def persona_login(request): if request.method != 'POST': return HTTPMethodNotAllowed('Only POST is allowed') assertion = request.POST.get('assertion', None) if assertion is None: return HTTPBadRequest('The assertion parameter is required') if 'next_url' in request.params and request.params['next_url']: request.session['next_url'] = request.params['next_url'] settings = request.registry.settings data = { 'assertion': assertion, 'audience': get_audience(settings['public_url_root']) } response = requests.post(settings['persona_verifier_url'], data=data, verify=True) if response.ok: verification_data = response.json() if verification_data['status'] == 'okay': email = verification_data['email'] info = {'email': email} user_id = hashlib.sha1(email.encode('utf-8')).hexdigest() return register_or_update(request, 'persona', user_id, info, request.route_path('home')) else: return HTTPForbidden( 'Mozilla Persona verifier can not verify your identity') else: return HTTPBadGateway( 'Mozilla Persona verifier is not working properly')
def persona_login(request): if request.method != "POST": return HTTPMethodNotAllowed("Only POST is allowed") assertion = request.POST.get("assertion", None) if assertion is None: return HTTPBadRequest("The assertion parameter is required") if "next_url" in request.params and request.params["next_url"]: request.session["next_url"] = request.params["next_url"] settings = request.registry.settings data = {"assertion": assertion, "audience": get_audience(settings["public_url_root"])} response = requests.post(settings["persona_verifier_url"], data=data, verify=True) if response.ok: verification_data = response.json() if verification_data["status"] == "okay": email = verification_data["email"] info = {"email": email} user_id = hashlib.sha1(email.encode("utf-8")).hexdigest() return register_or_update(request, "persona", user_id, info, request.route_path("home")) else: return HTTPForbidden("Mozilla Persona verifier can not verify your identity") else: return HTTPServerError("Mozilla Persona verifier is not working properly")
def test_register_or_update_new_user(self): request = testing.DummyRequest() request.session = {} request.google_analytics = GoogleAnalytics(request) response = register_or_update( request, "twitter", "1", { "screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "invented_attribute": "foo", # this will not be in the output }, "/next", ) self.assertEqual(response.status, "302 Found") self.assertEqual(response.location, "/register") self.assertEqual(request.session["next_url"], "/next") self.assertEqual( request.session["user_info"], { "screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "", "provider": "twitter", "external_id": "1", }, )
def test_register_or_update_existing_user(self): user = User(screen_name='JohnDoe', first_name='John', last_name='') identity = ExternalIdentity(provider='twitter', external_id='1', user=user) Session.add(user) Session.add(identity) Session.flush() user_id = user.id request = testing.DummyRequest() request.session = {USER_ATTR: True} request.google_analytics = GoogleAnalytics(request) response = register_or_update(request, 'twitter', '1', { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'email': '*****@*****.**', }, '/next') self.assertEqual(response.status, '302 Found') self.assertEqual(response.location, '/next') user = Session.query(User).filter(User.id == user_id).one() self.assertEqual(user.email, '*****@*****.**') self.assertEqual(user.last_name, 'Doe') self.assertEqual(user.allow_google_analytics, True)
def persona_login(request): if request.method != 'POST': return HTTPMethodNotAllowed('Only POST is allowed') assertion = request.POST.get('assertion', None) if assertion is None: return HTTPBadRequest('The assertion parameter is required') if 'next_url' in request.params and request.params['next_url']: request.session['next_url'] = request.params['next_url'] settings = request.registry.settings data = {'assertion': assertion, 'audience': get_audience(settings['public_url_root'])} response = requests.post(settings['persona_verifier_url'], data=data, verify=True) if response.ok: verification_data = response.json if verification_data['status'] == 'okay': email = verification_data['email'] info = {'email': email} user_id = hashlib.sha1(email.encode('utf-8')).hexdigest() return register_or_update(request, 'persona', user_id, info, request.route_path('home')) else: return HTTPForbidden('Mozilla Persona verifier can not verify your identity') else: return HTTPServerError('Mozilla Persona verifier is not working properly')
def facebook_callback(request): settings = request.registry.settings access_token = oauth2_step2( request=request, token_uri=settings['facebook_access_token_url'], client_id=settings['facebook_app_id'], client_secret=settings['facebook_app_secret'], redirect_url=request.route_url('facebook_callback'), scope=_get_scope(), ) info = get_user_info(settings['facebook_basic_information_url'], access_token) user_id = info['id'] info['screen_name'] = info['name'] return register_or_update(request, 'facebook', user_id, info, request.route_path('home'))
def test_register_or_update_next_url_in_session(self): user = User(screen_name="JohnDoe", first_name="John", last_name="") identity = ExternalIdentity(provider="twitter", external_id="1", user=user) Session.add(user) Session.add(identity) Session.flush() request = testing.DummyRequest() request.session = {"next_url": "/foo"} request.google_analytics = GoogleAnalytics(request) response = register_or_update( request, "twitter", "1", {"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"}, "/next", ) self.assertEqual(response.status, "302 Found") self.assertEqual(response.location, "/foo")
def test_register_or_update_new_user(self): request = testing.DummyRequest() request.session = {} request.google_analytics = GoogleAnalytics(request) response = register_or_update(request, 'twitter', '1', { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'invented_attribute': 'foo', # this will not be in the output }, '/next') self.assertEqual(response.status, '302 Found') self.assertEqual(response.location, '/register') self.assertEqual(request.session['next_url'], '/next') self.assertEqual(request.session['user_info'], { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'email': '', 'provider': 'twitter', 'external_id': '1', })
def google_callback(request): settings = request.registry.settings access_token = oauth2_step2( request=request, token_uri=settings['google_token_uri'], client_id=settings['google_client_id'], client_secret=settings['google_client_secret'], redirect_url=request.route_url('google_callback'), scope=_get_scope(), ) info = get_user_info(settings['google_user_info_uri'], access_token) user_id = info['id'] new_info = { 'screen_name': info.get('name', ''), 'first_name': info.get('given_name', ''), 'last_name': info.get('family_name', ''), 'email': info.get('email', ''), } return register_or_update(request, 'google', user_id, new_info, request.route_path('home'))
def test_register_or_update_next_url_in_session(self): user = User(screen_name='JohnDoe', first_name='John', last_name='') identity = ExternalIdentity(provider='twitter', external_id='1', user=user) Session.add(user) Session.add(identity) Session.flush() request = testing.DummyRequest() request.session = {'next_url': '/foo'} request.google_analytics = GoogleAnalytics(request) response = register_or_update(request, 'twitter', '1', { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'email': '*****@*****.**', }, '/next') self.assertEqual(response.status, '302 Found') self.assertEqual(response.location, '/foo')
def test_register_or_update_existing_user(self): user = User(screen_name="JohnDoe", first_name="John", last_name="") identity = ExternalIdentity(provider="twitter", external_id="1", user=user) Session.add(user) Session.add(identity) Session.flush() user_id = user.id request = testing.DummyRequest() request.session = {USER_ATTR: True} request.google_analytics = GoogleAnalytics(request) response = register_or_update( request, "twitter", "1", {"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"}, "/next", ) self.assertEqual(response.status, "302 Found") self.assertEqual(response.location, "/next") user = Session.query(User).filter(User.id == user_id).one() self.assertEqual(user.email, "*****@*****.**") self.assertEqual(user.last_name, "Doe") self.assertEqual(user.allow_google_analytics, True)
def twitter_callback(request): settings = request.registry.settings try: oauth_token = request.params['oauth_token'] except KeyError: return HTTPBadRequest('Missing required oauth_token') try: oauth_verifier = request.params['oauth_verifier'] except KeyError: return HTTPBadRequest('Missing required oauth_verifier') try: saved_oauth_token = request.session['oauth_token'] except KeyError: return HTTPBadRequest('No oauth_token was found in the session') if saved_oauth_token != oauth_token: return HTTPUnauthorized("OAuth tokens don't match") else: del request.session['oauth_token'] access_token_url = settings['twitter_access_token_url'] params = ( ('oauth_token', oauth_token), ) auth = auth_header('POST', access_token_url, params, settings, oauth_token) response = requests.post(access_token_url, data='oauth_verifier=%s' % oauth_verifier, headers={'Authorization': auth}) if response.status_code != 200: return HTTPUnauthorized(response.text) response_args = dict(urlparse.parse_qsl(response.text)) #oauth_token_secret = response_args['oauth_token_secret'] oauth_token = response_args['oauth_token'] user_id = response_args['user_id'] screen_name = response_args['screen_name'] existing_user = user_from_provider_id(request.db, 'twitter', user_id) if existing_user is None: # fetch Twitter info only if this is the first time for # the user sice Twitter has very strong limits for using # its APIs twitter_info = get_user_info(settings, user_id, oauth_token) first_name, last_name = split_name(twitter_info['name']) info = { 'screen_name': screen_name, 'first_name': first_name, 'last_name': last_name, } else: info = {} return register_or_update(request, 'twitter', user_id, info, request.route_path('home'))
def twitter_callback(request): settings = request.registry.settings try: oauth_token = request.params['oauth_token'] except KeyError: return HTTPBadRequest('Missing required oauth_token') try: oauth_verifier = request.params['oauth_verifier'] except KeyError: return HTTPBadRequest('Missing required oauth_verifier') try: saved_oauth_token = request.session['oauth_token'] except KeyError: return HTTPBadRequest('No oauth_token was found in the session') if saved_oauth_token != oauth_token: return HTTPUnauthorized("OAuth tokens don't match") else: del request.session['oauth_token'] access_token_url = settings['twitter_access_token_url'] params = ( ('oauth_token', oauth_token), ('oauth_verifier', oauth_verifier), ) auth = auth_header('POST', access_token_url, params, settings, oauth_token) response = requests.post(access_token_url, headers={'Authorization': auth}) if response.status_code != 200: return HTTPUnauthorized(response.text) response_args = dict(urlparse.parse_qsl(response.text)) # moauth_token_secret = response_args['oauth_token_secret'] oauth_token = response_args['oauth_token'] user_id = response_args['user_id'] screen_name = response_args['screen_name'] existing_user = user_from_provider_id('twitter', user_id) if existing_user is None: # fetch Twitter info only if this is the first time for # the user sice Twitter has very strong limits for using # its APIs twitter_info = get_user_info(settings, user_id) first_name, last_name = split_name(twitter_info['name']) info = { 'screen_name': screen_name, 'first_name': first_name, 'last_name': last_name, } else: info = {} return register_or_update(request, 'twitter', user_id, info, request.route_path('home'))
def test_register_or_update(self): os.environ["YITH_FAKE_DATETIME"] = "2013-1-2-10-11-02" request = testing.DummyRequest() request.db = self.db request.session = {} request.google_analytics = GoogleAnalytics(request) response = register_or_update( request, "skynet", 1, { "screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "invented_attribute": "foo", # this will not be in the output }, "/next", ) self.assertEqual(response.status, "302 Found") self.assertEqual(response.location, "/register") self.assertEqual(request.session["next_url"], "/next") self.assertEqual( request.session["user_info"], { "screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "", "provider": "skynet", "skynet_id": 1, }, ) # try with an existing user user_id = self.db.users.insert( {"skynet_id": 1, "screen_name": "JohnDoe", "first_name": "John", "last_name": ""}, safe=True ) request = testing.DummyRequest() request.db = self.db request.session = {USER_ATTR: True} request.google_analytics = GoogleAnalytics(request) request.datetime_service = FakeDatetimeService(request) response = register_or_update( request, "skynet", 1, {"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"}, "/next", ) self.assertEqual(response.status, "302 Found") self.assertEqual(response.location, "/next") user = self.db.users.find_one({"_id": user_id}) self.assertEqual(user["email"], "*****@*****.**") self.assertEqual(user["last_name"], "Doe") self.assertEqual(user[USER_ATTR], True) # maybe there is a next_url in the session request = testing.DummyRequest() request.db = self.db request.session = {"next_url": "/foo"} request.google_analytics = GoogleAnalytics(request) request.datetime_service = FakeDatetimeService(request) response = register_or_update( request, "skynet", 1, {"screen_name": "JohnDoe", "first_name": "John", "last_name": "Doe", "email": "*****@*****.**"}, "/next", ) self.assertEqual(response.status, "302 Found") self.assertEqual(response.location, "/foo") del os.environ["YITH_FAKE_DATETIME"]
def liveconnect_callback(request, user_id, info): return register_or_update(request, 'liveconnect', user_id, info, request.route_path('home'))
def facebook_callback(request, user_id, info): return register_or_update(request, 'facebook', user_id, info, request.route_path('home'))
def google_callback(request, user_id, new_info): return register_or_update(request, 'google', user_id, new_info, request.route_path('home'))
def test_register_or_update(self): request = testing.DummyRequest() request.db = self.db request.session = {} request.google_analytics = GoogleAnalytics(request) response = register_or_update(request, 'skynet', 1, { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'invented_attribute': 'foo', # this will not be in the output }, '/next') self.assertEqual(response.status, '302 Found') self.assertEqual(response.location, '/register') self.assertEqual(request.session['next_url'], '/next') self.assertEqual(request.session['user_info'], { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'email': '', 'provider': 'skynet', 'skynet_id': 1, }) # try with an existing user user_id = self.db.users.insert({ 'skynet_id': 1, 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': '', }, safe=True) request = testing.DummyRequest() request.db = self.db request.session = {USER_ATTR: True} request.google_analytics = GoogleAnalytics(request) response = register_or_update(request, 'skynet', 1, { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'email': '*****@*****.**', }, '/next') self.assertEqual(response.status, '302 Found') self.assertEqual(response.location, '/next') user = self.db.users.find_one({'_id': user_id}) self.assertEqual(user['email'], '*****@*****.**') self.assertEqual(user['last_name'], 'Doe') self.assertEqual(user[USER_ATTR], True) # maybe there is a next_url in the session request = testing.DummyRequest() request.db = self.db request.session = {'next_url': '/foo'} request.google_analytics = GoogleAnalytics(request) response = register_or_update(request, 'skynet', 1, { 'screen_name': 'JohnDoe', 'first_name': 'John', 'last_name': 'Doe', 'email': '*****@*****.**', }, '/next') self.assertEqual(response.status, '302 Found') self.assertEqual(response.location, '/foo')