def get(self): verifier = self.request.get('oauth_verifier') request_token_key = self.request.get('oauth_token') if not verifier or not request_token_key: # user declined self.finish(None) return # look up the request token request_token = models.OAuthRequestToken.get_by_id(request_token_key) if request_token is None: raise exc.HTTPBadRequest('Invalid oauth_token: %s' % request_token_key) # generate and store the final token tp = tumblpy.Tumblpy(app_key=appengine_config.TUMBLR_APP_KEY, app_secret=appengine_config.TUMBLR_APP_SECRET, oauth_token=request_token_key, oauth_token_secret=request_token.token_secret) auth_token = tp.get_authorized_tokens(verifier) auth_token_key = auth_token['oauth_token'] auth_token_secret = auth_token['oauth_token_secret'] # get the user's blogs # http://www.tumblr.com/docs/en/api/v2#user-methods tp = TumblrAuth._api_from_token(auth_token_key, auth_token_secret) logging.debug('Fetching user/info') try: resp = tp.post('user/info') except BaseException, e: util.interpret_http_exception(e) raise
def get(self): assert ( appengine_config.GOOGLE_CLIENT_ID and appengine_config.GOOGLE_CLIENT_SECRET ), ("Please fill in the google_client_id and google_client_secret files in " "your app's root directory.") # get OpenID Connect user info # https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims try: _, user = oauth_decorator.http().request( OPENID_CONNECT_USERINFO) except BaseException as e: util.interpret_http_exception(e) raise user = json.loads(user.decode('utf-8')) logging.debug('Got one person: %r', user) store = oauth_decorator.credentials.store creds_model_key = ndb.Key(store._model.kind(), store._key_name) auth = GoogleAuth(id=user['sub'], creds_model=creds_model_key, user_json=json.dumps(user)) auth.put() self.finish(auth, state=self.request.get('state'))
def urlopen(self, url, **kwargs): """Wraps urllib2.urlopen() and adds OAuth credentials to the request. """ headers = {'Authorization': 'Bearer %s' % self.access_token_str} try: return util.urlopen(urllib2.Request(url, headers=headers), **kwargs) except BaseException, e: util.interpret_http_exception(e) raise
def urlopen(self, url, **kwargs): """Wraps urllib2.urlopen() and adds OAuth credentials to the request. """ kwargs.setdefault('headers', {})['authorization'] = \ 'Bearer ' + self.access_token_str try: return util.urlopen(urllib2.Request(url, **kwargs)) except BaseException, e: util.interpret_http_exception(e) raise
def post(self, *args, **kwargs): """Wraps requests.post() and adds an OAuth signature. """ oauth1 = twitter_auth.auth(self.token_key, self.token_secret) resp = util.requests_post(*args, auth=oauth1, **kwargs) try: resp.raise_for_status() except BaseException, e: util.interpret_http_exception(e) raise
def _requests_call(self, fn, *args, **kwargs): headers = kwargs.setdefault('headers', {}) headers['Authorization'] = 'Bearer ' + self.access_token_str resp = fn(*args, **kwargs) assert 'serviceErrorCode' not in resp, resp try: resp.raise_for_status() except BaseException, e: util.interpret_http_exception(e) raise
def _requests_call(self, fn, *args, **kwargs): headers = kwargs.setdefault('headers', {}) headers['Authorization'] = 'Bearer ' + self.access_token_str resp = fn(*args, **kwargs) assert 'errors' not in resp, resp try: resp.raise_for_status() except BaseException, e: util.interpret_http_exception(e) raise
def get(self): state = self.request.get('state') blogger = BloggerV2Auth.api_from_creds(oauth_decorator.credentials) try: blogs = blogger.get_blogs() except BaseException, e: # this api call often returns 401 Unauthorized for users who aren't # signed up for blogger and/or don't have any blogs. util.interpret_http_exception(e) # we can't currently intercept declines for Google or Blogger, so the # only time we return a None auth entity right now is on error. self.finish(None, state=state) return
def get(self, *args, **kwargs): """Wraps requests.get() and adds the Bearer token header. """ headers = kwargs.setdefault('headers', {}) headers['Authorization'] = 'Bearer ' + self.access_token_str headers.setdefault('User-Agent', USER_AGENT) resp = util.requests_get(*args, **kwargs) try: resp.raise_for_status() except BaseException, e: util.interpret_http_exception(e) raise
def urlopen_access_token(url, access_token, api_key=None, **kwargs): """Wraps urllib2.urlopen() and adds an access_token query parameter. Kwargs are passed through to urlopen(). """ params = [('access_token', access_token)] if api_key: params.append(('api_key', api_key)) url = util.add_query_params(url, params) try: return util.urlopen(url, **kwargs) except BaseException, e: util.interpret_http_exception(e) raise
def get(self): oauth_token = self.request.get('oauth_token') oauth_verifier = self.request.get('oauth_verifier') request_token = models.OAuthRequestToken.get_by_id(oauth_token) client = oauthlib.oauth1.Client( appengine_config.FLICKR_APP_KEY, client_secret=appengine_config.FLICKR_APP_SECRET, resource_owner_key=oauth_token, resource_owner_secret=request_token.token_secret, verifier=oauth_verifier) uri, headers, body = client.sign(ACCESS_TOKEN_URL) try: resp = util.urlopen(urllib2.Request(uri, body, headers)) except BaseException, e: util.interpret_http_exception(e) raise
def get(self): if facebook.CallbackHandler.handle_error(self): return # http://instagram.com/developer/authentication/ auth_code = util.get_required_param(self, 'code') data = { 'client_id': appengine_config.INSTAGRAM_CLIENT_ID, 'client_secret': appengine_config.INSTAGRAM_CLIENT_SECRET, 'code': auth_code, 'redirect_uri': self.request_url_with_state(), 'grant_type': 'authorization_code', } try: resp = util.urlopen(GET_ACCESS_TOKEN_URL, data=urllib.urlencode(data)).read() except BaseException, e: util.interpret_http_exception(e) raise
def get(self): assert (appengine_config.GOOGLE_CLIENT_ID and appengine_config.GOOGLE_CLIENT_SECRET), ( "Please fill in the google_client_id and google_client_secret files in " "your app's root directory.") # get OpenID Connect user info # https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims try: _, user = oauth_decorator.http().request(OPENID_CONNECT_USERINFO) except BaseException as e: util.interpret_http_exception(e) raise user = json.loads(user.decode('utf-8')) logging.debug('Got one person: %r', user) store = oauth_decorator.credentials.store creds_model_key = ndb.Key(store._model.kind(), store._key_name) auth = GoogleAuth(id=user['sub'], creds_model=creds_model_key, user_json=json.dumps(user)) auth.put() self.finish(auth, state=self.request.get('state'))
def get(self): state = util.get_required_param(self, 'state') # handle errors error = self.request.get('error') error_reason = urllib.unquote_plus(self.request.get('error_reason', '')) if error or error_reason: if error == 'access_denied': logging.info('User declined: %s', error_reason) self.finish(None, state=state) return else: raise exc.HTTPBadRequest(' '.join((error, error_reason))) # lookup the CSRF token try: csrf_id = int(urllib.unquote_plus(state).split('|')[-1]) except (ValueError, TypeError): raise exc.HTTPBadRequest('Invalid state value %r' % state) csrf = DropboxCsrf.get_by_id(csrf_id) if not csrf: raise exc.HTTPBadRequest('No CSRF token for id %s' % csrf_id) # request an access token data = { 'client_id': appengine_config.DROPBOX_APP_KEY, 'client_secret': appengine_config.DROPBOX_APP_SECRET, 'code': util.get_required_param(self, 'code'), 'redirect_uri': self.request.path_url, } try: resp = util.urlopen(GET_ACCESS_TOKEN_URL % data, data='').read() except BaseException, e: util.interpret_http_exception(e) raise