def gconnect(): """Google Plus sign in.""" if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter'), 401) response.headers['Content-Type'] = 'application/json' return response code = request.data # one-time code from server try: # Upgrades auth code into credentials object oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: response = make_response( json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' return response access_token = credentials.access_token # Checking validity of access_token url = ( 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={token}'. format(token=access_token)) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' gplus_id = credentials.id_token['sub'] # Verifies access_token is for intended user if result['user_id'] != gplus_id: response = make_response( json.dumps('Token\'s user ID doesn\'t match given user ID.'), 401) response.heads['Content-Type'] = 'application/json' return response # Verifies access token is valid for this app. if result['issued_to'] != CLIENT_ID: response = make_response( json.dumps('Token\'s client ID does not match app\'s.'), 401) print 'Token\'s client ID does not match app\'s.' response.headers['Content-Type'] = 'application/json' return response stored_access_token = login_session.get('access_token') stored_gplus_id = login_session.get('gplus_id') if stored_access_token is not None and gplus_id == stored_gplus_id: response = make_response( json.dumps('Current user is already connected'), 200) response.headers['Content-Type'] = 'application/json' return response login_session['access_token'] = access_token login_session['gplus_id'] = gplus_id userinfo_url = 'https://www.googleapis.com/oauth2/v1/userinfo' params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() login_session['username'] = data['name'] login_session['picture'] = data['picture'] login_session['email'] = data['email'] login_session['provider'] = 'google' user_id = db.get_user_id(login_session['email']) if user_id is None: user_id = db.create_user(login_session) login_session['user_id'] = user_id output = '' output += '<h1>Welcome, ' output += login_session['username'] output += '!</h1>' output += '<img src="' output += login_session['picture'] output += ' " style = "width: 300px; height: 300px;border-radius: 150px;-webkit-border-radius: 150px;-moz-border-radius: 150px;"> ' flash('You are now logged in as {name}'.format( name=login_session['username'])) return output
def gconnect(): """Google Plus sign in.""" if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter'), 401) response.headers['Content-Type'] = 'application/json' return response code = request.data # one-time code from server try: # Upgrades auth code into credentials object oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: response = make_response(json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' return response access_token = credentials.access_token # Checking validity of access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={token}'.format(token=access_token)) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' gplus_id = credentials.id_token['sub'] # Verifies access_token is for intended user if result['user_id'] != gplus_id: response = make_response(json.dumps('Token\'s user ID doesn\'t match given user ID.'), 401) response.heads['Content-Type'] = 'application/json' return response # Verifies access token is valid for this app. if result['issued_to'] != CLIENT_ID: response = make_response(json.dumps('Token\'s client ID does not match app\'s.'), 401) print 'Token\'s client ID does not match app\'s.' response.headers['Content-Type'] = 'application/json' return response stored_access_token = login_session.get('access_token') stored_gplus_id = login_session.get('gplus_id') if stored_access_token is not None and gplus_id == stored_gplus_id: response = make_response(json.dumps('Current user is already connected'), 200) response.headers['Content-Type'] = 'application/json' return response login_session['access_token'] = access_token login_session['gplus_id'] = gplus_id userinfo_url = 'https://www.googleapis.com/oauth2/v1/userinfo' params = { 'access_token': credentials.access_token, 'alt': 'json' } answer = requests.get(userinfo_url, params=params) data = answer.json() login_session['username'] = data['name'] login_session['picture'] = data['picture'] login_session['email'] = data['email'] login_session['provider'] = 'google' user_id = db.get_user_id(login_session['email']) if user_id is None: user_id = db.create_user(login_session) login_session['user_id'] = user_id output = '' output += '<h1>Welcome, ' output += login_session['username'] output += '!</h1>' output += '<img src="' output += login_session['picture'] output += ' " style = "width: 300px; height: 300px;border-radius: 150px;-webkit-border-radius: 150px;-moz-border-radius: 150px;"> ' flash('You are now logged in as {name}'.format(name=login_session['username'])) return output
def fbconnect(): """FB connect functionality.""" if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter'), 401) response.headers['Content-Type'] = 'application/json' return response # Exchange client token for long-lived server side token. access_token = request.data print 'Access token received {token}'.format(token=access_token) fb_client_json = open('fb_client_secrets.json', 'r').read() app_id = json.loads(fb_client_json)['web']['app_id'] app_secret = json.loads(fb_client_json)['web']['app_secret'] token_url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id={id}&client_secret={secret}&fb_exchange_token={token}'.format( id=app_id, secret=app_secret, token=access_token) h = httplib2.Http() result = h.request(token_url, 'GET')[1] # Getting long lived token base_url = 'https://graph.facebook.com/v2.4/me' token = result.split('&')[0] userinfo_url = base_url + '?{token}&fields=name,id,email'.format( token=token) h = httplib2.Http() user_result = h.request(userinfo_url, 'GET')[1] user_data = json.loads(user_result) login_session['provider'] = 'facebook' login_session['username'] = user_data['name'] login_session['email'] = user_data['email'] login_session['facebook_id'] = user_data['id'] stored_token = token.split('=')[1] login_session['access_token'] = stored_token pic_url = base_url + '/picture?{token}&redirect=0&height=200&width=200'.format( token=token) h = httplib2.Http() pic_result = h.request(pic_url, 'GET')[1] pic_data = json.loads(pic_result) login_session['picture'] = pic_data['data']['url'] # Check if user exists. # Gplus login and FB login can generate same user_id, if share same email. user_id = db.get_user_id(login_session['email']) if not user_id: user_id = db.create_user(login_session) login_session['user_id'] = user_id output = '' output += '<h1>Welcome, ' output += login_session['username'] output += '!</h1>' output += '<img src="' output += login_session['picture'] output += ' " style = "width: 300px; height: 300px;border-radius: 150px;-webkit-border-radius: 150px;-moz-border-radius: 150px;"> ' flash('Now logged in as {name}'.format(name=login_session['username'])) return output
def fbconnect(): """FB connect functionality.""" if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter'), 401) response.headers['Content-Type'] = 'application/json' return response # Exchange client token for long-lived server side token. access_token = request.data print 'Access token received {token}'.format(token=access_token) fb_client_json = open('fb_client_secrets.json', 'r').read() app_id = json.loads(fb_client_json)['web']['app_id'] app_secret = json.loads(fb_client_json)['web']['app_secret'] token_url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id={id}&client_secret={secret}&fb_exchange_token={token}'.format( id=app_id, secret=app_secret, token=access_token ) h = httplib2.Http() result = h.request(token_url, 'GET')[1] # Getting long lived token base_url = 'https://graph.facebook.com/v2.4/me' token = result.split('&')[0] userinfo_url = base_url + '?{token}&fields=name,id,email'.format(token=token) h = httplib2.Http() user_result = h.request(userinfo_url, 'GET')[1] user_data = json.loads(user_result) login_session['provider'] = 'facebook' login_session['username'] = user_data['name'] login_session['email'] = user_data['email'] login_session['facebook_id'] = user_data['id'] stored_token = token.split('=')[1] login_session['access_token'] = stored_token pic_url = base_url + '/picture?{token}&redirect=0&height=200&width=200'.format(token=token) h = httplib2.Http() pic_result = h.request(pic_url, 'GET')[1] pic_data = json.loads(pic_result) login_session['picture'] = pic_data['data']['url'] # Check if user exists. # Gplus login and FB login can generate same user_id, if share same email. user_id = db.get_user_id(login_session['email']) if not user_id: user_id = db.create_user(login_session) login_session['user_id'] = user_id output = '' output += '<h1>Welcome, ' output += login_session['username'] output += '!</h1>' output += '<img src="' output += login_session['picture'] output += ' " style = "width: 300px; height: 300px;border-radius: 150px;-webkit-border-radius: 150px;-moz-border-radius: 150px;"> ' flash('Now logged in as {name}'.format(name=login_session['username'])) return output