def auth_return(request): """ Step 2 of Google OAuth 2.0 flow. """ if 'state' not in request.REQUEST: return redirect('gauth_index') if not xsrfutil.validate_token( settings.SECRET_KEY, str(request.REQUEST['state']), request.user): return HttpResponseBadRequest() FLOW = Storage(FlowModel, 'id', request.user, 'flow').get() if FLOW is None: return redirect('gauth_index') credential = FLOW.step2_exchange(request.REQUEST) cred_storage = Storage(CredentialsModel, 'id', request.user, 'credential') cred_storage.put(credential) return redirect(request.session.get('next_view', '/'))