-
Notifications
You must be signed in to change notification settings - Fork 10
/
index.py
129 lines (105 loc) · 4.87 KB
/
index.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
from google.appengine.ext import webapp
from google.appengine.ext.webapp import util
from google.appengine.ext.webapp import template
from google.appengine.api import urlfetch
from django.utils import simplejson as json
#from appengine_utilities import sessions
from gaesessions import get_current_session
from google.appengine.ext import db
import logging
import endpoints
import os
import urllib
from account import Account
def get_target_url():
params = get_params()
return endpoints.AUTH_ENDPOINT + '?' + urllib.urlencode(params)
def get_current_account():
session = get_current_session()
if 'user_id' in session:
return Account.get_by_key_name(session['user_id'])
def get_params():
return {
'scope':endpoints.SCOPE,
'state':'/',
'redirect_uri':'https://' + os.environ['HTTP_HOST'] + '/oauthcallback',
'response_type':'token',
'client_id':endpoints.CLIENT_ID
}
class MainHandler(webapp.RequestHandler):
def get(self):
self.redirect('/step/1')
class CallbackHandler(webapp.RequestHandler):
def get(self):
self.response.out.write(template.render('templates/tokenspewer.html', {}))
class AcceptTokenHandler(webapp.RequestHandler):
def get(self):
session = get_current_session()
session.regenerate_id()
a_t = self.request.get('access_token')
session['a_t'] = a_t
# check the token audience using exact match (TOKENINFO)
url = endpoints.TOKENINFO_ENDPOINT + '?access_token=' + a_t
tokeninfo = json.loads(urlfetch.fetch(url).content)
session['token_info'] = tokeninfo
if(tokeninfo['audience'] != endpoints.CLIENT_ID):
self.error(400)
return
if(int(tokeninfo['expires_in']) < 1):
self.error(400)
return
# get the user profile information (USERINFO)
userinfo = json.loads(urlfetch.fetch(endpoints.USERINFO_ENDPOINT,
headers={'Authorization': 'OAuth ' + a_t}).content)
user_id = userinfo['id']
session['user_id'] = user_id
session['user_info'] = userinfo
# compose the URL returned in the callback (for the view)
session['response_with_token'] = 'https://' + os.environ['HTTP_HOST'] + '/oauthcallback#' + self.request.query_string
acct = Account.get_by_key_name(user_id)
# not happy with this, but not sure what else is available
acct = Account(key_name=user_id,
name=userinfo['name'] if 'name' in userinfo['name'] else None,
user_info=json.dumps(userinfo),
family_name=userinfo['family_name'] if 'family_name' in userinfo else None,
locale=userinfo['locale'] if 'locale' in userinfo else None,
gender=userinfo['gender'] if 'gender' in userinfo else None,
email=userinfo['email'] if 'email' in userinfo else None,
given_name=userinfo['given_name'] if 'given_name' in userinfo else None,
google_account_id=userinfo['id'] if 'id' in userinfo else None,
verified_email=userinfo['verified_email'] if 'verified_email' in userinfo else None,
link=userinfo['link'] if 'link' in userinfo else None,
picture=userinfo['picture'] if 'picture' in userinfo else None)
acct.access_token = a_t
acct.put()
class StepHandler(webapp.RequestHandler):
def get(self, stepNum):
if int(stepNum) > 4 or int(stepNum) < 1:
self.error(400)
return
session = get_current_session()
templateInfo = {
'targetUrl': get_target_url(),
'session': session,
'params': get_params(),
'stepNum': stepNum,
'account':get_current_account(),
'template_name':
'step%s.html' % stepNum
}
self.response.out.write(template.render('templates/stepTemplate.html', templateInfo))
class LogoutHandler(webapp.RequestHandler):
def get(self):
session = get_current_session()
logging.info('Session: %s' % session)
session.terminate()
self.redirect('/')
class LogoutAndRemoveHandler(webapp.RequestHandler):
def get(self):
session = get_current_session()
logging.info('Session: %s' % session)
user_id = session['user_id']
account = Account.get_by_key_name(user_id)
session.terminate()
account.delete()
self.redirect('/')