def __call__(self):
super(FacebookLoginView, self).__call__()
redirect = self.request.response.redirect
config = self.registry.forInterface(IOauthFacebookSettings)
verificationCode = self.request.form.get("code", None)
errorReason = self.request.form.get("error", None)
args = {
'client_id': config.client_id,
'redirect_uri': self.redirect_uri,
'scope': 'email',
}
if errorReason is not None:
IStatusMessage(self.request).add(
_(u"Facebook authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(config.auth_url, args)
args["client_secret"] = config.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(config.token_url, args)
accessToken = responseToken["access_token"][-1]
#profile section
args = {
'access_token': accessToken,
'fields': 'id,email,name',
}
responseProfile = self.requestProfile(config.profile_url, args)
# return responseProfile
userId = responseProfile.get('id')
userFullname = responseProfile.get('name').encode('utf-8')
userEmail = responseProfile.get('email')
if not userId or not userEmail:
IStatusMessage(self.request).add(
_(u"Insufficient information in Facebook profile"),
type="error")
redirect(self.context.absolute_url())
return u""
self.set_token(accessToken)
self.set_user_data(userId=userId,
userEmail=userEmail,
userFullname=userFullname)
if self.registration_required:
return self.requestJoinForm()
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."),
type="info")
redirect(self.context.absolute_url())
def __call__(self):
redirect = self.request.response.redirect
verificationCode = self.request.form.get("code", None)
errorReason = self.request.form.get("error_reason", None)
redirect_uri = "%s/%s" % (self.context.absolute_url(), self.__name__,)
config = self.registry.forInterface(IOauthTwitterSettings)
args = {
'client_id': config.client_id,
'redirect_uri': redirect_uri,
}
if errorReason is not None:
IStatusMessage(self.request).add(_(u"Twitter authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(cfg_twitter.auth_url , args)
args["client_secret"] = cfg_twitter.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(cfg_twitter.token_url , args)
accessToken = responseToken["access_token"][-1]
return responseToken
# args_profile = {'access_token': accessToken , 'fields': 'id,email,name'}
responseProfile = self.requestProfile(cfg_twitter.profile_url , args_profile)
userId = responseProfile.get('id')
userFullname = responseProfile.get('name')
userEmail = responseProfile.get('email')
self.set_token(accessToken)
self.set_userid(userId)
self.set_userfullname(userFullname)
self.set_userlogin(userEmail or userId)
self.set_useremail(userEmail)
if self.registration_required:
args = {
'form.username' : userId,
'form.fullname' : userFullname,
'form.email' : userEmail,
}
return self.requestJoinForm(args)
if not userId or not userFullname:
IStatusMessage(self.request).add(_(u"Insufficient information in Twitter profile"), type="error")
redirect(self.context.absolute_url())
return u""
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."), type="info")
redirect(self.context.absolute_url())
def __call__(self):
redirect = self.request.response.redirect
verificationCode = self.request.form.get("code", None)
errorReason = self.request.form.get("error_reason", None)
redirect_uri = "%s/%s" % (
self.context.absolute_url(),
self.__name__,
)
registry = getUtility(IRegistry)
cfg_google = registry.forInterface(IOauthGoogleSettings)
args = {
'client_id': cfg_google.client_id,
'redirect_uri': redirect_uri,
}
if errorReason is not None:
IStatusMessage(self.request).add(
_(u"Google authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(cfg_google.auth_url, args)
args["client_secret"] = cfg_google.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(cfg_google.token_url, args)
accessToken = responseToken["access_token"][-1]
return responseToken
# args_profile = {'access_token': accessToken , 'fields': 'id,email,name'}
responseProfile = self.requestProfile(cfg_google.profile_url,
args_profile)
userId = responseProfile.get('id')
userFullname = responseProfile.get('name')
userEmail = responseProfile.get('email')
self.set_token(accessToken)
self.set_userid(userId)
self.set_userfullname(userFullname)
self.set_userlogin(userEmail or userId)
self.set_useremail(userEmail)
if not userId or not userFullname:
IStatusMessage(self.request).add(
_(u"Insufficient information in Google profile"), type="error")
redirect(self.context.absolute_url())
return u""
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."),
type="info")
redirect(self.context.absolute_url())
class IOauthSettings(Interface):
"""OAuth registry settings"""
registration = schema.Bool(
title=_(u'registration', default=u'Register with Plone User'),
description=_(
u'help_registration',
default=u"User will be processed with Plone registration."),
required=False,
default=False,
# readonly = True,
)
def __call__(self):
super(FacebookLoginView , self).__call__()
redirect = self.request.response.redirect
config = self.registry.forInterface(IOauthFacebookSettings)
verificationCode = self.request.form.get("code", None)
errorReason = self.request.form.get("error", None)
args = {
'client_id': config.client_id,
'redirect_uri': self.redirect_uri,
'scope': 'email',
}
if errorReason is not None:
IStatusMessage(self.request).add(_(u"Facebook authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(config.auth_url , args)
args["client_secret"] = config.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(config.token_url , args)
accessToken = responseToken["access_token"][-1]
#profile section
args = {
'access_token': accessToken,
'fields': 'id,email,name',
}
responseProfile = self.requestProfile(config.profile_url , args)
# return responseProfile
userId = responseProfile.get('id')
userFullname = responseProfile.get('name').encode('utf-8')
userEmail = responseProfile.get('email')
if not userId or not userEmail:
IStatusMessage(self.request).add(_(u"Insufficient information in Facebook profile"), type="error")
redirect(self.context.absolute_url())
return u""
self.set_token(accessToken)
self.set_user_data(userId=userId , userEmail=userEmail , userFullname=userFullname)
if self.registration_required:
return self.requestJoinForm()
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."), type="info")
redirect(self.context.absolute_url())
def __call__(self):
super(VncbizLoginView, self).__call__()
redirect = self.request.response.redirect
config = self.registry.forInterface(IOauthVncbizSettings)
verificationCode = self.request.form.get('access_token', None)
errorReason = self.request.form.get('error', None)
args = {
'client_id': config.client_id,
'redirect_uri': self.redirect_uri,
'response_type': 'token',
}
if errorReason is not None:
IStatusMessage(self.request).add(
_(u"Vnc.biz authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(config.auth_url, args)
accessToken = verificationCode
#profile section
args = {'dbname': 'auth_server', 'access_token': accessToken}
responseProfile = self.requestProfile(config.profile_url, args)
userId = responseProfile.get('user_id', '')
userFullname = responseProfile.get('name', '')
userEmail = responseProfile.get('email')
if not userId or not userEmail:
IStatusMessage(self.request).add(
_(u"Insufficient information in Vnc.biz profile"),
type="error")
redirect(self.context.absolute_url())
return u""
self.set_token(accessToken)
self.set_user_data(userId=userId,
userEmail=userEmail,
userFullname=userFullname)
if self.registration_required:
# args = {'form.username':userId, 'form.fullname':userFullname, 'form.email':userEmail,}
return self.requestJoinForm()
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."),
type="info")
redirect(self.context.absolute_url())
def processSave(self):
form = self.request.form
for fieldset in self.__fieldsets__:
fieldset.save_settings(form)
if self.errors:
IStatusMessage(self.request).addStatusMessage(_(u"There were errors."), "error")
return
# self.cfg_facebook.auth_url = facebook_auth_url
IStatusMessage(self.request).addStatusMessage(_(u"Changes saved."), "info")
def __call__(self):
super(VncbizLoginView , self).__call__()
redirect = self.request.response.redirect
config = self.registry.forInterface(IOauthVncbizSettings)
verificationCode = self.request.form.get('access_token', None)
errorReason = self.request.form.get('error', None)
args = {
'client_id': config.client_id,
'redirect_uri': self.redirect_uri,
'response_type': 'token',
}
if errorReason is not None:
IStatusMessage(self.request).add(_(u"Vnc.biz authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(config.auth_url , args)
accessToken = verificationCode
#profile section
args = {
'dbname': 'auth_server',
'access_token': accessToken
}
responseProfile = self.requestProfile(config.profile_url , args)
userId = responseProfile.get('user_id', '')
userFullname = responseProfile.get('name' , '')
userEmail = responseProfile.get('email')
if not userId or not userEmail:
IStatusMessage(self.request).add(_(u"Insufficient information in Vnc.biz profile"), type="error")
redirect(self.context.absolute_url())
return u""
self.set_token(accessToken)
self.set_user_data(userId=userId , userEmail=userEmail , userFullname=userFullname)
if self.registration_required:
# args = {'form.username':userId, 'form.fullname':userFullname, 'form.email':userEmail,}
return self.requestJoinForm()
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."), type="info")
redirect(self.context.absolute_url())
def processSave(self):
form = self.request.form
for fieldset in self.__fieldsets__:
fieldset.save_settings(form)
if self.errors:
IStatusMessage(self.request).addStatusMessage(
_(u"There were errors."), "error")
return
# self.cfg_facebook.auth_url = facebook_auth_url
IStatusMessage(self.request).addStatusMessage(_(u"Changes saved."),
"info")
class IOauthFacebookSettings(Interface):
"""OAuth Facebook registry settings"""
client_id = schema.ASCIILine(
title=_(u'client_id', default=u'Facebook App ID'),
description=_(
u'help_client_id',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
readonly=False,
)
client_secret = schema.ASCIILine(
title=_(u'client_secret', default=u'Facebook API Secret'),
description=_(
u'help_client_secret',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
readonly=False,
)
auth_url = schema.URI(
title=_(u'auth_url', default=u'Facebook authorize url'),
description=_(u'help_auth_url', default=u""),
required=True,
default='https://graph.facebook.com/oauth/authorize',
# readonly = True,
)
token_url = schema.URI(
title=_(u'token_url', default=u'Facebook access token url'),
description=_(u'help_token_url', default=u""),
required=True,
default='https://graph.facebook.com/oauth/access_token',
# readonly = True,
)
profile_url = schema.URI(
title=_(u'profile_url', default=u'Facebook profile url'),
description=_(u'help_profile_url', default=u""),
required=True,
default='https://graph.facebook.com/me',
# readonly = True,
)
def __call__(self):
super(CustomLoginView, self).__call__()
redirect = self.request.response.redirect
config = self.registry.forInterface(IOauthCustomSettings)
verificationCode = self.request.form.get(config.post_variable_code, None)
errorReason = self.request.form.get("error", None)
redirect_uri = "%s/%s" % (self.context.absolute_url(), self.__name__)
args = {
"client_id": config.client_id, # client_id=11111112-2222222-333333-44444
"redirect_uri": redirect_uri, # redirect_uri=http://dek4nice.ru/login-custom
"response_type": "token", # response_type=token
}
raise "under construction"
if errorReason is not None:
IStatusMessage(self.request).add(_(u"Custom authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
# First request
if verificationCode is None:
return self.requestInitial(config.auth_url, args)
args["client_secret"] = config.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(config.token_url, args)
# accessToken = responseToken["access_token"][-1]
args = {"access_token": accessToken, "fields": "id,email,name"}
responseProfile = self.requestProfile(config.profile_url, args)
return responseProfile
def requestJoinForm(self):
email = self.request.SESSION[self.sessionkey]['userEmail']
if self.check_user_created(email):
IStatusMessage(self.request).add(
_(u"Welcome. You are now logged in."), type="info")
template = ''
# args = {'__ac_name' : email,}
# template = 'login_form'
else:
if True: #18.03.13 16:45 - password required settings
template = "@@login-register"
else:
args = {
'form.username':
self.request.SESSION[self.sessionkey]['userId'],
'form.fullname':
self.request.SESSION[self.sessionkey]['userFullname'],
'form.email':
self.request.SESSION[self.sessionkey]['userEmail'],
'form.provider':
self.request.SESSION[self.sessionkey]['userProvider'],
}
template = "@@register?%s" % urllib.urlencode(args)
redirect_uri = "%s/%s" % (self.context.absolute_url(), template)
self.request.response.redirect(redirect_uri)
return
class IOauthVkontakteSettings(Interface):
"""OAuth Vkontakte registry settings"""
client_id = schema.ASCIILine(
title=_(u'client_id', default=u'Vkontakte client ID'),
description=_(
u'help_client_id',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
)
client_secret = schema.ASCIILine(
title=_(u'client_secret', default=u'Vkontakte API Secret'),
description=_(
u'help_client_secret',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
)
auth_url = schema.URI(
title=_(u'auth_url', default=u'Vkontakte authorize url'),
description=_(u'help_auth_url', default=u""),
required=True,
default='http://localhost:8080/',
# readonly = True,
)
token_url = schema.URI(
title=_(u'token_url', default=u'Vkontakte access token url'),
description=_(u'help_token_url', default=u""),
required=True,
default='http://localhost:8080/',
# readonly = True,
)
profile_url = schema.URI(
title=_(u'profile_url', default=u'Vkontakte profile url'),
description=_(u'help_profile_url', default=u""),
required=True,
default='http://localhost:8080/',
# readonly = True,
)
def requestJoinForm(self):
email = self.request.SESSION[self.sessionkey]['userEmail']
if self.check_user_created(email):
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."), type="info")
template = ''
# args = {'__ac_name' : email,}
# template = 'login_form'
else:
template = "@@login-register"
redirect_uri = "%s/%s" % (self.context.absolute_url() , template)
self.request.response.redirect(redirect_uri)
return
class IOauthVncbizSettings(Interface):
"""OAuth Vncbiz registry settings"""
client_id = schema.ASCIILine(
title=_(u'client_id', default=u'Vncbiz client ID'),
description=_(
u'help_client_id',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
default='',
)
auth_url = schema.URI(
title=_(u'auth_url', default=u'Vncbiz authorize url'),
description=_(u'help_auth_url', default=u""),
required=True,
default='http://localhost/oauth',
)
profile_url = schema.URI(
title=_(u'profile_url', default=u'Vncbiz profile url'),
description=_(u'help_profile_url', default=u""),
required=True,
default='http://localhost/token',
)
def __call__(self):
super(CustomLoginView, self).__call__()
redirect = self.request.response.redirect
config = self.registry.forInterface(IOauthCustomSettings)
verificationCode = self.request.form.get(config.post_variable_code,
None)
errorReason = self.request.form.get("error", None)
redirect_uri = "%s/%s" % (
self.context.absolute_url(),
self.__name__,
)
args = {
'client_id':
config.client_id, #client_id=11111112-2222222-333333-44444
'redirect_uri':
redirect_uri, #redirect_uri=http://dek4nice.ru/login-custom
'response_type': 'token', #response_type=token
}
raise 'under construction'
if errorReason is not None:
IStatusMessage(self.request).add(
_(u"Custom authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(config.auth_url, args)
args["client_secret"] = config.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(config.token_url, args)
# accessToken = responseToken["access_token"][-1]
args = {
'access_token': accessToken,
'fields': 'id,email,name',
}
responseProfile = self.requestProfile(config.profile_url, args)
return responseProfile
def requestJoinForm(self):
email = self.request.SESSION[self.sessionkey]['userEmail']
if self.check_user_created(email):
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."), type="info")
template = ''
# args = {'__ac_name' : email,}
# template = 'login_form'
else:
if True: #18.03.13 16:45 - password required settings
template = "@@login-register"
else:
args = {
'form.username' : self.request.SESSION[self.sessionkey]['userId'],
'form.fullname' : self.request.SESSION[self.sessionkey]['userFullname'],
'form.email' : self.request.SESSION[self.sessionkey]['userEmail'],
'form.provider' : self.request.SESSION[self.sessionkey]['userProvider'],
}
template = "@@register?%s" % urllib.urlencode(args)
redirect_uri = "%s/%s" % (self.context.absolute_url() , template)
self.request.response.redirect(redirect_uri)
return
def __call__(self):
super(GithubLoginView, self).__call__()
redirect = self.request.response.redirect
verificationCode = self.request.form.get("code", None)
errorReason = self.request.form.get("error", None)
redirect_uri = "%s/%s" % (
self.context.absolute_url(),
self.__name__,
)
config = self.registry.forInterface(IOauthGithubSettings)
args = {
'client_id': config.client_id,
'redirect_uri': redirect_uri,
}
if errorReason is not None:
IStatusMessage(self.request).add(
_(u"Github authentication denied"), type="error")
redirect(self.context.absolute_url())
return u""
#First request
if verificationCode is None:
return self.requestInitial(config.auth_url, args)
args["client_secret"] = config.client_secret
args["code"] = verificationCode
responseToken = self.requestToken(config.token_url, args)
accessToken = responseToken["access_token"][-1]
args = {
'access_token': accessToken,
'fields': 'id,email,name',
}
responseProfile = self.requestProfile(config.profile_url, args)
userId = responseProfile.get('id')
userFullname = responseProfile.get('name')
userFullname = userFullname.encode('utf-8')
userEmail = responseProfile.get('email')
self.set_token(accessToken)
self.set_userid(userId)
self.set_userfullname(userFullname)
self.set_userlogin(userEmail or userId)
self.set_useremail(userEmail)
if self.registration_required:
args = {
'form.username': userId,
'form.fullname': userFullname,
'form.email': userEmail,
}
return self.requestJoinForm(args)
if not userId or not userFullname:
IStatusMessage(self.request).add(
_(u"Insufficient information in Github profile"), type="error")
redirect(self.context.absolute_url())
return u""
IStatusMessage(self.request).add(_(u"Welcome. You are now logged in."),
type="info")
redirect(self.context.absolute_url())
class IOauthCustomSettings(Interface):
"""OAuth Custom Provider registry settings"""
client_id = schema.ASCIILine(
title=_(u'client_id', default=u'Custom provider client ID'),
description=_(
u'help_client_id',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
readonly=False,
)
client_secret = schema.ASCIILine(
title=_(u'client_secret', default=u'Custom provider API Secret'),
description=_(
u'help_client_secret',
default=
u"Alternatively, you can of course use the ID of an existing app."
),
required=True,
readonly=False,
)
auth_url = schema.URI(
title=_(u'auth_url', default=u'Custom provider authorize url'),
description=_(u'help_auth_url', default=u""),
required=True,
default='https://localhost:8080/oauth/authorize',
readonly=False,
)
token_url = schema.URI(
title=_(u'token_url', default=u'Custom provider access token url'),
description=_(u'help_token_url', default=u""),
required=True,
default='https://localhost:8080/oauth/token',
readonly=False,
)
profile_url = schema.URI(
title=_(u'profile_url', default=u'Custom provider profile url'),
description=_(u'help_profile_url', default=u""),
required=True,
default='https://localhost:8080/profile',
readonly=False,
)
post_variable_code = schema.ASCIILine(
title=_(u'variable_code', default=u'variable code'),
description=_(u'help_variable_code', default=u"?your_variable=code"),
default='code',
required=False,
)
post_redirect_uri = schema.ASCIILine(
title=_(u'redirect_uri', default=u'redirect uri'),
description=_(u'help_redirect_uri',
default=u"?redirect_uri=yourvalue"),
required=False,
)
post_access_token = schema.ASCIILine(
title=_(u'access_token', default=u'POST access token'),
description=_(u'help_access_token',
default=u"?access_token=yourvalue"),
required=False,
)
post_state = schema.ASCIILine(
title=_(u'state', default=u'POST state'),
description=_(u'help_state', default=u"?state=yourvalue"),
required=False,
)
class IOauthGlobalSettings(Interface):
"""OAuth Global registry settings"""
customprovider_enabled = schema.Bool(
title=_(u'customprovider_enabled', default=u'Custom provider'),
description=_(
u'help_customprovider_enabled',
default=
u"Authorize with customprovider enabled. This could be your own localhost OAuth2.0 server."
),
required=False,
default=False,
# readonly = True,
)
facebook_enabled = schema.Bool(
title=_(u'facebook_enabled', default=u'Facebook'),
description=_(u'help_facebook_enabled',
default=u"Authorize with Facebook enabled."),
required=False,
default=False,
# readonly = False,
)
vncbiz_enabled = schema.Bool(
title=_(u'vncbiz_enabled', default=u'Vnc.biz'),
description=_(u'help_vncbiz_enabled',
default=u"Authorize with Vnc.biz enabled."),
required=False,
default=False,
# readonly = False,
)
google_enabled = schema.Bool(
title=_(u'google_enabled', default=u'Google'),
description=_(u'help_google_enabled',
default=u"Authorize with Google enabled."),
required=False,
default=False,
# readonly = True,
)
twitter_enabled = schema.Bool(
title=_(u'twitter_enabled', default=u'Twitter'),
description=_(u'help_twitter_enabled',
default=u"Authorize with Twitter enabled."),
required=False,
default=False,
# readonly = True,
)
github_enabled = schema.Bool(
title=_(u'github_enabled', default=u'Github'),
description=_(u'help_github_enabled',
default=u"Authorize with Github enabled."),
required=False,
default=False,
# readonly = True,
)
odnoklassniki_enabled = schema.Bool(
title=_(u'odnoklassniki_enabled', default=u'Odnoklassniki'),
description=_(u'help_odnoklassniki_enabled',
default=u"Authorize with Odnoklassniki enabled."),
required=False,
default=False,
# readonly = True,
)
vkontakte_enabled = schema.Bool(
title=_(u'vkontakte_enabled', default=u'Vkontakte'),
description=_(u'help_vkontakte_enabled',
default=u"Authorize with Vkontakte enabled."),
required=False,
default=False,
# readonly = True,
)