def GET(self): inputs = sh.inputs() assert (inputs.has_key('code')) assert (inputs.has_key('state')) site_name = inputs.state.partition('_')[0] authorization_code = inputs.code.strip() oauth_ctrl = sh.ctrl('oauth.%s' % site_name) oauth_model = sh.model('oauth.%sOAuth2' % site_name) user_ctrl = sh.ctrl('User') user_model = sh.model('User') token_url = oauth_ctrl.createAccessTokenUrl(authorization_code) content = sh.requestHtmlContent(token_url, None, oauth_ctrl.ACCESS_TOKEN_METHOD) assert content, u'第三方返回的数据有误' access_token, access_expires = oauth_ctrl.pickAccessTokenAndExpires( content) requested_uid = oauth_ctrl.requestUidWithAccessToken(access_token) assert requested_uid, u'第三方返回的数据有误' if self.TEST_API_LOGIN: login_url = '%s/api/oauth/login?access_token=%s&access_expires=%s&uid=%s&state=%s' % ( sh.config.HOST_NAME, access_token, access_expires, requested_uid, inputs.state) return '<a href="%s" >%s</a>' % (login_url, login_url) # 因为access_token是动态变化的,所以要用requested_uid来判断是否登录过 # 这也避免了access_token变化时插入重复的uid exists = oauth_model.getByUid(requested_uid) # 如果当前uid还没有插入数据库,则先插入再考虑绑定Userid if not exists: new_oauth_id = oauth_model.insert( dict(uid=requested_uid, access_token=access_token, access_expires=access_expires)) exists = oauth_model.get(new_oauth_id) # 如果已绑定Userid则登录 if exists.Userid: return self.login(exists.Userid) # 如果希望自动注册,则注册并绑定后登录 if self.NO_REGISTER_ACTION == 'auto_register': data = oauth_ctrl.assignUserInfo(sh.storage(), access_token) self.assignRandomPassword(data) self.assignRegisterIP(data) conflict = user_ctrl.checkNewUser(data) if conflict: return self.redirectToRegister(access_token, inputs.state, error=conflict) new_user_id = user_model.insert(data) oauth_model.update(exists.id, dict(Userid=new_user_id)) return self.login(new_user_id) # 否则希望用户自己注册 elif self.NO_REGISTER_ACTION == 'to_register': return self.redirectToRegister(access_token, inputs.state)
def assignUserInfo(self, data, access_token): new_data = sh.copy(data) if data else sh.storage() exists = sh.model(self.MODEL_NAME).getByAccessToken(access_token) if not exists: return new_data res = sh.requestHtmlContent(self.USER_INFO_URL, ( 'access_token', access_token, 'oauth_consumer_key', self.getAppID(), 'openid', exists.uid, 'format', 'json', )) if not res: return new_data res = sh.loadsJson(res) if res.ret != 0: return new_data if not new_data.has_key('name'): new_data['name'] = res.nickname if res.gender == '男': new_data['sex'] = '他' elif res.gender == '女': new_data['sex'] = '她' image_file = sh.requestImageFile(res.figureurl_2) if image_file: new_data['image_file'] = image_file return new_data
def assignUserInfo(self, data, access_token): new_data = sh.copy(data) if data else sh.storage() exists = sh.model(self.MODEL_NAME).getByAccessToken(access_token) if not exists: return new_data res = sh.requestHtmlContent(self.USER_INFO_URL, ( 'access_token', access_token, 'oauth_consumer_key', self.getAppID(), 'uid', exists.uid, )) if not res: return new_data res = sh.loadsJson(res) if res.get('error_code', None): return new_data if not new_data.has_key('name'): new_data['name'] = res.screen_name if res.gender == 'm': new_data['sex'] = '他' elif res.gender == 'f': new_data['sex'] = '她' else: new_data['sex'] = '保密' image_file = sh.requestImageFile(res.avatar_large) if image_file: new_data['image_file'] = image_file return new_data
def GET(self): inputs = sh.inputs() assert inputs.has_key("code") assert inputs.has_key("state") site_name = inputs.state.partition("_")[0] authorization_code = inputs.code.strip() oauth_ctrl = sh.ctrl("oauth.%s" % site_name) oauth_model = sh.model("oauth.%sOAuth2" % site_name) user_ctrl = sh.ctrl("User") user_model = sh.model("User") token_url = oauth_ctrl.createAccessTokenUrl(authorization_code) content = sh.requestHtmlContent(token_url, None, oauth_ctrl.ACCESS_TOKEN_METHOD) assert content, u"第三方返回的数据有误" access_token, access_expires = oauth_ctrl.pickAccessTokenAndExpires(content) requested_uid = oauth_ctrl.requestUidWithAccessToken(access_token) assert requested_uid, u"第三方返回的数据有误" if self.TEST_API_LOGIN: login_url = "%s/api/oauth/login?access_token=%s&access_expires=%s&uid=%s&state=%s" % ( sh.config.HOST_NAME, access_token, access_expires, requested_uid, inputs.state, ) return '<a href="%s" >%s</a>' % (login_url, login_url) # 因为access_token是动态变化的,所以要用requested_uid来判断是否登录过 # 这也避免了access_token变化时插入重复的uid exists = oauth_model.getByUid(requested_uid) # 如果当前uid还没有插入数据库,则先插入再考虑绑定Userid if not exists: new_oauth_id = oauth_model.insert( dict(uid=requested_uid, access_token=access_token, access_expires=access_expires) ) exists = oauth_model.get(new_oauth_id) # 如果已绑定Userid则登录 if exists.Userid: return self.login(exists.Userid) # 如果希望自动注册,则注册并绑定后登录 if self.NO_REGISTER_ACTION == "auto_register": data = oauth_ctrl.assignUserInfo(sh.storage(), access_token) self.assignRandomPassword(data) self.assignRegisterIP(data) conflict = user_ctrl.checkNewUser(data) if conflict: return self.redirectToRegister(access_token, inputs.state, error=conflict) new_user_id = user_model.insert(data) oauth_model.update(exists.id, dict(Userid=new_user_id)) return self.login(new_user_id) # 否则希望用户自己注册 elif self.NO_REGISTER_ACTION == "to_register": return self.redirectToRegister(access_token, inputs.state)
def share(self, access_token, comment): exists = sh.model(self.MODEL_NAME).getByAccessToken(access_token) if not exists: return None return sh.requestHtmlContent(self.SHARE_URL, { 'access_token': access_token, 'oauth_consumer_key': self.getAppID(), 'uid': exists.uid, 'status': comment, }, 'POST')
def getFollowUids(self, access_token, uid): res = sh.requestHtmlContent(self.FRIEND_UIDS, { 'access_token': access_token, 'uid': uid, 'count': 5000 }) if not res: return [] res = sh.loadsJson(res) if res.get('error_code', None): return [] return res.ids
def share(self, access_token, comment): exists = sh.model(self.MODEL_NAME).getByAccessToken(access_token) if not exists: return None return sh.requestHtmlContent( self.SHARE_URL, { 'access_token': access_token, 'oauth_consumer_key': self.getAppID(), 'uid': exists.uid, 'status': comment, }, 'POST')
def share(self, access_token, title): exists = sh.model(self.MODEL_NAME).getByAccessToken(access_token) if not exists: return None return sh.requestHtmlContent(self.SHARE_URL, ( 'access_token', access_token, 'oauth_consumer_key', self.getAppID(), 'openid', exists.uid, 'title', title, 'url', sh.config.HOST_NAME, 'comment', None, 'summary', None, 'images', None, 'source', 1, ))
def requestUidWithAccessToken(self, access_token): return str( self.pickUid( sh.requestHtmlContent(self.createUidUrl(access_token), method=self.UID_METHOD)))
def requestUidWithAccessToken(self, access_token): return str(self.pickUid(sh.requestHtmlContent( self.createUidUrl(access_token), method=self.UID_METHOD)))
def _request(self, params): params = sh.copy(params) params['v'] = '1.0' params['format'] = 'JSON' params['sig'] = self.sign(params, self.getAppKey()) return sh.requestHtmlContent(self.UID_URL, params, 'POST')