def check_permissions(self, access_token):
graph = OpenFacebook(access_token)
permissions = set(graph.permissions())
scope_list = set(settings.FACEBOOK_DEFAULT_SCOPE)
missing_perms = scope_list - permissions
if missing_perms:
permissions_string = ', '.join(missing_perms)
error_format = 'Permissions Missing: %s'
raise MissingPermissionsError(error_format % permissions_string)
return graph
def check_permissions(self, access_token):
graph = OpenFacebook(access_token)
permissions = set(graph.permissions())
scope_list = set(settings.FACEBOOK_DEFAULT_SCOPE)
missing_perms = scope_list - permissions
if missing_perms:
permissions_string = ', '.join(missing_perms)
error_format = 'Permissions Missing: %s'
raise MissingPermissionsError(error_format % permissions_string)
return graph
def check_permissions(self, access_token):
logger.info("CHP01 check permissions access_token = %s" % access_token)
graph = OpenFacebook(access_token)
permissions = set(graph.permissions())
scope_list = set(settings.FACEBOOK_DEFAULT_SCOPE)
missing_perms = scope_list - permissions
if missing_perms:
permissions_string = ", ".join(missing_perms)
error_format = "Permissions Missing: %s"
logger.info("CHP02 missed permissions: %s" % permissions_string)
raise MissingPermissionsError(error_format % permissions_string)
logger.info("CHP03 permissions OK")
return graph
def check_permissions(self, access_token):
logger.info("CHP01 check permissions access_token = %s" % access_token)
graph = OpenFacebook(access_token)
permissions = set(graph.permissions())
scope_list = set(settings.FACEBOOK_DEFAULT_SCOPE)
missing_perms = scope_list - permissions
if missing_perms:
permissions_string = ', '.join(missing_perms)
error_format = 'Permissions Missing: %s'
logger.info("CHP02 missed permissions: %s" % permissions_string)
raise MissingPermissionsError(error_format % permissions_string)
logger.info("CHP03 permissions OK")
return graph
def process_request(self, request):
"""
check if referer is facebook. If yes, this is the canvas page:
if not return.
if yes:
1) look for error. if error=permission denied -> redirect to permission. if other error: check what it can be
2) get signed_request and parse it.
3) if user_id and access_token not it parsed data -> redirect to permission page
4) check permissions
5) user:
a) if user is authenticated: check if it's the same
b) user is not authenticated: connect
"""
#check referer to see if this is the first access
#or it's part of navigation in app
#facebook always sends a POST reuqest
referer = request.META.get('HTTP_REFERER', None)
if referer:
urlparsed = urlparse(referer)
if not urlparsed.netloc.endswith('facebook.com'):
return
#when there is an error, we attempt to allow user to reauthenticate
if 'error' in request.GET:
return redirect_login_oauth
else:
return
#get signed_request
signed_request = request.POST.get('signed_request', None)
#not sure if this can happen, but better check anyway
if not signed_request:
return redirect_login_oauth
#get signed_request and redirect to authorization dialog if app not authorized by user
parsed_signed_request = FacebookAuthorization.parse_signed_data(
signed_request)
if 'user_id' not in parsed_signed_request or 'oauth_token' not in parsed_signed_request:
return redirect_login_oauth
access_token = parsed_signed_request['oauth_token']
facebook_id = long(parsed_signed_request['user_id'])
#check for permissions
graph = OpenFacebook(access_token)
permissions = set(graph.permissions())
scope_list = set(settings.FACEBOOK_DEFAULT_SCOPE)
if scope_list - permissions:
return redirect_login_oauth
#check if user authenticated and if it's the same
if request.user.is_authenticated():
try:
current_user = request.user.get_profile()
except:
current_facebook_id = None
else:
current_facebook_id = current_user.facebook_id
if not current_facebook_id or current_facebook_id != facebook_id:
logout(request)
#clear possible caches
if hasattr(request, 'facebook'):
del request.facebook
if request.session.get('graph', None):
del request.session['graph']
else:
#save last access_token to make sure we always have the most recent one
current_user.access_token = access_token
current_user.save()
request.facebook = graph
if not request.user.is_authenticated():
_action, _user = connect_user(request, access_token, graph)
#override http method, since this actually is a GET
if request.method == 'POST':
request.method = 'GET'
return
def process_request(self, request):
"""
check if referer is facebook. If yes, this is the canvas page:
if not return.
if yes:
1) look for error. if error=permission denied -> redirect to permission. if other error: check what it can be
2) get signed_request and parse it.
3) if user_id and access_token not it parsed data -> redirect to permission page
4) check permissions
5) user:
a) if user is authenticated: check if it's the same
b) user is not authenticated: connect
"""
#check referer to see if this is the first access
#or it's part of navigation in app
#facebook always sends a POST reuqest
referer = request.META.get('HTTP_REFERER', None)
if referer:
urlparsed = urlparse(referer)
if not urlparsed.netloc.endswith('facebook.com'):
return
#when there is an error, we attempt to allow user to reauthenticate
if 'error' in request.GET:
return redirect_login_oauth
else:
return
#get signed_request
signed_request = request.POST.get('signed_request', None)
#not sure if this can happen, but better check anyway
if not signed_request:
return redirect_login_oauth
#get signed_request and redirect to authorization dialog if app not authorized by user
parsed_signed_request = FacebookAuthorization.parse_signed_data(
signed_request)
if 'user_id' not in parsed_signed_request or 'oauth_token' not in parsed_signed_request:
return redirect_login_oauth
access_token = parsed_signed_request['oauth_token']
facebook_id = long(parsed_signed_request['user_id'])
#check for permissions
graph = OpenFacebook(access_token)
permissions = set(graph.permissions())
scope_list = set(settings.FACEBOOK_DEFAULT_SCOPE)
if scope_list - permissions:
return redirect_login_oauth
#check if user authenticated and if it's the same
if request.user.is_authenticated():
try:
current_user = request.user.get_profile()
except:
current_facebook_id = None
else:
current_facebook_id = current_user.facebook_id
if not current_facebook_id or current_facebook_id != facebook_id:
logout(request)
#clear possible caches
if hasattr(request, 'facebook'):
del request.facebook
if request.session.get('graph', None):
del request.session['graph']
else:
#save last access_token to make sure we always have the most recent one
current_user.access_token = access_token
current_user.save()
request.facebook = graph
if not request.user.is_authenticated():
_action, _user = connect_user(request, access_token, graph)
#override http method, since this actually is a GET
if request.method == 'POST':
request.method = 'GET'
return
