def get_long_term_token(short_token, compID, instance):
"""This function gets takes in a short term access token and trades it to
Facebook for a long term access token (expires in about 2 months).
Before it does so however, for security reasons, it verifies with Facebook
that the short term access token was actually generated by the Wix Calendar
app.
Once that is done and the long term token is received, it saves this
new token into the database along with the user's ID.
If a previously generated long term token is already in the database, it
verifies that this new token belongs to the same user as the old token
before updating the database entry.
"""
try:
graph = facebook.GraphAPI(fb_app_access_token)
verify = graph.get_object("/debug_token", input_token = short_token, \
access_token = fb_app_access_token)
verify_data = verify['data']
if (verify_data["is_valid"] and (verify_data["app_id"] == fb_app)):
user = get_settings(compID, instance)
if user and user.access_token_data:
access_token_data = loads(user.access_token_data)
if not access_token_data["user_id"] == verify_data["user_id"]:
return "Invalid Access Token"
graph = facebook.GraphAPI(short_token)
long_token = graph.extend_access_token(fb_app, fb_secret)
long_token["generated_time"] = str(int(time()))
long_token["user_id"] = verify_data["user_id"]
return long_token
except facebook.GraphAPIError, e:
print e.message
return "Facebook Error"
def post(self):
gc.collect()
settings = get_settings()
if not settings:
logging.error("Could not load settings")
self.abort(500)
return
if not validate_password(settings, self.request.get("password")):
logging.error("Could not validate password!")
self.abort(500)
return
cursor = self.request.get("cursor")
kind = self.request.get("kind")
if not kind:
logging.error("Kind parameter is required")
self.abort(500)
return
logging.info("Kind: %s", kind)
logging.info("Cursor: %s", cursor)
cls = type(str(kind), (db.Model,), dict())
qry = db.GqlQuery("SELECT * FROM %s" % kind)
qry.with_cursor(cursor)
now = lambda: int(time.time())
start = now()
bytes_written = 0
entity_count = 0
stop = False
checksum = hashlib.sha256(self.request.get("password"))
for ent in qry:
buf = str(model_to_protobuf(ent).SerializeToString())
s_str(self.response.out, buf)
checksum.update(buf)
entity_count += 1
bytes_written += len(buf) + 4
if bytes_written > MAX_RESULT_SIZE or now() - start > MAX_RUNNING_TIME:
break
else:
stop = True
logging.info("Entity count: %s\nBytes served: %s\nMore: %s", entity_count, bytes_written, not stop)
if not stop:
self.response.headers['X-Cursor'] = qry.cursor()
self.response.headers['X-Checksum'] = checksum.hexdigest()
self.response.headers['Content-Type'] = 'application/octet-stream'
def post(self):
settings = get_settings()
if not settings:
logging.error("Could not load settings")
self.abort(500)
return
if not validate_password(settings, self.request.get("password")):
logging.error("Could not validate password!")
self.abort(500)
return
kinds = list()
for kind in get_kinds():
if not (kind in settings.ignore_models or kind.startswith("_")):
kinds.append(kind)
self.response.headers['Content-Type'] = 'application/json-rpc'
json.dump(kinds, self.response.out)
def on_connect_ssh(self, port_list):
global current_pool
if current_pool is None:
process_count = models.get_settings()['process_count']
current_pool = self.pool = controllers.ProxyPool(
process_count, self.loop)
for ssh in models.get_ssh_list():
self.pool.add_ssh(ssh['ip'], ssh['username'], ssh['password'])
aws = [
self.pool.proxy_port(port, self.port_proxy_callback)
for port in port_list
]
try:
self.loop.run_until_complete(asyncio.gather(*aws, loop=self.loop))
except controllers.OutOfSSHError:
self.emit('out_of_ssh')
def on_settings(self, settings=None):
if settings is not None:
models.set_settings(settings)
else:
self.emit('settings', models.get_settings())
def get_event(request, compID, datatype):
"""This function handles all requests from the modal as well as gets event
data for the settings panel.
For the modal, it can get specific data on the event (e.g. cover photo,
event feed) as well as any basic event data.
It makes the assumption that if this request is being made, the user has
an entry in the database and will return an error is there is no entry.
Once it gets the appropiate data, it returns it to the client in a JSON
format.
It returns an appropiate error status code and corresponding message if
anything fails while getting the data.
"""
if (datatype == "all"):
instance = validate_get_request(request, "settings")
elif (datatype == "specific"):
info = validate_get_request(request, "modal")
else:
info = validate_get_request(request, "modalNeedingMoreFeed")
if (datatype != "all"):
instance = info["instance"]
event_id = info["event_id"]
desired_data = info["desired_data"]
if (datatype == "feed"):
object_id = info["object_id"]
after = info["after"]
until = info["until"]
db_entry = get_settings(compID, instance)
if db_entry is None:
abort(STATUS["Internal_Server_Error"], \
message= "Could Not Get Events")
if not (db_entry and db_entry.access_token_data):
abort(STATUS["Not_Found"], message="Could not find User")
access_token_data = json.loads(db_entry.access_token_data)
if (datatype == "all"):
event_data = get_all_event_data(access_token_data)
else:
access_token = access_token_data["access_token"]
if not (db_entry.events):
abort(STATUS["Not_Found"], message="User has no events to display")
events = json.loads(db_entry.events)
found = False
for event in events:
if event["eventId"] == event_id:
found = True
break
if (found):
if (datatype == "specific"):
event_data = get_specific_event(event_id, access_token, \
desired_data)
else:
event_data = get_more_feed(object_id, access_token, \
desired_data, after, until)
if not event_data:
abort(STATUS["Bad_Gateway"],
message="Couldn't receive data from Facebook")
else:
abort(STATUS["Forbidden"],
message="User cannot display this event")
if desired_data == "all":
settings = ""
if db_entry.settings:
settings = json.loads(db_entry.settings)
event_data = {"settings": settings, "event_data": event_data}
if not event_data:
abort(STATUS["Bad_Gateway"],
message="Couldn't receive data from Facebook")
return json.dumps(event_data)
def get_data(request, compID, request_from_widget):
"""This function handles all the getting of data from widget and settings
panel (exception: getting event data for settings panel).
Using the component ID and instance ID, it calls functions that make a
request to the database for the appropiate row. If no row exists, it returns
empty settings to the client (where they will be replaced with the
default settings).
Otherwise, depending on where the request is coming from (widget or
settings), it returns the appropiate data in a JSON format to the
client side.
It returns an appropiate error status code and corresponding message if
anything fails while getting the data.
"""
if (request_from_widget):
instance = validate_get_request(request, "widget")
else:
instance = validate_get_request(request, "settings")
db_entry = get_settings(compID, instance)
if db_entry is None:
abort(STATUS["Internal_Server_Error"], \
message= "Could Not Get Settings")
if not db_entry:
if request_from_widget:
empty_settings = {"settings" : "", \
"fb_event_data" : "", "active" : "false"}
else:
empty_settings = {"settings" : "", "events" : "", \
"active" : "false", "name" : "", "user_id" : ""}
empty_json = json.dumps(empty_settings)
return empty_json
else:
settings = ""
access_token_data = ""
events = ""
if db_entry.settings:
settings = json.loads(db_entry.settings)
if db_entry.events:
events = json.loads(db_entry.events)
if db_entry.access_token_data:
access_token_data = json.loads(db_entry.access_token_data)
if request_from_widget:
if access_token_data:
fb_event_data = get_event_data(events, access_token_data)
if (not fb_event_data) and (fb_event_data != []):
abort(STATUS["Bad_Gateway"],
message="Couldn't receive data from Facebook")
full_settings = {"settings" : settings, \
"fb_event_data" : fb_event_data, \
"active" : "true"}
else:
full_settings = {"settings" : settings, \
"fb_event_data" : "", "active" : "false"}
else:
if access_token_data:
user_id = access_token_data["user_id"]
name = get_user_name(access_token_data)
active = "true"
else:
active = "false"
user_id = ""
name = ""
full_settings = {"settings" : settings, "events" : events, \
"active" : active, "name" : name, "user_id" : user_id}
full_json = json.dumps(full_settings)
return full_json
def get_event(request, compID, datatype):
"""This function handles all requests from the modal as well as gets event
data for the settings panel.
For the modal, it can get specific data on the event (e.g. cover photo,
event feed) as well as any basic event data.
It makes the assumption that if this request is being made, the user has
an entry in the database and will return an error is there is no entry.
Once it gets the appropiate data, it returns it to the client in a JSON
format.
It returns an appropiate error status code and corresponding message if
anything fails while getting the data.
"""
if (datatype == "all"):
instance = validate_get_request(request, "settings")
elif (datatype == "specific"):
info = validate_get_request(request, "modal")
else:
info = validate_get_request(request, "modalNeedingMoreFeed")
if (datatype != "all"):
instance = info["instance"]
event_id = info["event_id"]
desired_data = info["desired_data"]
if (datatype == "feed"):
object_id = info["object_id"]
after = info["after"]
until = info["until"]
db_entry = get_settings(compID, instance)
if db_entry is None:
abort(STATUS["Internal_Server_Error"], \
message= "Could Not Get Events")
if not (db_entry and db_entry.access_token_data):
abort(STATUS["Not_Found"], message= "Could not find User")
access_token_data = json.loads(db_entry.access_token_data)
if (datatype == "all"):
event_data = get_all_event_data(access_token_data)
else:
access_token = access_token_data["access_token"]
if not (db_entry.events):
abort(STATUS["Not_Found"], message= "User has no events to display")
events = json.loads(db_entry.events)
found = False
for event in events:
if event["eventId"] == event_id:
found = True
break;
if (found):
if (datatype == "specific"):
event_data = get_specific_event(event_id, access_token, \
desired_data)
else:
event_data = get_more_feed(object_id, access_token, \
desired_data, after, until)
if not event_data:
abort(STATUS["Bad_Gateway"],
message="Couldn't receive data from Facebook")
else:
abort(STATUS["Forbidden"], message= "User cannot display this event")
if desired_data == "all":
settings = ""
if db_entry.settings:
settings = json.loads(db_entry.settings)
event_data = {"settings" : settings, "event_data" : event_data}
if not event_data:
abort(STATUS["Bad_Gateway"],
message="Couldn't receive data from Facebook")
return json.dumps(event_data)
def get_data(request, compID, request_from_widget):
"""This function handles all the getting of data from widget and settings
panel (exception: getting event data for settings panel).
Using the component ID and instance ID, it calls functions that make a
request to the database for the appropiate row. If no row exists, it returns
empty settings to the client (where they will be replaced with the
default settings).
Otherwise, depending on where the request is coming from (widget or
settings), it returns the appropiate data in a JSON format to the
client side.
It returns an appropiate error status code and corresponding message if
anything fails while getting the data.
"""
if (request_from_widget):
instance = validate_get_request(request, "widget")
else:
instance = validate_get_request(request, "settings")
db_entry = get_settings(compID, instance)
if db_entry is None:
abort(STATUS["Internal_Server_Error"], \
message= "Could Not Get Settings")
if not db_entry:
if request_from_widget:
empty_settings = {"settings" : "", \
"fb_event_data" : "", "active" : "false"}
else:
empty_settings = {"settings" : "", "events" : "", \
"active" : "false", "name" : "", "user_id" : ""}
empty_json = json.dumps(empty_settings)
return empty_json
else:
settings = ""
access_token_data = ""
events = ""
if db_entry.settings:
settings = json.loads(db_entry.settings)
if db_entry.events:
events = json.loads(db_entry.events)
if db_entry.access_token_data:
access_token_data = json.loads(db_entry.access_token_data)
if request_from_widget:
if access_token_data:
fb_event_data = get_event_data(events, access_token_data)
if (not fb_event_data) and (fb_event_data != []):
abort(STATUS["Bad_Gateway"],
message="Couldn't receive data from Facebook")
full_settings = {"settings" : settings, \
"fb_event_data" : fb_event_data, \
"active" : "true"}
else:
full_settings = {"settings" : settings, \
"fb_event_data" : "", "active" : "false"}
else:
if access_token_data:
user_id = access_token_data["user_id"]
name = get_user_name(access_token_data)
active = "true"
else:
active = "false"
user_id = ""
name = ""
full_settings = {"settings" : settings, "events" : events, \
"active" : active, "name" : name, "user_id" : user_id};
full_json = json.dumps(full_settings)
return full_json
def __init__(self, namespace):
super().__init__(namespace)
self.loop = asyncio.new_event_loop()
self.semaphore = asyncio.Semaphore(
models.get_settings()['process_count'], loop=self.loop)