def persona_login(request): assertion = request.POST.get('assertion', '') audience = request.build_absolute_uri('/') resp = requests.post('https://verifier.login.persona.org/verify', { 'assertion': assertion, 'audience': audience }) if resp.json['status'] != 'okay': return render_authentication_error(request) email = resp.json['email'] user = User(email=email) extra_data = resp.json account = SocialAccount(uid=email, provider=PersonaProvider.id, extra_data=extra_data, user=user) # TBD: Persona e-mail addresses are verified, so we could check if # a matching local user account already exists with an identical # verified e-mail address and short-circuit the social login. Then # again, this holds for all social providers that guarantee # verified e-mail addresses, so if at all, short-circuiting should # probably not be handled here... login = SocialLogin(account) login.state = SocialLogin.state_from_request(request) return complete_social_login(request, login)
def persona_login(request): assertion = request.POST.get('assertion', '') audience = request.build_absolute_uri('/') resp = requests.post('https://verifier.login.persona.org/verify', {'assertion': assertion, 'audience': audience}) if resp.json()['status'] != 'okay': return render_authentication_error(request) email = resp.json()['email'] user = get_adapter() \ .populate_new_user(email=email) extra_data = resp.json() account = SocialAccount(uid=email, provider=PersonaProvider.id, extra_data=extra_data, user=user) # TBD: Persona e-mail addresses are verified, so we could check if # a matching local user account already exists with an identical # verified e-mail address and short-circuit the social login. Then # again, this holds for all social providers that guarantee # verified e-mail addresses, so if at all, short-circuiting should # probably not be handled here... login = SocialLogin(account) login.state = SocialLogin.state_from_request(request) return complete_social_login(request, login)
def callback(request): client = _openid_consumer(request) response = client.complete(dict(request.REQUEST.items()), request.build_absolute_uri(request.path)) if response.status == consumer.SUCCESS: account = SocialAccount(uid=response.identity_url, provider=OpenIDProvider.id, extra_data={}) account.user = get_adapter().populate_new_user(request, account, email=_get_email_from_response(response)) login = SocialLogin(account) login.state = SocialLogin.unstash_state(request) ret = complete_social_login(request, login) elif response.status == consumer.CANCEL: ret = HttpResponseRedirect(reverse("socialaccount_login_cancelled")) else: ret = render_authentication_error(request) return ret
def test_handle_facebook_without_email_cancel(): request = RequestFactory().get('/accounts/login/callback/') request.user = AnonymousUser() account = SocialAccount(provider='facebook') sociallogin = SocialLogin(user=User(), account=account) sociallogin.state = SocialLogin.state_from_request(request) response = complete_social_login(request, sociallogin) assert response.status_code == 302 assert response['location'].startswith(reverse('email_needed')) sociallogin.state['auth_params'] = 'auth_type=rerequest' response = complete_social_login(request, sociallogin) assert response.status_code == 302 assert response['location'] == reverse('socialaccount_login_cancelled')
def callback(request): client = _openid_consumer(request) response = client.complete(dict(request.REQUEST.items()), request.build_absolute_uri(request.path)) if response.status == consumer.SUCCESS: user = get_adapter() \ .populate_new_user(email=_get_email_from_response(response)) account = SocialAccount(uid=response.identity_url, provider=OpenIDProvider.id, user=user, extra_data={}) login = SocialLogin(account) login.state = SocialLogin.unstash_state(request) ret = complete_social_login(request, login) elif response.status == consumer.CANCEL: ret = HttpResponseRedirect(reverse('socialaccount_login_cancelled')) else: ret = render_authentication_error(request) return ret