def facebook(): signed_request = get_argument(REQUEST_FIELD) if signed_request is None: facebook_app = weblab_api.config.get_value(FACEBOOK_APP_PROPERTY, None) if facebook_app is None: return "<html><body>%s not set. Contact administrator</body></html>" % FACEBOOK_APP_PROPERTY return "<html><body><script>top.location.href='%s';</script></body></html>" % facebook_app payload = signed_request[signed_request.find('.') + 1:] payload = payload.replace('-','+').replace('_','/') payload = payload + "==" json_content = base64.decodestring(payload) data = json.loads(json_content) if 'user_id' not in data: base_auth_url = weblab_api.config.get_value(AUTH_URL_PROPERTY, DEFAULT_AUTH_URL) facebook_app_id = weblab_api.config.get_value(APP_ID_PROPERTY) canvas_url = weblab_api.config.get_value(CANVAS_URL_PROPERTY) auth_url = base_auth_url % (facebook_app_id, urllib2.quote(canvas_url)) return "<html><body><script>top.location.href='%s';</script></body></html>" % auth_url try: session_id = weblab_api.api.extensible_login(FacebookManager.NAME, signed_request) except LoginErrors.InvalidCredentialsError: return _handle_unauthenticated_clients(signed_request) return _show_weblab(session_id, signed_request)
def facebook(): signed_request = get_argument(REQUEST_FIELD) if signed_request is None: facebook_app = weblab_api.config.get_value(FACEBOOK_APP_PROPERTY, None) if facebook_app is None: return "<html><body>%s not set. Contact administrator</body></html>" % FACEBOOK_APP_PROPERTY return "<html><body><script>top.location.href='%s';</script></body></html>" % facebook_app payload = signed_request[signed_request.find('.') + 1:] payload = payload.replace('-', '+').replace('_', '/') payload = payload + "==" json_content = base64.decodestring(payload) data = json.loads(json_content) if 'user_id' not in data: base_auth_url = weblab_api.config.get_value(AUTH_URL_PROPERTY, DEFAULT_AUTH_URL) facebook_app_id = weblab_api.config.get_value(APP_ID_PROPERTY) canvas_url = weblab_api.config.get_value(CANVAS_URL_PROPERTY) auth_url = base_auth_url % (facebook_app_id, urllib2.quote(canvas_url)) return "<html><body><script>top.location.href='%s';</script></body></html>" % auth_url try: session_id = weblab_api.api.extensible_login(FacebookManager.NAME, signed_request) except LoginErrors.InvalidCredentialsError: return _handle_unauthenticated_clients(signed_request) return _show_weblab(session_id, signed_request)
def openid_verify(): if not OPENID_AVAILABLE: return "python-openid not found / not installed. Contact administrator." initialize() domain = get_argument(DOMAIN) if domain is not None: if not domain.upper() in DOMAINS: return make_response("domain provided but not supported by configuration. Check %s in settings" % DOMAINS_PROPERTY, 400) username = get_argument(USERNAME) if username is None: return make_response("When domain provided, a username must also be provided", 400) domain_tpl = DOMAINS[domain.upper()] try: full_url = domain_tpl % username except: return make_response("Invalid domain. It must have a wildcard '%%s' within the URL. Instead '%s' found" % domain, 400) else: full_url = get_argument(USER_ID) if full_url is None: return make_response("A username (%s) + domain (%s) or a user identifier (%s) must be provided " % (USERNAME, DOMAIN, USER_ID), 400) # full_url contains the user identifier current_consumer = get_consumer() try: current_request = current_consumer.begin(full_url) except consumer.DiscoveryFailure: traceback.print_exc() return make_response('Error in discovery, contact with administrator', 500) else: if current_request is None: return make_response("No OpenID services found. contact with administrator", 500) else: trust_root = request.host return_to = url_for('.openid_process', _external = True) if current_request.shouldSendRedirect(): redirect_url = current_request.redirectURL( trust_root, return_to, immediate = False) return redirect(redirect_url) else: form_html = current_request.formMarkup( trust_root, return_to, form_tag_attrs={'id':'openid_message'}, immediate=False) return """<html><head><title>Transaction in progress</title></head> <body onload='document.getElementById("%s").submit()'> Requesting credentials...<br/> %s </body></html> """ % ('openid_message', form_html)
def login(): username = get_argument(USERNAME) password = get_argument(PASSWORD, 'not provided') if username is None: return make_response("%s argument not provided!" % USERNAME, 400) try: session_id = weblab_api.api.login(username, password) except InvalidCredentialsError: return make_response("Invalid username or password", 403) except: traceback.print_exc() return make_response("There was an unexpected error while logging in.", 500) else: response = make_response("%s;%s" % (session_id.id, weblab_api.ctx.route)) session_id_cookie = '%s.%s' % (session_id.id, weblab_api.ctx.route) weblab_api.fill_session_cookie(response, session_id_cookie) return response
def _handle_unauthenticated_clients(signed_request): if get_argument('op','').lower() in ('create', 'link'): try: if get_argument('op','').lower() == 'create': session_id = weblab_api.api.create_external_user(FacebookManager.NAME, signed_request) else: # get_argument('op','').lower() == 'link' username = get_argument('username') password = get_argument('password') session_id = weblab_api.api.grant_external_credentials(username, password, FacebookManager.NAME, signed_request) except LoginErrors.InvalidCredentialsError: return make_response("Invalid username or password!", 403) else: return _show_weblab(session_id, signed_request) link_uri = request.url + '?op=link' create_uri = request.url + '?op=create' return render_template('login_web/facebook_unauthenticated.html', link_uri = link_uri, create_uri = create_uri, signed_request = signed_request)
def login(): username = get_argument(USERNAME) password = get_argument(PASSWORD, 'not provided') if username is None: return make_response("%s argument not provided!" % USERNAME, 400) try: session_id = weblab_api.api.login(username, password) except InvalidCredentialsError: return make_response("Invalid username or password", 403) except: traceback.print_exc() return make_response("There was an unexpected error while logging in.", 500) else: response = make_response("%s;%s" % (session_id.id, weblab_api.ctx.route)) session_id_cookie = '%s.%s' % (session_id.id, weblab_api.ctx.route) weblab_api.fill_session_cookie(response, session_id_cookie) return response
def _handle_unauthenticated_clients(signed_request): if get_argument('op', '').lower() in ('create', 'link'): try: if get_argument('op', '').lower() == 'create': session_id = weblab_api.api.create_external_user( FacebookManager.NAME, signed_request) else: # get_argument('op','').lower() == 'link' username = get_argument('username') password = get_argument('password') session_id = weblab_api.api.grant_external_credentials( username, password, FacebookManager.NAME, signed_request) except LoginErrors.InvalidCredentialsError: return make_response("Invalid username or password!", 403) else: return _show_weblab(session_id, signed_request) link_uri = request.url + '?op=link' create_uri = request.url + '?op=create' return render_template('login_web/facebook_unauthenticated.html', link_uri=link_uri, create_uri=create_uri, signed_request=signed_request)
def openid_verify(): if not OPENID_AVAILABLE: return "python-openid not found / not installed. Contact administrator." initialize() domain = get_argument(DOMAIN) if domain is not None: if not domain.upper() in DOMAINS: return make_response( "domain provided but not supported by configuration. Check %s in settings" % DOMAINS_PROPERTY, 400) username = get_argument(USERNAME) if username is None: return make_response( "When domain provided, a username must also be provided", 400) domain_tpl = DOMAINS[domain.upper()] try: full_url = domain_tpl % username except: return make_response( "Invalid domain. It must have a wildcard '%%s' within the URL. Instead '%s' found" % domain, 400) else: full_url = get_argument(USER_ID) if full_url is None: return make_response( "A username (%s) + domain (%s) or a user identifier (%s) must be provided " % (USERNAME, DOMAIN, USER_ID), 400) # full_url contains the user identifier current_consumer = get_consumer() try: current_request = current_consumer.begin(full_url) except consumer.DiscoveryFailure: traceback.print_exc() return make_response('Error in discovery, contact with administrator', 500) else: if current_request is None: return make_response( "No OpenID services found. contact with administrator", 500) else: trust_root = request.host return_to = url_for('.openid_process', _external=True) if current_request.shouldSendRedirect(): redirect_url = current_request.redirectURL(trust_root, return_to, immediate=False) return redirect(redirect_url) else: form_html = current_request.formMarkup( trust_root, return_to, form_tag_attrs={'id': 'openid_message'}, immediate=False) return """<html><head><title>Transaction in progress</title></head> <body onload='document.getElementById("%s").submit()'> Requesting credentials...<br/> %s </body></html> """ % ('openid_message', form_html)