class FacebookMobileLoginAPI(LoginAPIView):
'''Facebook Login'''
serializer_class = FacebookLoginSerializer
@method_decorator(psa('users:social-mobile-login'))
def dispatch(self, request, *args, **kwargs):
return super(FacebookMobileLoginAPI, self).dispatch(request, *args, **kwargs)
class AccessTokenExchangeView(AccessTokenView):
"""
View for token exchange from 3rd party OAuth access token to 1st party OAuth access token
"""
@method_decorator(csrf_exempt)
@method_decorator(social_utils.psa("social:complete"))
def dispatch(self, *args, **kwargs):
return super(AccessTokenExchangeView, self).dispatch(*args, **kwargs)
def get(self, request, _backend): # pylint: disable=arguments-differ
return super(AccessTokenExchangeView, self).get(request)
def post(self, request, _backend): # pylint: disable=arguments-differ
form = AccessTokenExchangeForm(request=request, data=request.POST)
if not form.is_valid():
return self.error_response(form.errors)
user = form.cleaned_data["user"]
scope = form.cleaned_data["scope"]
client = form.cleaned_data["client"]
if constants.SINGLE_ACCESS_TOKEN:
edx_access_token = self.get_access_token(request, user, scope,
client)
else:
edx_access_token = self.create_access_token(
request, user, scope, client)
return self.access_token_response(edx_access_token)
class AccessTokenExchangeBase(APIView):
"""
View for token exchange from 3rd party OAuth access token to 1st party
OAuth access token.
"""
@method_decorator(csrf_exempt)
@method_decorator(social_utils.psa("social:complete"))
def dispatch(self, *args, **kwargs): # pylint: disable=arguments-differ
return super(AccessTokenExchangeBase, self).dispatch(*args, **kwargs)
def get(self, request, _backend):
"""
Pass through GET requests without the _backend
"""
return super(AccessTokenExchangeBase, self).get(request)
def post(self, request, _backend):
"""
Handle POST requests to get a first-party access token.
"""
form = AccessTokenExchangeForm(request=request,
oauth2_adapter=self.oauth2_adapter,
data=request.POST)
if not form.is_valid():
error_response = self.error_response(form.errors) # pylint: disable=no-member
if error_response.status_code == 403:
log.info(
'message=login_filed_1, status="%d", user="******" ,agent="%s"',
error_response.status_code,
request.user,
request.META.get('HTTP_USER_AGENT', ''),
)
return error_response
user = form.cleaned_data["user"]
scope = form.cleaned_data["scope"]
client = form.cleaned_data["client"]
response = self.exchange_access_token(request, user, scope, client)
if response.status_code == 403:
log.info(
'message=login_filed_2, status=%d, user="******" ,agent="%s"',
response.status_code,
request.user.username,
request.META.get('HTTP_USER_AGENT', ''),
)
return response
def exchange_access_token(self, request, user, scope, client):
"""
Exchange third party credentials for an edx access token, and return a
serialized access token response.
"""
edx_access_token = self.create_access_token(request, user, scope,
client)
return self.access_token_response(edx_access_token)
class AccessTokenExchangeBase(APIView):
"""
View for token exchange from 3rd party OAuth access token to 1st party
OAuth access token.
"""
@method_decorator(csrf_exempt)
@method_decorator(social_utils.psa("social:complete"))
def dispatch(self, *args, **kwargs):
return super(AccessTokenExchangeBase, self).dispatch(*args, **kwargs)
def get(self, request, _backend): # pylint: disable=arguments-differ
"""
Pass through GET requests without the _backend
"""
return super(AccessTokenExchangeBase, self).get(request)
def post(self, request, _backend): # pylint: disable=arguments-differ
"""
Handle POST requests to get a first-party access token.
"""
data = request.POST.copy()
# log.info('=== AccessTokenExchangeBase ===')
# log.info(data)
log.error("=== AccessTokenExchangeBase ===")
if data.get('is_linkedin_mobile', False):
data['csrfmiddlewaretoken'] = _get_new_csrf_key()
log.error(data)
form = AccessTokenExchangeForm(request=request,
oauth2_adapter=self.oauth2_adapter,
data=data) # pylint: disable=no-member
if not form.is_valid():
# log.info("=== form is not valid ===")
log.error("form is not valid")
log.error(form.errors)
return self.error_response(form.errors) # pylint: disable=no-member
user = form.cleaned_data["user"]
scope = form.cleaned_data["scope"]
client = form.cleaned_data["client"]
return self.exchange_access_token(request, user, scope, client)
def exchange_access_token(self, request, user, scope, client):
"""
Exchange third party credentials for an edx access token, and return a
serialized access token response.
"""
if constants.SINGLE_ACCESS_TOKEN:
edx_access_token = self.get_access_token(request, user, scope,
client) # pylint: disable=no-member
else:
edx_access_token = self.create_access_token(
request, user, scope, client)
return self.access_token_response(edx_access_token) # pylint: disable=no-member
class AccessTokenExchangeBase(APIView):
"""
View for token exchange from 3rd party OAuth access token to 1st party
OAuth access token.
Note: This base class was originally created to support multiple libraries,
but we currently only support django-oauth-toolkit (DOT).
"""
# No CSRF protection is required because the provided 3rd party OAuth access
# token is sufficient
authentication_classes = []
allowed_methods = ['POST']
@method_decorator(social_utils.psa("social:complete"))
def dispatch(self, *args, **kwargs): # pylint: disable=arguments-differ
return super().dispatch(*args, **kwargs)
def post(self, request, _backend):
"""
Handle POST requests to get a first-party access token.
"""
form = AccessTokenExchangeForm(request=request,
oauth2_adapter=self.oauth2_adapter,
data=request.POST) # lint-amnesty, pylint: disable=no-member
if not form.is_valid():
error_response = self.error_response(form.errors) # pylint: disable=no-member
return error_response
user = form.cleaned_data["user"]
scope = form.cleaned_data["scope"]
client = form.cleaned_data["client"]
return self.exchange_access_token(request, user, scope, client)
def exchange_access_token(self, request, user, scope, client):
"""
Exchange third party credentials for an edx access token, and return a
serialized access token response.
"""
edx_access_token = self.create_access_token(request, user, scope,
client)
return self.access_token_response(edx_access_token) # lint-amnesty, pylint: disable=no-member
def _get_invalid_request_response(self, description):
return Response(status=400,
data={
'error': 'invalid_request',
'error_description': description,
})
class AccessTokenExchangeBase(APIView):
"""
View for token exchange from 3rd party OAuth access token to 1st party
OAuth access token.
"""
@method_decorator(csrf_exempt)
@method_decorator(social_utils.psa("social:complete"))
def dispatch(self, *args, **kwargs):
return super(AccessTokenExchangeBase, self).dispatch(*args, **kwargs)
def get(self, request, _backend):
"""
Pass through GET requests without the _backend
"""
return super(AccessTokenExchangeBase, self).get(request)
def post(self, request, _backend):
"""
Handle POST requests to get a first-party access token.
"""
form = AccessTokenExchangeForm(request=request,
oauth2_adapter=self.oauth2_adapter,
data=request.POST)
if not form.is_valid():
return self.error_response(form.errors)
user = form.cleaned_data["user"]
scope = form.cleaned_data["scope"]
client = form.cleaned_data["client"]
return self.exchange_access_token(request, user, scope, client)
def exchange_access_token(self, request, user, scope, client):
"""
Exchange third party credentials for an edx access token, and return a
serialized access token response.
"""
if constants.SINGLE_ACCESS_TOKEN:
edx_access_token = self.get_access_token(request, user, scope,
client)
else:
edx_access_token = self.create_access_token(
request, user, scope, client)
return self.access_token_response(edx_access_token)