def authcallback(): # Step 3: Complete -- obtain authorized key/secret for "resource owner" rediskey = request.cookies.get('rediskey') oauth_verifier = request.args.get('oauth_verifier', '') oauth_token = request.args.get('oauth_token', '') request_token = r.get(rediskey) if request_token == None: resp = make_response(render_template('redirect.html'), 302) resp.headers['Location'] = 'auth' return resp elif oauth_verifier == '': resp = make_response(render_template('redirect.html'), 302) resp.headers['Location'] = 'auth' return resp else: handshaker = Handshaker("https://en.wikipedia.org/w/index.php", consumer_token) serialrequest_token = r.get(rediskey) request_token = pickle.loads(serialrequest_token) response_qs = 'oauth_verifier=' + oauth_verifier + '&' + 'oauth_token=' + oauth_token #print(request_token) #print(response_qs) access_token = handshaker.complete(request_token,response_qs) #print(str(access_token)) # Step 4: Identify -- (optional) get identifying information about the user identity = handshaker.identify(access_token) r.delete(rediskey) #return "Identified as {username}.".format(**identity) username = "******".format(**identity) resp = make_response(render_template('redirect.html'), 302) resp.headers['Location'] = 'https://kiwiirc.com/client/irc.freenode.net/wikipedia-en-help?nick=' + username return resp
def oauth_callback(): handshaker = Handshaker( "https://meta.wikimedia.org/w/index.php", oauth_token, user_agent=user_agent ) access_token = handshaker.complete(session['request_token'], request.query_string) session['access_token'] = access_token identity = handshaker.identify(access_token) wiki_uid = identity['sub'] user = g.conn.session.query(User).filter(User.wiki_uid == wiki_uid).first() if user is None: user = User(username=identity['username'], wiki_uid=wiki_uid) g.conn.session.add(user) g.conn.session.commit() elif user.username != identity['username']: user.username = identity['username'] g.conn.session.add(user) try: g.conn.session.commit() except IntegrityError as e: if e[0] == 1062: # Duplicate g.conn.session.rollback() else: raise session['user_id'] = user.id return_to_url = session.get('return_to_url') del session['request_token'] del session['return_to_url'] return redirect(return_to_url)
def get(self): consumer_token = ConsumerToken( self.authenticator.client_id, self.authenticator.client_secret ) handshaker = Handshaker( self.authenticator.mw_index_url, consumer_token ) request_token = dejsonify(self.get_secure_cookie(AUTH_REQUEST_COOKIE_NAME)) self.clear_cookie(AUTH_REQUEST_COOKIE_NAME) access_token = yield self.executor.submit( handshaker.complete, request_token, self.request.query ) identity = handshaker.identify(access_token) if identity and 'username' in identity: # FIXME: Figure out total set of chars that can be present # in MW's usernames, and set of chars valid in jupyterhub # usernames, and do a proper mapping username = identity['username'].replace(' ', '_') user = self.find_user(username) if user is None: user = orm.User(name=username, id=identity['sub']) self.db.add(user) self.db.commit() self.set_login_cookie(user) self.redirect(url_path_join(self.hub.server.base_url, 'home')) else: # todo: custom error page? raise web.HTTPError(403)
def get(self): consumer_token = ConsumerToken(self.authenticator.client_id, self.authenticator.client_secret) handshaker = Handshaker(self.authenticator.mw_index_url, consumer_token) request_token = dejsonify( self.get_secure_cookie(AUTH_REQUEST_COOKIE_NAME)) self.clear_cookie(AUTH_REQUEST_COOKIE_NAME) access_token = yield self.executor.submit(handshaker.complete, request_token, self.request.query) identity = handshaker.identify(access_token) if identity and 'username' in identity: # FIXME: Figure out total set of chars that can be present # in MW's usernames, and set of chars valid in jupyterhub # usernames, and do a proper mapping username = identity['username'].replace(' ', '_') user = self.find_user(username) if user is None: user = orm.User(name=username, id=identity['sub']) self.db.add(user) self.db.commit() self.set_login_cookie(user) self.redirect(url_path_join(self.hub.server.base_url, 'home')) else: # todo: custom error page? raise web.HTTPError(403)
def complete_login(request, consumer_token, cookie, rdb_session, root_path, api_log): # TODO: Remove or standardize the DEBUG option if DEBUG: identity = {'sub': 6024474, 'username': '******'} else: handshaker = Handshaker(WIKI_OAUTH_URL, consumer_token) with api_log.debug('load_login_cookie') as act: try: rt_key = cookie['request_token_key'] rt_secret = cookie['request_token_secret'] except KeyError: # in some rare cases, stale cookies are left behind # and users have to click login again act.failure('clearing stale cookie, redirecting to {}', root_path) cookie.set_expires() return redirect(root_path) req_token = RequestToken(rt_key, rt_secret) access_token = handshaker.complete(req_token, request.query_string) identity = handshaker.identify(access_token) userid = identity['sub'] username = identity['username'] user = rdb_session.query(User).filter(User.id == userid).first() now = datetime.datetime.utcnow() if user is None: user = User(id=userid, username=username, last_active_date=now) rdb_session.add(user) else: user.last_active_date = now # These would be useful when we have oauth beyond simple ID, but # they should be stored in the database along with expiration times. # ID tokens only last 100 seconds or so # cookie['access_token_key'] = access_token.key # cookie['access_token_secret'] = access_token.secret # identity['confirmed_email'] = True/False might be interesting # for contactability through the username. Might want to assert # that it is True. cookie['userid'] = identity['sub'] cookie['username'] = identity['username'] return_to_url = cookie.get('return_to_url') # TODO: Clean up if not DEBUG: del cookie['request_token_key'] del cookie['request_token_secret'] del cookie['return_to_url'] else: return_to_url = '/' return redirect(return_to_url)
def oauth_callback(): handshaker = Handshaker("https://meta.wikimedia.org/w/index.php", oauth_token) access_token = handshaker.complete(session['request_token'], request.query_string) session['acces_token'] = access_token identity = handshaker.identify(access_token) wiki_uid = identity['sub'] user = g.conn.session.query(User).filter(User.wiki_uid == wiki_uid).first() if user is None: user = User(username=identity['username'], wiki_uid=wiki_uid) g.conn.session.add(user) g.conn.session.commit() session['user_id'] = user.id return_to_url = session.get('return_to_url') del session['request_token'] del session['return_to_url'] return redirect(return_to_url)
def oauth_callback(): handshaker = Handshaker( "https://meta.wikimedia.org/w/index.php", oauth_token ) access_token = handshaker.complete(session['request_token'], request.query_string) session['acces_token'] = access_token identity = handshaker.identify(access_token) wiki_uid = identity['sub'] user = User.get_by_wiki_uid(wiki_uid) if user is None: user = User(username=identity['username'], wiki_uid=wiki_uid) user.save_new() session['user_id'] = user.id return_to_url = session.get('return_to_url') del session['request_token'] del session['return_to_url'] return redirect(return_to_url)
def complete_login(request, consumer_token, cookie): handshaker = Handshaker(WIKI_OAUTH_URL, consumer_token) req_token = RequestToken(cookie['request_token_key'], cookie['request_token_secret']) access_token = handshaker.complete(req_token, request.query_string) identity = handshaker.identify(access_token) userid = identity['sub'] username = identity['username'] cookie['userid'] = userid cookie['username'] = username # Is this OK to put in a cookie? cookie['oauth_access_key'] = access_token.key cookie['oauth_access_secret'] = access_token.secret return_to_url = cookie.get('return_to_url', '/') return redirect(return_to_url)
def complete_login(request, consumer_token, cookie, rdb_session): handshaker = Handshaker(WIKI_OAUTH_URL, consumer_token) req_token = RequestToken(cookie['request_token_key'], cookie['request_token_secret']) access_token = handshaker.complete(req_token, request.query_string) identity = handshaker.identify(access_token) userid = identity['sub'] username = identity['username'] user = rdb_session.query(User).filter(User.id == userid).first() now = datetime.datetime.utcnow() if user is None: user = User(id=userid, username=username, last_login_date=now) rdb_session.add(user) else: user.last_login_date = now # These would be useful when we have oauth beyond simple ID, but # they should be stored in the database along with expiration times. # ID tokens only last 100 seconds or so # cookie['access_token_key'] = access_token.key # cookie['access_token_secret'] = access_token.secret # identity['confirmed_email'] = True/False might be interesting # for contactability through the username. Might want to assert # that it is True. cookie['userid'] = identity['sub'] cookie['username'] = identity['username'] return_to_url = cookie.get('return_to_url') del cookie['request_token_key'] del cookie['request_token_secret'] del cookie['return_to_url'] return redirect(return_to_url)
import sys sys.path.insert(0, ".") from mwoauth import ConsumerToken, Handshaker from six.moves import input # For compatibility between python 2 and 3 # Consruct a "consumer" from the key/secret provided by MediaWiki import config # You'll need to provide this consumer_token = ConsumerToken(config.consumer_key, config.consumer_secret) # Construct handshaker with wiki URI and consumer handshaker = Handshaker("https://en.wikipedia.org/w/index.php", consumer_token) # Step 1: Initialize -- ask MediaWiki for a temporary key/secret for user redirect, request_token = handshaker.initiate() # Step 2: Authorize -- send user to MediaWiki to confirm authorization print("Point your browser to: %s" % redirect) # response_qs = input("Response query string: ") # Step 3: Complete -- obtain authorized key/secret for "resource owner" access_token = handshaker.complete(request_token, response_qs) print(str(access_token)) # Step 4: Identify -- (optional) get identifying information about the user identity = handshaker.identify(access_token) print("Identified as {username} (id={sub}).".format(**identity))
try: creds_doc = json.load(open("credentials.do_not_commit.json")) consumer_key = creds_doc['consumer_key'] consumer_secret = creds_doc['consumer_secret'] except FileNotFoundError: print('Couldn\'t find "credentials.do_not_commit.json". ' + 'Please manually input credentials.') consumer_key = input('Consumer key: ') consumer_secret = input('Consumer secret: ') consumer_token = ConsumerToken(consumer_key, consumer_secret) # Construct handshaker with wiki URI and consumer handshaker = Handshaker("https://en.wikipedia.org/w/index.php", consumer_token) # Step 1: Initialize -- ask MediaWiki for a temporary key/secret for user redirect, request_token = handshaker.initiate() # Step 2: Authorize -- send user to MediaWiki to confirm authorization print("Point your browser to: %s" % redirect) # response_qs = input("Response query string: ") # Step 3: Complete -- obtain authorized key/secret for "resource owner" access_token = handshaker.complete(request_token, response_qs) print(str(access_token)) # Step 4: Identify -- (optional) get identifying information about the user identity = handshaker.identify(access_token) print("Identified as {username} (id={sub}).".format(**identity))