def fbconnect(): if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter.'), 401) response.headers['Content-Type'] = 'application/json' return response access_token = request.data # Exchange client token for long-lived server-side token secret_data = json.loads(open('fb_client_secrets.json', 'r').read()) app_id = secret_data['web']['app_id'] app_secret = secret_data['web']['app_secret'] url = 'https://graph.facebook.com/oauth/access_token?' url += 'grant_type=fb_exchange_token' url += '&client_id={0}&client_secret={1}&fb_exchange_token={2}'.format( app_id, app_secret, access_token) h = httplib2.Http() result = h.request(url, 'GET')[1] # Strip expire tag from access_token token = result.split('&')[0] url = 'https://graph.facebook.com/v2.5/me?' url += '{0}&fields=name,id,email,picture'.format( token) h = httplib2.Http() result = h.request(url, 'GET')[1] data = json.loads(result) print 'ddddddaata', data login_session['provider'] = 'facebook' login_session['username'] = data['name'] login_session['email'] = data['email'] login_session['facebook_id'] = data['id'] login_session['picture'] = data['picture']['data']['url'] login_session['access_token'] = token user_id = dbo.get_user_id(data['email']) if user_id is None: user_id = dbo.create_user(login_session) login_session['user_id'] = user_id flash('you are now logged in as {username}'.format( username=login_session['username'])) print "done!" return _get_welcome_message()
def fbconnect(): if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter.'), 401) response.headers['Content-Type'] = 'application/json' return response access_token = request.data # Exchange client token for long-lived server-side token secret_data = json.loads(open('fb_client_secrets.json', 'r').read()) app_id = secret_data['web']['app_id'] app_secret = secret_data['web']['app_secret'] url = 'https://graph.facebook.com/oauth/access_token?' url += 'grant_type=fb_exchange_token' url += '&client_id={0}&client_secret={1}&fb_exchange_token={2}'.format( app_id, app_secret, access_token) h = httplib2.Http() result = h.request(url, 'GET')[1] # Strip expire tag from access_token token = result.split('&')[0] url = 'https://graph.facebook.com/v2.5/me?' url += '{0}&fields=name,id,email,picture'.format(token) h = httplib2.Http() result = h.request(url, 'GET')[1] data = json.loads(result) print 'ddddddaata', data login_session['provider'] = 'facebook' login_session['username'] = data['name'] login_session['email'] = data['email'] login_session['facebook_id'] = data['id'] login_session['picture'] = data['picture']['data']['url'] login_session['access_token'] = token user_id = dbo.get_user_id(data['email']) if user_id is None: user_id = dbo.create_user(login_session) login_session['user_id'] = user_id flash('you are now logged in as {username}'.format( username=login_session['username'])) print "done!" return _get_welcome_message()
def gconnect(): if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter'), 401) response.headers['Content-Type'] = 'application/json' return response code = request.data try: oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: response = make_response( json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' print 'Failed to upgrade the authorization code.' return response access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = make_response( json.dumps("Token's user ID doesn't match given user ID."), 401) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is valid for this app. if result['issued_to'] != client_id: response = make_response( json.dumps("Token's client ID does not match app's."), 401) print "Token's client ID does not match app's." response.headers['Content-Type'] = 'application/json' return response # Store the access token in the session for later use. login_session['credentials'] = credentials login_session['gplus_id'] = gplus_id # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() login_session['provider'] = 'google' login_session['username'] = data['name'] login_session['picture'] = data['picture'] login_session['email'] = data['email'] user_id = dbo.get_user_id(data['email']) if user_id is None: user_id = dbo.create_user(login_session) login_session['user_id'] = user_id flash('you are now logged in as {username}'.format( username=login_session['username'])) return _get_welcome_message()
def gconnect(): if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter'), 401) response.headers['Content-Type'] = 'application/json' return response code = request.data try: oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: response = make_response(json.dumps( 'Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' print 'Failed to upgrade the authorization code.' return response access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = make_response( json.dumps("Token's user ID doesn't match given user ID."), 401) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is valid for this app. if result['issued_to'] != client_id: response = make_response( json.dumps("Token's client ID does not match app's."), 401) print "Token's client ID does not match app's." response.headers['Content-Type'] = 'application/json' return response # Store the access token in the session for later use. login_session['credentials'] = credentials login_session['gplus_id'] = gplus_id # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() login_session['provider'] = 'google' login_session['username'] = data['name'] login_session['picture'] = data['picture'] login_session['email'] = data['email'] user_id = dbo.get_user_id(data['email']) if user_id is None: user_id = dbo.create_user(login_session) login_session['user_id'] = user_id flash('you are now logged in as {username}'.format( username=login_session['username'])) return _get_welcome_message()