def authcallback():
# Step 3: Complete -- obtain authorized key/secret for "resource owner"
rediskey = request.cookies.get('rediskey')
oauth_verifier = request.args.get('oauth_verifier', '')
oauth_token = request.args.get('oauth_token', '')
request_token = r.get(rediskey)
if request_token == None:
resp = make_response(render_template('redirect.html'), 302)
resp.headers['Location'] = 'auth'
return resp
elif oauth_verifier == '':
resp = make_response(render_template('redirect.html'), 302)
resp.headers['Location'] = 'auth'
return resp
else:
handshaker = Handshaker("https://en.wikipedia.org/w/index.php", consumer_token)
serialrequest_token = r.get(rediskey)
request_token = pickle.loads(serialrequest_token)
response_qs = 'oauth_verifier=' + oauth_verifier + '&' + 'oauth_token=' + oauth_token
#print(request_token)
#print(response_qs)
access_token = handshaker.complete(request_token,response_qs)
#print(str(access_token))
# Step 4: Identify -- (optional) get identifying information about the user
identity = handshaker.identify(access_token)
r.delete(rediskey)
#return "Identified as {username}.".format(**identity)
username = "******".format(**identity)
resp = make_response(render_template('redirect.html'), 302)
resp.headers['Location'] = 'https://kiwiirc.com/client/irc.freenode.net/wikipedia-en-help?nick=' + username
return resp
def oauth_callback():
handshaker = Handshaker(
"https://meta.wikimedia.org/w/index.php",
oauth_token,
user_agent=user_agent
)
access_token = handshaker.complete(session['request_token'], request.query_string)
session['access_token'] = access_token
identity = handshaker.identify(access_token)
wiki_uid = identity['sub']
user = g.conn.session.query(User).filter(User.wiki_uid == wiki_uid).first()
if user is None:
user = User(username=identity['username'], wiki_uid=wiki_uid)
g.conn.session.add(user)
g.conn.session.commit()
elif user.username != identity['username']:
user.username = identity['username']
g.conn.session.add(user)
try:
g.conn.session.commit()
except IntegrityError as e:
if e[0] == 1062: # Duplicate
g.conn.session.rollback()
else:
raise
session['user_id'] = user.id
return_to_url = session.get('return_to_url')
del session['request_token']
del session['return_to_url']
return redirect(return_to_url)
def get(self):
consumer_token = ConsumerToken(
self.authenticator.client_id,
self.authenticator.client_secret
)
handshaker = Handshaker(
self.authenticator.mw_index_url, consumer_token
)
request_token = dejsonify(self.get_secure_cookie(AUTH_REQUEST_COOKIE_NAME))
self.clear_cookie(AUTH_REQUEST_COOKIE_NAME)
access_token = yield self.executor.submit(
handshaker.complete, request_token, self.request.query
)
identity = handshaker.identify(access_token)
if identity and 'username' in identity:
# FIXME: Figure out total set of chars that can be present
# in MW's usernames, and set of chars valid in jupyterhub
# usernames, and do a proper mapping
username = identity['username'].replace(' ', '_')
user = self.find_user(username)
if user is None:
user = orm.User(name=username, id=identity['sub'])
self.db.add(user)
self.db.commit()
self.set_login_cookie(user)
self.redirect(url_path_join(self.hub.server.base_url, 'home'))
else:
# todo: custom error page?
raise web.HTTPError(403)
def get(self):
consumer_token = ConsumerToken(self.authenticator.client_id,
self.authenticator.client_secret)
handshaker = Handshaker(self.authenticator.mw_index_url,
consumer_token)
request_token = dejsonify(
self.get_secure_cookie(AUTH_REQUEST_COOKIE_NAME))
self.clear_cookie(AUTH_REQUEST_COOKIE_NAME)
access_token = yield self.executor.submit(handshaker.complete,
request_token,
self.request.query)
identity = handshaker.identify(access_token)
if identity and 'username' in identity:
# FIXME: Figure out total set of chars that can be present
# in MW's usernames, and set of chars valid in jupyterhub
# usernames, and do a proper mapping
username = identity['username'].replace(' ', '_')
user = self.find_user(username)
if user is None:
user = orm.User(name=username, id=identity['sub'])
self.db.add(user)
self.db.commit()
self.set_login_cookie(user)
self.redirect(url_path_join(self.hub.server.base_url, 'home'))
else:
# todo: custom error page?
raise web.HTTPError(403)
def complete_login(request, consumer_token, cookie, rdb_session, root_path, api_log):
# TODO: Remove or standardize the DEBUG option
if DEBUG:
identity = {'sub': 6024474,
'username': '******'}
else:
handshaker = Handshaker(WIKI_OAUTH_URL, consumer_token)
with api_log.debug('load_login_cookie') as act:
try:
rt_key = cookie['request_token_key']
rt_secret = cookie['request_token_secret']
except KeyError:
# in some rare cases, stale cookies are left behind
# and users have to click login again
act.failure('clearing stale cookie, redirecting to {}', root_path)
cookie.set_expires()
return redirect(root_path)
req_token = RequestToken(rt_key, rt_secret)
access_token = handshaker.complete(req_token,
request.query_string)
identity = handshaker.identify(access_token)
userid = identity['sub']
username = identity['username']
user = rdb_session.query(User).filter(User.id == userid).first()
now = datetime.datetime.utcnow()
if user is None:
user = User(id=userid, username=username, last_active_date=now)
rdb_session.add(user)
else:
user.last_active_date = now
# These would be useful when we have oauth beyond simple ID, but
# they should be stored in the database along with expiration times.
# ID tokens only last 100 seconds or so
# cookie['access_token_key'] = access_token.key
# cookie['access_token_secret'] = access_token.secret
# identity['confirmed_email'] = True/False might be interesting
# for contactability through the username. Might want to assert
# that it is True.
cookie['userid'] = identity['sub']
cookie['username'] = identity['username']
return_to_url = cookie.get('return_to_url')
# TODO: Clean up
if not DEBUG:
del cookie['request_token_key']
del cookie['request_token_secret']
del cookie['return_to_url']
else:
return_to_url = '/'
return redirect(return_to_url)
def oauth_callback():
handshaker = Handshaker("https://meta.wikimedia.org/w/index.php",
oauth_token)
access_token = handshaker.complete(session['request_token'],
request.query_string)
session['acces_token'] = access_token
identity = handshaker.identify(access_token)
wiki_uid = identity['sub']
user = g.conn.session.query(User).filter(User.wiki_uid == wiki_uid).first()
if user is None:
user = User(username=identity['username'], wiki_uid=wiki_uid)
g.conn.session.add(user)
g.conn.session.commit()
session['user_id'] = user.id
return_to_url = session.get('return_to_url')
del session['request_token']
del session['return_to_url']
return redirect(return_to_url)
def oauth_callback():
handshaker = Handshaker(
"https://meta.wikimedia.org/w/index.php",
oauth_token
)
access_token = handshaker.complete(session['request_token'], request.query_string)
session['acces_token'] = access_token
identity = handshaker.identify(access_token)
wiki_uid = identity['sub']
user = User.get_by_wiki_uid(wiki_uid)
if user is None:
user = User(username=identity['username'], wiki_uid=wiki_uid)
user.save_new()
session['user_id'] = user.id
return_to_url = session.get('return_to_url')
del session['request_token']
del session['return_to_url']
return redirect(return_to_url)
def complete_login(request, consumer_token, cookie):
handshaker = Handshaker(WIKI_OAUTH_URL, consumer_token)
req_token = RequestToken(cookie['request_token_key'],
cookie['request_token_secret'])
access_token = handshaker.complete(req_token, request.query_string)
identity = handshaker.identify(access_token)
userid = identity['sub']
username = identity['username']
cookie['userid'] = userid
cookie['username'] = username
# Is this OK to put in a cookie?
cookie['oauth_access_key'] = access_token.key
cookie['oauth_access_secret'] = access_token.secret
return_to_url = cookie.get('return_to_url', '/')
return redirect(return_to_url)
def complete_login(request, consumer_token, cookie, rdb_session):
handshaker = Handshaker(WIKI_OAUTH_URL, consumer_token)
req_token = RequestToken(cookie['request_token_key'],
cookie['request_token_secret'])
access_token = handshaker.complete(req_token, request.query_string)
identity = handshaker.identify(access_token)
userid = identity['sub']
username = identity['username']
user = rdb_session.query(User).filter(User.id == userid).first()
now = datetime.datetime.utcnow()
if user is None:
user = User(id=userid, username=username, last_login_date=now)
rdb_session.add(user)
else:
user.last_login_date = now
# These would be useful when we have oauth beyond simple ID, but
# they should be stored in the database along with expiration times.
# ID tokens only last 100 seconds or so
# cookie['access_token_key'] = access_token.key
# cookie['access_token_secret'] = access_token.secret
# identity['confirmed_email'] = True/False might be interesting
# for contactability through the username. Might want to assert
# that it is True.
cookie['userid'] = identity['sub']
cookie['username'] = identity['username']
return_to_url = cookie.get('return_to_url')
del cookie['request_token_key']
del cookie['request_token_secret']
del cookie['return_to_url']
return redirect(return_to_url)
import sys
sys.path.insert(0, ".")
from mwoauth import ConsumerToken, Handshaker
from six.moves import input # For compatibility between python 2 and 3
# Consruct a "consumer" from the key/secret provided by MediaWiki
import config # You'll need to provide this
consumer_token = ConsumerToken(config.consumer_key, config.consumer_secret)
# Construct handshaker with wiki URI and consumer
handshaker = Handshaker("https://en.wikipedia.org/w/index.php", consumer_token)
# Step 1: Initialize -- ask MediaWiki for a temporary key/secret for user
redirect, request_token = handshaker.initiate()
# Step 2: Authorize -- send user to MediaWiki to confirm authorization
print("Point your browser to: %s" % redirect) #
response_qs = input("Response query string: ")
# Step 3: Complete -- obtain authorized key/secret for "resource owner"
access_token = handshaker.complete(request_token, response_qs)
print(str(access_token))
# Step 4: Identify -- (optional) get identifying information about the user
identity = handshaker.identify(access_token)
print("Identified as {username} (id={sub}).".format(**identity))
try:
creds_doc = json.load(open("credentials.do_not_commit.json"))
consumer_key = creds_doc['consumer_key']
consumer_secret = creds_doc['consumer_secret']
except FileNotFoundError:
print('Couldn\'t find "credentials.do_not_commit.json". ' +
'Please manually input credentials.')
consumer_key = input('Consumer key: ')
consumer_secret = input('Consumer secret: ')
consumer_token = ConsumerToken(consumer_key, consumer_secret)
# Construct handshaker with wiki URI and consumer
handshaker = Handshaker("https://en.wikipedia.org/w/index.php",
consumer_token)
# Step 1: Initialize -- ask MediaWiki for a temporary key/secret for user
redirect, request_token = handshaker.initiate()
# Step 2: Authorize -- send user to MediaWiki to confirm authorization
print("Point your browser to: %s" % redirect) #
response_qs = input("Response query string: ")
# Step 3: Complete -- obtain authorized key/secret for "resource owner"
access_token = handshaker.complete(request_token, response_qs)
print(str(access_token))
# Step 4: Identify -- (optional) get identifying information about the user
identity = handshaker.identify(access_token)
print("Identified as {username} (id={sub}).".format(**identity))
