예제 #1
0
def get_dict_from_response(response):
    """Check for errors in the response and return the resulting JSON."""
    if getattr(response, '_resp') and response._resp.code > 400:
        raise OAuthResponseError('Application mis-configuration in Globus',
                                 None, response)

    return response.data
예제 #2
0
def response_token_setter(remote, resp):
    """Extract token from response and set it for the user.

    :param remote: The remote application.
    :param resp: The response.
    :raises invenio_oauthclient.errors.OAuthClientError: If authorization with
        remote service failed.
    :raises invenio_oauthclient.errors.OAuthResponseError: In case of bad
        authorized request.
    :returns: The token.
    """
    if resp is None:
        raise OAuthRejectedRequestError('User rejected request.', remote, resp)
    else:
        if 'access_token' in resp:
            return oauth2_token_setter(remote, resp)
        elif 'oauth_token' in resp and 'oauth_token_secret' in resp:
            return oauth1_token_setter(remote, resp)
        elif 'error' in resp:
            # Only OAuth2 specifies how to send error messages
            raise OAuthClientError(
                'Authorization with remote service failed.',
                remote,
                resp,
            )
    raise OAuthResponseError('Bad OAuth authorized request', remote, resp)
예제 #3
0
def authorized(resp, remote):
    """Authorized callback handler for GitHub."""
    if resp and 'error' in resp:
        if resp['error'] == 'bad_verification_code':
            # See https://developer.github.com/v3/oauth/#bad-verification-code
            # which recommends starting auth flow again.
            return redirect(url_for('oauthclient.login', remote_app='github'))
        elif resp['error'] in [
                'incorrect_client_credentials', 'redirect_uri_mismatch'
        ]:
            raise OAuthResponseError("Application mis-configuration in GitHub",
                                     remote, resp)

    return authorized_signup_handler(resp, remote)
예제 #4
0
def get_user_id(remote, email):
    """Get the Globus identity for a users given email.

    A Globus ID is a UUID that can uniquely identify a Globus user. See the
    docs here for v2/api/identities
    https://docs.globus.org/api/auth/reference/
    """
    try:
        url = '{}?usernames={}'.format(GLOBUS_USER_ID_URL, email)
        user_id = get_dict_from_response(remote.get(url))
        return user_id['identities'][0]['id']
    except KeyError:
        # If we got here the response was successful but the data was invalid.
        # It's likely the URL is wrong but possible the API has changed.
        raise OAuthResponseError(
            'Failed to fetch user id, likely server '
            'mis-configuration', None, remote)