def get(self):
verifier = self.request.get('oauth_verifier')
request_token_key = self.request.get('oauth_token')
if not verifier or not request_token_key:
# user declined
self.finish(None)
return
# look up the request token
request_token = models.OAuthRequestToken.get_by_id(request_token_key)
if request_token is None:
raise exc.HTTPBadRequest('Invalid oauth_token: %s' %
request_token_key)
# generate and store the final token
tp = tumblpy.Tumblpy(app_key=appengine_config.TUMBLR_APP_KEY,
app_secret=appengine_config.TUMBLR_APP_SECRET,
oauth_token=request_token_key,
oauth_token_secret=request_token.token_secret)
auth_token = tp.get_authorized_tokens(verifier)
auth_token_key = auth_token['oauth_token']
auth_token_secret = auth_token['oauth_token_secret']
# get the user's blogs
# http://www.tumblr.com/docs/en/api/v2#user-methods
tp = TumblrAuth._api_from_token(auth_token_key, auth_token_secret)
logging.debug('Fetching user/info')
try:
resp = tp.post('user/info')
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
verifier = self.request.get('oauth_verifier')
request_token_key = self.request.get('oauth_token')
if not verifier or not request_token_key:
# user declined
self.finish(None)
return
# look up the request token
request_token = models.OAuthRequestToken.get_by_id(request_token_key)
if request_token is None:
raise exc.HTTPBadRequest('Invalid oauth_token: %s' % request_token_key)
# generate and store the final token
tp = tumblpy.Tumblpy(app_key=appengine_config.TUMBLR_APP_KEY,
app_secret=appengine_config.TUMBLR_APP_SECRET,
oauth_token=request_token_key,
oauth_token_secret=request_token.token_secret)
auth_token = tp.get_authorized_tokens(verifier)
auth_token_key = auth_token['oauth_token']
auth_token_secret = auth_token['oauth_token_secret']
# get the user's blogs
# http://www.tumblr.com/docs/en/api/v2#user-methods
tp = TumblrAuth._api_from_token(auth_token_key, auth_token_secret)
logging.debug('Fetching user/info')
try:
resp = tp.post('user/info')
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
assert (
appengine_config.GOOGLE_CLIENT_ID
and appengine_config.GOOGLE_CLIENT_SECRET
), ("Please fill in the google_client_id and google_client_secret files in "
"your app's root directory.")
# get OpenID Connect user info
# https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
try:
_, user = oauth_decorator.http().request(
OPENID_CONNECT_USERINFO)
except BaseException as e:
util.interpret_http_exception(e)
raise
user = json.loads(user.decode('utf-8'))
logging.debug('Got one person: %r', user)
store = oauth_decorator.credentials.store
creds_model_key = ndb.Key(store._model.kind(), store._key_name)
auth = GoogleAuth(id=user['sub'],
creds_model=creds_model_key,
user_json=json.dumps(user))
auth.put()
self.finish(auth, state=self.request.get('state'))
def urlopen(self, url, **kwargs):
"""Wraps urllib2.urlopen() and adds OAuth credentials to the request.
"""
headers = {'Authorization': 'Bearer %s' % self.access_token_str}
try:
return util.urlopen(urllib2.Request(url, headers=headers), **kwargs)
except BaseException, e:
util.interpret_http_exception(e)
raise
def urlopen(self, url, **kwargs):
"""Wraps urllib2.urlopen() and adds OAuth credentials to the request.
"""
kwargs.setdefault('headers', {})['authorization'] = \
'Bearer ' + self.access_token_str
try:
return util.urlopen(urllib2.Request(url, **kwargs))
except BaseException, e:
util.interpret_http_exception(e)
raise
def post(self, *args, **kwargs):
"""Wraps requests.post() and adds an OAuth signature.
"""
oauth1 = twitter_auth.auth(self.token_key, self.token_secret)
resp = util.requests_post(*args, auth=oauth1, **kwargs)
try:
resp.raise_for_status()
except BaseException, e:
util.interpret_http_exception(e)
raise
def post(self, *args, **kwargs):
"""Wraps requests.post() and adds an OAuth signature.
"""
oauth1 = twitter_auth.auth(self.token_key, self.token_secret)
resp = util.requests_post(*args, auth=oauth1, **kwargs)
try:
resp.raise_for_status()
except BaseException, e:
util.interpret_http_exception(e)
raise
def _requests_call(self, fn, *args, **kwargs):
headers = kwargs.setdefault('headers', {})
headers['Authorization'] = 'Bearer ' + self.access_token_str
resp = fn(*args, **kwargs)
assert 'serviceErrorCode' not in resp, resp
try:
resp.raise_for_status()
except BaseException, e:
util.interpret_http_exception(e)
raise
def _requests_call(self, fn, *args, **kwargs):
headers = kwargs.setdefault('headers', {})
headers['Authorization'] = 'Bearer ' + self.access_token_str
resp = fn(*args, **kwargs)
assert 'errors' not in resp, resp
try:
resp.raise_for_status()
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
state = self.request.get('state')
blogger = BloggerV2Auth.api_from_creds(oauth_decorator.credentials)
try:
blogs = blogger.get_blogs()
except BaseException, e:
# this api call often returns 401 Unauthorized for users who aren't
# signed up for blogger and/or don't have any blogs.
util.interpret_http_exception(e)
# we can't currently intercept declines for Google or Blogger, so the
# only time we return a None auth entity right now is on error.
self.finish(None, state=state)
return
def get(self, *args, **kwargs):
"""Wraps requests.get() and adds the Bearer token header.
"""
headers = kwargs.setdefault('headers', {})
headers['Authorization'] = 'Bearer ' + self.access_token_str
headers.setdefault('User-Agent', USER_AGENT)
resp = util.requests_get(*args, **kwargs)
try:
resp.raise_for_status()
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self, *args, **kwargs):
"""Wraps requests.get() and adds the Bearer token header.
"""
headers = kwargs.setdefault('headers', {})
headers['Authorization'] = 'Bearer ' + self.access_token_str
headers.setdefault('User-Agent', USER_AGENT)
resp = util.requests_get(*args, **kwargs)
try:
resp.raise_for_status()
except BaseException, e:
util.interpret_http_exception(e)
raise
def urlopen_access_token(url, access_token, api_key=None, **kwargs):
"""Wraps urllib2.urlopen() and adds an access_token query parameter.
Kwargs are passed through to urlopen().
"""
params = [('access_token', access_token)]
if api_key:
params.append(('api_key', api_key))
url = util.add_query_params(url, params)
try:
return util.urlopen(url, **kwargs)
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
oauth_token = self.request.get('oauth_token')
oauth_verifier = self.request.get('oauth_verifier')
request_token = models.OAuthRequestToken.get_by_id(oauth_token)
client = oauthlib.oauth1.Client(
appengine_config.FLICKR_APP_KEY,
client_secret=appengine_config.FLICKR_APP_SECRET,
resource_owner_key=oauth_token,
resource_owner_secret=request_token.token_secret,
verifier=oauth_verifier)
uri, headers, body = client.sign(ACCESS_TOKEN_URL)
try:
resp = util.urlopen(urllib2.Request(uri, body, headers))
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
oauth_token = self.request.get('oauth_token')
oauth_verifier = self.request.get('oauth_verifier')
request_token = models.OAuthRequestToken.get_by_id(oauth_token)
client = oauthlib.oauth1.Client(
appengine_config.FLICKR_APP_KEY,
client_secret=appengine_config.FLICKR_APP_SECRET,
resource_owner_key=oauth_token,
resource_owner_secret=request_token.token_secret,
verifier=oauth_verifier)
uri, headers, body = client.sign(ACCESS_TOKEN_URL)
try:
resp = util.urlopen(urllib2.Request(uri, body, headers))
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
if facebook.CallbackHandler.handle_error(self):
return
# http://instagram.com/developer/authentication/
auth_code = util.get_required_param(self, 'code')
data = {
'client_id': appengine_config.INSTAGRAM_CLIENT_ID,
'client_secret': appengine_config.INSTAGRAM_CLIENT_SECRET,
'code': auth_code,
'redirect_uri': self.request_url_with_state(),
'grant_type': 'authorization_code',
}
try:
resp = util.urlopen(GET_ACCESS_TOKEN_URL, data=urllib.urlencode(data)).read()
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
if facebook.CallbackHandler.handle_error(self):
return
# http://instagram.com/developer/authentication/
auth_code = util.get_required_param(self, 'code')
data = {
'client_id': appengine_config.INSTAGRAM_CLIENT_ID,
'client_secret': appengine_config.INSTAGRAM_CLIENT_SECRET,
'code': auth_code,
'redirect_uri': self.request_url_with_state(),
'grant_type': 'authorization_code',
}
try:
resp = util.urlopen(GET_ACCESS_TOKEN_URL,
data=urllib.urlencode(data)).read()
except BaseException, e:
util.interpret_http_exception(e)
raise
def get(self):
assert (appengine_config.GOOGLE_CLIENT_ID and
appengine_config.GOOGLE_CLIENT_SECRET), (
"Please fill in the google_client_id and google_client_secret files in "
"your app's root directory.")
# get OpenID Connect user info
# https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
try:
_, user = oauth_decorator.http().request(OPENID_CONNECT_USERINFO)
except BaseException as e:
util.interpret_http_exception(e)
raise
user = json.loads(user.decode('utf-8'))
logging.debug('Got one person: %r', user)
store = oauth_decorator.credentials.store
creds_model_key = ndb.Key(store._model.kind(), store._key_name)
auth = GoogleAuth(id=user['sub'], creds_model=creds_model_key,
user_json=json.dumps(user))
auth.put()
self.finish(auth, state=self.request.get('state'))
def get(self):
state = util.get_required_param(self, 'state')
# handle errors
error = self.request.get('error')
error_reason = urllib.unquote_plus(self.request.get('error_reason', ''))
if error or error_reason:
if error == 'access_denied':
logging.info('User declined: %s', error_reason)
self.finish(None, state=state)
return
else:
raise exc.HTTPBadRequest(' '.join((error, error_reason)))
# lookup the CSRF token
try:
csrf_id = int(urllib.unquote_plus(state).split('|')[-1])
except (ValueError, TypeError):
raise exc.HTTPBadRequest('Invalid state value %r' % state)
csrf = DropboxCsrf.get_by_id(csrf_id)
if not csrf:
raise exc.HTTPBadRequest('No CSRF token for id %s' % csrf_id)
# request an access token
data = {
'client_id': appengine_config.DROPBOX_APP_KEY,
'client_secret': appengine_config.DROPBOX_APP_SECRET,
'code': util.get_required_param(self, 'code'),
'redirect_uri': self.request.path_url,
}
try:
resp = util.urlopen(GET_ACCESS_TOKEN_URL % data, data='').read()
except BaseException, e:
util.interpret_http_exception(e)
raise
