def register_app(host_domain, client_name, website_url, redirect_uris, scopes): data = { "client_name": client_name, "website": website_url, "redirect_uris": redirect_uris, "scopes": scopes } response = requests.post( "https://{host}/api/v1/apps".format(host=host_domain), data=data) response.raise_for_status() result = response.json() return [result["client_id"], result["client_secret"]]
def process_refresh_token(host_domain, client_id, client_secret, refresh_token): data = { "client_id": client_id, "client_secret": client_secret, "grant_type": "authorization_code", "code": refresh_token, "redirect_uri": "https://app.odakyu.app/regulusaurum/done" } response = requests.post( "https://{host}/oauth/token".format(host=host_domain), data=data) response.raise_for_status() result = response.json() return result["access_token"]
def twitter_auth_redirect(): callback_uri = url_for('.twitter_auth_callback', _external=True) callback_function = request.args.get('callback', '') if CALLBACK_JS_FUNCTION_RE.match(callback_function): callback_uri += '?callback=' + callback_function oauth = OAuth1( current_app.config['TWITTER_CONSUMER_KEY'], current_app.config['TWITTER_CONSUMER_SECRET'], callback_uri=callback_uri, ) response = requests.post(twitter.REQUEST_TOKEN_URL, auth=oauth) token_data = parse_qs(response.content) assert token_data['oauth_callback_confirmed'][0] == 'true' # OK to store secret in session cookie?? session['twitter_req_token'] = token_data['oauth_token'][0] session['twitter_req_secret'] = token_data['oauth_token_secret'][0] url = twitter.SIGNIN_URL + '?oauth_token=' + token_data['oauth_token'][0] return redirect(url)
def twitter_auth_callback(): callback_function = request.args.get('callback', '') if not CALLBACK_JS_FUNCTION_RE.match(callback_function): callback_function = 'console.log' verifier = request.args.get('oauth_verifier') token = request.args.get('oauth_token') secret = session.pop('twitter_req_secret', None) result = dict(error=None) if verifier and secret and token == session.pop('twitter_req_token', 'none'): oauth = OAuth1( current_app.config['TWITTER_CONSUMER_KEY'], current_app.config['TWITTER_CONSUMER_SECRET'], token, secret, verifier=verifier, ) response = requests.post(twitter.ACCESS_TOKEN_URL, auth=oauth) if response.ok: token_data = parse_qs(response.content) token = token_data['oauth_token'][0] + ':' + token_data['oauth_token_secret'][0] result['credentials'] = dict( external_system='twitter', external_token=token, metadata=dict(screen_name=token_data['screen_name'][0]), ) else: try: result['error'] =\ ElementTree.fromstring(response.content).find('error').text except SyntaxError: result['error'] = _('Unknown') else: if request.args.get('denied'): result['error'] = _('Access not granted') else: result['error'] = _('Invalid token') return render_template('auth_callback.html', result=result, callback_function=callback_function)