def oauth_callback(request):
print 'In oauth_callback'
oauth_token = request.GET['oauth_token']
oauth_secret = request.GET['oauth_token_secret']
oauth_verifier = request.GET['oauth_verifier']
request_token = OAuthToken(oauth_token, oauth_secret)
request_token.set_verifier(oauth_verifier)
request.session['request_token'] = request_token
# We do this before we redirect so that there's no "limbo" state where the
# user has a request token but no access token.
access_token = CLIENT.fetch_access_token(request_token)
request.session['oauth_token_string'] = access_token.to_string()
print "Access token is %s" % access_token.to_string()
profile = request.user.get_profile()
profile.access_token = access_token.to_string()
profile.save()
print "Your account has been associated with Khan Academy username %s" % access_token.to_string()
# We're done authenticating, and the credentials are now stored in the
# session. We can redirect back home.
return HttpResponseRedirect('/homeroom')
def do_GET(self):
global REQUEST_TOKEN
params = cgi.parse_qs(self.path.split('?', 1)[1], keep_blank_values=False)
REQUEST_TOKEN = OAuthToken(params['oauth_token'][0], params['oauth_token_secret'][0])
REQUEST_TOKEN.set_verifier(params['oauth_verifier'][0])
self.send_response(200)
self.send_header('Content-Type', 'text/plain')
self.end_headers()
self.wfile.write('OAuth request token fetched; you can close this window.')
def do_GET(self):
global REQUEST_TOKEN
params = cgi.parse_qs(self.path.split("?", 1)[1], keep_blank_values=False)
REQUEST_TOKEN = OAuthToken(params["oauth_token"][0], params["oauth_token_secret"][0])
REQUEST_TOKEN.set_verifier(params["oauth_verifier"][0])
self.send_response(200)
self.send_header("Content-Type", "text/plain")
self.end_headers()
self.wfile.write("OAuth request token fetched; you can close this window.")
def do_GET(self):
global REQUEST_TOKEN
params = cgi.parse_qs(self.path.split('?', 1)[1], keep_blank_values=False)
REQUEST_TOKEN = OAuthToken(params['oauth_token'][0], params['oauth_token_secret'][0])
REQUEST_TOKEN.set_verifier(params['oauth_verifier'][0])
self.send_response(200)
self.send_header('Content-Type', 'text/plain')
self.end_headers()
self.wfile.write('OAuth request token fetched; you can close this window.')
def make_request_token_and_authorization_url(self, callback_url):
response = self.get("/oauth/request_token", prefix="").read()
print response
token = OAuthToken.from_string(response)
request = OAuthRequest.from_token_and_callback(token=token, callback=callback_url, http_url='http://%s/oauth/authorize' % self.authority)
return [token, request.to_url()]
def exchange_request_token_for_access_token(self, request_token, verifier):
parameters = {"oauth_verifier": verifier}
oauth_request = self.build_oauth_request(
self.get_access_token_url(), request_token, parameters=parameters
)
response = self.execute(oauth_request)
return OAuthToken.from_string(response)
def get_access_token(self, request_token):
url = API_HOME + '/oauth/access_token'
client = OAuthClient(self.consumer, token=request_token)
resp, content = client.request(url)
if resp['status'] != '200':
raise Exception("Invalid response %s." % resp['status'])
return OAuthToken.from_string(content)
def execute_khan_api_method(profile_access_token, api_method, cache_timeout=(60 * 60 * 2),
force_refresh=False, return_raw_text=False, user_id=None,
disk_cache=True, cache_per_user=True):
cache_key = ""
_chosen_cache = get_cache('default')
if disk_cache:
_chosen_cache = get_cache('disk')
if cache_per_user:
if user_id is not None:
cache_key = "%s^%s^%s" % (user_id, api_method, return_raw_text)
else:
cache_key = "%s^%s^%s" % (profile_access_token, api_method, return_raw_text)
else:
cache_key = "%s^%s" % (api_method, return_raw_text)
cache_key = cache_key.replace("/","^")
cache_key = cache_key.replace(".","^")
cache_key = cache_key.replace(":","^")
cache_key = cache_key.replace(" ","^")
cache_hit = False
result_data = _chosen_cache.get(cache_key)
if force_refresh or result_data is None:
resource = CLIENT.access_api_resource(
api_method,
access_token = OAuthToken.from_string(profile_access_token),
method = "GET"
)
text = resource['body']
# Error messages can contain HTML. Escape them so they're not rendered.
is_html = has_text_html_header(resource['headers'])
if is_html:
text = cgi.escape(text)
print text
try:
if return_raw_text:
result_data = text
else:
result_data = simplejson.loads(text)
_chosen_cache.set(cache_key, result_data, cache_timeout)
except:
print "exception storing in cache"
else:
# print "Got json data from cache!"
cache_hit = True
if not cache_hit:
# update local tables with fresh data
print "(cache not hit or is empty: Update local tables with data)"
return result_data
def fireeagle( request ):
if request.user.fireeagle_token:
if 'next' in request.session:
next = request.session['next']
del request.session['next']
else:
next = "/"
return HttpResponseRedirect( next )
if not 'oauth_token' in request.GET:
apptoken = fe.request_token()
request.session['apptoken'] = apptoken.to_string()
auth_url = fe.authorize( apptoken )
if request.session['mobile']:
auth_url = re.sub(r'https://fireeagle.yahoo.net/', "https://m.fireeagle.yahoo.net/", auth_url)
logging.info("Redirecting to %s for auth"%auth_url)
return HttpResponseRedirect( auth_url )
else:
apptoken = OAuthToken.from_string( request.session['apptoken'] )
user_token = fe.access_token( apptoken )
request.user.fireeagle_token = user_token.to_string()
request.user.location_from_fireeagle( fe )
request.user.save()
if 'next' in request.session:
next = request.session['next']
del request.session['next']
else:
next = "/"
return HttpResponseRedirect( next )
def exchange_request_token_for_access_token(self, token):
oauth_request = OAuthRequest.from_consumer_and_token(self.consumer,
token=token, http_url=URL_OAUTH_ACCESS_TOKEN)
oauth_request.sign_request(self.signature_method, self.consumer,
token)
resp = self.oauth_fetch(oauth_request, raw=True)
self.access_token = OAuthToken.from_string(resp)
return self.access_token
def get_request_token(self, callback=None):
url = API_HOME + '/oauth/request_token'
client = OAuthClient(self.consumer)
resp, content = client.request(url, callback=callback,
force_auth_header=False)
if resp['status'] != '200':
raise Exception("Invalid response %s." % resp['status'])
return OAuthToken.from_string(content)
def fetch_request_token(self, oauth_request):
# via headers
# -> OAuthToken
self.connection.request(oauth_request.http_method, self.request_token_url, headers=oauth_request.to_header())
response = self.connection.getresponse()
if response.status != 200:
raise Exception("Error making request: " + str(response.read()))
return OAuthToken.from_string(response.read())
def oauth_callback():
oauth_token = request.args.get('oauth_token', '')
oauth_secret = request.args.get('oauth_token_secret', '')
oauth_verifier = request.args.get('oauth_verifier', '')
request_token = OAuthToken(oauth_token, oauth_secret)
request_token.set_verifier(oauth_verifier)
session['request_token'] = request_token
# We do this before we redirect so that there's no "limbo" state where the
# user has a request token but no access token.
access_token = CLIENT.fetch_access_token(request_token)
session['oauth_token_string'] = access_token.to_string()
# We're done authenticating, and the credentials are now stored in the
# session. We can redirect back home.
return redirect(url_for('.index'))
def oauth_callback():
oauth_token = request.args.get('oauth_token', '')
oauth_secret = request.args.get('oauth_token_secret', '')
oauth_verifier = request.args.get('oauth_verifier', '')
request_token = OAuthToken(oauth_token, oauth_secret)
request_token.set_verifier(oauth_verifier)
session['request_token'] = request_token
# We do this before we redirect so that there's no "limbo" state where the
# user has a request token but no access token.
access_token = CLIENT.fetch_access_token(request_token)
session['oauth_token_string'] = access_token.to_string()
# We're done authenticating, and the credentials are now stored in the
# session. We can redirect back home.
return redirect(url_for('.index'))
def get_unauthorized_request_token(self, oauth_callback=None):
parameters = {}
if oauth_callback:
parameters = {"oauth_callback": oauth_callback}
oauth_request = self.build_oauth_request(
self.get_request_token_url(), parameters = parameters
)
response = self.execute(oauth_request)
return OAuthToken.from_string(response)
def is_authenticated(self, access_token):
if not isinstance(access_token, OAuthToken):
access_token = OAuthToken.from_string(access_token)
oauth_request = self.build_oauth_request(self.check_auth_url, access_token)
response = json.loads(self.execute(oauth_request))
if "screen_name" in response:
self.set_access_token(access_token)
return response["screen_name"]
return False
def fetch_access_token(self, oauth_request):
# via headers
# -> OAuthToken
self.connection.request(oauth_request.http_method, self.access_token_url, headers=oauth_request.to_header())
response = self.connection.getresponse()
if response.status != 200:
logging.warn("Error temp cred -- response from server:\n" + response.read())
raise Exception("Error: did not get a temp cred. Response code=" + str(response.status))
return OAuthToken.from_string(response.read())
def fetch_request_token(self, oauth_request):
# via headers
# -> OAuthToken
self.connection.request(oauth_request.http_method,
self.request_token_url,
headers=oauth_request.to_header())
response = self.connection.getresponse()
if (response.status != 200):
raise Exception('Error making request: ' + str(response.read()))
return OAuthToken.from_string(response.read())
def oauth_callback():
oauth_token = request.args.get("oauth_token", "")
oauth_secret = request.args.get("oauth_token_secret", "")
oauth_verifier = request.args.get("oauth_verifier", "")
request_token = OAuthToken(oauth_token, oauth_secret)
request_token.set_verifier(oauth_verifier)
session["request_token"] = request_token.to_string()
oauth_request = OAuthRequest.from_consumer_and_token(
consumer,
token=request_token,
http_url='http://www.khanacademy.org/api/auth/access_token',
callback=None,
parameters=None,
verifier=request_token.verifier
)
oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, request_token)
r = requests.get(oauth_request.to_url())
access_token = OAuthToken.from_string(r.text)
session['oauth_token'] = access_token.to_string()
return redirect(url_for("index"))
def fetch_access_token(self, request_token):
oauth_request = OAuthRequest.from_consumer_and_token(
self.consumer, token=request_token, http_url="%s/api/auth/access_token" % self.server_url
)
oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), self.consumer, request_token)
response = get_response(oauth_request.to_url())
return OAuthToken.from_string(response)
def access_token():
try:
token_string = session['oauth_token_string']
except KeyError:
token_string = None
# Sanity check.
if not token_string:
clear_session()
return None
return OAuthToken.from_string(token_string)
def return_helper(self, request, **kwargs):
from django.http import Http404
if not "request_token" in request.session:
raise Http404()
token = OAuthToken.from_string(request.session["request_token"])
del request.session["request_token"]
if token.key != request.GET.get("oauth_token", "no-token"):
raise Http404()
verifier = request.GET["oauth_verifier"]
access_token = self.exchange_request_token_for_access_token(token, verifier)
request.session["access_token"] = access_token.to_string()
def get_request_token():
global REQUEST_TOKEN
client = TestOAuthClient(SERVER_URL, CONSUMER_KEY, CONSUMER_SECRET)
client.start_fetch_request_token()
print "After logging in and authorizing, input token key and secret..."
request_token_key = raw_input("request token: ")
request_token_secret = raw_input("request token secret: ")
REQUEST_TOKEN = OAuthToken(request_token_key, request_token_secret)
def access_token():
try:
token_string = session['oauth_token_string']
except KeyError:
token_string = None
# Sanity check.
if not token_string:
clear_session()
return None
return OAuthToken.from_string(token_string)
def fetch_access_token(self, request_token):
oauth_request = OAuthRequest.from_consumer_and_token(
self.consumer,
token=request_token,
http_url="%s/api/auth/access_token" % self.server_url)
oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(),
self.consumer, request_token)
response = get_response(oauth_request.to_url())
return OAuthToken.from_string(response)
def fetch_access_token(self, oauth_request):
# via headers
# -> OAuthToken
self.connection.request(oauth_request.http_method,
self.access_token_url,
headers=oauth_request.to_header())
response = self.connection.getresponse()
if response.status != 200:
logging.warn('Error temp cred -- response from server:\n' +
response.read())
raise Exception('Error: did not get a temp cred. Response code=' +
str(response.status))
return OAuthToken.from_string(response.read())
def auth(self, request_token, verifier):
self.request_token = OAuthToken.from_string(request_token)
request = OAuthRequest.from_consumer_and_token(
self.consumer,
token=self.request_token,
http_url=self.access_token_url,
verifier=str(verifier)
)
request.sign_request(
OAuthSignatureMethod_HMAC_SHA1(),
self.consumer,
self.request_token
)
#if mode == 'header':
# resp = urllib2.urlopen(urllib2.Request(url, headers=request.to_header()))
#else:
# resp = urllib2.urlopen(urllib2.Request(request.to_url()))
resp = urllib2.urlopen(urllib2.Request(request.to_url()))
string = resp.read()
access_token = OAuthToken.from_string(string)
self.access_token = access_token
self._process_access_token(string)
def access_token(session):
try:
token_string = session['oauth_token_string']
except KeyError:
print 'Got key error'
token_string = None
# Sanity check.
if not token_string:
print 'Not token string'
clear_session(session)
return None
oauth_token = OAuthToken.from_string(token_string)
print 'Oauth token %s' % oauth_token
return oauth_token
def get_auth_url(self):
""" """
request = OAuthRequest.from_consumer_and_token(
self.consumer,
http_url = self.request_token_url,
callback = self.callback)
request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), self.consumer, None)
resp = urllib2.urlopen(urllib2.Request( request.to_url()))
token = resp.read()
request_token = OAuthToken.from_string(token)
self.request_token = request_token
request = OAuthRequest.from_token_and_callback(
token=request_token, http_url=self.authenticate_url,
callback = self.callback
)
return request.to_url()
def get_access_token_from_user():
client = TestOAuthClient(consts.SERVER_URL, consts.CONSUMER_KEY,
consts.CONSUMER_SECRET)
client.start_fetch_request_token()
print "After logging in and authorizing, input token key and secret..."
request_token_key = raw_input("request token: ")
request_token_secret = raw_input("request token secret: ")
request_token = OAuthToken(request_token_key, request_token_secret)
if not request_token:
raise IOError("Did not get request token.")
print "Fetching access token..."
access_token = client.fetch_access_token(request_token)
if not access_token:
raise IOError("Did not get access token.")
return access_token
def finish_auth(request):
"""
Step 2 of the oauth authentication: use the REQUEST_TOKEN to get an ACCESS_TOKEN
"""
params = request.GET
try:
request.session["REQUEST_TOKEN"] = OAuthToken(params['oauth_token'], params['oauth_token_secret'])
request.session["REQUEST_TOKEN"].set_verifier(params['oauth_verifier'])
except MultiValueDictKeyError as e:
# we just want to generate a 500 anyway;
# nothing we could do here except give a slightly more meaningful error
raise e
logging.debug("Getting access token.")
client = TestOAuthClient(KHAN_SERVER_URL, settings.KHAN_API_CONSUMER_KEY, settings.KHAN_API_CONSUMER_SECRET)
request.session["ACCESS_TOKEN"] = client.fetch_access_token(request.session["REQUEST_TOKEN"])
if not request.session["ACCESS_TOKEN"]:
raise Exception("Did not get access token.")
return request.session["ACCESS_TOKEN"]
def index():
access_token = session.get('oauth_token')
if access_token is None:
return redirect(url_for('login'))
full_url='http://www.khanacademy.org/api/v1/user'
url=urlparse.urlparse(full_url)
query_params = cgi.parse_qs(url.query)
for key in query_params:
query_params[key] = query_params[key][0]
token=OAuthToken.from_string(access_token)
oauth_request = OAuthRequest.from_consumer_and_token(
consumer,
token=token,
http_url='http://www.khanacademy.org/api/v1/user',
parameters=query_params,
http_method='GET'
)
oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, token)
r = requests.get(oauth_request.to_url()).content
data=json.loads(r)
return render_template("index.html", email=str(data['student_summary']['email']))
def auth_return(request):
"""Get the access token back from Twitter and load user info"""
auth_broken_msg = _(u"Authentication with Twitter went wrong."
u" <a href=\"/\">Start over</a>.")
unauthed_token = request.session.get("unauthed_token", None)
if not unauthed_token:
return fail(request, auth_broken_msg)
token = OAuthToken.from_string(unauthed_token)
if token.key != request.GET.get("oauth_token", "no-token"):
return fail(request, auth_broken_msg)
tw = Twitter()
access_token = tw.exchange_request_token_for_access_token(token)
request.session["access_token"] = access_token.to_string()
u = tw.verify_credentials()
log.info(u"%s logged in, following %s" % (u["screen_name"],
u["friends_count"]))
request.session["screen_name"] = u["screen_name"]
return HttpResponseRedirect(reverse("home"))
def set_access_token(self, access_token):
if isinstance(access_token, OAuthToken):
self.access_token = access_token
else:
self.access_token = OAuthToken.from_string(access_token)
def __init__(self, access_token=None):
self.consumer = OAuthConsumer(settings.TWITTER_OAUTH_CONSUMER_KEY,
settings.TWITTER_OAUTH_CONSUMER_SECRET)
self.signature_method = OAuthSignatureMethod_HMAC_SHA1()
if access_token:
self.access_token = OAuthToken.from_string(access_token)
def new_request_token(self):
oauth_request = OAuthRequest.from_consumer_and_token(self.consumer,
http_url=URL_OAUTH_REQUEST_TOKEN)
oauth_request.sign_request(self.signature_method, self.consumer, None)
resp = self.oauth_fetch(oauth_request, raw=True)
return OAuthToken.from_string(resp)
def fetch_access_token(self, request_token):
url = self.url_for_access_token(request_token)
return OAuthToken.from_string(get_response(url))
def exchange_request_token_for_access_token(self, request_token):
response = self.get("/oauth/access_token", request_token, prefix="").read()
return OAuthToken.from_string(response)
def fetch_access_token(self, request_token):
url = self.url_for_access_token(request_token)
return OAuthToken.from_string(get_response(url))
def location_from_fireeagle(self, fe):
logging.info("** getting location from fireeagle")
token = OAuthToken.from_string( self.fireeagle_token )
bestguess = filter( lambda l: l['best_guess'], fe.user( token )[0]['location'] )[0]
self.update_location( bestguess )
def _set_access_token(self, access_token):
if type(access_token) in (str, unicode):
self._access_token = OAuthToken.from_string(access_token)
else:
self._access_token = access_token
def get_stored_credentials():
""" Try to retrieve stored access credentials from a json file """
with open("access.json", "r") as f:
credentials = json.load(f)
return OAuthToken.from_string( credentials["ACCESS_TOKEN"] )
