def fbconnect(): ''' Connect with facebook Oauth2 API Taken from Udacity Authentication and Authorization Restaurant Menus example ''' access_token = request.data app.logger.debug("Access token received %s", access_token) app_id = json.loads(open(FBCLIENTS, 'r').read())['web']['app_id'] app_secret = json.loads(open(FBCLIENTS, 'r').read())['web']['app_secret'] url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=%s&client_secret=%s&fb_exchange_token=%s' % ( app_id, app_secret, access_token) h = httplib2.Http() result = h.request(url, 'GET')[1] # strip expire tag from access token token = result.split("&")[0] utils.fb_load_user_info(token) # If user doesn't exist, add to database utils.register_user() return render_template('login_welcome.html', username=session['username'], picture_url=session['picture'])
def fbconnect(): ''' Connect with facebook Oauth2 API Taken from Udacity Authentication and Authorization Restaurant Menus example ''' access_token = request.data app.logger.debug("Access token received %s", access_token) app_id = json.loads(open(FBCLIENTS, 'r').read())[ 'web']['app_id'] app_secret = json.loads( open(FBCLIENTS, 'r').read())['web']['app_secret'] url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=%s&client_secret=%s&fb_exchange_token=%s' % ( app_id, app_secret, access_token) h = httplib2.Http() result = h.request(url, 'GET')[1] # strip expire tag from access token token = result.split("&")[0] utils.fb_load_user_info(token) # If user doesn't exist, add to database utils.register_user() return render_template('login_welcome.html', username=session['username'], picture_url=session['picture'])
def gconnect(): ''' Connect with google Oauth2 API Taken from Udacity Authentication and Authorization Restaurant Menus example ''' # Obtain authorization code auth_code = request.data try: # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets(GCLIENTS, scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(auth_code) except FlowExchangeError: response = make_response( json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' return response # Check that the access token is valid. access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = make_response( json.dumps("Token's user ID doesn't match given user ID."), 401) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is valid for this app. client_id = json.loads(open(GCLIENTS, 'r').read())['web']['client_id'] if result['issued_to'] != client_id: response = make_response( json.dumps("Token's client ID does not match app's."), 401) app.logger.warning("Token's client ID does not match app's.") response.headers['Content-Type'] = 'application/json' return response stored_token = session.get('access_token') stored_gplus_id = session.get('gplus_id') if stored_token is not None and gplus_id == stored_gplus_id: response = make_response( json.dumps('Current user is already connected.'), 200) response.headers['Content-Type'] = 'application/json' return response utils.ggl_load_user_info(credentials) # If user doesn't exist, add to database utils.register_user() return render_template('login_welcome.html', username=session['username'], picture_url=session['picture'])
def gconnect(): ''' Connect with google Oauth2 API Taken from Udacity Authentication and Authorization Restaurant Menus example ''' # Obtain authorization code auth_code = request.data try: # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets(GCLIENTS, scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(auth_code) except FlowExchangeError: response = make_response( json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' return response # Check that the access token is valid. access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = make_response( json.dumps("Token's user ID doesn't match given user ID."), 401) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is valid for this app. client_id = json.loads( open(GCLIENTS, 'r').read())['web']['client_id'] if result['issued_to'] != client_id: response = make_response( json.dumps("Token's client ID does not match app's."), 401) app.logger.warning("Token's client ID does not match app's.") response.headers['Content-Type'] = 'application/json' return response stored_token = session.get('access_token') stored_gplus_id = session.get('gplus_id') if stored_token is not None and gplus_id == stored_gplus_id: response = make_response( json.dumps('Current user is already connected.'), 200) response.headers['Content-Type'] = 'application/json' return response utils.ggl_load_user_info(credentials) # If user doesn't exist, add to database utils.register_user() return render_template('login_welcome.html', username=session['username'], picture_url=session['picture'])