Exemplo n.º 1
0
    def post(self):
        url = "github.com"
        # authorize_url = \
        # "http://test-backend.example-project-13.appspot.com/api/oauth/github?action=request_token"
        access_token_url = "/login/oauth/access_token"
        client_id = "1f21e4d820abd2cb5a7a"
        client_secret = "b24d6b5f298e85514bebc70abcbf100a8ef8a5f4"
        access_token = ""
        connection = httplib.HTTPSConnection(url)

        # Cogemos el codigo de la peticion
        code = self.request.get("code")

        # Indicamos los parametros de la peticion a github
        params_token = urllib.urlencode({"client_id": client_id,
                "client_secret": client_secret, "code": code})

        # Realizamos la peticion en la conexion
        connection.request("POST", access_token_url, params_token)

        # Cogemos la respuesta de la peticion y realizamos un split
        # para coger el valor del token
        response_token = connection.getresponse()
        data_token = response_token.read()
        access_token = data_token.split("&")
        access_token = access_token[0].split("=")[1]

        # Gestion de la respuesta de webapp
        self.response.content_type = "application/json"
        response = {"token": "" + access_token + ""}
        self.response.write(json.dumps(response))
        connection.close()
        self.response.set_status(200)

        # Obtenemos los detalles del usuario autenticado
        connectionAPI = httplib.HTTPSConnection("api.github.com")
        headers = {"Accept": "application/vnd.github.v3+json",
                   "User-Agent": "PicBit-App",
                   "Authorization": "token GITHUB_TOKEN"}
        connectionAPI.request("GET", "/user", params_token, headers)
        response = connectionAPI.getresponse()
        aux = response.read()
        user_details = json.loads(aux)

        # Buscamos el par id usuario/token autenticado en la base
        stored_credentials = ndb_pb.searchToken(str(user_details["id"
                ]), "github")
        if stored_credentials == None:

            # Almacena las credenciales en una entidad Token
            user_credentials = ndb_pb.insertUser("github",
                    str(user_details["id"]), access_token)
            self.response.set_status(201)
        else:

            # Almacenamos el access token recibido
            user_id = ndb_pb.modifyToken(str(user_details["id"]),
                    access_token, "github")
            self.response.set_status(200)
Exemplo n.º 2
0
    def post(self):
        oauth_verifier = self.request.get("oauth_verifier",
                default_value="None")
        user_identifier = self.request.get("user_identifier", default_value="")

        if not oauth_verifier == "":
            key_verifier = "oauth_verifier_" + oauth_verifier
            twitter_user_data = memcache.get(key_verifier)
            if not twitter_user_data == None:
                # Checks if the username was stored previously
                stored_credentials = ndb_pb.searchToken(twitter_user_data["token_id"], "twitter")
                if not stored_credentials == None:
                    # We store the new set of credentials
                    user_key = ndb_pb.modifyToken(twitter_user_data["token_id"],
                            twitter_user_data["access_token"], "twitter")
                    user_id = ndb_pb.getUserId(user_key)
                    session_id = self.login(user_key)

                    # Gets the user_id to generate the user cookie
                    user_id = ndb_pb.getUserId(user_key)
                    
                    # Returns the session, social_network and user cookie
                    self.response.set_cookie("session", session_id,
                            path="/", domain=domain, secure=True)
                    self.response.set_cookie("social_network",
                            value="twitter", path="/", domain=domain,
                            secure=True)
                    self.response.set_cookie("user",
                            value=user_id, path="/", domain=domain,
                            secure=True)

                    # Builds the response
                    response = {"status": "User logged successfully", "user_id": user_id}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(200)
                else:
                    response = \
                    {"error": "The token_id provided does not belong to a registered user in the system. Consider perform a signup request instead"}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(400)
            else:
                response = \
                    {"error": "There isn\"t any session in the system for the oauth_verifier value specified"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(404)
        else:
            response = \
                {"error": "You must specify a value for the oauth_verifier param in the request"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(400)
Exemplo n.º 3
0
    def post_signup(self, social_network):
        try:
            # We get the params from the POST data
            access_token = self.request.POST["access_token"]
            token_id = self.request.POST["token_id"]
            user_identifier = self.request.POST["user_identifier"]
            # Checks if the username was stored previously
            stored_credentials = ndb_pb.searchToken(token_id, social_network)
            if stored_credentials == None:
                user_data = {}
                user_id_repeated = True if not ndb_pb.getUser(user_identifier) == None else False
                if not user_id_repeated:
                    user_data["user_id"] = user_identifier
                    # Generate a valid username for a new user
                    user_key = ndb_pb.insertUser(social_network,
                            token_id, access_token, user_data)
                    # Assigns to the user a predetermined set of components
                    ndb_pb.assignPredeterminedComponentsToUser(user_key)
                    # Creates the session
                    session_id = self.login(user_key)

                    # Returns the session, user_id and social_network cookie
                    self.response.set_cookie("session", session_id,
                            path="/", domain=domain, secure=True)
                    self.response.set_cookie("social_network", social_network,
                            path="/", domain=domain, secure=True)
                    self.response.set_cookie("user", user_identifier,
                            path="/", domain=domain, secure=True)

                    # Builds the response
                    response = {"status": "User logged successfully", "user_id": user_identifier}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(201)
                else:
                    response = {"error": "The user_identifier provided for the sign up has been already taken"}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(400)
            else:
                response = \
                {"error": "The token_id provided belong to a registered user in the system. Consider perform a login request instead"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(400)
        except KeyError:
            response = \
                {"error": "You must provide access_token, token_id and user_identifier params in the request"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(400)
Exemplo n.º 4
0
    def post_login(self, social_network):
        try:
            # We get the params from the POST data
            access_token = self.request.POST["access_token"]
            token_id = self.request.POST["token_id"]

            # Checks if the username was stored previously
            stored_credentials = ndb_pb.searchToken(token_id,
                    social_network)
            if not stored_credentials == None:
                # We store the new set of credentials
                user_key = ndb_pb.modifyToken(token_id,
                        access_token, social_network)
                user_id = ndb_pb.getUserId(user_key)
                session_id = self.login(user_key)

                # Gets the user_id to generate the user cookie
                user_id = ndb_pb.getUserId(user_key)
                # Returns the session cookie
                self.response.set_cookie("session", session_id, path="/", domain=domain, secure=True)
                self.response.set_cookie("social_network", social_network, path="/", domain=domain, secure=True)
                self.response.set_cookie("user", user_id, path="/", domain=domain, secure=True)

                # Builds the response
                response = {"status": "User logged successfully", "user_id": user_id}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(200)
            else:
                response = \
                {"error": "The token_id provided does not belong to any user in the system. Consider perform a signup request instead"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(400)
        except KeyError:
            response = \
                {"error": "You must provide a valid pair of access_token and token_id in the request"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(400)
Exemplo n.º 5
0
    def post(self):
        oauth_verifier = self.request.get("oauth_verifier", default_value="None")
        user_identifier = self.request.get("user_identifier", default_value="")
        
        if not oauth_verifier == "":
            key_verifier = "oauth_verifier_" + oauth_verifier
            twitter_user_data = memcache.get(key_verifier)
            if not twitter_user_data == None:
                # Checks if the username was stored previously
                stored_credentials = ndb_pb.searchToken(twitter_user_data["token_id"], "twitter") 
                if stored_credentials == None:
                    user_info = {}
                    if not user_identifier == "":
                        # Checks if the user_id taken exists in the system
                        user_id_repeated = True if not ndb_pb.getUser(user_identifier) == None else False
                        if not user_id_repeated:
                            user_info["user_id"] = user_identifier
                            user_key = ndb_pb.insertUser("twitter",
                            twitter_user_data["token_id"], twitter_user_data["access_token"], user_info)

                            # Deletes the key-value for the pair oauth_verifier-session_id stored in memcache
                            memcache.delete(key_verifier)
                            
                            # Returns the session, user_id and social_network cookie
                            session_id = self.login(user_key)
                            self.response.set_cookie("session",
                                    value=session_id, path="/", domain=domain,
                                    secure=True)
                            self.response.set_cookie("social_network",
                                    value="twitter", path="/", domain=domain,
                                    secure=True)
                            self.response.set_cookie("user",
                                    value=user_identifier, path="/", domain=domain,
                                    secure=True)
                            
                            # Builds the response
                            response = {"status": "User logged successfully", "user_id": user_identifier}
                            self.response.content_type = "application/json"
                            self.response.write(json.dumps(response))                    
                            self.response.set_status(201)
                        else:
                            response = {"error": "The user_identifier provided for the sign up has been already taken"}
                            self.response.content_type = "application/json"
                            self.response.write(json.dumps(response))
                            self.response.set_status(400)    
                    else:
                        response = {"error": "You must provide a valid user_identifier in the request"}
                        self.response.content_type = "application/json"
                        self.response.write(json.dumps(response))
                        self.response.set_status(400)
                else:
                    response = \
                    {"error": "The token_id provided belong to a registered user in the system. Consider perform a login request instead"}
                    self.response.content_type = "application/json"
                    self.response.write(json.dumps(response))
                    self.response.set_status(400)
            else:
                response = \
                    {"error": "There isn\"t any Twitter OAuth flow initiated in the system for the oauth_verifier value specified"}
                self.response.content_type = "application/json"
                self.response.write(json.dumps(response))
                self.response.set_status(404)
        else:
            response = \
                {"error": "You must specify a value for the oauth_verifier param in the request"}
            self.response.content_type = "application/json"
            self.response.write(json.dumps(response))
            self.response.set_status(400)