Exemplo n.º 1
0
def get_access_token_for_id(gplus_id):
    """Get an access token for an id, potentially via refresh token if necessary."""
    # Check the cache first.
    token = Cache.get(ACCESS_TOKEN_CACHE_KEY_TEMPLATE % gplus_id)
    if token:
        return token

    # If we don't have a cached token, see if we have a refresh token available.
    refresh_token = TokenIdMapping.lookup_refresh_token(gplus_id)
    if not refresh_token:
        raise UnavailableException(
            'No tokens available for G+ id %s.' % gplus_id, 401)

    data = {
        'client_id': Config.get('oauth', 'client-id'),
        'client_secret': Config.get('oauth', 'client-secret'),
        'refresh_token': refresh_token,
        'grant_type': 'refresh_token',
    }
    try:
        response = session.post(OAUTH2_BASE + '/token',
                                data=data,
                                timeout=GOOGLE_API_TIMEOUT)
        result = response.json()
    except requests.exceptions.Timeout:
        raise UnavailableException('Access token API request timed out.', 504)
    except Exception as e:
        raise UnavailableException(
            'Access token API request raised exception "%r".' % e, 502)

    if 'invalid_grant' in result:
        # The provided refresh token is invalid which means the user has revoked
        # access to their content - thus, pluss should forget about them.
        Cache.delete(ACCESS_TOKEN_CACHE_KEY_TEMPLATE % gplus_id)
        Cache.delete(PROFILE_CACHE_KEY_TEMPLATE % gplus_id)
        TokenIdMapping.remove_id(gplus_id)
        raise UnvailableException('Access revoked for G+ id %s.' % gplus_id)
    elif response.status_code != 200:
        app.logger.error(
            'Non-200 response to access token refresh request (%s): "%r".',
            response.status_code, result)
        raise UnavailableException(
            'Failed to refresh access token for G+ id %s.' % gplus_id, 502)
    elif result.get('token_type') != 'Bearer':
        app.logger.error('Unknown token type "%s" refreshed for G+ id %s.',
                         result.get('token_type'), gplus_id)
        raise UnavailableException(
            'Failed to refresh access token for G+ id %s.' % gplus_id, 502)

    token = result['access_token']
    Cache.set(ACCESS_TOKEN_CACHE_KEY_TEMPLATE % gplus_id,
              token,
              time=result['expires_in'])
    return token
Exemplo n.º 2
0
Arquivo: main.py Projeto: ayust/pluss
def main():
    """Display the homepage."""
    gplus_id = flask.request.cookies.get('gplus_id')
    if gplus_id:
        # If we lost rights, but someone still has the cookie, get rid of it.
        if not TokenIdMapping.lookup_refresh_token(gplus_id):
            return flask.redirect(flask.url_for('clear'))
        # Display a page indicating the user's feed URL, since they've authed.
        return flask.render_template('authed_main.html', datetime=datetime, gplus_id=gplus_id,
            feed_url=full_url_for('user_atom', gplus_id=gplus_id))
    else:
        return flask.render_template('main.html', datetime=datetime)
Exemplo n.º 3
0
def main():
    """Display the homepage."""
    gplus_id = flask.request.cookies.get('gplus_id')
    if gplus_id:
        # If we lost rights, but someone still has the cookie, get rid of it.
        if not TokenIdMapping.lookup_refresh_token(gplus_id):
            return flask.redirect(flask.url_for('clear'))
        # Display a page indicating the user's feed URL, since they've authed.
        return flask.render_template('authed_main.html',
                                     datetime=datetime,
                                     gplus_id=gplus_id,
                                     feed_url=full_url_for('user_atom',
                                                           gplus_id=gplus_id))
    else:
        return flask.render_template('main.html', datetime=datetime)
Exemplo n.º 4
0
def get_access_token_for_id(gplus_id):
    """Get an access token for an id, potentially via refresh token if necessary."""
    # Check the cache first.
    token = Cache.get(ACCESS_TOKEN_CACHE_KEY_TEMPLATE % gplus_id)
    if token:
        return token

    # If we don't have a cached token, see if we have a refresh token available.
    refresh_token = TokenIdMapping.lookup_refresh_token(gplus_id)
    if not refresh_token:
        raise UnavailableException('No tokens available for G+ id %s.' % gplus_id, 401)

    data = {
        'client_id': Config.get('oauth', 'client-id'),
        'client_secret': Config.get('oauth', 'client-secret'),
        'refresh_token': refresh_token,
        'grant_type': 'refresh_token',
    }
    try:
        response = session.post(OAUTH2_BASE + '/token', data=data, timeout=GOOGLE_API_TIMEOUT)
        result = response.json()
    except requests.exceptions.Timeout:
        raise UnavailableException('Access token API request timed out.', 504)
    except Exception as e:
        raise UnavailableException('Access token API request raised exception "%r".' % e, 502)

    if 'invalid_grant' in result or ('error' in result and result['error'] == 'invalid_grant'):
        # The provided refresh token is invalid which means the user has revoked
        # access to their content - thus, pluss should forget about them.
        Cache.delete(ACCESS_TOKEN_CACHE_KEY_TEMPLATE % gplus_id)
        Cache.delete(PROFILE_CACHE_KEY_TEMPLATE % gplus_id)
        TokenIdMapping.remove_id(gplus_id)
        raise UnavailableException('Access revoked for G+ id %s.' % gplus_id, 502)
    elif response.status_code != 200:
        app.logger.error('Non-200 response to access token refresh request (%s): "%r".',
            response.status_code, result)
        raise UnavailableException('Failed to refresh access token for G+ id %s.' % gplus_id, 502)
    elif result.get('token_type') != 'Bearer':
        app.logger.error('Unknown token type "%s" refreshed for G+ id %s.', result.get('token_type'), gplus_id)
        raise UnavailableException('Failed to refresh access token for G+ id %s.' % gplus_id, 502)

    token = result['access_token']
    Cache.set(ACCESS_TOKEN_CACHE_KEY_TEMPLATE % gplus_id, token, time=result['expires_in'])
    return token