def oauth_authorized(service_provider_name):
session_user = get_current_user()
try:
current_provider = providers.get_by_name(service_provider_name)
token, secret = current_provider.get_access_tokens()
fresh_user = get_user_by_token(current_provider, token, secret)
if session_user is not None:
if fresh_user.id == session_user.id:
flash('This provider was already linked to this account.')
else:
flash('Merging accounts is not currently supported.')
else:
log_user_in(fresh_user)
except ServiceProviderNotFound:
flash('Provider not found.')
except UserDeniedRequest:
flash('You denied us access.')
except UserNotFound:
if session_user is None:
try:
user = get_user_by_remote_id(current_provider, token=(token,secret))
except UserNotFound:
user = create_user()
log_user_in(user)
add_SP_to_user_by_id(
get_current_user().id, current_provider, token, secret)
next_url = request.args.get('next') or url_for('show_user')
return redirect(next_url)
def user_consumers_remove(consumer_id=None):
if consumer_id is None:
return redirect(url_for("show_user"))
user = get_current_user()
assert user is not None, "login_required didn't work??"
try:
consumer = user.accesses_from_consumers.filter(ConsumerUserAccess.id == consumer_id).one()
db.session.delete(consumer)
db.session.commit()
except NoResultFound:
flash("No consumer matching that ID.")
return redirect(url_for("show_user"))
def user_providers_remove(provider_id=None):
if provider_id is None:
return redirect(url_for("show_user"))
user = get_current_user()
assert user is not None, "login_required didn't work??"
number_of_sps = user.accesses_to_sps.count()
if number_of_sps == 0:
flash("You have no accounts to remove.")
return redirect(url_for("show_user"))
elif number_of_sps == 1:
flash("You cannot remove your last account.")
return redirect(url_for("show_user"))
else:
provider = user.accesses_to_sps.filter(UserSPAccess.id == provider_id).one()
db.session.delete(provider)
db.session.commit()
return redirect(url_for("show_user"))
def _save_verifier(token, verifier, request): # And args, kwargs
assert all((
isinstance(token, str),
isinstance(verifier, dict),
isinstance(verifier['oauth_verifier'], str),
isinstance(verifier['oauth_token'], str),
isinstance(verifier['resource_owner_key'], str),
verifier['oauth_token'] == verifier['resource_owner_key'],
isinstance(request, Request)
)), repr((token, verifier, request))
rt = verifier['oauth_token']
veri = verifier['oauth_verifier']
session_user = get_current_user()
assert session_user is not None
t = RequestToken.query.filter_by(token=rt).one()
t.verifier = veri
t.user = session_user
db.session.add(t)
db.session.commit()
def developers_apps():
session_user = get_current_user()
if request.method == 'GET':
consumers = (Consumer.query
.filter(Consumer.creator == session_user)
.all())
log.debug("Showing list of Consumers: {}".format(
consumers))
return render_template(
'consumer_list.html',
consumers=consumers,
creator_repr=repr(session_user))
elif request.method == 'POST':
redirect_urls = [request.form['redirect-url']]
realms = request.form['realms'].split(' ')
name = request.form['name']
fresh_consumer = Consumer(
session_user,
gen_salt(40),
gen_salt(80),
redirect_urls,
realms,
name)
log.debug("Trying to create new Consumer: {!r}".format(
fresh_consumer))
try:
db.session.add(fresh_consumer)
db.session.commit()
flash(
"You have created a new Consumer app.",
category='success')
log.debug("Consumer creation success. "
"Now there are {} Consumers.".format(
Consumer.query.count()))
except Exception: # TODO: What Exception type?
db.session.rollback()
flash(
"Consumer app creation failed.",
category='fail')
return redirect(url_for('developers_apps'))
else:
assert False, request.method
def show_user():
user = get_current_user()
assert user is not None, "login_required didn't work??"
if user.accesses_to_sps.count():
authorised_services = user.accesses_to_sps.all()
if user.name:
name = user.name
else:
for service_record in authorised_services:
service_name = service_record.sp_class_name
if service_name in providers:
service = providers[service_name]
# TODO potentially remove the service if it's not valid.
if not app.config.get("DEBUG"):
if not service.verify():
continue
name = service.name()
user.name = name
db.session.commit()
break
consumers = user.accesses_from_consumers.all()
return render_template("user.html", name=name, providers=authorised_services, consumers=consumers)
return show_error_page("Got into show_user with user set to None or no associations with service providers.")
