def register_app(host_domain, client_name, website_url, redirect_uris, scopes):
data = {
"client_name": client_name,
"website": website_url,
"redirect_uris": redirect_uris,
"scopes": scopes
}
response = requests.post(
"https://{host}/api/v1/apps".format(host=host_domain), data=data)
response.raise_for_status()
result = response.json()
return [result["client_id"], result["client_secret"]]
def process_refresh_token(host_domain, client_id, client_secret,
refresh_token):
data = {
"client_id": client_id,
"client_secret": client_secret,
"grant_type": "authorization_code",
"code": refresh_token,
"redirect_uri": "https://app.odakyu.app/regulusaurum/done"
}
response = requests.post(
"https://{host}/oauth/token".format(host=host_domain), data=data)
response.raise_for_status()
result = response.json()
return result["access_token"]
def twitter_auth_redirect():
callback_uri = url_for('.twitter_auth_callback', _external=True)
callback_function = request.args.get('callback', '')
if CALLBACK_JS_FUNCTION_RE.match(callback_function):
callback_uri += '?callback=' + callback_function
oauth = OAuth1(
current_app.config['TWITTER_CONSUMER_KEY'],
current_app.config['TWITTER_CONSUMER_SECRET'],
callback_uri=callback_uri,
)
response = requests.post(twitter.REQUEST_TOKEN_URL, auth=oauth)
token_data = parse_qs(response.content)
assert token_data['oauth_callback_confirmed'][0] == 'true'
# OK to store secret in session cookie??
session['twitter_req_token'] = token_data['oauth_token'][0]
session['twitter_req_secret'] = token_data['oauth_token_secret'][0]
url = twitter.SIGNIN_URL + '?oauth_token=' + token_data['oauth_token'][0]
return redirect(url)
def twitter_auth_callback():
callback_function = request.args.get('callback', '')
if not CALLBACK_JS_FUNCTION_RE.match(callback_function):
callback_function = 'console.log'
verifier = request.args.get('oauth_verifier')
token = request.args.get('oauth_token')
secret = session.pop('twitter_req_secret', None)
result = dict(error=None)
if verifier and secret and token == session.pop('twitter_req_token', 'none'):
oauth = OAuth1(
current_app.config['TWITTER_CONSUMER_KEY'],
current_app.config['TWITTER_CONSUMER_SECRET'],
token,
secret,
verifier=verifier,
)
response = requests.post(twitter.ACCESS_TOKEN_URL, auth=oauth)
if response.ok:
token_data = parse_qs(response.content)
token = token_data['oauth_token'][0] + ':' + token_data['oauth_token_secret'][0]
result['credentials'] = dict(
external_system='twitter',
external_token=token,
metadata=dict(screen_name=token_data['screen_name'][0]),
)
else:
try:
result['error'] =\
ElementTree.fromstring(response.content).find('error').text
except SyntaxError:
result['error'] = _('Unknown')
else:
if request.args.get('denied'):
result['error'] = _('Access not granted')
else:
result['error'] = _('Invalid token')
return render_template('auth_callback.html',
result=result, callback_function=callback_function)
