コード例 #1
0
ファイル: oauth2.py プロジェクト: jeffgarrett/divsieapp
    def handle_redirect_uri(self, request):
        # If the user disapproves, we are alerted here.
        error = request.GET.get("error")
        if error:
            logging.warning("OAuth2: Error: %s" % (error,))
            raise OAuth2Error(error)

        authorization_code = request.GET.get("code")

        payload = {
            "code": authorization_code,
            "client_id": Secret.get_secret('google_client_id').value,
            "client_secret": Secret.get_secret('google_client_secret').value,
            "redirect_uri": self.redirect_uri,
            "grant_type": "authorization_code"
        }
        encoded_payload = urllib.urlencode(payload)

        logging.info("OAuth2: Requesting access token. Payload: %s" % (payload,))
        result = json.loads(urlfetch.fetch(url=self.ACCESS_TOKEN_ENDPOINT,
                                           payload=encoded_payload,
                                           method=urlfetch.POST,
                                           headers={"Content-Type": "application/x-www-form-urlencoded"}).content)
        logging.info("OAuth2: Access token response: %s" % (result,))
        error = result.get("error")
        if error:
            logging.error("OAuth2: Error: %s" % (error,))
            raise OAuth2Error(error)

        self.access_token = result['access_token']
コード例 #2
0
ファイル: app.py プロジェクト: jeffgarrett/divsieapp
def make_app():
    """ This function returns a Pyramid WSGI application.
    """

    auth_secret = Secret.get_secret('auth_secret')
    if not auth_secret.value:
        auth_secret.value = uuid.uuid4().hex
        auth_secret.put()

    authn_policy = AuthTktAuthenticationPolicy(
                       auth_secret.value,
                       callback=groupfinder,
                       cookie_name='divsie_auth',
                       secure=True,
                       timeout=86400,
                       reissue_time=300,
                       max_age=86400,
                       http_only=True,
                       wild_domain=False,
                   )
    authz_policy = ACLAuthorizationPolicy()
    config = Configurator(root_factory=Root,
                          authentication_policy=authn_policy,
                          authorization_policy=authz_policy)


    #config.add_tween('divsieapp.timing_tween_factory')
    config.add_request_method(get_user, 'user', reify=True)
    config.add_renderer('.html', pyramid_jinja2.Jinja2Renderer)
    config.add_renderer(name='safejson', factory=SafeJSON())
    config.add_notfound_view(views.notfound, renderer='404.html')

    # The root page, which may be different based on user status.
    config.add_route('root', '/')

    # The form target to request an invite code.
    config.add_route('request-invite', '/request-invite')
    # The form target to redeem an invite code.
    config.add_route('invitation-code', '/invitation-code')

    # The targets which actually log a user in or out.
    # The login target expects proof of identity.
    config.add_route('login', '/login')
    config.add_route('logout', '/logout')

    # Hook up the views
    views.add_views(config)

    config.include(cornice)
    config.include(api_v1)

    return config.make_wsgi_app()
コード例 #3
0
ファイル: oauth2.py プロジェクト: jeffgarrett/divsieapp
 def get_auth_url(self):
     params = {
         "response_type": self.response_type,
         "client_id": Secret.get_secret('google_client_id').value, 
         "redirect_uri": self.redirect_uri,
         "scope": self.scope,
         "access_type": self.access_type
     }
     if self.prompt:
         params["prompt"] = self.prompt
     if self.state:
         params["state"] = self.state
     auth_url = self.AUTH_ENDPOINT + '?' + urllib.urlencode(params)
     logging.info("OAuth2: Creating auth_url: %s" % (auth_url,))
     return auth_url