def make_default_account(db, config): import platform from inbox.models.backends.gmail import GmailAccount from inbox.models.backends.gmail import GmailAuthCredentials from inbox.auth.gmail import OAUTH_SCOPE from inbox.models import Namespace ns = Namespace() account = GmailAccount( sync_host='{}:{}'.format(platform.node(), 0), email_address='*****@*****.**') account.namespace = ns account.create_emailed_events_calendar() account.refresh_token = 'faketoken' auth_creds = GmailAuthCredentials() auth_creds.client_id = config.get_required('GOOGLE_OAUTH_CLIENT_ID') auth_creds.client_secret = \ config.get_required('GOOGLE_OAUTH_CLIENT_SECRET') auth_creds.refresh_token = 'faketoken' auth_creds.g_id_token = 'foo' auth_creds.created_at = datetime.utcnow() auth_creds.updated_at = datetime.utcnow() auth_creds.gmailaccount = account auth_creds.scopes = OAUTH_SCOPE db.session.add(account) db.session.add(auth_creds) db.session.commit() return account
def add_fake_gmail_account( db_session, email_address="*****@*****.**", refresh_token="tearsofgold", password="******", ): import platform from inbox.models import Namespace from inbox.models.backends.gmail import GmailAccount with db_session.no_autoflush: namespace = Namespace() account = GmailAccount( email_address=email_address, refresh_token=refresh_token, sync_host=platform.node(), namespace=namespace, ) account.imap_password = password account.smtp_password = password db_session.add(account) db_session.commit() return account
def create_account(self, email_address, response): # This method assumes that the existence of an account for the # provider and email_address has been checked by the caller; # callers may have different methods of performing the check # (redwood auth versus bin/inbox-auth) namespace = Namespace() account = GmailAccount(namespace=namespace) account.create_emailed_events_calendar() return self.update_account(account, response)
def gmail_account(db): import platform from inbox.models import Namespace from inbox.models.backends.gmail import GmailAccount account = db.session.query(GmailAccount).first() if account is None: with db.session.no_autoflush: namespace = Namespace() account = GmailAccount(email_address='*****@*****.**', refresh_token='tearsofgold', sync_host=platform.node(), namespace=namespace) account.password = '******' db.session.add(account) db.session.commit() return account
def add_fake_gmail_account( db_session, email_address="*****@*****.**", refresh_token="tearsofgold", password="******" ): from inbox.models import Namespace from inbox.models.backends.gmail import GmailAccount import platform with db_session.no_autoflush: namespace = Namespace() account = GmailAccount( email_address=email_address, refresh_token=refresh_token, sync_host=platform.node(), namespace=namespace ) account.password = password db_session.add(account) db_session.commit() return account
def gmail_account(db): import platform from inbox.models import Namespace from inbox.models.backends.gmail import GmailAccount account = db.session.query(GmailAccount).first() if account is None: with db.session.no_autoflush: namespace = Namespace() account = GmailAccount( email_address='*****@*****.**', refresh_token='tearsofgold', sync_host=platform.node(), namespace=namespace) account.password = '******' db.session.add(account) db.session.commit() return account
def create_account(self, db_session, email_address, response): # Override create_account to persist the 'login hint' email_address # rather than the canonical email that is contained in response. # This allows us to trigger errors by authing with addresses of the # format: # [email protected] # Since verify_config throws an Exception if no specific case is # triggered, this account is never committed. namespace = Namespace() account = GmailAccount(namespace=namespace) account.email_address = email_address try: self.verify_config(account) except GmailSettingError as e: print e raise UserRecoverableConfigError(e) return account
def add_fake_gmail_account(db_session, email_address='*****@*****.**', refresh_token='tearsofgold', password='******'): from inbox.models import Account, Namespace from inbox.models.backends.gmail import GmailAccount import platform with db_session.no_autoflush: namespace = Namespace() account = GmailAccount(email_address=email_address, refresh_token=refresh_token, sync_host=platform.node(), namespace=namespace) account.password = password db_session.add(account) db_session.commit() return account
def make_default_account(db, config): import platform from inbox.models.backends.gmail import GmailAccount from inbox.models.backends.gmail import GmailAuthCredentials from inbox.auth.gmail import OAUTH_SCOPE from inbox.models import Namespace ns = Namespace() account = GmailAccount(sync_host=platform.node(), email_address='*****@*****.**') account.namespace = ns account.create_emailed_events_calendar() account.refresh_token = 'faketoken' auth_creds = GmailAuthCredentials() auth_creds.client_id = config.get_required('GOOGLE_OAUTH_CLIENT_ID') auth_creds.client_secret = \ config.get_required('GOOGLE_OAUTH_CLIENT_SECRET') auth_creds.refresh_token = 'faketoken' auth_creds.g_id_token = 'foo' auth_creds.created_at = datetime.utcnow() auth_creds.updated_at = datetime.utcnow() auth_creds.gmailaccount = account auth_creds.scopes = OAUTH_SCOPE db.session.add(account) db.session.add(auth_creds) db.session.commit() return account
def default_account(db): import platform from inbox.models.backends.gmail import GmailAccount from inbox.models import Namespace, Folder ns = Namespace() account = GmailAccount( sync_host=platform.node(), email_address='*****@*****.**') account.namespace = ns account.create_emailed_events_calendar() account.refresh_token = 'faketoken' account.inbox_folder = Folder(canonical_name='inbox', name='Inbox', account=account) account.sent_folder = Folder(canonical_name='sent', name='[Gmail]/Sent', account=account) account.drafts_folder = Folder(canonical_name='drafts', name='[Gmail]/Drafts', account=account) db.session.add(account) db.session.commit() return account
def make_default_account(db, config): import platform from inbox.models import Namespace from inbox.models.backends.gmail import GmailAccount ns = Namespace() account = GmailAccount( sync_host="{}:{}".format(platform.node(), 0), email_address="*****@*****.**", ) account.namespace = ns account.client_id = config.get_required("GOOGLE_OAUTH_CLIENT_ID") account.create_emailed_events_calendar() account.refresh_token = "faketoken" db.session.add(account) db.session.commit() return account
def create_account(self, db_session, email_address, response): email_address = response.get('email') # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) # We only get refresh tokens on initial login (or failed credentials) # otherwise, we don't force the login screen and therefore don't get a # refresh token back from google. new_refresh_token = response.get('refresh_token') if new_refresh_token: account.refresh_token = new_refresh_token else: if not account.refresh_token or account.sync_state == 'invalid': # We got a new auth without a refresh token, so we need to back # out and force the auth flow, since we don't already have # a refresh (or the one we have doesn't work.) raise OAuthError("Missing refresh token") tok = response.get('access_token') expires_in = response.get('expires_in') token_manager.cache_token(account, tok, expires_in) account.scope = response.get('scope') account.email_address = email_address account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.g_id_token = response.get('id_token') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') account.sync_contacts = response.get('contacts', True) account.sync_events = response.get('events', True) try: self.verify_config(account) except GmailSettingError as e: raise UserRecoverableConfigError(e) # Ensure account has sync enabled. account.enable_sync() # See if we've already stored this refresh token match = [auth_creds for auth_creds in account.auth_credentials if auth_creds.refresh_token == new_refresh_token] # For new refresh_tokens, create new GmailAuthCredentials entry if new_refresh_token and len(match) == 0: auth_creds = GmailAuthCredentials() auth_creds.gmailaccount = account auth_creds.scopes = response.get('scope') auth_creds.g_id_token = response.get('id_token') auth_creds.client_id = response.get('client_id') auth_creds.client_secret = response.get('client_secret') auth_creds.refresh_token = new_refresh_token return account
def create_account(db_session, email_address, response): # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) tok = response.get('access_token') expires_in = response.get('expires_in') account.set_access_token(tok, expires_in) account.refresh_token = response.get('refresh_token') account.scope = response.get('scope') account.email_address = response.get('email') account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.g_id_token = response.get('id_token') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') return account
def create_account(self, db_session, email_address, response): email_address = response.get('email') # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) # We only get refresh tokens on initial login (or failed credentials) # otherwise, we don't force the login screen and therefore don't get a # refresh token back from google. new_refresh_token = response.get('refresh_token') if new_refresh_token: account.refresh_token = new_refresh_token else: if not account.refresh_token or account.sync_state == 'invalid': # We got a new auth without a refresh token, so we need to back # out and force the auth flow, since we don't already have # a refresh (or the one we have doesn't work.) raise OAuthError("Missing refresh token") tok = response.get('access_token') expires_in = response.get('expires_in') token_manager.cache_token(account, tok, expires_in) account.scope = response.get('scope') account.email_address = email_address account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.g_id_token = response.get('id_token') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') account.sync_contacts = response.get('contacts', True) account.sync_events = response.get('events', True) try: self.verify_config(account) except GmailSettingError as e: raise UserRecoverableConfigError(e) # Ensure account has sync enabled. account.enable_sync() # See if we've already stored this refresh token match = [ auth_creds for auth_creds in account.auth_credentials if auth_creds.refresh_token == new_refresh_token ] # For new refresh_tokens, create new GmailAuthCredentials entry if new_refresh_token and len(match) == 0: auth_creds = GmailAuthCredentials() auth_creds.gmailaccount = account auth_creds.scopes = response.get('scope') auth_creds.g_id_token = response.get('id_token') auth_creds.client_id = response.get('client_id') auth_creds.client_secret = response.get('client_secret') auth_creds.refresh_token = new_refresh_token return account
def create_account(db_session, response): email_address = response.get('email') # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) # We only get refresh tokens on initial login (or failed credentials) # otherwise, we don't force the login screen and therefore don't get a # refresh token back from google. new_refresh_token = response.get('refresh_token') if new_refresh_token: account.refresh_token = new_refresh_token tok = response.get('access_token') expires_in = response.get('expires_in') account.set_access_token(tok, expires_in) account.scope = response.get('scope') account.email_address = email_address account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.g_id_token = response.get('id_token') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') return account
def create_account(self, db_session, email_address, response): email_address = response.get('email') # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) # We only get refresh tokens on initial login (or failed credentials) # otherwise, we don't force the login screen and therefore don't get a # refresh token back from google. new_refresh_token = response.get('refresh_token') if new_refresh_token: account.refresh_token = new_refresh_token else: if (len(account.valid_auth_credentials) == 0 or account.sync_state == 'invalid'): # We got a new auth without a refresh token, so we need to back # out and force the auth flow, since we don't already have # a refresh (or the ones we have don't work.) raise OAuthError("No valid refresh tokens") account.email_address = email_address account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.sync_email = (account.sync_email or response.get('sync_email', True)) account.sync_contacts = (account.sync_contacts or response.get('contacts', True)) account.sync_events = (account.sync_events or response.get('events', True)) # These values are deprecated and should not be used, along # with the account's refresh_token. Access all these values # through the GmailAuthCredentials objects instead. account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') account.scope = response.get('scope') account.g_id_token = response.get('id_token') # Don't need to actually save these now # tok = response.get('access_token') # expires_in = response.get('expires_in') client_id = response.get('client_id') or OAUTH_CLIENT_ID client_secret = response.get('client_secret') or OAUTH_CLIENT_SECRET if new_refresh_token: # See if we already have credentials for this client_id/secret # pair. If those don't exist, make a new GmailAuthCredentials auth_creds = next( (auth_creds for auth_creds in account.auth_credentials if (auth_creds.client_id == client_id and auth_creds.client_secret == client_secret)), GmailAuthCredentials()) auth_creds.gmailaccount = account auth_creds.scopes = response.get('scope') auth_creds.g_id_token = response.get('id_token') auth_creds.client_id = client_id auth_creds.client_secret = client_secret auth_creds.refresh_token = new_refresh_token auth_creds.is_valid = True try: self.verify_config(account) except ImapSupportDisabledError: if account.sync_email: raise # Ensure account has sync enabled. account.enable_sync() return account
def add_new_user(): response = {} encoder = APIEncoder() data = request.get_json(force=True) email_address = data.get('email_address') password = data.get('password') auth_details = data.get('auth_details') reauth = data.get('reauth') target = data.get('target', 0) if not email_address: response['error'] = 'Missing key - "email_address"!' return encoder.jsonify(response) shard_id = target << 48 with session_scope(shard_id) as db_session: account = db_session.query(Account).filter_by( email_address=email_address).first() if account is not None and not reauth: response['error'] = 'Already have this account!' return encoder.jsonify(response) auth_info = {} provider = provider_from_address(email_address) if 'gmail' in provider: auth_handler = handler_from_provider(provider) response['oauth_url'] = auth_handler.get_oauth_url(email_address) response['links'] = {'confirm_url': request.url + '/confirm_oauth'} namespace = Namespace() account = GmailAccount(namespace=namespace) account.sync_should_run = False account.refresh_token = '_placeholder_' account.email_address = email_address else: if not password: response['error'] = 'Missing key - "password"!' return encoder.jsonify(response) auth_info['email'] = email_address auth_info['password'] = password if provider != 'unknown': auth_handler = handler_from_provider(provider) auth_info['provider'] = provider try: if reauth: account = auth_handler.update_account( account, auth_info) else: account = auth_handler.create_account( email_address, auth_info) except Exception as e: response['error'] = e.msg else: auth_info['provider'] = 'custom' auth_handler = handler_from_provider('custom') if not auth_details: auth_info.update( try_fill_config_data(email_address, password)) else: auth_info.update(auth_details) try: if reauth: account = auth_handler.update_account( account, auth_info) else: account = auth_handler.create_account( email_address, auth_info) except Exception as e: response['error'] = str(e) try: auth_handler.verify_account(account) response['data'] = 'OK. Authenticated account for {}'.format( email_address) except Exception as e: response['error'] = str(e) db_session.add(account) db_session.commit() return encoder.jsonify(response)
def create_account(self, db_session, email_address, response): email_address = response.get('email') # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) # We only get refresh tokens on initial login (or failed credentials) # otherwise, we don't force the login screen and therefore don't get a # refresh token back from google. new_refresh_token = response.get('refresh_token') if new_refresh_token: account.refresh_token = new_refresh_token else: if (len(account.valid_auth_credentials) == 0 or account.sync_state == 'invalid'): # We got a new auth without a refresh token, so we need to back # out and force the auth flow, since we don't already have # a refresh (or the ones we have don't work.) raise OAuthError("No valid refresh tokens") account.email_address = email_address account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.sync_contacts = (account.sync_contacts or response.get('contacts', True)) account.sync_events = (account.sync_events or response.get('events', True)) # These values are deprecated and should not be used, along # with the account's refresh_token. Access all these values # through the GmailAuthCredentials objects instead. account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') account.scope = response.get('scope') account.g_id_token = response.get('id_token') # Don't need to actually save these now # tok = response.get('access_token') # expires_in = response.get('expires_in') client_id = response.get('client_id') or OAUTH_CLIENT_ID client_secret = response.get('client_secret') or OAUTH_CLIENT_SECRET if new_refresh_token: # See if we already have credentials for this client_id/secret # pair. If those don't exist, make a new GmailAuthCredentials auth_creds = next( (auth_creds for auth_creds in account.auth_credentials if (auth_creds.client_id == client_id and auth_creds.client_secret == client_secret)), GmailAuthCredentials()) auth_creds.gmailaccount = account auth_creds.scopes = response.get('scope') auth_creds.g_id_token = response.get('id_token') auth_creds.client_id = client_id auth_creds.client_secret = client_secret auth_creds.refresh_token = new_refresh_token auth_creds.is_valid = True db_session.add(auth_creds) self.verify_config(account) # Ensure account has sync enabled. account.enable_sync() return account
def create_account(self, db_session, email_address, response): email_address = response.get('email') # See if the account exists in db, otherwise create it try: account = db_session.query(GmailAccount) \ .filter_by(email_address=email_address).one() except NoResultFound: namespace = Namespace() account = GmailAccount(namespace=namespace) # We only get refresh tokens on initial login (or failed credentials) # otherwise, we don't force the login screen and therefore don't get a # refresh token back from google. new_refresh_token = response.get('refresh_token') if new_refresh_token: account.refresh_token = new_refresh_token else: if not account.refresh_token or account.sync_state == 'invalid': # We got a new auth without a refresh token, so we need to back # out and force the auth flow, since we don't already have # a refresh (or the one we have doesn't work.) raise OAuthError("Missing refresh token") tok = response.get('access_token') expires_in = response.get('expires_in') token_manager.cache_token(account, tok, expires_in) account.scope = response.get('scope') account.email_address = email_address account.family_name = response.get('family_name') account.given_name = response.get('given_name') account.name = response.get('name') account.gender = response.get('gender') account.g_id = response.get('id') account.g_user_id = response.get('user_id') account.g_id_token = response.get('id_token') account.link = response.get('link') account.locale = response.get('locale') account.picture = response.get('picture') account.home_domain = response.get('hd') account.client_id = response.get('client_id') account.client_secret = response.get('client_secret') account.sync_contacts = response.get('contacts', True) account.sync_events = response.get('events', True) try: self.verify_config(account) except GmailSettingError as e: raise UserRecoverableConfigError(e) # Hack to ensure that account syncs get restarted if they were stopped # because of e.g. invalid credentials and the user re-auths. # TODO(emfree): remove after status overhaul. if account.sync_state != 'running': account.sync_state = None return account