def callback(self): session = ndb.Key(urlsafe=self.request.params['state']).get() credentials = session.flow.step2_exchange(self.request.params['code']) OAuth2UserCredentials.create(user=self.user, scopes=session.scopes, credentials=credentials, admin=session.admin) session.key.delete() # No need for the session any longer return self.redirect(str(session.redirect))
def callback(self): session = ndb.Key(urlsafe=self.request.params['state']).get() credentials = session.flow.step2_exchange(self.request.params['code']) OAuth2UserCredentials.create( user=self.user, scopes=session.scopes, credentials=credentials, admin=session.admin ) session.key.delete() # No need for the session any longer return self.redirect(str(session.redirect))
def provide_credentials(method, handler, *args, **kwargs): """ Similar to :func:`require_credentials` but instead of automatically redirecting the user when credentials are required it allows you to take your own action. You can use :meth:`OAuth.has_credentials()` to interrogate. """ oauth = handler.components.oauth user_credentials = OAuth2UserCredentials.find(user=handler.user, scopes=oauth.scopes, admin=False) oauth._user_credentials = user_credentials return method(handler, *args, **kwargs)
def provide_credentials(method, controller, *args, **kwargs): """ Similar to :func:`require_credentials` but instead of automatically redirecting the user when credentials are required it allows you to take your own action. You can use :meth:`OAuth.has_credentials()` to interrogate. """ oauth = controller.components.oauth user_credentials = OAuth2UserCredentials.find(user=controller.user, scopes=oauth.scopes, admin=False) oauth._user_credentials = user_credentials return method(controller, *args, **kwargs)
def require_admin_credentials(method, handler, *args, **kwargs): """ Requires that valid credentials exist for the administrator before executing the handler. Will redirect the user for authorization if the user is an admin. """ oauth = handler.components.oauth user_credentials = OAuth2UserCredentials.find(scopes=oauth.scopes, admin=True) oauth._user_credentials = user_credentials if not oauth.has_credentials(): return handler.redirect(oauth.authorization_url(admin=True)) try: return method(handler, *args, **kwargs) except AccessTokenRefreshError: return handler.redirect(oauth.authorization_url(admin=True))
def test_credential_storage(self): user1 = users.User("*****@*****.**") user2 = users.User("*****@*****.**") assert UserCredentials.query().count() == 0 UserCredentials.create(user=user1, scopes=['a', 'c', 'b'], credentials=None, admin=False) UserCredentials.create(user=user2, scopes=['e', 'f', 'g'], credentials=None, admin=True) assert UserCredentials.query().count() == 2 assert find_credentials(user=user1, scopes=[ 'a', 'b', 'c' ]), "Should find out of order scopes credentials" assert find_credentials(user=user1, scopes=['a', 'c', 'b']), "Should find credentials" assert not find_credentials(user=user1, scopes=[ 'a', 'b', 'd' ]), "Should not find credentials when scopes don't match" assert not find_credentials( user=user1, scopes=['a', 'b', 'c'], admin=True), "Should not find credentials that aren't admin" UserCredentials.create(user=user1, scopes=['a', 'c', 'b'], credentials=None, admin=False) assert UserCredentials.query().count( ) == 2, "Should overwrite existing credentials" assert find_credentials(scopes=['e', 'g', 'f'], admin=True), "Should find admin scopes"
def require_admin_credentials(method, controller, *args, **kwargs): """ Requires that valid credentials exist for the administrator before executing the controller. Will redirect the user for authorization if the user is an admin. """ oauth = controller.components.oauth user_credentials = OAuth2UserCredentials.find(scopes=oauth.scopes, admin=True) oauth._user_credentials = user_credentials if not oauth.has_credentials(): return controller.redirect(oauth.authorization_url(admin=True)) try: return method(controller, *args, **kwargs) except AccessTokenRefreshError: return controller.redirect(oauth.authorization_url(admin=True))
def require_credentials(method, handler, *args, **kwargs): """ Requires that valid credentials exist for the current user before executing the handler. Will redirect the user for authorization. User handler.oauth_scopes to specify which scopes are required. """ oauth = handler.components.oauth user_credentials = OAuth2UserCredentials.find(user=handler.user, scopes=oauth.scopes, admin=False) oauth._user_credentials = user_credentials if not oauth.has_credentials(): return handler.redirect(oauth.authorization_url(admin=False, force_prompt=oauth.force_prompt)) try: return method(handler, *args, **kwargs) except AccessTokenRefreshError: return handler.redirect(oauth.authorization_url(admin=False, force_prompt=oauth.force_prompt))
def test_credential_storage(self): user1 = users.User("*****@*****.**") user2 = users.User("*****@*****.**") assert UserCredentials.query().count() == 0 UserCredentials.create( user=user1, scopes=['a', 'c', 'b'], credentials=None, admin=False ) UserCredentials.create( user=user2, scopes=['e', 'f', 'g'], credentials=None, admin=True ) assert UserCredentials.query().count() == 2 assert find_credentials(user=user1, scopes=['a', 'b', 'c']), "Should find out of order scopes credentials" assert find_credentials(user=user1, scopes=['a', 'c', 'b']), "Should find credentials" assert not find_credentials(user=user1, scopes=['a', 'b', 'd']), "Should not find credentials when scopes don't match" assert not find_credentials(user=user1, scopes=['a', 'b', 'c'], admin=True), "Should not find credentials that aren't admin" UserCredentials.create( user=user1, scopes=['a', 'c', 'b'], credentials=None, admin=False ) assert UserCredentials.query().count() == 2, "Should overwrite existing credentials" assert find_credentials(scopes=['e', 'g', 'f'], admin=True), "Should find admin scopes"
def callback(self): session = ndb.Key(urlsafe=self.request.params['state']).get() credentials = session.flow.step2_exchange(self.request.params['code']) # Delete any old credentials old_credentials = OAuth2UserCredentials.find_all(user=self.user, scopes=session.scopes, admin=session.admin) for x in old_credentials: x.key.delete() # Save the new ones user_credentials = OAuth2UserCredentials( user=self.user, scopes=session.scopes, credentials=credentials, admin=session.admin ) user_credentials.put() session.key.delete() # No need for the session any longer return self.redirect(str(session.redirect))
def require_credentials(method, controller, *args, **kwargs): """ Requires that valid credentials exist for the current user before executing the controller. Will redirect the user for authorization. User controller.oauth_scopes to specify which scopes are required. """ oauth = controller.components.oauth user_credentials = OAuth2UserCredentials.find(user=controller.user, scopes=oauth.scopes, admin=False) oauth._user_credentials = user_credentials if not oauth.has_credentials(): return controller.redirect( oauth.authorization_url(admin=False, force_prompt=oauth.force_prompt)) try: return method(controller, *args, **kwargs) except AccessTokenRefreshError: return controller.redirect( oauth.authorization_url(admin=False, force_prompt=oauth.force_prompt))
def callback(self): session = ndb.Key(urlsafe=self.request.params['state']).get() credentials = session.flow.step2_exchange(self.request.params['code']) # Delete any old credentials old_credentials = OAuth2UserCredentials.find_all(user=self.user, scopes=session.scopes, admin=session.admin) for x in old_credentials: x.key.delete() # Save the new ones user_credentials = OAuth2UserCredentials(user=self.user, scopes=session.scopes, credentials=credentials, admin=session.admin) user_credentials.put() session.key.delete() # No need for the session any longer return self.redirect(str(session.redirect))
def admin_list(self): self.set( credentials=UserCredentials.query().order(-UserCredentials.admin))
def admin_list(self): self.context['credentials'] = UserCredentials.query().order(-UserCredentials.admin)
def admin_list(self): self.set(credentials=UserCredentials.query().order(-UserCredentials.admin))
def admin_list(self): self.context['credentials'] = UserCredentials.query().order(-UserCredentials.admin)