示例#1
0
def init_oauth():
    # General
    global TENANT_ID
    TENANT_ID = current_app.config.get('AZURE_TENANT_ID')

    global CORE_URL
    CORE_URL = 'https://login.microsoftonline.com/' + TENANT_ID

    # OpenID Connect
    scopes = 'openid profile'
    token_url = CORE_URL + '/oauth2/token'
    authorize_url = CORE_URL + '/oauth2/authorize'

    global AAD
    AAD = oauth.remote_app(
        'microsoft',
        consumer_key=current_app.config.get('AZURE_CLIENT_ID'),
        consumer_secret=current_app.config.get('AZURE_CLIENT_SECRET'),
        request_token_params={
            'scope': scopes
        },  # Use "{'scope': SCOPES}, 'prompt': 'login'}" for restricted apps.
        base_url='http://ignore',  # We won't need this.
        request_token_url=None,
        access_token_method='POST',
        access_token_url=token_url,
        authorize_url=authorize_url)
示例#2
0
def github_oauth():
    if not Setting().get('github_oauth_enabled'):
        return None

    github = oauth.remote_app(
        'github',
        consumer_key=Setting().get('github_oauth_key'),
        consumer_secret=Setting().get('github_oauth_secret'),
        request_token_params={'scope': Setting().get('github_oauth_scope')},
        base_url=Setting().get('github_oauth_api_url'),
        request_token_url=None,
        access_token_method='POST',
        access_token_url=Setting().get('github_oauth_token_url'),
        authorize_url=Setting().get('github_oauth_authorize_url'))

    @app.route('/github/authorized')
    def github_authorized():
        session['github_oauthredir'] = url_for('.github_authorized',
                                               _external=True)
        resp = github.authorized_response()
        if resp is None:
            return 'Access denied: reason=%s error=%s' % (
                request.args['error'], request.args['error_description'])
        session['github_token'] = (resp['access_token'], '')
        return redirect(url_for('.login'))

    @github.tokengetter
    def get_github_oauth_token():
        return session.get('github_token')

    return github
示例#3
0
def google_oauth():
    if not Setting().get('google_oauth_enabled'):
        return None

    google = oauth.remote_app(
        'google',
        consumer_key=Setting().get('google_oauth_client_id'),
        consumer_secret=Setting().get('google_oauth_client_secret'),
        request_token_params=literal_eval(
            Setting().get('google_token_params')),
        base_url=Setting().get('google_base_url'),
        request_token_url=None,
        access_token_method='POST',
        access_token_url=Setting().get('google_token_url'),
        authorize_url=Setting().get('google_authorize_url'),
    )

    @app.route('/google/authorized')
    def google_authorized():
        resp = google.authorized_response()
        if resp is None:
            return 'Access denied: reason=%s error=%s' % (
                request.args['error_reason'],
                request.args['error_description'])
        session['google_token'] = (resp['access_token'], '')
        return redirect(url_for('.login'))

    @google.tokengetter
    def get_google_oauth_token():
        return session.get('google_token')

    return google
示例#4
0
 def __init__(self):
     self.oauth = oauth.remote_app(
         'Digikey',
         app_key='DIGIKEY',
         request_token_url=None,
     )
     self.oauth.tokengetter(Digikey.tokengetter)
     self.name = 'Digikey'
示例#5
0
from app import app, oauth
from config import TWITTER_APP_KEY, TWITTER_APP_SECRET

# Use Twitter as example remote application
twitter = oauth.remote_app('twitter',
    # unless absolute urls are used to make requests, this will be added
    # before all URLs.  This is also true for request_token_url and others.
    base_url='https://api.twitter.com/1/',
    # where flask should look for new request tokens
    request_token_url='https://api.twitter.com/oauth/request_token',
    # where flask should exchange the token with the remote application
    access_token_url='https://api.twitter.com/oauth/access_token',
    # twitter knows two authorizatiom URLs.  /authorize and /authenticate.
    # they mostly work the same, but for sign on /authenticate is
    # expected because this will give the user a slightly different
    # user interface on the twitter side.
    authorize_url='https://api.twitter.com/oauth/authenticate',
    # the consumer keys from the twitter application registry.
    consumer_key=TWITTER_APP_KEY,
    consumer_secret=TWITTER_APP_SECRET
)

示例#6
0
文件: oauth.py 项目: cuoh2/flask_demo
"""
from flask import Blueprint, abort, url_for, flash, redirect
from flask_login import current_user, login_user
from sqlalchemy import or_

from app import oauth, db
from app.models import User
from app.utils import redirect_back

oauth_bp = Blueprint('oauth', __name__)

github = oauth.remote_app(
    name='github',
    consumer_key='d931fee7f44f1d3977c1',
    consumer_secret='53ba0c7d5c423d062f8e38a05df27beb3f4cef25',
    request_token_params={'scope': 'user'},
    base_url='https://api.github.com/',
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://github.com/login/oauth/access_token',
    authorize_url='https://github.com/login/oauth/authorize')
providers = {'github': github}


@oauth_bp.route('/login/<provider_name>')
def oauth_login(provider_name):
    if current_user.is_authenticated:
        return redirect_back()
    provider = providers[provider_name]
    callback = url_for('.oauth_callback',
                       provider_name=provider_name,
                       _external=True)
示例#7
0
def index(page=1):
  posts = Post.query.order_by(Post.timestamp.desc()).paginate(1, 4, False)
  return render_template('index.html', title='Home', posts=posts)

@app.route('/log')
@app.route('/log/<int:page>')
def log(page=1):
  posts = Post.query.order_by(Post.timestamp.desc()).paginate(page, POSTS_PER_PAGE, True)
  return render_template('log.html', title='Trip Log', posts=posts)

# Login page
facebook = oauth.remote_app('facebook',
  base_url='https://graph.facebook.com/',
  request_token_url=None,
  access_token_url='/oauth/access_token',
  authorize_url='https://www.facebook.com/dialog/oauth',
  consumer_key=app.config['FACEBOOK_APP_ID'],
  consumer_secret=app.config['FACEBOOK_APP_SECRET'],
  request_token_params={'scope': 'email'}
)

@app.route('/oauth-authorized')
@facebook.authorized_handler
def oauth_authorized(resp):
  next_url = request.args.get('next') or url_for('index')
  if resp is None:
    flash(u'You denied the request to sign in.')
    return redirect(next_url)

  session['oauth_token'] = (resp['access_token'], '')
  fb_user = facebook.get('/me')
示例#8
0
from .. import db 
import os
from app import oauth
from . import qq_login
from ..models import User
from flask import redirect, url_for, session, jsonify, flash,json,Markup




qq = oauth.remote_app(
    'qq',
    consumer_key='1105581412',
    consumer_secret='9vKLvZAKu26O9Sbx',
    base_url='https://graph.qq.com',
    request_token_url=None,
    request_token_params={'scope': 'get_user_info'},
    access_token_url='/oauth2.0/token',
    authorize_url='/oauth2.0/authorize',
)


def json_to_dict(x):
    '''OAuthResponse class can't parse the JSON data with content-type
-    text/html and because of a rubbish api, we can't just tell flask-oauthlib to treat it as json.'''
    if x.find(b'callback') > -1:
        # the rubbish api (https://graph.qq.com/oauth2.0/authorize) is handled here as special case
        pos_lb = x.find(b'{')
        pos_rb = x.find(b'}')
        x = x[pos_lb:pos_rb + 1]
示例#9
0
    current_user

from .. import db 
import os
from app import oauth
from . import douban_login
from ..models import User
from flask import redirect, url_for, session, request, jsonify, flash,json


douban = oauth.remote_app(
    'douban',
    consumer_key='0cfc3c5d9f873b1826f4b518de95b148',
    consumer_secret='3e209e4f9ecf6a4a',
    base_url='https://api.douban.com/',
    request_token_url=None,
    request_token_params={'scope': 'douban_basic_common,shuo_basic_r'},
    access_token_url='https://www.douban.com/service/auth2/token',
    authorize_url='https://www.douban.com/service/auth2/auth',
    access_token_method='POST',
)


@douban_login.route('/')
def index():
    if 'douban_token' in session:
        resp = douban.get('shuo/v2/statuses/home_timeline')
        return jsonify(status=resp.status, data=resp.data)
    return redirect(url_for('.login'))

示例#10
0
from flask_login import login_user
from flask import session, redirect, url_for, request, flash
from app import oauth, db
from ..models import User
from . import auth
import json
import os

QQ_APP_ID = os.getenv('QQ_APP_ID')
QQ_APP_KEY = os.getenv('QQ_APP_KEY')

qq = oauth.remote_app(
    'qq',
    consumer_key=QQ_APP_ID,
    consumer_secret=QQ_APP_KEY,
    base_url='https://graph.qq.com',
    request_token_url=None,
    request_token_params={'scope': 'get_user_info'},
    access_token_url='/oauth2.0/token',
    authorize_url='/oauth2.0/authorize',
)


def json_to_dict(data):
    data = bytes.decode(data)
    if data.find('callback') > -1:
        pos_lb = data.find('{')
        pos_rb = data.find('}')
        data = data[pos_lb:pos_rb + 1]
    try:
        return json.loads(data, encoding='utf-8')
    except:
示例#11
0
from .. import db 
import os
from app import oauth
from . import weibo_login
from ..models import User
from flask import redirect, url_for, session, request, jsonify, flash,json


weibo = oauth.remote_app(
    'weibo',
    consumer_key='909122383',
    consumer_secret='2cdc60e5e9e14398c1cbdf309f2ebd3a',
    request_token_params={'scope': 'email,statuses_to_me_read'},
    base_url='https://api.weibo.com/2/',
    authorize_url='https://api.weibo.com/oauth2/authorize',
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://api.weibo.com/oauth2/access_token',
    # since weibo's response is a shit, we need to force parse the content
    content_type='application/json',
)


@weibo_login.route('/')
def index():
    if 'oauth_token' in session:
        access_token = session['oauth_token'][0]
        resp = weibo.get('statuses/home_timeline.json')
        return jsonify(resp.data)
    return redirect(url_for('login'))
示例#12
0
 def __init__(self):
     self.oauth = oauth.remote_app('Digikey',
                                   app_key='DIGIKEY',
                                   request_token_url=None,)
     self.oauth.tokengetter(Digikey.tokengetter)
     self.name = 'Digikey'
示例#13
0
    'specialties',
    'positions',
    'picture-url',
    'picture-urls::(original)',
    'site-standard-profile-request',
    'api-standard-profile-request',
    'public-profile-url',
]

linkedin = oauth.remote_app(
    'linkedin',
    app_key='LINKEDIN',
    request_token_url=None,
    request_token_params={
        'scope': 'r_basicprofile',
        'state': lambda: session['linkedin_state']
    },
    base_url='https://api.linkedin.com/',
    authorize_url='https://www.linkedin.com/uas/oauth2/authorization',
    access_token_method='POST',
    access_token_url='https://www.linkedin.com/uas/oauth2/accessToken',
)

views = Blueprint('linkedin', __name__)


def retrieve_access_token(user):
    if user.linkedin is not None:
        if user.linkedin.expires_in.total_seconds() > MIN_TOKEN_LIFETIME:
            return (user.linkedin.access_token, '')
示例#14
0
@auth.route('/delete')
@login_required
def delete():
    db.session.delete(current_user)
    db.session.commit()
    return redirect(url_for('main.index'))


QQ_APP_ID = os.getenv('QQ_APP_ID')
QQ_APP_KEY = os.getenv('QQ_APP_KEY')

qq = oauth.remote_app(
    'qq',
    consumer_key=QQ_APP_ID,
    consumer_secret=QQ_APP_KEY,
    base_url='https://graph.qq.com',
    request_token_url=None,
    request_token_params={'scope': 'get_user_info'},
    access_token_url='/oauth2.0/token',
    authorize_url='/oauth2.0/authorize',
)


def json_to_dict(data):
    data = bytes.decode(data)
    if data.find('callback') > -1:
        pos_lb = data.find('{')
        pos_rb = data.find('}')
        data = data[pos_lb:pos_rb + 1]
    try:
        return json.loads(data, encoding='utf-8')
    except:
示例#15
0
from flask_login import login_user
from flask import session, redirect, url_for, request, flash
from app import oauth, db
from ..models import User
from . import auth
import json
import os

REN2_APP_ID = os.environ.get('REN2_APP_ID')
REN2_APP_KEY = os.environ.get('REN2_APP_KEY')

ren2 = oauth.remote_app('ren2',
                        consumer_key=REN2_APP_ID,
                        consumer_secret=REN2_APP_KEY,
                        base_url='https://graph.renren.com',
                        request_token_url=None,
                        access_token_url='/oauth/token',
                        authorize_url='/oauth/authorize')


@auth.route('/ren2-user-info')
def ren2_user_info():
    if 'ren2_user' in session:
        user = User.query.filter_by(
            username=session['ren2_user']['name']).first()
        if not user:
            user = User(username=session['ren2_user']['name'],
                        avatar=session['ren2_user']['avatar'][3]['url'],
                        confirmed=True)
            db.session.add(user)
            db.session.commit()
示例#16
0
from flask import render_template, flash, redirect, session, url_for, request
from flask.ext.login import login_user, logout_user, current_user, login_required
from app import app, db, lm, oauth
from .models import User


facebook = oauth.remote_app('facebook',
    base_url='https://graph.facebook.com/',
    request_token_url=None,
    access_token_url='/oauth/access_token',
    authorize_url='https://www.facebook.com/dialog/oauth',
    consumer_key='872766896169946',
    consumer_secret='47248c3813f7833ad586871d3675bffd',
    request_token_params={'scope': 'public_profile, email'},
)

@facebook.tokengetter
def get_facebook_oauth_token():
    return session.get('oauth_token')


@lm.user_loader
def load_user(id):
	return User.query.get(int(id))

@app.route('/')
@app.route('/home')
def index():
	    #description of app + login button
	return render_template('home.html')
示例#17
0
from app import oauth
import os

google = oauth.remote_app(
    'google',
    consumer_key=str(os.getenv('GOOGLE_CLIENT_ID')),
    consumer_secret=str(os.getenv('GOOGLE_CLIENT_ID_SECRET')),
    request_token_params={
        'scope': 'https://www.googleapis.com/auth/userinfo.email'
    },
    base_url='https://www.googleapis.com/oauth2/v1/',
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://accounts.google.com/o/oauth2/token',
    authorize_url='https://accounts.google.com/o/oauth2/auth',
)

facebook = oauth.remote_app(
    'facebook',
    base_url='https://graph.facebook.com/',
    request_token_url=None,
    access_token_url='/oauth/access_token',
    access_token_method='GET',
    authorize_url='https://www.facebook.com/dialog/oauth',
    consumer_key=str(os.getenv('FACEBOOK_APP_ID')),
    consumer_secret=str(os.getenv('FACEBOOK_APP_SECRET')),
    request_token_params={'scope': 'email'})

github = oauth.remote_app(
    'github',
    consumer_key=str(os.getenv('GITHUB_APP_ID')),
示例#18
0
    'specialties',
    'positions',
    'picture-url',
    'picture-urls::(original)',
    'site-standard-profile-request',
    'api-standard-profile-request',
    'public-profile-url',
]

linkedin = oauth.remote_app(
    'linkedin',
    app_key='LINKEDIN',
    request_token_url=None,
    request_token_params={
        'scope': 'r_basicprofile',
        'state': lambda: session['linkedin_state']
    },
    base_url='https://api.linkedin.com/',
    authorize_url='https://www.linkedin.com/uas/oauth2/authorization',
    access_token_method='POST',
    access_token_url='https://www.linkedin.com/uas/oauth2/accessToken',
)

views = Blueprint('linkedin', __name__)

def retrieve_access_token(user):
    if user.linkedin is not None:
        if user.linkedin.expires_in.total_seconds() > MIN_TOKEN_LIFETIME:
            return (user.linkedin.access_token, '')

def store_access_token(user, resp):
示例#19
0
from flask_login import login_user
from flask import session, redirect, url_for, request, flash
from app import oauth, db
from ..models import User
from . import auth
import json
import os

SINA_APP_ID = os.getenv('SINA_APP_ID')
SINA_APP_KEY = os.getenv('SINA_APP_KEY')

sina = oauth.remote_app(
    'sina',
    consumer_key=SINA_APP_ID,
    consumer_secret=SINA_APP_KEY,
    base_url='https://api.weibo.com',
    request_token_url=None,
    access_token_url='/oauth2/access_token',
    authorize_url='/oauth2/authorize',
)


@auth.route('/sina-user-info')
def sina_user_info():
    if 'sina_token' in session:
        return redirect(request.args.get('next') or url_for('main.index'))
    return redirect(url_for('auth.sina_login'))


@auth.route('/sina-login')
def sina_login():
示例#20
0
import os
from . import oauth_bp
from app import oauth, db
from flask import abort, redirect, url_for, flash
from flask_login import current_user, login_user
from ..models import User
import json

github = oauth.remote_app(
    name='github',
    consumer_key=os.getenv('GITHUB_CLIENT_ID'),
    consumer_secret=os.getenv('GITHUB_CLIENT_SECRET'),
    request_token_params={'scope': 'user'},
    base_url='https://api.github.com/',
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://github.com/login/oauth/access_token',
    authorize_url='https://github.com/login/oauth/authorize',
)

providers = {'github': github}

profile_endpoints = {'github': 'user'}


def get_social_profile(provider, access_token):
    profile_endpoint = profile_endpoints[provider.name]
    response = provider.get(profile_endpoint, token=access_token)
    '''
    in_json = json.dumps(response.data)
    print(json.loads(in_json))
示例#21
0
    current_user

from .. import db 
import os,app
from app import oauth
from . import google_login
from ..models import User
from flask import redirect, url_for, session, request, jsonify, flash,json

google = oauth.remote_app(
    'google',
    consumer_key="34212163293-1b6l981iuh96vthq176o4ng55bhqg890.apps.googleusercontent.com",
    consumer_secret="pBz0mULyUdL2rr3nUsmKpFeC",
    request_token_params={
        'scope': 'email'
    },
       
    base_url='https://accounts.google.com/o/oauth2/v2/auth',#######'https://www.googleapis.com/oauth2/v1/'
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://accounts.google.com/o/oauth2/token',
    authorize_url='https://accounts.google.com/o/oauth2/auth',
)
#############google  not callback

@google_login.route('/')
def index():
    if 'google_token' in session:
        me = google.get('userinfo')
        return jsonify({"data": me.data})
    return redirect(url_for('.login'))
示例#22
0
from app import app, oauth
from config import GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET


google = oauth.remote_app('google',
    base_url='https://www.google.com/accounts/',
    authorize_url='https://accounts.google.com/o/oauth2/auth',
    request_token_url=None,
    request_token_params={'scope': 'https://www.googleapis.com/auth/userinfo.email',
                          'response_type': 'code'},
    access_token_url='https://accounts.google.com/o/oauth2/token',
    access_token_method='POST',
    access_token_params={'grant_type': 'authorization_code'},
    consumer_key=GOOGLE_CLIENT_ID,
    consumer_secret=GOOGLE_CLIENT_SECRET)
示例#23
0
from flask import Blueprint, flash, render_template, url_for, session, request, jsonify, redirect
from flask_oauthlib.client import OAuth, OAuthResponse

from flask_login import LoginManager, login_user, logout_user, current_user
from app import oauth, lm
from app.models.user_models import User
from app import db, uandus_client, CLIENT_ID, CLIENT_SECRET

# When using a Flask app factory we must use a blueprint to avoid needing 'app' for '@app.route'
oauth_blueprint = Blueprint('oauth', __name__, template_folder='templates')

remote = oauth.remote_app(
    'remote',
    consumer_key=CLIENT_ID,
    consumer_secret=CLIENT_SECRET,
    request_token_params={'scope': 'email'},
    base_url='http://www.uandus.net/api/v1.0/',
    request_token_url=None,
    # access_token_method='POST',
    access_token_url='http://www.uandus.net/api/v1.0/oauth/token',
    authorize_url='http://www.uandus.net/api/v1.0/oauth/authorize')


def parse_authorized_response(resp):

    global uandus_client

    if resp is None:
        flash('Authentication failed.')
        return 'Access denied: reason=%s error=%s' % (
            request.args['error_reason'], request.args['error_description'])
    if isinstance(resp, dict):
示例#24
0
from flask import session, request
from flask_oauthlib.client import OAuth, OAuthException

from app import oauth
from app.pluginloader import PluginBase, PluginSettingBool, PluginSettingText, PluginError
from app.util import _get_settings

settings = _get_settings('auth_azure')
if 'auth_azure_consumer_key' in settings and settings['auth_azure_consumer_key']:
    remote_app = oauth.remote_app(
        'microsoft',
        consumer_key=settings['auth_azure_consumer_key'],
        consumer_secret=settings['auth_azure_consumer_secret'],
        request_token_params={'scope': 'offline_access User.Read'},
        base_url='https://graph.microsoft.com/v1.0/',
        request_token_url=None,
        access_token_method='POST',
        access_token_url='https://login.microsoftonline.com/common/oauth2/v2.0/token',
        authorize_url='https://login.microsoftonline.com/common/oauth2/v2.0/authorize'
    )

    @remote_app.tokengetter
    def get_auth_azure_token():
        return session.get('auth_azure_token')

class Plugin(PluginBase):
    def __init__(self):
        PluginBase.__init__(self)

    def name(self):
示例#25
0
from app import oauth
from config import TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET

# Create a twitter application
app = oauth.remote_app('twitter',
    base_url='https://api.twitter.com/1/',
    request_token_url='https://api.twitter.com/oauth/request_token',
    access_token_url='https://api.twitter.com/oauth/access_token',
    authorize_url='https://api.twitter.com/oauth/authenticate',
    consumer_key=TWITTER_CONSUMER_KEY,
    consumer_secret=TWITTER_CONSUMER_SECRET)
示例#26
0
    current_user

from .. import db 
import os
from app import oauth
from . import github_login
from ..models import User
from flask import redirect, url_for, session, request, jsonify, flash,json


github = oauth.remote_app(
    'github',
    consumer_key='e1c0a729ad0f61811811',
    consumer_secret='07d0505feeb83f6a2dc38df29d1916ee4909e13e',
    request_token_params={'scope': 'user:email'},
    base_url='https://api.github.com/',
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://github.com/login/oauth/access_token',
    authorize_url='https://github.com/login/oauth/authorize'
)


@github_login.route('/')
def index():
    if 'github_token' in session:
        me = github.get('user')
        resp=jsonify(me.data)
        data=json.loads(resp.data.decode('utf-8'))
        
        user = User.query.filter_by(email=data.get('email')).first()