Python OAuth_Authorizationの例

コード例 #1

ファイル: oauth_handlers.py プロジェクト: JElbourne/PubCart

	def post(self):
		if not self.validate_params():
			return
		
		# TODO: check for some sort of cross site request forgery? sign the request?
		
		if self.request.get('authorize').lower() == 'no':
			self.authz_error('access_denied', "The user did not allow authorization.")
			return
		
		response_type = self.request.get('response_type')
		
		if response_type in ['code', 'code_and_token']:
			code = OAuth_Authorization(
				## TODO update getting the user_id
				user_id			= self.user_id,
				client_id		= self.client.client_id,
				redirect_uri	= self.redirect_uri, )
			code.put()
			code = code.serialize(state=self.request.get('state'))
		else:
			code = None
		
		if response_type in ['token', 'code_and_token']:
			token = OAuth_Token(
				user_id		= self.user.user_id(),
				client_id	= self.client.client_id,
				scope		= self.request.get('scope'), )
			token.put(can_refresh=False)
			token = token.serialize(requested_scope=self.request.get('scope'))
		else:
			token = None
		
		self.authz_redirect(code, token)

コード例 #2

ファイル: oauth_handlers.py プロジェクト: JElbourne/PubCart

	def handle_authorization_code(self, client, scope=None):
		code = self.request.get('code')
		authorization	= OAuth_Authorization.get_by_code(code)
		logging.info(code)
		redirect_uri	= self.request.get('redirect_uri')
		
		if not authorization or not authorization.validate(code, redirect_uri, client.client_id):
			self.render_error('invalid_grant', "Authorization code expired or invalid.")
			return
		
		token = OAuth_Token(
			user_id		= authorization.user_id, \
			client_id	= authorization.client_id, \
			scope		= scope, \
			realm		= 'user', \
			)
		token.put()
		authorization.delete()
		
		self.render_response(token)