def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { 'grant_type': 'authorization_code', # request auth code 'code': self.data.get('code', ''), # server response code 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': self.get_redirect_uri(state) } headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json' } request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=headers) try: response = simplejson.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def process_error(self, data): if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] if self.data['error'] == 'access_denied': raise AuthCanceled(self, error) else: raise AuthFailed(self, error)
def response(self): if not hasattr(self, '_response'): if self.data.get('error'): error = self.data.get( 'error_description') or self.data['error'] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { 'grant_type': 'authorization_code', # request auth code 'code': self.data.get('code', ''), # server response code 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': self.get_redirect_uri(state) } headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json' } request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=headers) try: self._response = simplejson.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise except (ValueError, KeyError): raise AuthUnknownError(self)
def auth_complete(self, *args, **kwargs): """Completes login process, must return user instance""" print dir(self) if 'denied' in self.data: raise AuthCanceled(self) else: return super(DoubanAuth, self).auth_complete(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Complete auth process. Check LinkedIn error response.""" oauth_problem = self.request.GET.get('oauth_problem') if oauth_problem: if oauth_problem == 'user_refused': raise AuthCanceled(self, '') else: raise AuthUnknownError(self, 'LinkedIn error was %s' % oauth_problem) return super(LinkedinAuth, self).auth_complete(*args, **kwargs)
class ShopifyAuth(BaseOAuth2): """Shopify OAuth authentication mechanism""" AUTH_BACKEND = ShopifyBackend SETTINGS_KEY_NAME = 'SHOPIFY_APP_API_KEY' SETTINGS_SECRET_NAME = 'SHOPIFY_SHARED_SECRET' # Look at http://api.shopify.com/authentication.html#scopes SCOPE_VAR_NAME = 'SHOPIFY_SCOPE' def __init__(self, request, redirect): super(ShopifyAuth, self).__init__(request, redirect) fp, pathname, description = imp.find_module('shopify') self.shopifyAPI = imp.load_module('shopify', fp, pathname, description) def auth_url(self): self.shopifyAPI.Session.setup(api_key=setting('SHOPIFY_APP_API_KEY'), secret=setting('SHOPIFY_SHARED_SECRET')) scope = self.get_scope() state = self.state_token() self.request.session[self.AUTH_BACKEND.name + '_state'] = state redirect_uri = self.get_redirect_uri(state) permission_url = self.shopifyAPI.Session.create_permission_url( self.request.GET.get('shop').strip(), scope=scope, redirect_uri=redirect_uri ) return permission_url def auth_complete(self, *args, **kwargs): """Completes login process, must return user instance""" access_token = None if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) client_id, client_secret = self.get_key_and_secret() try: shop_url = self.request.GET.get('shop') self.shopifyAPI.Session.setup( api_key=setting('SHOPIFY_APP_API_KEY'), secret=setting('SHOPIFY_SHARED_SECRET') ) shopify_session = self.shopifyAPI.Session(shop_url, self.request.REQUEST) access_token = shopify_session.token except self.shopifyAPI.ValidationException, e: raise AuthCanceled(self) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" self.process_error(self.data) params = self.auth_complete_params(self.validate_state()) request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), headers=self.auth_complete_headers()) try: response = simplejson.loads(dsa_urlopen(request).read()) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" access_token = None response = self.response if 'code' in self.data: access_token = self.response['access_token'][0] if 'expires' in self._response: expires = self.response['expires'][0] if 'signed_request' in self.data: if response is not None: access_token = response.get('access_token') or \ response.get('oauth_token') or \ self.data.get('access_token') if 'expires' in self._response: expires = response['expires'] if access_token: data = self.user_data(access_token) if not isinstance(data, dict): # From time to time Facebook responds back a JSON with just # False as value, the reason is still unknown, but since the # data is needed (it contains the user ID used to identify the # account on further logins), this app cannot allow it to # continue with the auth process. raise AuthUnknownError( self, 'An error ocurred while ' 'retrieving users Facebook ' 'data') data['access_token'] = access_token # expires will not be part of response if offline access # premission was requested if expires: data['expires'] = expires kwargs.update({ 'auth': self, 'response': data, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs) else: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" access_token = None expires = None if 'code' in self.data: state = self.validate_state() url = ACCESS_TOKEN + urlencode({ 'client_id': backend_setting(self, self.SETTINGS_KEY_NAME), 'redirect_uri': self.get_redirect_uri(state), 'client_secret': backend_setting(self, self.SETTINGS_SECRET_NAME), 'code': self.data['code'] }) try: response = cgi.parse_qs(dsa_urlopen(url).read()) except HTTPError: raise AuthFailed( self, 'There was an error authenticating ' 'the app') access_token = response['access_token'][0] if 'expires' in response: expires = response['expires'][0] if 'signed_request' in self.data: response = load_signed_request( self.data.get('signed_request'), backend_setting(self, self.SETTINGS_SECRET_NAME)) if response is not None: access_token = response.get('access_token') or \ response.get('oauth_token') or \ self.data.get('access_token') if 'expires' in response: expires = response['expires'] if access_token: return self.do_auth(access_token, expires=expires, *args, **kwargs) else: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) state = self.validate_state() client_id, client_secret = self.get_key_and_secret() params = { 'grant_type': 'authorization_code', # request auth code 'code': self.data.get('code', ''), # server response code 'client_id': client_id, 'client_secret': client_secret, 'redirect_uri': self.get_redirect_uri(state) } headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json' } #request = Request(self.ACCESS_TOKEN_URL, data=urlencode(params), # headers=headers) try: #response = simplejson.loads(urlopen(request).read()) http_response = requests.post(self.ACCESS_TOKEN_URL, data=params, headers=headers) if http_response.status_code == 200: response = simplejson.loads(http_response.text) else: raise AuthCanceled(self) except (ValueError, KeyError): raise AuthUnknownError(self) if response.get('error'): error = response.get('error_description') or response.get('error') raise AuthFailed(self, error) else: data = self.user_data(response['access_token'], response) response.update(data or {}) kwargs.update({ 'auth': self, 'response': response, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Return user, might be logged in""" name = self.AUTH_BACKEND.name + 'unauthorized_token_name' unauthed_token = self.request.session.get(name) if not unauthed_token: raise AuthTokenError('Missing unauthorized token') token = Token.from_string(unauthed_token) if token.key != self.data.get('oauth_token', 'no-token'): raise AuthTokenError('Incorrect tokens') try: access_token = self.access_token(token) except HTTPError, e: if e.code == 400: raise AuthCanceled(self) else: raise
def auth_complete(self, *args, **kwargs): """Complete auth process""" response = self.consumer().complete(dict(self.data.items()), self.request.build_absolute_uri()) if not response: raise AuthException(self, 'OpenID relying party endpoint') elif response.status == SUCCESS: kwargs.update({ 'auth': self, 'response': response, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs) elif response.status == FAILURE: raise AuthFailed(self, response.message) elif response.status == CANCEL: raise AuthCanceled(self) else: raise AuthUnknownError(self, response.status)
def auth_complete(self, *args, **kwargs): """Completes login process, must return user instance""" access_token = None if self.data.get('error'): error = self.data.get('error_description') or self.data['error'] raise AuthFailed(self, error) client_id, client_secret = self.get_key_and_secret() try: shop_url = self.request.GET.get('shop') self.shopifyAPI.Session.setup( api_key=setting('SHOPIFY_APP_API_KEY'), secret=setting('SHOPIFY_SHARED_SECRET') ) shopify_session = self.shopifyAPI.Session(shop_url, self.request.REQUEST) access_token = shopify_session.token except self.shopifyAPI.ValidationException, e: raise AuthCanceled(self)
def auth_complete(self, *args, **kwargs): """Yammer API is a little strange""" if 'error' in self.data: logging.error("%s: %s:\n%s" % (self.data('error'), self.data('error_reason'), self.data('error_description'))) raise AuthCanceled(self) # now we need to clean up the data params data = dict(self.data.copy()) redirect_state = data.get('redirect_state') try: parts = redirect_state.split('?') data['redirect_state'] = parts[0] extra = parse_qs(parts[1]) data['code'] = extra['code'][0] self.data = MergeDict(data) except Exception as e: logging.exception(e) return super(YammerOAuth2, self).auth_complete(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if 'code' not in self.data: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self) url = ACCESS_TOKEN + urlencode( { 'client_id': setting('FACEBOOK_APP_ID'), 'redirect_uri': self.redirect_uri, 'client_secret': setting('FACEBOOK_API_SECRET'), 'code': self.data['code'] }) try: response = cgi.parse_qs(urlopen(url).read()) except HTTPError: raise AuthFailed(self, 'There was an error authenticating the app') access_token = response['access_token'][0] data = self.user_data(access_token) if data is not None: data['access_token'] = access_token # expires will not be part of response if offline access # premission was requested if 'expires' in response: data['expires'] = response['expires'][0] kwargs.update({ 'auth': self, 'response': data, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" access_token = None expires = None if 'code' in self.data: state = self.validate_state() url = ACCESS_TOKEN + urlencode( { 'client_id': setting('FACEBOOK_APP_ID'), 'redirect_uri': self.get_redirect_uri(state), 'client_secret': setting('FACEBOOK_API_SECRET'), 'code': self.data['code'] }) try: response = cgi.parse_qs(urlopen(url).read()) except HTTPError: raise AuthFailed(self, 'There was an error authenticating ' \ 'the app') access_token = response['access_token'][0] if 'expires' in response: expires = response['expires'][0] if 'signed_request' in self.data: response = load_signed_request(self.data.get('signed_request')) if response is not None: access_token = response.get('access_token') or \ response.get('oauth_token') or \ self.data.get('access_token') if 'expires' in response: expires = response['expires'] if access_token: data = self.user_data(access_token) if not isinstance(data, dict): # From time to time Facebook responds back a JSON with just # False as value, the reason is still unknown, but since the # data is needed (it contains the user ID used to identify the # account on further logins), this app cannot allow it to # continue with the auth process. raise AuthUnknownError(self, 'An error ocurred while ' \ 'retrieving users Facebook ' \ 'data') data['access_token'] = access_token # expires will not be part of response if offline access # premission was requested if expires: data['expires'] = expires kwargs.update({ 'auth': self, 'response': data, self.AUTH_BACKEND.name: True }) return authenticate(*args, **kwargs) else: if self.data.get('error') == 'access_denied': raise AuthCanceled(self) else: raise AuthException(self)
def auth_complete(self, *args, **kwargs): try: return super(MailruOAuth2, self).auth_complete(*args, **kwargs) except HTTPError: # Mail.ru returns HTTPError 400 if cancelled raise AuthCanceled(self)
def auth_complete(self, *args, **kwargs): """Completes loging process, must return user instance""" if 'denied' in self.data: raise AuthCanceled(self) else: return super(TwitterAuth, self).auth_complete(*args, **kwargs)