get oauth data from providers

This commit is contained in:
Matthew Scragg 2015-11-12 17:19:26 -06:00
parent 96b583d63b
commit 6edaec3876
3 changed files with 38 additions and 15 deletions

View file

@ -84,7 +84,7 @@ DB_URI = 'sqlite:////tmp/wiki.db'
# DB_URI = 'crate://' # DB_URI = 'crate://'
LDAP = { LDAP = {
'URI': 'ldap://localhost:8389', 'URI': '',
# This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
# The values '' perform an anonymous bind so we may use search/bind method # The values '' perform an anonymous bind so we may use search/bind method

View file

@ -17,10 +17,12 @@ providers = {
authorize_url='https://api.twitter.com/oauth/authenticate', authorize_url='https://api.twitter.com/oauth/authenticate',
access_token_method='GET'), access_token_method='GET'),
'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>', 'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>',
'profile': None,
'field_map': { 'field_map': {
'id': 'user_id', 'id': 'user_id',
'username': 'screen_name' 'username': 'screen_name'
} },
'token_name': 'oauth_token'
}, },
'github': { 'github': {
'oauth': dict( 'oauth': dict(
@ -31,11 +33,13 @@ providers = {
access_token_url='https://github.com/login/oauth/access_token', access_token_url='https://github.com/login/oauth/access_token',
authorize_url='https://github.com/login/oauth/authorize'), authorize_url='https://github.com/login/oauth/authorize'),
'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-github"></i> Github</a>', 'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-github"></i> Github</a>',
'profile': 'user',
'field_map': { 'field_map': {
'id': ['user', 'id'], 'id': ['user', 'id'],
'username': ['user', 'login'], 'username': ['user', 'login'],
'email': ['user', 'email'] 'email': ['user', 'email']
} },
'token_name': 'access_token'
}, },
'facebook': { 'facebook': {
'oauth': dict( 'oauth': dict(
@ -47,11 +51,13 @@ providers = {
authorize_url='https://www.facebook.com/dialog/oauth' authorize_url='https://www.facebook.com/dialog/oauth'
), ),
'button': '<a href="/login/oauth/facebook" class="btn btn-default"><i class="fa fa-facebook"></i> Facebook</a>', 'button': '<a href="/login/oauth/facebook" class="btn btn-default"><i class="fa fa-facebook"></i> Facebook</a>',
'profile': '/me',
'field_map': { 'field_map': {
'id': 'id', 'id': 'id',
'username': 'name', 'username': 'name',
'email': 'email' 'email': 'email'
} },
'token_name': 'access_name'
}, },
'google': { 'google': {
'oauth': dict( 'oauth': dict(
@ -64,7 +70,14 @@ providers = {
access_token_url='https://accounts.google.com/o/oauth2/token', access_token_url='https://accounts.google.com/o/oauth2/token',
authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_url='https://accounts.google.com/o/oauth2/auth',
), ),
'button': '<a href="/login/oauth/google" class="btn btn-default"><i class="fa fa-google"></i> Google</a>' 'button': '<a href="/login/oauth/google" class="btn btn-default"><i class="fa fa-google"></i> Google</a>',
'profile': 'userinfo',
'field_map': {
'id': 'id',
'username': 'name',
'email': 'email'
},
'token_name': 'access_token'
} }
} }
@ -73,9 +86,10 @@ class User(BaseUser):
type = 'oauth' type = 'oauth'
provider = None provider = None
def __init__(self, provider, user_id, username, token): def __init__(self, provider, user_id, username=None, token=None, email=None):
self.provider = provider self.provider = provider
self.username = username self.username = username
self.email = email
self.id = user_id self.id = user_id
self.token = token self.token = token
self.auth_id = "%s-%s" % (provider, username) self.auth_id = "%s-%s" % (provider, username)
@ -93,7 +107,8 @@ class User(BaseUser):
return users.get(user_id) return users.get(user_id)
@staticmethod @staticmethod
def auth(provider, resp): def auth(provider, data, resp):
oauth_token = resp.get(User.get_provider_value(provider, 'token_name'))
field_map = providers.get(provider).get('field_map') field_map = providers.get(provider).get('field_map')
if not field_map: if not field_map:
raise NotImplementedError raise NotImplementedError
@ -111,9 +126,10 @@ class User(BaseUser):
fields = {} fields = {}
for k, v in field_map.items(): for k, v in field_map.items():
fields[k] = get_value(resp, v) fields[k] = get_value(data, v)
user = User(provider, fields['id'], fields['username'], User.hash_password(resp['oauth_token'])) user = User(provider, fields['id'], username=fields.get('username'), email=fields.get('email'),
token=User.hash_password(oauth_token))
users[user.auth_id] = user users[user.auth_id] = user
if user: if user:
@ -133,6 +149,14 @@ class User(BaseUser):
'secret'), 'secret'),
**providers[provider]['oauth']) **providers[provider]['oauth'])
@classmethod
def get_provider_value(cls, provider, key):
return providers.get(provider, {}).get(key)
@classmethod
def get_token(cls, provider, resp):
return resp.get(cls.get_provider_value(provider, 'token_name'))
def get_id(self): def get_id(self):
return unicode("%s/%s" % (self.type, self.auth_id)) return unicode("%s/%s" % (self.type, self.auth_id))

View file

@ -18,7 +18,8 @@ def login(provider):
def callback(provider): def callback(provider):
next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT']) next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT'])
try: try:
resp = User.get_app(provider).authorized_response() remote_app = User.get_app(provider)
resp = remote_app.authorized_response()
if resp is None: if resp is None:
flash('You denied the request to sign in.', 'error') flash('You denied the request to sign in.', 'error')
flash('Reason: ' + request.args['error_reason'] + flash('Reason: ' + request.args['error_reason'] +
@ -28,11 +29,9 @@ def callback(provider):
flash('Access denied: %s' % e.message) flash('Access denied: %s' % e.message)
return redirect(next_url) return redirect(next_url)
session[provider + '_token'] = ( profile = User.get_provider_value(provider, 'profile')
resp['oauth_token'], data = remote_app.get(profile) if profile else resp
resp['oauth_token_secret']
)
User.auth(provider, resp) User.auth(provider, data, resp)
return redirect(next_url) return redirect(next_url)