def guess_service(me): me = deproxyify(me) service = None # if we've previously registered, then it's easy site = Site.lookup_by_url(me) if site: service = site.service else: # otherwise we have to take an educated guess domain = util.domain_for_url(me).lower() current_app.logger.debug('guessing service by domain %s', domain) if domain.endswith('tumblr.com'): service = 'tumblr' elif domain.endswith('wordpress.com'): service = 'wordpress' elif domain.endswith('blogger.com'): service = 'blogger' elif domain == 'twitter.com': service = 'twitter' elif domain == 'facebook.com': service = 'facebook' elif domain == 'flickr.com': service = 'flickr' elif domain == 'github.com': service = 'github' elif domain == 'goodreads.com': service = 'goodreads' return service and SERVICES[service]
def callback(): redirect_uri = url_for('.callback', _external=True) result = process_authenticate_callback(redirect_uri) if 'error' in result: flash(result['error'], category='danger') return redirect(url_for('views.index')) # find or create the account user_id = result['user_id'] account = Account.lookup_by_user_id(SERVICE_NAME, user_id) if not account: account = Account(service=SERVICE_NAME, user_id=user_id) db.session.add(account) account.username = result['username'] account.user_info = result['user_info'] account.token = result['token'] account.refresh_token = result['refresh'] account.expiry = result['expiry'] r = requests.get(API_BLOGS_URL, headers={ 'Authorization': 'Bearer ' + account.token, }) if util.check_request_failed(r): return redirect(url_for('views.index')) payload = r.json() blogs = payload.get('items', []) # find or create the sites sites = [] for blog in blogs: sites.append(Blogger( url=blog.get('url'), domain=util.domain_for_url(blog.get('url')), site_id=blog.get('id'), site_info=blog)) account.update_sites(sites) db.session.commit() flash('Authorized {}: {}'.format(account.username, ', '.join( s.domain for s in account.sites))) util.set_authed(account.sites) return redirect(url_for('views.setup_account', service=SERVICE_NAME, user_id=account.user_id))
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') request_token = request.args.get('oauth_token') if not verifier or not request_token: # user declined return {'error': 'Tumblr authorization declined'} request_token_secret = session.get('oauth_token_secret') oauth = OAuth1Session( client_key=current_app.config['TUMBLR_CLIENT_KEY'], client_secret=current_app.config['TUMBLR_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret) oauth.parse_authorization_response(request.url) # get the access token and secret r = oauth.fetch_access_token(ACCESS_TOKEN_URL) token = r.get('oauth_token') secret = r.get('oauth_token_secret') info_resp = oauth.get(USER_INFO_URL).json() user_info = info_resp.get('response', {}).get('user') user_id = username = user_info.get('name') account = Account.query.filter_by( service='tumblr', user_id=user_id).first() if not account: account = Account(service='tumblr', user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = token account.token_secret = secret sites = [] for blog in user_info.get('blogs', []): sites.append(Tumblr( url=blog.get('url'), domain=util.domain_for_url(blog.get('url')), site_id=blog.get('name'), site_info=blog)) account.update_sites(sites) db.session.commit() util.set_authed(account.sites) return {'account': account}
def process_callback(callback_uri): verifier = request.args.get('oauth_verifier') request_token = request.args.get('oauth_token') if not verifier or not request_token: # user declined return {'error': 'Tumblr authorization declined'} request_token_secret = session.get('oauth_token_secret') oauth = OAuth1Session( client_key=current_app.config['TUMBLR_CLIENT_KEY'], client_secret=current_app.config['TUMBLR_CLIENT_SECRET'], resource_owner_key=request_token, resource_owner_secret=request_token_secret) oauth.parse_authorization_response(request.url) # get the access token and secret r = oauth.fetch_access_token(ACCESS_TOKEN_URL) token = r.get('oauth_token') secret = r.get('oauth_token_secret') info_resp = oauth.get(USER_INFO_URL).json() user_info = info_resp.get('response', {}).get('user') user_id = username = user_info.get('name') account = Account.query.filter_by(service='tumblr', user_id=user_id).first() if not account: account = Account(service='tumblr', user_id=user_id) db.session.add(account) account.username = username account.user_info = user_info account.token = token account.token_secret = secret sites = [] for blog in user_info.get('blogs', []): sites.append( Tumblr(url=blog.get('url'), domain=util.domain_for_url(blog.get('url')), site_id=blog.get('name'), site_info=blog)) account.update_sites(sites) db.session.commit() util.set_authed(account.sites) return {'account': account}
def callback(): try: callback_uri = url_for(".callback", _external=True) result = process_authenticate_callback(callback_uri) if "error" in result: flash(result["error"], category="danger") return redirect(url_for("views.index")) account = Account.query.filter_by(service="tumblr", user_id=result["user_id"]).first() if not account: account = Account(service="tumblr", user_id=result["user_id"]) db.session.add(account) account.username = result["username"] account.user_info = result["user_info"] account.token = result["token"] account.token_secret = result["secret"] sites = [] for blog in result["user_info"].get("blogs", []): sites.append( Tumblr( url=blog.get("url"), domain=util.domain_for_url(blog.get("url")), site_id=blog.get("name"), site_info=blog, ) ) account.update_sites(sites) db.session.commit() flash("Authorized {}: {}".format(account.username, ", ".join(s.domain for s in account.sites))) util.set_authed(account.sites) return redirect(url_for("views.setup_account", service=SERVICE_NAME, user_id=account.user_id)) except: current_app.logger.exception("During Tumblr authorization callback") flash(html.escape(str(sys.exc_info()[0])), "danger") return redirect(url_for("views.index"))
def process_callback(callback_uri): client_id = current_app.config['WORDPRESS_CLIENT_ID'] client_secret = current_app.config['WORDPRESS_CLIENT_SECRET'] code = request.args.get('code') error = request.args.get('error') error_desc = request.args.get('error_description') csrf = request.args.get('state', '') if error: return { 'error': 'Wordpress authorization canceled or failed with ' 'error: {}, and description: {}'.format(error, error_desc) } if not validate_csrf(csrf): return {'error': 'csrf token mismatch in wordpress callback.'} r = requests.post(API_TOKEN_URL, data={ 'client_id': client_id, 'redirect_uri': callback_uri, 'client_secret': client_secret, 'code': code, 'grant_type': 'authorization_code', }) if r.status_code // 100 != 2: error_obj = r.json() return { 'error': 'Error ({}) requesting access token: {}, description: {}'.format( r.status_code, error_obj.get('error'), error_obj.get('error_description')), } payload = r.json() current_app.logger.info('WordPress token endpoint repsonse: %r', payload) access_token = payload.get('access_token') blog_url = payload.get('blog_url') blog_id = str(payload.get('blog_id')) r = requests.get(API_ME_URL, headers={'Authorization': 'Bearer ' + access_token}) current_app.logger.info('User info response %s', r) if r.status_code // 100 != 2: error_obj = r.json() return { 'error': 'Error fetching user info: {}, description: {}'.format( error_obj.get('error'), error_obj.get('error_description')) } user_info = r.json() user_id = str(user_info.get('ID')) username = user_info.get('username') account = Account.query.filter_by(service=SERVICE_NAME, user_id=user_id).first() if not account: account = Account(service=SERVICE_NAME, user_id=user_id) account.username = username account.user_info = user_info current_app.logger.info('Fetching site info %s', API_SITE_URL.format(blog_id)) r = requests.get(API_SITE_URL.format(blog_id), headers={'Authorization': 'Bearer ' + access_token}) current_app.logger.info('Site info response %s', r) if r.status_code // 100 != 2: error_obj = r.json() return { 'error': 'Error ({}) fetching site info: {}, description: {}'.format( r.status_code, error_obj.get('error'), error_obj.get('error_description')) } site = Wordpress.query.filter_by(account=account, site_id=blog_id).first() if not site: site = Wordpress(site_id=blog_id) account.sites.append(site) site.site_info = r.json() site.url = blog_url site.domain = util.domain_for_url(blog_url) site.token = access_token db.session.add(account) db.session.commit() util.set_authed([site]) return { 'account': account, 'site': site, }
def callback(): state = request.args.get('state', '') csrf, purpose = state.split('|', 1) # wordpress only allows us one redirect url, so use the state parameter to # hack it to redirect to another one if purpose == 'id': return redirect(url_for( 'micropub.indieauth_callback', code=request.args.get('code'), error=request.args.get('error'), error_description=request.args.get('error_description'), state=state)) redirect_uri = url_for('wordpress.callback', _external=True) result = process_authenticate_callback(redirect_uri) if 'error' in result: flash(result['error'], category='danger') return redirect(url_for('views.index')) access_token = result['token'] username = result['username'] user_id = result['user_id'] user_info = result['user_info'] blog_id = result['blog_id'] blog_url = result['blog_url'] account = Account.query.filter_by( service=SERVICE_NAME, user_id=user_id).first() if not account: account = Account(service=SERVICE_NAME, user_id=user_id) account.username = username account.user_info = user_info current_app.logger.info( 'Fetching site info %s', API_SITE_URL.format(blog_id)) r = requests.get(API_SITE_URL.format(blog_id), headers={ 'Authorization': 'Bearer ' + access_token}) current_app.logger.info('Site info response %s', r) if r.status_code // 100 != 2: error_obj = r.json() flash('Error ({}) fetching site info: {}, description: {}'.format( r.status_code, error_obj.get('error'), error_obj.get('error_description')), 'danger') return redirect(url_for('views.index')) site = Wordpress.query.filter_by( account=account, site_id=blog_id).first() if not site: site = Wordpress(site_id=blog_id) account.sites.append(site) site.site_info = r.json() site.url = blog_url site.domain = util.domain_for_url(blog_url) site.token = access_token db.session.add(account) db.session.commit() flash('Authorized {}: {}'.format(account.username, site.domain)) util.set_authed([site]) return redirect(url_for('views.setup_site', service=SERVICE_NAME, domain=site.domain))
def process_callback(redirect_uri): code = request.args.get('code') error = request.args.get('error') if error: return {'error': 'Blogger authorization canceled or ' 'failed with error: {}' .format(error)} if not validate_csrf(request.args.get('state')): return {'error': 'csrf token mismatch in blogger callback.'} r = requests.post(API_TOKEN_URL, data={ 'code': code, 'client_id': current_app.config['GOOGLE_CLIENT_ID'], 'client_secret': current_app.config['GOOGLE_CLIENT_SECRET'], 'redirect_uri': redirect_uri, 'grant_type': 'authorization_code', }) if util.check_request_failed(r): return {'error': 'failed to validate access token'} current_app.logger.info('Got Blogger access token response: %s', r.text) payload = r.json() access_token = payload.get('access_token') expires_in = payload.get('expires_in') refresh_token = payload.get('refresh_token') if expires_in: expiry = datetime.datetime.utcnow() + datetime.timedelta( seconds=int(expires_in)) else: expiry = None current_app.logger.info( 'Got Blogger access token: %s. expiry: %s. refresh token: %s', access_token, expiry, refresh_token) r = requests.get(API_SELF_URL, headers={ 'Authorization': 'Bearer ' + access_token, }) if util.check_request_failed(r): return {'error': 'failed to fetch {}'.format(API_SELF_URL)} payload = r.json() username = user_id = payload.get('id') # find or create the account account = Account.lookup_by_user_id(SERVICE_NAME, user_id) if not account: account = Account(service=SERVICE_NAME, user_id=user_id) db.session.add(account) account.username = username account.user_info = payload account.token = access_token account.refresh_token = refresh_token account.expiry = expiry r = requests.get(API_BLOGS_URL, headers={ 'Authorization': 'Bearer ' + account.token, }) if util.check_request_failed(r): return redirect(url_for('views.index')) payload = r.json() blogs = payload.get('items', []) # find or create the sites sites = [] for blog in blogs: sites.append(Blogger( url=blog.get('url'), domain=util.domain_for_url(blog.get('url')), site_id=blog.get('id'), site_info=blog)) account.update_sites(sites) db.session.commit() util.set_authed(account.sites) return {'account': account}