def logout(request): userid = request.unauthenticated_userid if userid is not None: event = UserLoggedOut(userid) request.registry.notify(event) headers = forget(request) return redirect_to_signin(request, 'You are logged out!', headers=headers)
def callback(request): api = request.googleapi settings = request.registry.settings app_url = settings.get(SETTINGS_PREFIX + 'app_url') if app_url is not None: redirect_uri = request.route_url('auth_callback', _app_url=app_url) else: redirect_uri = request.route_url('auth_callback') try: oauth2_token = api.exchange_token_from_code(redirect_uri) userinfo = api.get_userinfo_from_token(oauth2_token) api.check_hosted_domain_user(userinfo) userid = api.get_user_id_from_userinfo(userinfo) except AuthFailed as err: log.warning('Google Login failed (%s)', err) return redirect_to_signin(request, 'Google Login failed (%s)' % err) except Exception as err: log.warning('Google Login failed (%s)', err) # Protect against leaking critical information like client_secret return redirect_to_signin(request, 'Google Login failed (unkown)') # Find the redirect url (fail-safe, the authentication is more important) try: state_params = decode_state(request.params['state']) url = state_params['url'][0] except Exception: url = find_landing_path(request) user_logged_in = UserLoggedIn(request, userid, oauth2_token, userinfo) try: request.registry.notify(user_logged_in) except Exception: log.exception( 'Application crashed processing UserLoggedIn event' '\nuserinfo=%s oauth2_token=%s', userinfo, oauth2_token) return redirect_to_signin(request, 'Google Login failed (application error)') if user_logged_in.headers: headers = user_logged_in.headers else: headers = remember(request, userid) return HTTPFound(location=url, headers=headers)
def test_redirect_to_signin(self): from pyramid.httpexceptions import HTTPFound from pyramid_google_login import redirect_to_signin request = mock.Mock() httpfound = redirect_to_signin(request) self.assertIsInstance(httpfound, HTTPFound) request.route_url.assert_called_once_with('auth_signin', _query={}) self.assertEqual(httpfound.location, request.route_url.return_value)
def callback(request): api = request.googleapi redirect_uri = request.route_url('auth_callback') try: oauth2_token = api.exchange_token_from_code(redirect_uri) userinfo = api.get_userinfo_from_token(oauth2_token) api.check_hosted_domain_user(userinfo) userid = api.get_user_id_from_userinfo(userinfo) except AuthFailed as err: log.warning('Google Login failed (%s)', err) return redirect_to_signin(request, 'Google Login failed (%s)' % err) except Exception as err: log.warning('Google Login failed (%s)', err) # Protect against leaking critical information like client_secret return redirect_to_signin(request, 'Google Login failed (unkown)') # Find the redirect url (fail-safe, the authentication is more important) try: state_params = decode_state(request.params['state']) url = state_params['url'][0] except: url = find_landing_path(request) user_logged_in = UserLoggedIn(request, userid, oauth2_token, userinfo) try: request.registry.notify(user_logged_in) except: log.exception('Application crashed processing UserLoggedIn event' '\nuserinfo=%s oauth2_token=%s', userinfo, oauth2_token) return redirect_to_signin(request, 'Google Login failed (application error)') if user_logged_in.headers: headers = user_logged_in.headers else: headers = remember(request, principal=userid) return HTTPFound(location=url, headers=headers)
def test_redirect_to_signin_headers(self): from pyramid.httpexceptions import HTTPFound from pyramid_google_login import redirect_to_signin request = mock.Mock() test_header = ('X-Test', 'Yeap') httpfound = redirect_to_signin(request, headers=[test_header]) self.assertIsInstance(httpfound, HTTPFound) self.assertEqual(httpfound.location, request.route_url.return_value) self.assertIn(test_header, httpfound.headerlist)
def signin_redirect(request): googleapi = request.googleapi redirect_uri = request.route_url('auth_callback') state_params = {} if 'url' in request.params: state_params['url'] = request.params['url'] state = encode_state(state_params) try: authorize_url = googleapi.build_authorize_url(state, redirect_uri) except AuthFailed as err: log.warning('Google Login failed (%s)', err) return redirect_to_signin(request, 'Google Login failed (%s)' % err) return HTTPFound(location=authorize_url)
def signin_redirect(request): googleapi = request.googleapi settings = request.registry.settings app_url = settings.get(SETTINGS_PREFIX + 'app_url') if app_url is not None: redirect_uri = request.route_url('auth_callback', _app_url=app_url) else: redirect_uri = request.route_url('auth_callback') state_params = {} if 'url' in request.params: state_params['url'] = request.params['url'] state = encode_state(state_params) try: authorize_url = googleapi.build_authorize_url(state, redirect_uri) except AuthFailed as err: log.warning('Google Login failed (%s)', err) return redirect_to_signin(request, 'Google Login failed (%s)' % err) return HTTPFound(location=authorize_url)