def twitter(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('twitter')
if identity:
user.twitter = {
'name' : identity.name,
'image_url' : identity.image_url,
'external_user_id' : identity.external_user_id,
}
request.session['user'] = user
return HttpResponseRedirect(redirect_url)
if 'oauth_verifier' in request.GET:
auth = tweepy.OAuthHandler(TWITTER_API_KEY, TWITTER_API_SECRET)
token = request.session.get('twitter_request_token',None)
if 'twitter_request_token' in request.session:
del request.session['twitter_request_token']
if token:
auth.set_request_token(token[0], token[1])
try:
access_token = auth.get_access_token(request.GET.get('oauth_verifier'))
# And now let's store it in the session!
request.session['twitter_access_token'] = (access_token.key, access_token.secret)
twitter_user = get_twitter_api(request).me()
user_info = {
'token' : json.dumps(request.session['twitter_access_token']),
'external_user_id' : twitter_user.id,
'name' : twitter_user.screen_name,
'image_url' : twitter_user.profile_image_url,
'data' : twitter_user.__dict__,
}
user = None
if 'user' in request.session:
user = request.session['user']
s_user = SocialUser.lookup('twitter', user, user_info)
s_user.twitter = {
'name' : user_info['name'],
'image_url' : user_info['image_url'],
'external_user_id' : user_info['external_user_id'],
}
request.session['user'] = s_user
except tweepy.TweepError, e:
logging.error('Error! Failed to get twitter request token.')
logging.error(e)
return HttpResponseRedirect(redirect_url)
def submit(request):
if request.POST:
form = IdentityProviderForm(request)
if form.is_valid():
provider = form.cleaned_data['provider']
user_info = {
'token' : form.cleaned_data['token'],
'external_user_id' : form.cleaned_data['external_user_id'],
'name' : form.cleaned_data['name'],
'image_url' : form.cleaned_data['image_url'],
'data' : form.cleaned_data['data'],
}
user = None
if 'user' in request.session:
user = request.session['user']
request.session['user'] = SocialUser.lookup(provider, user, user_info)
return redirect('auth_status')
return HttpResponse(json.dumps({'error':'post request invalid'}),mimetype="application/json")
def submit(request):
if request.POST:
form = IdentityProviderForm(request)
if form.is_valid():
provider = form.cleaned_data['provider']
user_info = {
'token': form.cleaned_data['token'],
'external_user_id': form.cleaned_data['external_user_id'],
'name': form.cleaned_data['name'],
'image_url': form.cleaned_data['image_url'],
'data': form.cleaned_data['data'],
}
user = None
if 'user' in request.session:
user = request.session['user']
request.session['user'] = \
SocialUser.lookup(provider, user, user_info)
return redirect('auth_status')
return HttpResponse(
json.dumps({'error': 'post request invalid'}),
mimetype="application/json",
)
def google(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('google')
if identity:
user.google = {
'name': identity.name,
'image_url': identity.image_url,
'external_user_id': identity.external_user_id,
}
request.session['user'] = user
request.session[TRACKER_NAME] = 'google'
return redirect(_build_cb_url(redirect_url, user))
# Don't use build_absolute_uri so we can drop GET
callback_url = '%s://%s%s' % (
'https' if request.is_secure() else 'http',
request.get_host(),
request.path,
)
if 'error' in request.GET:
logging.error(
'Error! %s: Reason %s - Description %s' %
(request.GET['error'], request.GET.get('error_reason'), ' '.join(
request.GET.get('error_description', '').split('+'))))
return redirect(redirect_url)
elif 'code' in request.GET:
try:
o = oauth2.GooglePlus.create_from_authorization_code(
request.GET['code'],
GOOGLE_API_KEY,
GOOGLE_API_SECRET,
callback_url,
)
profile = o.get_user()
user_info = {
'token': o.refresh_token and o.refresh_token or o.access_token,
'external_user_id': profile['id'],
'name': profile['displayName'],
'image_url': profile['image']['url'],
'expires': 3600,
'data': profile,
}
user = request.session.get('user', None)
# Append to existing user object to allow login to multiple
# social services at once.
s_user = SocialUser.lookup('google', None, user_info)
if user is not None:
s_user = user
s_user.google = {
'name': user_info['name'],
'image_url': user_info['image_url'],
'external_user_id': user_info['external_user_id'],
}
request.session['user'] = s_user
request.session[TRACKER_NAME] = 'google'
redirect_url = _build_cb_url(redirect_url, s_user)
except oauth2.RequestError, e:
# 404 means user doesn't have google profile.
# But the rest of this doesn't seem to have
# any sort of error messages for users
# so just passing for now
if e.status == 404:
pass
logging.error(e)
return redirect(redirect_url)
def twitter(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('twitter')
if identity:
user.twitter = {
'name': identity.name,
'image_url': identity.image_url,
'external_user_id': identity.external_user_id,
}
request.session['user'] = user
request.session[TRACKER_NAME] = 'twitter'
return redirect(_build_cb_url(redirect_url, user))
if 'oauth_verifier' in request.GET:
auth = tweepy.OAuthHandler(TWITTER_API_KEY, TWITTER_API_SECRET)
token = request.session.get('twitter_request_token', None)
if 'twitter_request_token' in request.session:
del request.session['twitter_request_token']
if token:
auth.set_request_token(token[0], token[1])
try:
access_token = \
auth.get_access_token(request.GET.get('oauth_verifier'))
# And now let's store it in the session!
request.session['twitter_access_token'] = (
access_token.key,
access_token.secret,
)
twitter_user = get_twitter_api(request).me()
user_info = {
'token': \
json.dumps(request.session['twitter_access_token']),
'external_user_id': twitter_user.id,
'name': twitter_user.screen_name,
'image_url': twitter_user.profile_image_url,
'data': twitter_user.__dict__,
}
user = request.session.get('user', None)
# Append to existing user object to allow login to multiple
# social services at once.
s_user = SocialUser.lookup('twitter', None, user_info)
if user is not None:
s_user = user
s_user.twitter = {
'name': user_info['name'],
'image_url': user_info['image_url'],
'external_user_id': user_info['external_user_id'],
}
request.session['user'] = s_user
request.session[TRACKER_NAME] = 'twitter'
redirect_url = _build_cb_url(redirect_url, s_user)
except tweepy.TweepError, e:
logging.error('Error! Failed to get twitter request token.')
logging.error(e)
return redirect(redirect_url)
def facebook(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
access_url = "https://graph.facebook.com/oauth/access_token"
authorize_url = "https://graph.facebook.com/oauth/authorize"
silhouette_image_url = \
"https://fbcdn-profile-a.akamaihd.net/static-ak/rsrc.php/v2/yo/r/UlIqmHJn-SK.gif"
callback_url = request.build_absolute_uri()
values = {
'client_id': FACEBOOK_API_KEY,
'redirect_uri': 'http://%s%s' % (request.get_host(), request.path),
'scope': 'publish_stream',
}
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('facebook')
if identity and not identity.is_expired():
user.facebook = {
'name': identity.name,
'image_url': identity.image_url,
'external_user_id': identity.external_user_id,
}
request.session['user'] = user
request.session[TRACKER_NAME] = 'facebook'
return redirect(_build_cb_url(redirect_url, user))
# TODO: Add a way to manage error responses
# error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request
if 'error' in request.GET:
logging.error('Error! %s: %s - %s' %
(request.GET['error'], request.GET['error_reason'],
' '.join(request.GET['error_description'].split('+'))))
return redirect(redirect_url)
if 'code' in request.GET:
values['code'] = request.GET.get('code')
values['client_secret'] = FACEBOOK_API_SECRET
facebook_url = "%s?%s" % (access_url, urllib.urlencode(values))
access_token = None
for attempt in range(0, FACEBOOK_URL_RETRY):
try:
result = urllib2.urlopen(facebook_url, None,
URL_TIMEOUT).read()
except urllib2.HTTPError:
logging.error(
'Error connecting to facebook auth url. Retrying.')
continue
else:
access_token = re.findall('^access_token=([^&]*)', result)
break
if len(access_token):
access_token = access_token[0]
expires = re.findall('.*?expires=(\d+)', result)
expires = expires[0] if len(expires) else 9999
request.session['facebook_access_token'] = access_token
facebook_user = call_facebook_api(request, 'me',
**{'fields': 'id,name,picture'})
# Error handling
if 'error' in facebook_user:
logging.error('Error! %s: %s' % (
facebook_user['error']['type'],
facebook_user['error']['message'],
))
else:
try:
image_url = facebook_user['picture']['data']['url']
except (KeyError):
image_url = silhouette_image_url
user_info = {
'token': \
json.dumps(request.session['facebook_access_token']),
'external_user_id': facebook_user['id'],
'name': facebook_user['name'],
'image_url': image_url,
'expires': expires,
'data': facebook_user,
}
user = request.session.get('user', None)
# Append to existing user object to allow login to multiple
# social services at once.
# Call lookup first to update keys, etc.
s_user = SocialUser.lookup('facebook', None, user_info)
if user is not None:
s_user = user
s_user.facebook = {
'name': user_info['name'],
'image_url': user_info['image_url'],
'external_user_id': user_info['external_user_id'],
}
request.session['user'] = s_user
request.session[TRACKER_NAME] = 'facebook'
redirect_url = _build_cb_url(redirect_url, s_user)
return redirect(redirect_url)
redirect_url = "%s?%s" % (authorize_url, urllib.urlencode(values))
return redirect(redirect_url)
def facebook(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
access_url = "https://graph.facebook.com/oauth/access_token"
authorize_url = "https://graph.facebook.com/oauth/authorize"
callback_url = request.build_absolute_uri()
values = {
'client_id' : FACEBOOK_API_KEY,
'redirect_uri' : 'http://%s%s' % (request.get_host(), request.path),
'scope' : 'publish_stream'
}
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('facebook')
if identity and not identity.is_expired():
user.facebook = {
'name' : identity.name,
'image_url' : identity.image_url,
'external_user_id' : identity.external_user_id,
}
request.session['user'] = user
return HttpResponseRedirect(redirect_url)
# TODO: Add a way to manage error responses
# error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request
if 'error' in request.GET:
logging.error('Error! %s: %s - %s' % (
request.GET['error'],
request.GET['error_reason'],
' '.join(request.GET['error_description'].split('+')))
)
return HttpResponseRedirect(redirect_url)
if 'code' in request.GET:
values['code'] = request.GET.get('code')
values['client_secret'] = FACEBOOK_API_SECRET
facebook_url = "%s?%s" % (access_url, urllib.urlencode(values))
result = urllib2.urlopen(facebook_url, None, URL_TIMEOUT).read()
access_token = re.findall('^access_token=([^&]*)', result)
if len(access_token):
access_token = access_token[0]
expires = re.findall('.*?expires=(\d+)', result)
if len(expires): expires = expires[0]
else: expires = 9999
request.session['facebook_access_token'] = access_token
facebook_user = call_facebook_api(request, 'me', **{'fields':'id,name,picture'})
# Error handling
if 'error' in facebook_user:
logging.error('Error! %s: %s' % (
facebook_user['error']['type'],
facebook_user['error']['message'],
))
else:
user_info = {
'token' : json.dumps(request.session['facebook_access_token']),
'external_user_id' : facebook_user['id'],
'name' : facebook_user['name'],
'image_url' : facebook_user['picture'],
'expires' : expires,
'data' : facebook_user,
}
user = request.session.get('user',None)
s_user = SocialUser.lookup('facebook', user, user_info)
s_user.facebook = {
'name' : user_info['name'],
'image_url' : user_info['image_url'],
'external_user_id' : user_info['external_user_id'],
}
request.session['user'] = s_user
return HttpResponseRedirect(redirect_url)
redirect_url = "%s?%s" % (authorize_url, urllib.urlencode(values))
return HttpResponseRedirect(redirect_url)
def google(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('google')
if identity:
user.google = {
'name' : identity.name,
'image_url' : identity.image_url,
'external_user_id' : identity.external_user_id,
}
request.session['user'] = user
return HttpResponseRedirect(redirect_url)
# Don't use build_absolute_uri so we can drop GET
callback_url = '%s://%s%s' % (request.is_secure() and 'https' or 'http',
request.get_host(), request.path)
if 'error' in request.GET:
logging.error('Error! %s: Reason %s - Description %s' % (
request.GET['error'],
request.GET.get('error_reason'),
' '.join(request.GET.get('error_description', '').split('+')))
)
return HttpResponseRedirect(redirect_url)
elif 'code' in request.GET:
try:
o = oauth2.GooglePlus.create_from_authorization_code(
request.GET['code'], GOOGLE_API_KEY,
GOOGLE_API_SECRET, callback_url,)
profile = o.get_user()
user_info = {
'token' : o.refresh_token,
'external_user_id' : profile['id'],
'name' : profile['displayName'],
'image_url' : profile['image']['url'],
'expires' : 3600,
'data' : profile,
}
user = request.session.get('user',None)
s_user = SocialUser.lookup('google', user, user_info)
s_user.google = {
'name' : user_info['name'],
'image_url' : user_info['image_url'],
'external_user_id' : user_info['external_user_id'],
}
request.session['user'] = s_user
except oauth2.RequestError, e:
# 404 means user doesn't have google profile.
# But the rest of this doesn't seem to have
# any sort of error messages for users
# so just passing for now
if e.status == 404:
pass
logging.error(e)
return HttpResponseRedirect(redirect_url)
def twitter(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('twitter')
if identity:
user.twitter = {
'name': identity.name,
'image_url': identity.image_url,
'external_user_id': identity.external_user_id,
}
request.session['user'] = user
request.session[TRACKER_NAME] = 'twitter'
return redirect(_build_cb_url(redirect_url, user))
if 'oauth_verifier' in request.GET:
auth = tweepy.OAuthHandler(TWITTER_API_KEY, TWITTER_API_SECRET)
token = request.session.get('twitter_request_token', None)
if 'twitter_request_token' in request.session:
del request.session['twitter_request_token']
if token:
auth.set_request_token(token[0], token[1])
try:
access_token = \
auth.get_access_token(request.GET.get('oauth_verifier'))
# And now let's store it in the session!
request.session['twitter_access_token'] = (
access_token.key,
access_token.secret,
)
twitter_user = get_twitter_api(request).me()
user_info = {
'token': \
json.dumps(request.session['twitter_access_token']),
'external_user_id': twitter_user.id,
'name': twitter_user.screen_name,
'image_url': twitter_user.profile_image_url,
'data': twitter_user.__dict__,
}
user = request.session.get('user', None)
# Append to existing user object to allow login to multiple
# social services at once.
s_user = SocialUser.lookup('twitter', None, user_info)
if user is not None:
s_user = user
s_user.twitter = {
'name': user_info['name'],
'image_url': user_info['image_url'],
'external_user_id': user_info['external_user_id'],
}
request.session['user'] = s_user
request.session[TRACKER_NAME] = 'twitter'
redirect_url = _build_cb_url(redirect_url, s_user)
except tweepy.TweepError, e:
logging.error('Error! Failed to get twitter request token.')
logging.error(e)
return redirect(redirect_url)
def facebook(request):
redirect_url = '/'
if 'next' in request.GET:
redirect_url = request.GET['next']
request.session['next'] = redirect_url
elif 'next' in request.session:
redirect_url = request.session['next']
del request.session['next']
access_url = "https://graph.facebook.com/oauth/access_token"
authorize_url = "https://graph.facebook.com/oauth/authorize"
silhouette_image_url = \
"https://fbcdn-profile-a.akamaihd.net/static-ak/rsrc.php/v2/yo/r/UlIqmHJn-SK.gif"
callback_url = request.build_absolute_uri()
values = {
'client_id': FACEBOOK_API_KEY,
'redirect_uri': 'http://%s%s' % (request.get_host(), request.path),
'scope': 'publish_stream',
}
if 'user' in request.session:
user = request.session['user']
identity = user.get_identity('facebook')
if identity and not identity.is_expired():
user.facebook = {
'name': identity.name,
'image_url': identity.image_url,
'external_user_id': identity.external_user_id,
}
request.session['user'] = user
request.session[TRACKER_NAME] = 'facebook'
return redirect(_build_cb_url(redirect_url, user))
# TODO: Add a way to manage error responses
# error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request
if 'error' in request.GET:
logging.error('Error! %s: %s - %s' % (
request.GET['error'],
request.GET['error_reason'],
' '.join(request.GET['error_description'].split('+'))
))
return redirect(redirect_url)
if 'code' in request.GET:
values['code'] = request.GET.get('code')
values['client_secret'] = FACEBOOK_API_SECRET
facebook_url = "%s?%s" % (access_url, urllib.urlencode(values))
access_token = None
for attempt in range(0, FACEBOOK_URL_RETRY):
try:
result = urllib2.urlopen(facebook_url, None, URL_TIMEOUT).read()
except urllib2.HTTPError:
logging.error('Error connecting to facebook auth url. Retrying.')
continue
else:
access_token = re.findall('^access_token=([^&]*)', result)
break
if access_token and len(access_token):
access_token = access_token[0]
expires = re.findall('.*?expires=(\d+)', result)
expires = expires[0] if len(expires) else 9999
request.session['facebook_access_token'] = access_token
facebook_user = call_facebook_api(
request,
'me',
**{'fields': 'id,name,picture'}
)
# Error handling
if 'error' in facebook_user:
logging.error('Error! %s: %s' % (
facebook_user['error']['type'],
facebook_user['error']['message'],
))
else:
try:
image_url = facebook_user['picture']['data']['url']
except (KeyError):
image_url = silhouette_image_url
user_info = {
'token': \
json.dumps(request.session['facebook_access_token']),
'external_user_id': facebook_user['id'],
'name': facebook_user['name'],
'image_url': image_url,
'expires': expires,
'data': facebook_user,
}
user = request.session.get('user', None)
# Append to existing user object to allow login to multiple
# social services at once.
# Call lookup first to update keys, etc.
s_user = SocialUser.lookup('facebook', None, user_info)
if user is not None:
s_user = user
s_user.facebook = {
'name': user_info['name'],
'image_url': user_info['image_url'],
'external_user_id': user_info['external_user_id'],
}
request.session['user'] = s_user
request.session[TRACKER_NAME] = 'facebook'
redirect_url = _build_cb_url(redirect_url, s_user)
return redirect(redirect_url)
redirect_url = "%s?%s" % (authorize_url, urllib.urlencode(values))
return redirect(redirect_url)