def validate_access_token(f): """ Function decorator which validates an access token. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) response.headers['Content-Type'] = json_headers() response.view = json_service() header = request.env['http_authorization'] token = oauth.validate_access_params(request.get_vars, request.post_vars, header) return f # what does f have?
def index(): """ It adds a new client app to the database. You need to provide a name for the app and a valid callback URI. It will return the client_id and client_secret generated. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) success = False if request.post_vars: client_name, client_uri = request.post_vars['client_name'], request.post_vars['client_uri'] client_id, client_secret = oauth.storage.add_client(client_name, client_uri) success = True return {k:v for k,v in locals().items() if k not in {'storage', 'oauth'}}
def index(): """ Exchange a <code, client_id, client_secret, redirect_uri> for an access token. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) response.headers['Content-Type'] = json_headers() response.view = json_service() token, refresh, expires = oauth.grant_access_token(request.get_vars) return meta_data(CODES['ok'], MESSAGES['ok'], dict(access_token=token, token_type='Bearer', expires_in=expires, refresh_token=refresh))
def index(): """ It adds a new client app to the database. You need to provide a name for the app and a valid callback URI. It will return the client_id and client_secret generated. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) success = False if request.post_vars: client_name, client_uri = request.post_vars[ 'client_name'], request.post_vars['client_uri'] client_id, client_secret = oauth.storage.add_client( client_name, client_uri) success = True return locals()
def index(): """ Exchange a <code, client_id, client_secret, redirect_uri> for an access token. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) response.headers['Content-Type'] = json_headers() response.view = json_service() token, refresh, expires = oauth.grant_access_token(request.get_vars) return meta_data( CODES['ok'], MESSAGES['ok'], dict(access_token=token, token_type='Bearer', expires_in=expires, refresh_token=refresh))
def index(): """ This method has two functionalities: 1. Asks the user if he permits that a 3rd party app access his data 2. Receives the user's answer and redirect the user to the 3rd party correspondant URI In case of error, it redirects to the 'error' controller. Of course, you can modify this behavior. For instance, you may want return a JSON or HTTP error instead. The request MUST be like this: http://[your_server]{:port}/[your_application]/auth? client_id=[your_client_id]& redirect_uri=[your_callback_uri]& response_type=code& access_type=online NOTE: You can pass a "the_scope" parameter, but you need to configure it at the OAuth2 object constructor. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) # Validates GET parameters params = dict() success = False try: params = oauth.validate_authorize_params(request.get_vars) except Exception as ex: redirect(URL(c='error', vars=dict(msg=ex))) # POST request. Yes/No answer if request.post_vars: success = True # Access given by the user? if request.post_vars['accept'] == 'Yes': user_id = '501faa19a34feb05890005c9' # Change it. Get it from your DB code = oauth.storage.add_code(request.post_vars['client_id'], user_id, oauth.config[oauth.CONFIG_CODE_LIFETIME]) redirect(request.get_vars['redirect_uri'] + '?code=' + code) else: redirect(request.get_vars['redirect_uri'] + '#error=access_denied') # Builds the response URL url = '' try: client_id = params['client_id'] redirect_uri = params['redirect_uri'] the_scope = params['the_scope'] response_type = params['response_type'] access_type = params['access_type'] url = '?' + 'client_id=' + client_id \ + '&redirect_uri=' + redirect_uri + '&response_type=' \ + response_type + '&access_type=' + access_type print 'url =', url except Exception as ex: redirect(URL(c='error', vars=dict(msg=(ex.msg or ex)))) return locals()
def index(): """ This method has two functionalities: 1. Asks the user if he permits that a 3rd party app access his data 2. Receives the user's answer and redirect the user to the 3rd party correspondant URI In case of error, it redirects to the 'error' controller. Of course, you can modify this behavior. For instance, you may want return a JSON or HTTP error instead. The request MUST be like this: http://[your_server]{:port}/[your_application]/auth? client_id=[your_client_id]& redirect_uri=[your_callback_uri]& response_type=code& access_type=online NOTE: You can pass a "the_scope" parameter, but you need to configure it at the OAuth2 object constructor. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) # Validates GET parameters params = dict() success = False try: params = oauth.validate_authorize_params(request.get_vars) except Exception as ex: redirect(URL(c='error', vars=dict(msg=ex))) # POST request. Yes/No answer if request.post_vars: success = True # Access given by the user? if request.post_vars['accept'] == 'Yes': user_id = '501faa19a34feb05890005c9' # Change it. Get it from your DB code = oauth.storage.add_code( request.post_vars['client_id'], user_id, oauth.config[oauth.CONFIG_CODE_LIFETIME]) redirect(request.get_vars['redirect_uri'] + '?code=' + code) else: redirect(request.get_vars['redirect_uri'] + '#error=access_denied') # Builds the response URL url = '' try: client_id = params['client_id'] redirect_uri = params['redirect_uri'] the_scope = params['the_scope'] response_type = params['response_type'] access_type = params['access_type'] url = '?' + 'client_id=' + client_id \ + '&redirect_uri=' + redirect_uri + '&response_type=' \ + response_type + '&access_type=' + access_type print 'url =', url except Exception as ex: redirect(URL(c='error', vars=dict(msg=(ex.msg or ex)))) return locals()
def index(): """ This method has two functionalities: 1. Asks the user if he permits that a 3rd party app access his data 2. Receives the user's answer and redirect the user to the 3rd party correspondant URI In case of error, it redirects to the 'error' controller. Of course, you can modify this behavior. For instance, you may want return a JSON or HTTP error instead. The request MUST be like this: http://[your_server]{:port}/[your_application]/auth? client_id=[your_client_id]& redirect_uri=[your_callback_uri]& response_type=code& access_type=online NOTE: You can pass a "scope" parameter, but you need to configure it at the OAuth2 object constructor. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) # Validates GET parameters params = dict() success = False # try: params = oauth.validate_authorize_params(request.get_vars) # except Exception as ex: # redirect(URL(c='error', vars=dict(msg=ex))) error = [] client_id = params.get("client_id", error.append("No client_id")) redirect_uri = params.get("redirect_uri", error.append("No redirect_uri")) scope = params.get("scope", None) response_type = params.get("response_type", error.append("No response_type")) access_type = params.get("access_type", error.append("No access_type")) """ if error: print 'KeyError(s): {0}'.format(', '.join(error)) """ approval_form = SQLFORM.factory(submit_button="Yes") approval_form.add_button("No", redirect_uri + "#error=access_denied") if approval_form.process().accepted: user_id = "501faa19a34feb05890005c9" # Change to `auth.user` for web2py code = oauth.storage.add_code(client_id, user_id, oauth.config[oauth.CONFIG_CODE_LIFETIME]) redirect(redirect_uri + "?code={code}".format(code=code)) url = "?client_id={client_id}&redirect_uri={redirect_uri}" url += "&response_type={response_type}&access_type={access_type}" url = url.format( client_id=client_id, redirect_uri=redirect_uri, response_type=response_type, access_type=access_type ) return locals()