def callback_handling(): code = request.args.get('code') get_token = GetToken(const['AUTH0_DOMAIN']) auth0_users = Users(const['AUTH0_DOMAIN']) token = get_token.authorization_code(const['AUTH0_CLIENT_ID'], const['AUTH0_CLIENT_SECRET'], code, const['AUTH0_CALLBACK_URL']) user_info = auth0_users.userinfo(token['access_token']) session['profile'] = json.loads(user_info) print('USER INFO') # check if user in db user = User.query.filter_by(email=session['profile']['email']).first() print('CHECK') if user is None: print('new user being added to db') userid = session['profile']["sub"] userid = userid[userid.index('|') + 1:len(userid)] new_user = User(userid, session['profile']['email'], session['profile']['nickname'], session['profile']['picture']) db.session.add(new_user) db.session.commit() else: print('old user') return redirect('/dashboard')
def callback_handling(): code = request.args.get(CODE_KEY) get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session[PROFILE_KEY] = json.loads(user_info) # return user_info # extract data to register user on DB in order top track question set progress first_name = session['profile']['given_name'] surname = session['profile']['family_name'] try: email = session['profile']['email'] except Exception as e: # log exception arup waad has email in nickname for some reason... email = session['profile']['nickname'] if len(parseaddr(email)[1]) == 0: return 'unable to log you in, invalid email supplied' user = db.session.query(User).filter_by(first_name=first_name, surname=surname, email=email).first() # if user doesnt exist in db, add them if (user is None): user = User(first_name=first_name, surname=surname, email=email) db.session.add(user) db.session.commit() # add user id from DB to the session session['user_id'] = user.id return redirect('/index')
def auth0_callback_view(self): # pragma: no cover """This callback is called after a successful Auth0 login. Args: code(str): Auth0's authentication code. """ # Check for errors error = request.args.get('error') if error: error_code = request.args.get('error_description') return redirect( url_for('regular.unauthorized', error_code=error_code)) from auth0.v3.authentication import GetToken from auth0.v3.authentication import Users import json # Retrieve AUTH0 settings from the local settings file AUTH0_DOMAIN = current_app.config.get('AUTH0_DOMAIN', '') AUTH0_CLIENT_ID = current_app.config.get('AUTH0_CLIENT_ID', '') AUTH0_CLIENT_SECRET = current_app.config.get('AUTH0_CLIENT_SECRET', '') AUTH0_CALLBACK_URL = url_for('user.auth0_callback', _external=True) auth0_users = Users(AUTH0_DOMAIN) # Retrieve Auth0 code from the URL query parameters code = request.args.get('code') # Decode Auth0 code and extract the Auth0 Token get_token = GetToken(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) # Retrieve user_info from AUTH0 token user_info_str = auth0_users.userinfo(token['access_token']) user_info = json.loads(user_info_str) email = user_info['email'] email_verified = user_info['email_verified'] # Retrieve User record by email user, user_email = self.db_manager.get_user_and_user_email_by_email( email) if not user: # Create new user if needed user = self.db_manager.add_user( email=email, active=True, first_name=user_info.get('given_name', ''), last_name=user_info.get('family_name', ''), ) self.db_manager.commit() # Retrieve next URL from 'state' query param state = request.args.get('state', '/') safe_next_url = self.make_safe_url(state) # Log user in return self._do_login_user(user, safe_next_url)
def callback_handling(): code = request.args.get('code') get_token = GetToken('manishsethis.auth0.com') auth0_users = Users('manishsethis.auth0.com') token = get_token.authorization_code(os.environ['CLIENT_ID'], os.environ['CLIENT_SECRET'], code, 'http://localhost:5000/callback') user_info = auth0_users.userinfo(token['access_token']) session['profile'] = json.loads(user_info) return redirect('/dashboard')
def callback_handling(): code = request.args.get(constants.CODE_KEY) get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session[constants.PROFILE_KEY] = json.loads(user_info) return redirect('/dashboard')
def get_tokens(code, request): '''Given an auth code, by making an Auth0 API call, returns an access_token and id_token. ''' get_token = GetToken(DOMAIN) # exchange the Authorization Code for tokens: access_token, id_token tokens = get_token.authorization_code(CLIENT_ID, CLIENT_SECRET, code, get_callback_url(request)) # tokens is a dict including access_token and id_token return tokens
def callback_handling(): code = request.args.get('code') get_token = GetToken('abdul4343.eu.auth0.com') auth0_users = Users('abdul4343.eu.auth0.com') token = get_token.authorization_code( 'xYbqBYbjcd2rS6o9Xb0HrLwQWHXu8jH1', 'rZHMb64rreOI6j0umN8_ZHpcer4VuJbdVCUO3hEdB795kEadyp7GhNdw2Fy5lEFO', code, 'http://192.168.0.6:5000/callback') user_info = auth0_users.userinfo(token['access_token']) #session['profile'] = json.loads(user_info) print(json.loads(user_info)) return json.loads(user_info)
def callback_handling(): code = request.args.get(CODE_KEY) get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session[PROFILE_KEY] = json.loads(user_info) # return user_info # extract data to register user on DB in order top track question set progress register_user() return redirect('/index')
def callback(request): """ Auth0 callback view """ code = request.GET['code'] get_token = GetToken(settings.AUTH0_DOMAIN) auth0_users = Users(settings.AUTH0_DOMAIN) token = get_token.authorization_code(settings.AUTH0_CLIENT_ID, settings.AUTH0_SECRET, code, settings.AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) uinfo = json.loads(user_info) request.session['profile'] = uinfo user = authenticate(**uinfo) if user: do_login(request, user) return redirect(reverse_lazy("users:profile"))
def callback_handling(): error = request.args.get('error') if error is None: code = request.args.get('code') redirect_url = request.args.get('redirectto') if redirect_url is None: redirect_url = '/' get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session['profile'] = json.loads(user_info) return redirect(redirect_url) else: error_msg = request.args.get('error_description') return f'<h1>{error}</h1><p>{error_msg}<p>', 401
def auth0_callback(request): code = request.GET.get('code') get_token = GetToken('techjargon.auth0.com') auth0_users = Users('techjargon.auth0.com') # token = get_token.authorization_code('QADeAHqjls_NxG6lnY_MQiqJ2wErFUpx', '00I5NqJtwLDZBBUBXQLTYLL195BvPMDZ3uFqc6OcnunuOsyuYvI7cCQ0tORWre4a', code, 'http://techjargon-dev.fidenz.info/authors/callback/') token = get_token.authorization_code(settings.AUTH_0['CLIENT_ID'], settings.AUTH_0['CLIENT_SECRET'], code, settings.AUTH_0['CALLBACK_URL']) user_info = auth0_users.userinfo(token['access_token']) user = json.loads(user_info) # request.session['profile'] = user flag, message = __check_n_register(user) if flag: _user = User.objects.get(email=user['email']) _user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, _user) return redirect('/') else: return redirect('/authors/signin/')
def callback_handling(): code = request.args.get(constants.CODE_KEY) if code is None: return redirect('/') get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) access_token = token['access_token'] user_info = json.loads(auth0_users.userinfo(access_token)) # Check that the access token is valid. url = ('https://capextool.auth0.com/userinfo/?access_token=%s' % access_token) # Submit request, parse response h = httplib2.Http() response = h.request(url, 'GET')[1] str_response = response.decode('utf-8') result = json.loads(str_response) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is used for the intended user. auth0Id = user_info['sub'] if result['sub'] != auth0Id: response = make_response( json.dumps("Token's sub doesn't match sub from cURL."), 401) response.headers['Content-Type'] = 'application/json' return response # # Verify that the access token is valid for this app. # if result['issued_to'] != CLIENT_ID: # response = make_response( # json.dumps("Token's client ID does not match app's."), 401) # response.headers['Content-Type'] = 'application/json' # return response stored_access_token = login_session.get('access_token') stored_sub = login_session.get('profile', {}).get('sub') if stored_access_token is not None and auth0Id == stored_sub: response = make_response( json.dumps('Current user is already connected.'), 200) response.headers['Content-Type'] = 'application/json' return response # Add user info login_session[constants.PROFILE_KEY] = user_info # see if user exists, if it doesn't make a new one user_id = getUserID(login_session['profile']['name']) if not user_id: user_id = createUser(login_session) login_session['user_id'] = user_id flash("you are now logged in under %s" % login_session['profile']['name']) return redirect('/user/%s/dashboard' % user_id)