Пример #1
0
def token_endpoint():
    code = request.form.get('code')
    me = request.form.get('me')
    redirect_uri = request.form.get('redirect_uri')
    client_id = request.form.get('client_id')

    datastr = redis.get('indieauth-code:{}'.format(code))
    if not datastr:
        current_app.logger.warn('unrecognized or expired code %s', code)
        return util.urlenc_response(
            {'error': 'Unrecognized or expired authorization code'}, 400)

    data = json.loads(datastr.decode('utf-8'))
    for key, value in [('me', me), ('client_id', client_id),
                       ('redirect_uri', redirect_uri)]:
        if data.get(key) != value:
            current_app.logger.warn('%s mismatch. expected=%s, received=%s',
                                    key, data.get(key), value)
            return util.urlenc_response({'error': key + ' mismatch'}, 400)

    # ok we're confirmed, create an access token
    scope = data.get('scope', '')
    site_id = data.get('site')
    site = Site.query.get(site_id)

    if not site_id or not site:
        return util.urlenc_response(
            {'error': 'No site for authorization code!'}, 400)

    token = Token.create_or_update(site, scope, client_id)
    return util.urlenc_response({
        'access_token': token.token,
        'me': me,
        'scope': scope,
    })
Пример #2
0
def setup_micropub():
    service = request.args.get('service')
    domain = request.args.get('domain')
    site = Site.query.filter_by(
        service=service, domain=domain).first()
    if not site:
        abort(404)

    auth_endpt = None
    token_endpt = None
    upub_endpt = None

    if service in ('wordpress', 'tumblr', 'blogger'):
        r = requests.get(site.url)
        if r.status_code // 100 != 2:
            flash('Error fetching your homepage ({}): {}'.format(
                r.status_code, r.text))
        else:
            soup = BeautifulSoup(r.text)

            auth = soup.find_all(['a', 'link'], rel='authorization_endpoint')
            token = soup.find_all(['a', 'link'], rel='token_endpoint')
            upub = soup.find_all(['a', 'link'], rel='micropub')

            auth_endpt = next(
                (a.get('href') for a in auth if a.get('href')), None)
            token_endpt = next(
                (a.get('href') for a in token if a.get('href')), None)
            upub_endpt = next(
                (a.get('href') for a in upub if a.get('href')), None)

    token = None
    if util.is_authed(site):
        token = Token.create_or_update(site, 'post', 'https://silo.pub/')

    return render_template(
        ['micropub_{}.jinja2'.format(site.service), 'micropub.jinja2'],
        site=site, authorization_endpoint=auth_endpt,
        token_endpoint=token_endpt,
        micropub=upub_endpt, access_token=token and token.token,
        authed=util.is_authed(site))
Пример #3
0
def token_endpoint():
    code = request.form.get('code')
    me = request.form.get('me')
    redirect_uri = request.form.get('redirect_uri')
    client_id = request.form.get('client_id')
    state = request.form.get('state', '')

    datastr = redis.get('indieauth-code:{}'.format(code))
    if not datastr:
        current_app.logger.warn('unrecognized or expired code %s', code)
        return util.urlenc_response(
            {'error': 'Unrecognized or expired authorization code'}, 400)

    data = json.loads(datastr.decode('utf-8'))
    for key, value in [('me', me), ('client_id', client_id),
                       ('redirect_uri', redirect_uri), ('state', state)]:
        if data.get(key) != value:
            current_app.logger.warn('%s mismatch. expected=%s, received=%s',
                                    key, data.get(key), value)
            return util.urlenc_response({'error': key + ' mismatch'}, 400)

    # ok we're confirmed, create an access token
    scope = data.get('scope', '')
    site_id = data.get('site')
    site = Site.query.get(site_id)

    if not site_id or not site:
        return util.urlenc_response(
            {'error': 'No site for authorization code!'}, 400)

    token = Token.create_or_update(site, scope, client_id)
    return util.urlenc_response({
        'access_token': token.token,
        'me': me,
        'scope': scope,
    })