def twitter_auth_url(): callback_uri = urls.absurl("/redirects/twitter/") oauth = OAuth1(settings.TWITTER_CONSUMER_KEY, settings.TWITTER_CONSUMER_SECRET, callback_uri=callback_uri) response = requests.post(url=twitter_request_token_url, auth=oauth) try: response.raise_for_status() except requests.exceptions.HTTPError as exc: logger.exception(exc) raise TwitterVerificationError('Invalid response from Twitter.') as_bytes = urllib.parse.parse_qs(response.content) token_bytes = as_bytes[b'oauth_token'][0] token_secret_bytes = as_bytes[b'oauth_token_secret'][0] request_token = {} request_token['oauth_token'] = token_bytes.decode('utf-8') request_token['oauth_token_secret'] = token_secret_bytes.decode( 'utf-8') session['request_token'] = request_token url = '{}?oauth_token={}'.format(twitter_authenticate_url, request_token['oauth_token']) return VerificationServiceResponse({'url': url})
def verify_facebook(code, eth_address): base_url = 'graph.facebook.com' client_id = settings.FACEBOOK_CLIENT_ID client_secret = settings.FACEBOOK_CLIENT_SECRET redirect_uri = urls.absurl("/redirects/facebook/") code = code path = ('/v2.12/oauth/access_token?client_id={}' '&client_secret={}&redirect_uri={}&code={}').format( client_id, client_secret, redirect_uri, code) conn = http.client.HTTPSConnection(base_url) conn.request('GET', path) response = json.loads(conn.getresponse().read()) has_access_token = ('access_token' in response) if not has_access_token or 'error' in response: raise FacebookVerificationError( 'The code you provided is invalid.') # TODO: determine what the text should be data = 'facebook verified' # TODO: determine claim type integer code for phone verification signature = attestations.generate_signature(signing_key, eth_address, CLAIM_TYPES['facebook'], data) return VerificationServiceResponse({ 'signature': signature, 'claim_type': CLAIM_TYPES['facebook'], 'data': data })
def verify_facebook(code, eth_address): base_url = "https://graph.facebook.com" response = requests.get("{}/v2.12/oauth/access_token".format(base_url), params={ "client_id": settings.FACEBOOK_CLIENT_ID, "client_secret": settings.FACEBOOK_CLIENT_SECRET, "redirect_uri": urls.absurl("/redirects/facebook/"), "code": code }) if "access_token" not in response.json() or "error" in response.json(): if "error" in response.json(): logger.error(response.json()["error"]) raise FacebookVerificationError( "The code you provided is invalid.") access_token = response.json()["access_token"] response = requests.get("{}/me".format(base_url), params={"access_token": access_token}) # TODO: determine what the text should be data = 'facebook verified' # TODO: determine claim type integer code for phone verification signature = attestations.generate_signature(signing_key, eth_address, CLAIM_TYPES['facebook'], data) attestation = Attestation(method=AttestationTypes.FACEBOOK, eth_address=eth_address, value=response.json()['name'], signature=signature, remote_ip_address=request.remote_addr) db.session.add(attestation) db.session.commit() return VerificationServiceResponse({ 'signature': signature, 'claim_type': CLAIM_TYPES['facebook'], 'data': data })
def twitter_auth_url(): callback_uri = urls.absurl("/redirects/twitter/") oauth = OAuth1(settings.TWITTER_CONSUMER_KEY, settings.TWITTER_CONSUMER_SECRET, callback_uri=callback_uri) r = requests.post(url=twitter_request_token_url, auth=oauth) if r.status_code != 200: raise TwitterVerificationError('Invalid response from Twitter.') as_bytes = dict(cgi.parse_qsl(r.content)) token_b = as_bytes[b'oauth_token'] token_secret_b = as_bytes[b'oauth_token_secret'] request_token = {} request_token['oauth_token'] = token_b.decode('utf-8') request_token['oauth_token_secret'] = token_secret_b.decode('utf-8') session['request_token'] = request_token url = '{}?oauth_token={}'.format(twitter_authenticate_url, request_token['oauth_token']) return VerificationServiceResponse({'url': url})
def verify_facebook(code, eth_address): base_url = "https://graph.facebook.com" response = requests.get("{}/v2.12/oauth/access_token".format(base_url), params={ "client_id": settings.FACEBOOK_CLIENT_ID, "client_secret": settings.FACEBOOK_CLIENT_SECRET, "redirect_uri": urls.absurl("/redirects/facebook/"), "code": code }) if "access_token" not in response.json() or "error" in response.json(): if "error" in response.json(): logger.error(response.json()["error"]) raise FacebookVerificationError( "The code you provided is invalid.") access_token = response.json()["access_token"] response = requests.get("{}/me".format(base_url), params={"access_token": access_token}) data = { 'issuer': ISSUER, 'issueDate': current_time(), 'attestation': { 'verificationMethod': { 'oAuth': True }, 'site': { 'siteName': 'facebook.com', 'userId': { 'verified': True } } } } # Note: use sort_keys option to make the output deterministic for hashing purposes. json_data = json.dumps(data, separators=(',', ':'), sort_keys=True) signature = { 'bytes': attestations.generate_signature(signing_key, eth_address, json_data), 'version': '1.0.0' } attestation = Attestation(method=AttestationTypes.FACEBOOK, eth_address=eth_address, value=response.json()['name'], signature=signature['bytes'], remote_ip_address=request.remote_addr) db.session.add(attestation) db.session.commit() return VerificationServiceResponse({ 'schemaId': 'https://schema.originprotocol.com/attestation_1.0.0.json', 'data': data, 'signature': signature })
def facebook_auth_url(): client_id = settings.FACEBOOK_CLIENT_ID redirect_uri = urls.absurl("/redirects/facebook/") url = ('https://www.facebook.com/v2.12/dialog/oauth?client_id={}' '&redirect_uri={}').format(client_id, redirect_uri) return VerificationServiceResponse({'url': url})