def token_endpoint():
code = request.form.get('code')
me = request.form.get('me')
redirect_uri = request.form.get('redirect_uri')
client_id = request.form.get('client_id')
datastr = redis.get('indieauth-code:{}'.format(code))
if not datastr:
current_app.logger.warn('unrecognized or expired code %s', code)
return util.urlenc_response(
{'error': 'Unrecognized or expired authorization code'}, 400)
data = json.loads(datastr.decode('utf-8'))
for key, value in [('me', me), ('client_id', client_id),
('redirect_uri', redirect_uri)]:
if data.get(key) != value:
current_app.logger.warn('%s mismatch. expected=%s, received=%s',
key, data.get(key), value)
return util.urlenc_response({'error': key + ' mismatch'}, 400)
# ok we're confirmed, create an access token
scope = data.get('scope', '')
site_id = data.get('site')
site = Site.query.get(site_id)
if not site_id or not site:
return util.urlenc_response(
{'error': 'No site for authorization code!'}, 400)
token = Token.create_or_update(site, scope, client_id)
return util.urlenc_response({
'access_token': token.token,
'me': me,
'scope': scope,
})
def setup_micropub():
service = request.args.get('service')
domain = request.args.get('domain')
site = Site.query.filter_by(
service=service, domain=domain).first()
if not site:
abort(404)
auth_endpt = None
token_endpt = None
upub_endpt = None
if service in ('wordpress', 'tumblr', 'blogger'):
r = requests.get(site.url)
if r.status_code // 100 != 2:
flash('Error fetching your homepage ({}): {}'.format(
r.status_code, r.text))
else:
soup = BeautifulSoup(r.text)
auth = soup.find_all(['a', 'link'], rel='authorization_endpoint')
token = soup.find_all(['a', 'link'], rel='token_endpoint')
upub = soup.find_all(['a', 'link'], rel='micropub')
auth_endpt = next(
(a.get('href') for a in auth if a.get('href')), None)
token_endpt = next(
(a.get('href') for a in token if a.get('href')), None)
upub_endpt = next(
(a.get('href') for a in upub if a.get('href')), None)
token = None
if util.is_authed(site):
token = Token.create_or_update(site, 'post', 'https://silo.pub/')
return render_template(
['micropub_{}.jinja2'.format(site.service), 'micropub.jinja2'],
site=site, authorization_endpoint=auth_endpt,
token_endpoint=token_endpt,
micropub=upub_endpt, access_token=token and token.token,
authed=util.is_authed(site))
def token_endpoint():
code = request.form.get('code')
me = request.form.get('me')
redirect_uri = request.form.get('redirect_uri')
client_id = request.form.get('client_id')
state = request.form.get('state', '')
datastr = redis.get('indieauth-code:{}'.format(code))
if not datastr:
current_app.logger.warn('unrecognized or expired code %s', code)
return util.urlenc_response(
{'error': 'Unrecognized or expired authorization code'}, 400)
data = json.loads(datastr.decode('utf-8'))
for key, value in [('me', me), ('client_id', client_id),
('redirect_uri', redirect_uri), ('state', state)]:
if data.get(key) != value:
current_app.logger.warn('%s mismatch. expected=%s, received=%s',
key, data.get(key), value)
return util.urlenc_response({'error': key + ' mismatch'}, 400)
# ok we're confirmed, create an access token
scope = data.get('scope', '')
site_id = data.get('site')
site = Site.query.get(site_id)
if not site_id or not site:
return util.urlenc_response(
{'error': 'No site for authorization code!'}, 400)
token = Token.create_or_update(site, scope, client_id)
return util.urlenc_response({
'access_token': token.token,
'me': me,
'scope': scope,
})