def auth_url(self, redirect_uri=None, scope=None, state=None): if not redirect_uri: redirect_uri = self.redirect_uri if not scope: scope = self.scope return facebooklib.auth_url(self._app_id, redirect_uri, perms=scope, state=state)
def _view(request, *args, **kwargs): # Make sure we're receiving a signed_request from facebook if not request.POST.get('signed_request'): return HttpResponseBadRequest( '<h1>400 Bad Request</h1>' '<p>Missing <em>signed_request</em>.</p>') # Parse the request and ensure it's valid signed_request = request.POST["signed_request"] data = facebook.parse_signed_request(signed_request, settings.FACEBOOK_SECRET_KEY) if data is False: return HttpResponseBadRequest( '<h1>400 Bad Request</h1>' '<p>Malformed <em>signed_request</em>.</p>') # If the user has not authorised redirect them if not data.get('user_id'): scope = getattr(settings, 'FACEBOOK_PERMS', None) auth_url = facebook.auth_url(settings.FACEBOOK_APP_ID, settings.FACEBOOK_CANVAS_PAGE, scope) markup = ('<script type="text/javascript">' 'top.location.href="%s"</script>' % auth_url) return HttpResponse(markup) # Success so return the view return view_func(request, *args, **kwargs)
def facebook_token(request): ## Tomamos el absolute path de donde esta corriendo callback = request.build_absolute_uri() if request.GET: code = request.GET['code'] ## Con el Code que recibimos de FB solicitamos un Access Token temporal params = facebook.GraphAPI().get_access_token_from_code(code, callback, settings.FB_API, settings.FB_SECRET) ## Solicitamos el un Access Token "Permanente" 2 Meses aproximadamente arg = { 'grant_type': 'fb_exchange_token', 'client_id': settings.FB_API, 'client_secret': settings.FB_SECRET, 'fb_exchange_token': params['access_token'] } req = requests.request("GET","https://graph.facebook.com/oauth/access_token", params=arg).json() token = req['access_token'] expires = req['expires_in'] else: ## Se arma la URL para autenticar url = facebook.auth_url(settings.FB_API, callback, ['user_about_me','user_photos','publish_actions']) template = 'facebook_token.html' return render(request, template, locals())
def facebook_login_widget(context, perms=None, login_button_text='Login with Facebook'): context = copy(context) login_redirect_uri = 'http://%s%s' % ( Site.objects.get_current().domain, reverse_lazy('facebook_login_callback') ) csrf_token = unicode(context['csrf_token']) context['request'].session['facebook_state'] = csrf_token if perms: perms = ['email'] + perms.split(',') else: perms = ['email'] context.update({ 'auth_url': quote(facebook.auth_url( settings.FACEBOOK_APP_ID, login_redirect_uri, perms, csrf_token )), 'login_button_text': login_button_text }) return context
def _view(request, *args, **kwargs): # Make sure we're receiving a signed_request from facebook if not request.POST.get("signed_request"): if hasattr(settings, "FACEBOOK_RAISE_SR_EXCEPTIONS") and settings.FACEBOOK_RAISE_SR_EXCEPTIONS: raise MissingSignedRequestException("Signed request token missing") else: return HttpResponseBadRequest("<h1>400 Bad Request</h1>" "<p>Missing <em>signed_request</em>.</p>") # Parse the request and ensure it's valid signed_request = request.POST["signed_request"] data = facebook.parse_signed_request(signed_request, settings.FACEBOOK_SECRET_KEY) if data is False: if hasattr(settings, "FACEBOOK_RAISE_SR_EXCEPTIONS") and settings.FACEBOOK_RAISE_SR_EXCEPTIONS: raise InvalidSignedRequestException("Signed request token does not parse") else: return HttpResponseBadRequest( "<h1>400 Bad Request</h1>" "<p>Malformed <em>signed_request</em>.</p>" ) # If the user has not authorised redirect them if not data.get("user_id"): scope = getattr(settings, "FACEBOOK_SCOPE", None) auth_url = facebook.auth_url(settings.FACEBOOK_APP_ID, settings.FACEBOOK_CANVAS_PAGE, scope) markup = '<script type="text/javascript">' 'top.location.href="%s"</script>' % auth_url return HttpResponse(markup) # Success so return the view return view_func(request, *args, **kwargs)
def _view(request, *args, **kwargs): # Make sure we're receiving a signed_request from facebook if not request.POST.get('signed_request'): return HttpResponseBadRequest('<h1>400 Bad Request</h1>' '<p>Missing <em>signed_request</em>.</p>') # Parse the request and ensure it's valid signed_request = request.POST["signed_request"] data = facebook.parse_signed_request(signed_request, settings.FACEBOOK_SECRET_KEY) if data is False: return HttpResponseBadRequest('<h1>400 Bad Request</h1>' '<p>Malformed <em>signed_request</em>.</p>') # If the user has not authorised redirect them if not data.get('user_id'): scope = getattr(settings, 'FACEBOOK_SCOPE', None) auth_url = facebook.auth_url(settings.FACEBOOK_APP_ID, settings.FACEBOOK_CANVAS_PAGE, scope) markup = ('<script type="text/javascript">' 'top.location.href="%s"</script>' % auth_url) return HttpResponse(markup) # Success so return the view return view_func(request, *args, **kwargs)
def _root(self, rq, *args): auth_url = facebook.auth_url(APP_ID, CANVAS_URL, perms=['user_likes']) r = {'rq':rq, 'args':args, 'is_authed':0, 'auth_url':auth_url, 'is_liked':False, 'APP_ID':APP_ID, 'question': question.get_by(publish_date = datetime.date.today()), } if rq.q.has_key("signed_request"): if rq.q.getfirst("signed_request",""): parsed_request = self.decode_signed_request(rq.q.getfirst("signed_request", "")) if parsed_request: try: self.access_token = parsed_request['oauth_token'] self.access_expires = int(parsed_request['expires']) if self.access_expires > time.time(): self.graph = facebook.GraphAPI(self.access_token) self.user_graph = self.graph.get_object("me") r['is_authed'] = 1 r['is_liked'] = self.is_liked() r['user'] = self.add_user() r['question'] = self.get_question() else: self.graph.extend_access_token(APP_ID, APP_SECRET) return self._root(rq, *args) except KeyError: return r return r
def _root(self, rq, *args): auth_url = facebook.auth_url(APP_ID, CANVAS_URL, perms=['user_likes']) r = { 'rq': rq, 'args': args, 'is_authed': 0, 'auth_url': auth_url, 'is_liked': False, 'APP_ID': APP_ID, 'question': question.get_by(publish_date=datetime.date.today()), } if rq.q.has_key("signed_request"): if rq.q.getfirst("signed_request", ""): parsed_request = self.decode_signed_request( rq.q.getfirst("signed_request", "")) if parsed_request: try: self.access_token = parsed_request['oauth_token'] self.access_expires = int(parsed_request['expires']) if self.access_expires > time.time(): self.graph = facebook.GraphAPI(self.access_token) self.user_graph = self.graph.get_object("me") r['is_authed'] = 1 r['is_liked'] = self.is_liked() r['user'] = self.add_user() r['question'] = self.get_question() else: self.graph.extend_access_token(APP_ID, APP_SECRET) return self._root(rq, *args) except KeyError: return r return r
def get_oauth_authorization_url( self, oauth_request_token, url_prefix='', params=None): if params and 'scope' in params: perms = params['scope'].split(',') else: perms = {} return facebook.auth_url( self.facebook_ck, self.get_callback_url(url_prefix), perms=perms)
def _redirect_to_perms_dialog(self, environ, redirect_to_self_url, perms=None): if perms is None: perms = self.v1_perms target_url = facebook.auth_url(config['pyfacebook.appid'], redirect_to_self_url, perms=perms) self._redirect(environ, target_url=target_url)
def _redirect_to_perms_dialog(self, environ, redirect_to_self_url, perms=None): if perms is None: perms = self.v1_perms target_url = auth_url(client_config.app_id, redirect_to_self_url, perms=perms) self._redirect(environ, target_url=target_url)
def start_authentication(self, callback_url): auth_data = {} auth_data["callback_url"] = callback_url oauth_url = facebook.auth_url(self.__app_id, callback_url, perms = self.__permissions) return oauth_url, auth_data
def test_calling_module_methods(self): result = facebook.auth_url( app_id="foo", canvas_url = "http://apps.facebook.com/friend-tube", perms=None, version="v2.0" ) eq_(result, "https://www.facebook.com/v2.0/dialog/oauth?redirect_uri=http%3A%2F%2Fapps.facebook.com%2Ffriend-tube&client_id=foo")
def test_get_auth_url(self): """ This test is pretty pointless really considering what it does, but coverage is coverage """ mock_url = "http://test.fb/canvas" generated_auth_url = facebook.auth_url(self.app_id, mock_url) assert generated_auth_url == "https://www.facebook.com/dialog/oauth?redirect_uri=%s&client_id=%s" % ( urllib.quote_plus(mock_url), self.app_id, )
def facebook_auth_url(user, channel_id): " gen facebook auth url " auth_url = facebook.auth_url( app_id=app.config['FACEBOOK_APP_ID'], canvas_url=app.config["FACEBOOK_CALLBACK_URL"] + '/' + str(channel_id), perms=[ "manage_pages", "publish_actions", "user_events", "read_page_mailboxes", "publish_pages" ]) return redirect(auth_url + '&auth_type=reauthenticate')
def get_oauth_authorization_url(self, oauth_request_token, url_prefix='', params=None): if params and 'scope' in params: perms = params['scope'].split(',') else: perms = {} return facebook.auth_url(self.facebook_ck, self.get_callback_url(url_prefix), perms=perms)
def get(self): user = h.get_user_or_redirect( self ) if not user: return template_values = h.template_params( self, user, **{ 'flickr_auth' : flickr.auth_url(), 'facebook_auth' : facebook.auth_url(), 'facebook_token' : facebook.FacebookToken.for_user(user), 'flickr_token' : flickr.FlickrToken.for_user(user) } ) h.render_template( self, 'settings.html', template_values )
def userLogin(user_name): all_users_auth = {} current_auth = {} os.system('rm -rf %s/current_user.log' % tmp_folder) if user_name: # try to load user auth from cache if os.path.isfile(tmp_folder+'/users.json'): all_users_auth = json.load(open(tmp_folder+'/users.json')) if all_users_auth.get(user_name): current_auth = all_users_auth[user_name] open(tmp_folder+'/current_user.log','w').write(user_name) else: exit("ERROR: Please login with --login [USERNAME].") if not current_auth: # new user, ask for auth and save to cache print facebook.auth_url(app_id, redirect_uri, perms) code = str(raw_input("Please copy and paste the verification number following https://www.facebook.com/?code= ")) access_token = facebook.get_access_token_from_code(code, redirect_uri, app_id, app_secret)["access_token"] current_auth["ACCESS_TOKEN"] = access_token all_users_auth[user_name] = current_auth json.dump(all_users_auth, open(tmp_folder+'/users.json', 'w')) return facebook.GraphAPI(current_auth["ACCESS_TOKEN"])
def auth(self, request): """ let's auth the user to the Service """ callbackUrl = 'http://%s%s' % (request.get_host(), reverse('facebook_callback')) # URL to redirect user to, to authorize your app auth_url = facebook.auth_url(app_id=self.app_id, canvas_url=callbackUrl, perms=self.permissions) return auth_url
def get_authorization_url(): """ Facebook oauth authenticate """ try: try: facebook_app_id = Option.objects.get( parameter="facebook_app_id").value except: raise Exception("Failed to retrieve the Facebook App ID Key.") if settings.DEBUG or settings.TESTING: return facebook.auth_url(facebook_app_id, FacebookAPI.callback_url_debug, perms=FacebookAPI.app_permissions) else: return facebook.auth_url(facebook_app_id, FacebookAPI.callback_url, perms=FacebookAPI.app_permissions) except Exception as e: return 'FacebookAPI.get_authorization_url() - Error: ' + str(e)
def get(self): user = h.get_user_or_redirect(self) if not user: return template_values = h.template_params( self, user, **{ 'flickr_auth': flickr.auth_url(), 'facebook_auth': facebook.auth_url(), 'facebook_token': facebook.FacebookToken.for_user(user), 'flickr_token': flickr.FlickrToken.for_user(user) }) h.render_template(self, 'settings.html', template_values)
def _auth_status(self, obj): if obj: login_url = auth_url( settings.FACEBOOK_APP_ID, host_url('autoposting-facebook-callback'), ['manage_pages', 'publish_pages']) # Специально занижаем дату действия токена, чтобы не забывали обновлять, а постинг работал if obj.access_token and obj.access_token_expires_at - datetime.timedelta(days=3) > datetime.datetime.now(): return 'Активно до %s<br><a href="%s">Обновить токен</a>' % ( (obj.access_token_expires_at - datetime.timedelta(days=3)).strftime('%H:%M %d.%m.%Y'), login_url ) return '<a href="%s">Получить токен</a>' % login_url return '–'
def get(self): user = h.get_user_or_redirect( self ) if not user: return fb_friends = facebook.FacebookPerson.gql("WHERE user = :1", user) flickr_friends = flickr.FlickrPerson.gql("WHERE user = :1", user) template_values = h.template_params( self, user, **{ 'flickr_auth' : flickr.auth_url(), 'facebook_auth' : facebook.auth_url(), 'facebook_friends' : fb_friends, 'flickr_friends' : flickr_friends } ) h.render_template( self, 'services/index.html', template_values )
def get(self): user = h.get_user_or_redirect(self) if not user: return fb_friends = facebook.FacebookPerson.gql("WHERE user = :1", user) flickr_friends = flickr.FlickrPerson.gql("WHERE user = :1", user) template_values = h.template_params( self, user, **{ 'flickr_auth': flickr.auth_url(), 'facebook_auth': facebook.auth_url(), 'facebook_friends': fb_friends, 'flickr_friends': flickr_friends }) h.render_template(self, 'services/index.html', template_values)
def _post_index(request): query_string = request.META["QUERY_STRING"] redirect_uri = settings.FACEBOOK_CANVAS_PAGE if query_string: redirect_uri += ("?" + query_string) signed_request = request.POST["signed_request"] data = facebook.parse_signed_request( signed_request, settings.FACEBOOK_APP_SECRET) if not data.get("user_id"): scope = ["user_birthday", "user_location", "friends_birthday," "friends_hometown", "friends_location", "email", "publish_actions", "friends_online_presence"] auth_url = facebook.auth_url(settings.FACEBOOK_APP_ID, redirect_uri, scope) markup = ('<script type="text/javascript">' 'top.location.href="%s"</script>' % auth_url) return HttpResponse(markup) return None
def answer(self, rq, *args): if rq.q.has_key("answer"): auth_url = facebook.auth_url(APP_ID, CANVAS_URL, perms=['user_likes']) r = {'rq':rq, 'args':args, 'is_authed':1, 'auth_url':auth_url, 'is_liked':True, 'question':self.get_question(), 'APP_ID':APP_ID, 'question': question.get_by(publish_date = datetime.date.today()) } answer_user = user.get_by(id = int(rq.q.getfirst("user_id"))) self.add_answer(answer_user, int(rq.q.getfirst("answer",""))) r["question"] = "answered" r['user'] = answer_user return r else: raise forbiddenException()
def _post_index(request): query_string = request.META["QUERY_STRING"] redirect_uri = settings.FACEBOOK_CANVAS_PAGE if query_string: redirect_uri += ("?" + query_string) signed_request = request.POST["signed_request"] data = facebook.parse_signed_request(signed_request, settings.FACEBOOK_APP_SECRET) if not data.get("user_id"): scope = [ "user_birthday", "user_location", "friends_birthday," "friends_hometown", "friends_location", "email", "publish_actions", "friends_online_presence" ] auth_url = facebook.auth_url(settings.FACEBOOK_APP_ID, redirect_uri, scope) markup = ('<script type="text/javascript">' 'top.location.href="%s"</script>' % auth_url) return HttpResponse(markup) return None
def authenticate(self): """ Facebook authentication. Opens a browser window for authentication if there isn't a LOCAL_FILE with the access_token, else it uses the access_token in LOCAL_FILE. """ global ACCESS_TOKEN self.access_token = None if not os.path.exists(self.LOCAL_FILE): print "Facebook authentication..." webbrowser.open(facebook.auth_url(self.APP_ID, self.REDIRECT_URI, self.PERMS)) # Creates a temp HTTPServer httpd = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080), FBAuth.RequestHandler) while ACCESS_TOKEN is None: httpd.handle_request() self.access_token = ACCESS_TOKEN else: self.access_token = open(self.LOCAL_FILE).read()
def _view(request, *args, **kwargs): # Make sure we're receiving a signed_request from facebook if not request.POST.get('signed_request'): return HttpResponseBadRequest() # Parse the request and ensure it's valid try: signed_request = request.POST["signed_request"] data = facebook.parse_signed_request(signed_request, settings.FACEBOOK_SECRET_KEY) except ValueError: return HttpResponseBadRequest() # If the user has not authorised redirect them if not data.get('user_id'): scope = getattr(settings, 'FACEBOOK_PERMS', None) auth_url = facebook.auth_url(settings.FACEBOOK_APP_ID, settings.FACEBOOK_CANVAS_PAGE, scope) markup = '<script type="text/javascript">top.location.href="%s"</script>' % auth_url return HttpResponse(markup) # Success so return the view return view_func(request, *args, **kwargs)
def test_auth_url(self): perms = ["email", "birthday"] redirect_url = "https://localhost/facebook/callback/" expected_url = "https://www.facebook.com/dialog/oauth?" + urlencode( dict(client_id=self.app_id, redirect_uri=redirect_url, scope=",".join(perms)) ) actual_url = facebook.auth_url(self.app_id, redirect_url, perms=perms) # Since the order of the query string parameters might be # different in each URL, we cannot just compare them to each # other. expected_url_result = urlparse(expected_url) actual_url_result = urlparse(actual_url) expected_query = parse_qs(expected_url_result.query) actual_query = parse_qs(actual_url_result.query) self.assertEqual(actual_url_result.scheme, expected_url_result.scheme) self.assertEqual(actual_url_result.netloc, expected_url_result.netloc) self.assertEqual(actual_url_result.path, expected_url_result.path) self.assertEqual(actual_url_result.params, expected_url_result.params) self.assertEqual(actual_query, expected_query)
def answer(self, rq, *args): if rq.q.has_key("answer"): auth_url = facebook.auth_url(APP_ID, CANVAS_URL, perms=['user_likes']) r = { 'rq': rq, 'args': args, 'is_authed': 1, 'auth_url': auth_url, 'is_liked': True, 'question': self.get_question(), 'APP_ID': APP_ID, 'question': question.get_by(publish_date=datetime.date.today()) } answer_user = user.get_by(id=int(rq.q.getfirst("user_id"))) self.add_answer(answer_user, int(rq.q.getfirst("answer", ""))) r["question"] = "answered" r['user'] = answer_user return r else: raise forbiddenException()
def test_auth_url(self): perms = ['email', 'birthday'] redirect_url = 'https://localhost/facebook/callback/' expected_url = facebook.FACEBOOK_OAUTH_DIALOG_URL + urlencode( dict(client_id=self.app_id, redirect_uri=redirect_url, scope=','.join(perms))) actual_url = facebook.auth_url(self.app_id, redirect_url, perms=perms) # Since the order of the query string parameters might be # different in each URL, we cannot just compare them to each # other. expected_url_result = urlparse(expected_url) actual_url_result = urlparse(actual_url) expected_query = parse_qs(expected_url_result.query) actual_query = parse_qs(actual_url_result.query) self.assertEqual(actual_url_result.scheme, expected_url_result.scheme) self.assertEqual(actual_url_result.netloc, expected_url_result.netloc) self.assertEqual(actual_url_result.path, expected_url_result.path) self.assertEqual(actual_url_result.params, expected_url_result.params) self.assertEqual(actual_query, expected_query)
def test_auth_url(self): perms = ['email', 'birthday'] redirect_url = 'https://localhost/facebook/callback/' expected_url = 'https://www.facebook.com/dialog/oauth?' + urlencode( dict(client_id=self.app_id, redirect_uri=redirect_url, scope=','.join(perms))) actual_url = facebook.auth_url(self.app_id, redirect_url, perms=perms) # Since the order of the query string parameters might be # different in each URL, we cannot just compare them to each # other. expected_url_result = urlparse(expected_url) actual_url_result = urlparse(actual_url) expected_query = parse_qs(expected_url_result.query) actual_query = parse_qs(actual_url_result.query) self.assertEqual(actual_url_result.scheme, expected_url_result.scheme) self.assertEqual(actual_url_result.netloc, expected_url_result.netloc) self.assertEqual(actual_url_result.path, expected_url_result.path) self.assertEqual(actual_url_result.params, expected_url_result.params) self.assertEqual(actual_query, expected_query)
self.wfile.write("Sorry, authentication failed.") sys.exit(1) response = get_access_token_from_code(code, REDIRECT_URI, APP_ID, APP_SECRET) ACCESS_TOKEN = response['access_token'] open(LOCAL_FILE,'w').write(ACCESS_TOKEN) self.wfile.write("You have successfully logged in to facebook. " "You can close this window now.") if __name__ == '__main__': if not os.path.exists(LOCAL_FILE): print "Logging you in to facebook..." webbrowser.open(auth_url(APP_ID, REDIRECT_URI, perms=['read_stream'])) listen_on = urlparse.urlsplit(REDIRECT_URI) httpd = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080), RequestHandler) while ACCESS_TOKEN is None: httpd.handle_request() else: ACCESS_TOKEN = open(LOCAL_FILE).read() client = GraphAPI(ACCESS_TOKEN) print client.request('me/permissions')
code = code[0] if code else None if code is None: self.wfile.write("Sorry, authentication failed.") sys.exit(1) response = get_access_token_from_code(code, REDIRECT_URI, APP_ID, APP_SECRET) ACCESS_TOKEN = response['access_token'] open(LOCAL_FILE, 'w').write(ACCESS_TOKEN) self.wfile.write("You have successfully logged in to facebook. " "You can close this window now.") if __name__ == '__main__': if not os.path.exists(LOCAL_FILE): print "Logging you in to facebook..." webbrowser.open(auth_url(APP_ID, REDIRECT_URI, perms=['read_stream'])) listen_on = urlparse.urlsplit(REDIRECT_URI) httpd = BaseHTTPServer.HTTPServer(('127.0.0.1', 8080), RequestHandler) while ACCESS_TOKEN is None: httpd.handle_request() else: ACCESS_TOKEN = open(LOCAL_FILE).read() client = GraphAPI(ACCESS_TOKEN) print client.request('me/permissions')
def oauth_initiate(self, callback_url): response = redirect(facebook.auth_url(self.client_id, callback_url)) response.set_cookie("facebook_oauth", SecureCookie({ "callback_url" : callback_url }, self.client_secret).serialize(), httponly=True) return response
import webbrowser import requests import facebook from urlparse import parse_qs app_id = '273459129487047' post_login_url = 'https://www.facebook.com/connect/login_success.html' graph = facebook.GraphAPI() url = facebook.auth_url(app_id, post_login_url, response_type='token') print url webbrowser.open(url) raw_input('Opening web browser for app permission, press any key when finished...') data = parse_qs(response) print data['access_token'][0]
def fb_authenticate(): permissions = ['public_profile',] canvas_url = 'http://gulldahlpc.local:8080/' fb_login_url = facebook.auth_url(os.environ.get('FB_APP_ID'), canvas_url, permissions, response_type='token') puts(colored.blue('Go to the following url in a browser to complete login:\n{}'.format(fb_login_url)))
def _get_auth_uri(root_url): redirect_uri = _get_redirect_uri(root_url) uri = facebook.auth_url(_APPLICATION_ID, redirect_uri, ['read_stream', 'publish_actions']) return uri
def _get_auth_uri(root_url): redirect_uri = _get_redirect_uri(root_url) uri = facebook.auth_url(_APPLICATION_ID, redirect_uri,['read_stream','publish_actions']) return uri
def login_fb(request): perms = ['email'] url = facebook.auth_url(settings.FACEBOOK_APP_ID, request.build_absolute_uri('/fb/success/'), perms) return HttpResponseRedirect(url)
def auth_url(self, canvas_url, perms=('ads_management', 'ads_read'), **kwargs): return auth_url(self.account.app_id, canvas_url, perms, **kwargs)