def link_user(app_id: str, body: Dict[str, Any]):
alias = int(body['social_id'])
if alias <= 0:
raise BadRequestError('Invalid social_id: ' +
str(body.get('social_id')))
user_pk = body['user_id']
SocialProfiles.link_with_user(app_id=app_id,
alias=alias,
user_pk=user_pk,
create_if_not_exist=body.get(
'create_user', 'true') == 'true')
db.session.commit()
def _handle_authentication(
self,
params: OAuthCallbackParams) -> Tuple[SocialProfiles, Tokens]:
"""
Handle authentication, return authenticated profile + token info
:param params:
:return:
"""
oauth_verifier = params.oauth_verifier
token_tup = self._get_token_oa1(oauth_verifier)
user_id, attrs = self._get_profile_oa1(token_tup=token_tup)
profile, existed = SocialProfiles.add_or_update(app_id=self.log.app_id,
provider=self.provider,
scope_id=user_id,
attrs=attrs)
self.log.set_authorized(social_id=profile._id,
is_login=existed,
nonce=gen_random_token(nbytes=32))
token = Tokens(provider=self.provider,
token_type='OAuth',
oa_version=Tokens.OA_VERSION_1A,
oa1_token=token_tup[0],
oa1_secret=token_tup[1],
social_id=profile._id)
db.session.add(token)
return profile, token
def get_user(app_id: str, body: Dict[str, Any]):
user_pk, alias = _parse_and_validate_identifiers(body)
return SocialProfiles.get_full_profile(app_id=app_id,
user_pk=user_pk,
alias=alias,
pretty=body.get('pretty',
'false') == 'true')
def get_associate_token(app_id: str, body: Dict[str, Any]):
provider = body.get('provider')
if not is_valid_provider(provider):
raise BadRequestError('Invalid provider')
user_pk, alias = _parse_and_validate_identifiers(body)
profiles = SocialProfiles.find_by_pk(app_id=app_id, user_pk=user_pk)\
if user_pk else SocialProfiles.query.filter_by(alias=alias).all()
if not profiles:
raise NotFoundError('User ID or Social ID not found')
for p in profiles:
if provider == p.provider:
raise ConflictError(
'User has linked with another social profile for this provider'
)
log = AssociateLogs(provider=provider,
app_id=app_id,
social_id=profiles[0].alias,
nonce=gen_random_token(nbytes=16, format='hex'))
db.session.add(log)
db.session.flush()
associate_token = log.generate_associate_token()
db.session.commit()
return {'token': associate_token, 'target_provider': provider}
def _handle_authentication(
self,
params: OAuthCallbackParams) -> Tuple[SocialProfiles, Tokens]:
"""
Handle authentication, return authenticated profile + token info
:param params:
:return:
"""
if self._is_mobile():
access_token = params.access_token
id_token = params.id_token
token_pack = self._debug_token(access_token=access_token,
id_token=id_token)
else:
code = params.code
token_pack: OAuth2TokenPack = self._get_token(code=code)
user_id, attrs = self._get_profile(token_pack=token_pack)
profile, existed = SocialProfiles.add_or_update(app_id=self.log.app_id,
provider=self.provider,
scope_id=user_id,
attrs=attrs)
self.log.set_authorized(social_id=profile._id,
is_login=existed,
nonce=gen_random_token(nbytes=32))
token = Tokens(provider=self.provider,
access_token=token_pack.access_token,
token_type=token_pack.token_type,
expires_at=datetime.utcnow() +
timedelta(seconds=token_pack.expires_in),
refresh_token=token_pack.refresh_token,
id_token=token_pack.id_token,
social_id=profile._id)
db.session.add(token)
return profile, token
def delete_user(app_id: str, body: Dict[str, Any]):
user_pk, alias = _parse_and_validate_identifiers(body)
num_affected = SocialProfiles.delete_profile(app_id=app_id,
alias=alias,
user_pk=user_pk)
db.session.commit()
return num_affected
def get_authorized_profile(auth_token: str,
params: Dict[str, Any]) -> Dict[str, Any]:
log, args = _verify_auth_request(auth_token=auth_token, params=params)
app = Apps.query.filter_by(_id=log.app_id).one_or_none()
if log.is_login:
log.status = AuthLogs.STATUS_SUCCEEDED
elif app.option_enabled(key='reg_page'):
log.status = AuthLogs.STATUS_WAIT_REGISTER
else:
SocialProfiles.activate(profile_id=log.social_id)
log.status = AuthLogs.STATUS_SUCCEEDED
profile = SocialProfiles.query.filter_by(_id=log.social_id).first_or_404()
# TODO: What is fetch_user=True
body = profile.as_dict(fetch_user=True)
db.session.commit()
return body
def merge_user(app_id: str, body: Dict[str, Any]):
src_user_pk = body.get('src_user_id')
src_alias = smart_str2int(body.get('src_social_id', '0'))
dst_user_pk = body.get('dst_user_id')
dst_alias = smart_str2int(body.get('dst_social_id', '0'))
if not src_user_pk and src_alias <= 0:
raise BadRequestError(
'At least one valid parameter src_user_id or src_social_id must be provided'
)
if not dst_user_pk and dst_alias <= 0:
raise BadRequestError(
'At least one valid parameter dst_user_id or dst_social_id must be provided'
)
SocialProfiles.merge_profiles(app_id=app_id,
src_user_pk=src_user_pk,
src_alias=src_alias,
dst_user_pk=dst_user_pk,
dst_alias=dst_alias)
db.session.commit()
def unlink_user(app_id: str, body: Dict[str, Any]):
user_pk = body['user_id']
alias = int(body['social_id'])
if alias <= 0:
raise BadRequestError('Invalid social_id: ' +
str(body.get('social_id')))
num_affected = SocialProfiles.unlink_from_user(app_id=app_id,
alias=alias,
user_pk=user_pk)
db.session.commit()
return num_affected
def convert_social_id(body):
sub, _ = _validate_access_token(access_token=body['access_token'])
app_id = body['app_id']
owner_id = db.session.query(Apps.owner_id).filter_by(_id=app_id).scalar()
if not owner_id or owner_id != sub:
raise NotFoundError('App ID not found')
social_ids = body['ids'].split(',')
if len(social_ids) > 150:
raise BadRequestError('Number of IDs cannot be larger than 150')
scope_ids = SocialProfiles.social_id_to_scope_id(app_id=app_id, social_ids=social_ids)
return [e[0] for e in scope_ids]
def disassociate(app_id: str, body: Dict[str, Any]):
providers = body['providers'].split(',')
for provider in providers:
if not is_valid_provider(provider):
raise BadRequestError('Invalid provider ' + provider)
user_pk, alias = _parse_and_validate_identifiers(body)
num_affected = SocialProfiles.disassociate_provider(app_id=app_id,
providers=providers,
user_pk=user_pk,
alias=alias)
db.session.commit()
return num_affected
def activate_profile(auth_token: str, params: Dict[str, Any]):
log, args = _verify_auth_request(auth_token=auth_token, params=params)
log.status = AuthLogs.STATUS_SUCCEEDED
SocialProfiles.activate(profile_id=log.social_id)
db.session.commit()