Пример #1
0
def persona_login(request):
    assertion = request.POST.get('assertion', '')
    audience = request.build_absolute_uri('/')
    resp = requests.post('https://verifier.login.persona.org/verify', {
        'assertion': assertion,
        'audience': audience
    })
    if resp.json['status'] != 'okay':
        return render_authentication_error(request)
    email = resp.json['email']
    user = User(email=email)
    extra_data = resp.json
    account = SocialAccount(uid=email,
                            provider=PersonaProvider.id,
                            extra_data=extra_data,
                            user=user)
    # TBD: Persona e-mail addresses are verified, so we could check if
    # a matching local user account already exists with an identical
    # verified e-mail address and short-circuit the social login. Then
    # again, this holds for all social providers that guarantee
    # verified e-mail addresses, so if at all, short-circuiting should
    # probably not be handled here...
    login = SocialLogin(account)
    login.state = SocialLogin.state_from_request(request)
    return complete_social_login(request, login)
Пример #2
0
		def get_access_token(self, code):
				params = {'client_id': self.consumer_key,
									'redirect_uri': self.callback_url,
									'grant_type': 'authorization_code',
									'client_secret': self.consumer_secret,
									'scope': self.scope,
									'code': code}
				params = dict(params.items() + self.extra_access_token_post_params.items())
				url = self.access_token_url
				# TODO: Proper exception handling
				resp = requests.post(url, params, True)
				access_token = None
				if resp.status_code == 200:
						if resp.headers['content-type'].split(';')[0] == 'application/json':
								data = resp.json
						else:
								data = dict(urlparse.parse_qsl(resp.content))

						access_token = data.get('access_token')
						refresh_token = data.get('refresh_token', None)
				if not access_token:
						raise OAuth2Error('Error retrieving access token: %s'
															% resp.content)

				return access_token, refresh_token
Пример #3
0
    def refresh_token(self):
        account = self.account
        app = SocialApp.objects.get_current(self.account.get_provider().id)
        tokens = SocialToken.objects.filter(app=app, account=account).order_by('-id')

        if tokens:
            token = tokens[0]

            response = requests.post('https://accounts.google.com/o/oauth2/token', {
                'client_id': app.key,
                'client_secret': app.secret,
                'refresh_token': token.token_secret,
                'grant_type': 'refresh_token'
            })

            if 'access_token' in response.json:
                token.token = response.json['access_token']
                token.save()
Пример #4
0
 def get_access_token(self, code):
     params = {'client_id': self.consumer_key,
               'redirect_uri': self.callback_url,
               'grant_type': 'authorization_code',
               'client_secret': self.consumer_secret,
               'scope': self.scope,
               'code': code}
     url = self.access_token_url
     # TODO: Proper exception handling
     resp = requests.post(url, params)
     access_token = None
     if resp.status_code == 200:
         if resp.headers['content-type'].split(';')[0] == 'application/json':
             data = resp.json
         else:
             data = dict(urlparse.parse_qsl(resp.content))
         access_token = data.get('access_token')
     if not access_token:
         raise OAuth2Error('Error retrieving access token: %s' 
                           % resp.content)
         
     return access_token
Пример #5
0
 def get_access_token(self, code):
     client = httplib2.Http()
     params = {'client_id': self.consumer_key,
               'redirect_uri': self.callback_url,
               'grant_type': 'authorization_code',
               'client_secret': self.consumer_secret,
               'scope': self.scope,
               'code': code}
     url = self.access_token_url
     # TODO: Proper exception handling
     resp = requests.post(url, params)
     access_token = None
     if resp.status_code == 200:
         if resp.headers['content-type'] == 'application/json':
             data = resp.json
         else:
             data = dict(urlparse.parse_qsl(resp.content))
         access_token = data.get('access_token')
     if not access_token:
         raise OAuth2Error('Error retrieving access token: %s' 
                           % resp.content)
         
     return access_token
Пример #6
0
def persona_login(request):
    assertion = request.POST.get('assertion', '')
    audience = request.build_absolute_uri('/')
    resp = requests.post('https://verifier.login.persona.org/verify',
                         { 'assertion': assertion,
                           'audience': audience })
    if resp.json['status'] != 'okay':
        return render_authentication_error(request)
    email = resp.json['email']
    user = User(email=email)
    extra_data = resp.json
    account = SocialAccount(uid=email,
                            provider=PersonaProvider.id,
                            extra_data=extra_data,
                            user=user)
    # TBD: Persona e-mail addresses are verified, so we could check if
    # a matching local user account already exists with an identical
    # verified e-mail address and short-circuit the social login. Then
    # again, this holds for all social providers that guarantee
    # verified e-mail addresses, so if at all, short-circuiting should
    # probably not be handled here...
    login = SocialLogin(account)
    login.state = SocialLogin.state_from_request(request)
    return complete_social_login(request, login)