # user declined return {'error': 'Twitter authorization declined'} request_token = session.get('oauth_token') request_token_secret = session.get('oauth_token_secret') oauth_session = OAuth1Session( client_key=current_app.config['TWITTER_CLIENT_KEY'], client_secret=current_app.config['TWITTER_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret, callback_uri=callback_uri) oauth_session.parse_authorization_response(request.url) # get the access token and secret r = oauth_session.fetch_access_token(ACCESS_TOKEN_URL) access_token = r.get('oauth_token') access_token_secret = r.get('oauth_token_secret') current_app.logger.debug('request token: %s, secret: %s', request_token, request_token_secret) current_app.logger.debug('access token: %s, secret: %s', access_token, access_token_secret) auth = OAuth1( client_key=current_app.config['TWITTER_CLIENT_KEY'], client_secret=current_app.config['TWITTER_CLIENT_SECRET'], resource_owner_key=access_token, resource_owner_secret=access_token_secret) user_info = requests.get(VERIFY_CREDENTIALS_URL, auth=auth).json() if 'errors' in user_info: return {'error': 'Error fetching credentials %r' % user_info.get('errors')} user_id = user_info.get('id_str') username = user_info.get('screen_name') current_app.logger.debug('verified credentials. user_id=%s, username=%s', user_id, username) current_app.logger.debug('user_info: %r', user_info) account = Account.query.filter_by( service='twitter', user_id=user_id).first() if not account: account = Account(service='twitter', user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = access_token account.token_secret = access_token_secret account.update_sites([Twitter( url='https://twitter.com/{}'.format(account.username), domain='twitter.com/{}'.format(account.username), site_id=account.user_id)]) db.session.commit() util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): if request.args.get('authorize') != '1': return {'error': 'Goodreads user declined'} request_token = session.get('oauth_token') request_token_secret = session.get('oauth_token_secret') if request_token != request.args.get('oauth_token'): return {'error': 'oauth_token does not match'} oauth_session = OAuth1Session( client_key=current_app.config['GOODREADS_CLIENT_KEY'], client_secret=current_app.config['GOODREADS_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret, callback_uri=callback_uri, # Goodreads does not use a verifier, put something here so that # the library doesn't error verifier='unused') oauth_session.parse_authorization_response(request.url) # get the access token and secret r = oauth_session.fetch_access_token(ACCESS_TOKEN_URL) access_token = r.get('oauth_token') access_token_secret = r.get('oauth_token_secret') r = oauth_session.get('https://www.goodreads.com/api/auth_user') if r.status_code // 100 != 2: return { 'error': 'unexpected response from auth.user. status={}, body={}' .format(r.status_code, r.text) } # EXAMPLE RESPONSE """<?xml version="1.0" encoding="UTF-8"?> <GoodreadsResponse> <Request> <authentication>true</authentication> <key><![CDATA[qRuT5Xit4xERHQGzyq9QSw]]></key> <method><![CDATA[api_auth_user]]></method> </Request> <user id="4544167"> <name>Kyle Mahan</name> <link><![CDATA[https://www.goodreads.com/user/show/4544167-kyle?utm_medium=api]]></link> </user> </GoodreadsResponse>""" root = ETree.fromstring(r.content) user = root.find('user') user_id = user.attrib['id'] user_name = user.findtext('name') account = Account.query.filter_by( service=SERVICE_NAME, user_id=user_id).first() if not account: account = Account(service=SERVICE_NAME, user_id=user_id) db.session.add(account) account.username = user_name account.token = access_token account.token_secret = access_token_secret account.user_info = fetch_user_info(account.user_id) url = 'https://www.goodreads.com/user/show/' + account.user_id account.update_sites([Goodreads( url=url, domain='goodreads.com/' + account.user_id, site_id=account.user_id)]) db.session.commit() util.set_authed(account.sites) return {'account': account}