if not token: response = {'detail': 'token must be set.'} return json.dumps(response), 400 flow = __get_flow(token, next=request.args.get("next")) redirect_uri = flow.step1_get_authorize_url() return redirect(redirect_uri) @auth_google_api.route('/auth/google/callback/') def auth_callback(): """oauth2 callback""" token = request.args.get('state') code = request.args.get('code') flow = __get_flow(token, next=request.args.get("next")) auth_google_api.credentials = flow.step2_exchange(code) creds = json.loads(auth_google_api.credentials.to_json()) is_wizeline_domain = ( creds["id_token"]["email"].count("@wizeline.com") > 0) if not is_wizeline_domain: response = {'detail': 'Permission denied'} return json.dumps(response), 400 session['google_auth'] = True return redirect(request.args.get("next")) def get_http_service(): http = httplib2.Http() return auth_google_api.credentials.authorize(http) auth_google_api.get_http_service = get_http_service