Mercurial > public > sg101

annotate gpp/gcalendar/oauth.py @ 451:345825e6dcae

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Working on #220. Can't test locally, so committing in increments.
author Brian Neal <bgneal@gmail.com>
date Thu, 30 Jun 2011 01:57:17 +0000
parents
children c77359d0d951
rev   line source
bgneal@451 1 """
bgneal@451 2 This module handles the OAuth integration with Google.
bgneal@451 3
bgneal@451 4 """
bgneal@451 5 from __future__ import with_statement
bgneal@451 6 import logging
bgneal@451 7
bgneal@451 8 import gdata.gauth
bgneal@451 9 from gdata.calendar_resource.client import CalendarResourceClient
bgneal@451 10
bgneal@451 11 from django.conf import settings
bgneal@451 12
bgneal@451 13
bgneal@451 14 logger = logging.getLogger(__name__)
bgneal@451 15 USER_AGENT = 'surfguitar101-gcalendar-v1'
bgneal@451 16 REQ_TOKEN_SESSION_KEY = 'gcalendar oauth request token'
bgneal@451 17
bgneal@451 18
bgneal@451 19 def fetch_auth(request, scopes, callback_url):
bgneal@451 20 """
bgneal@451 21 This function fetches a request token from Google and stores it in the
bgneal@451 22 session. It then returns the authorization URL as a string.
bgneal@451 23
bgneal@451 24 request - the HttpRequest object for the user requesting the token. The
bgneal@451 25 token is stored in the session object attached to this request.
bgneal@451 26
bgneal@451 27 scopes - a list of scope strings that the request token is for. See
bgneal@451 28 http://code.google.com/apis/gdata/faq.html#AuthScopes
bgneal@451 29
bgneal@451 30 callback_url - a string that is the URL that Google should redirect the user
bgneal@451 31 to after the user has authorized our application access to their data.
bgneal@451 32
bgneal@451 33 This function only supports RSA-SHA1 authentication. Settings in the Django
bgneal@451 34 settings module determine the consumer key and path to the RSA private key.
bgneal@451 35 """
bgneal@451 36 logger.info("fetch_auth started...")
bgneal@451 37 client = CalendarResourceClient(None, source=USER_AGENT)
bgneal@451 38
bgneal@451 39 with open(settings.GOOGLE_OAUTH_PRIVATE_KEY_PATH, 'r') as f:
bgneal@451 40 rsa_key = f.read()
bgneal@451 41 logger.info("read RSA key; now getting request token")
bgneal@451 42
bgneal@451 43 request_token = client.GetOAuthToken(
bgneal@451 44 scopes,
bgneal@451 45 callback_url,
bgneal@451 46 settings.GOOGLE_OAUTH_CONSUMER_KEY,
bgneal@451 47 rsa_private_key=rsa_key)
bgneal@451 48
bgneal@451 49 logger.info("received token")
bgneal@451 50 request.session[REQ_TOKEN_SESSION_KEY] = request_token
bgneal@451 51
bgneal@451 52 auth_url = request_token.generate_authorization_url(google_apps_domain=None)
bgneal@451 53 logger.info("generated auth url '%s'", str(auth_url))
bgneal@451 54
bgneal@451 55 return str(auth_url)
bgneal@451 56
bgneal@451 57
bgneal@451 58 def get_access_token(request):
bgneal@451 59 """
bgneal@451 60 This function should be called after Google has sent the user back to us
bgneal@451 61 after the user authorized us. We retrieve the oauth token from the request
bgneal@451 62 URL and then upgrade it to an access token. We then return the access token.
bgneal@451 63
bgneal@451 64 """
bgneal@451 65 logger.info("get_access_token started; retrieving saved request_token...")
bgneal@451 66
bgneal@451 67 saved_token = request.session.get(REQ_TOKEN_SESSION_KEY)
bgneal@451 68 if saved_token is None:
bgneal@451 69 logger.error("saved request token not found in session!")
bgneal@451 70 return None
bgneal@451 71
bgneal@451 72 logger.info("extracting token...")
bgneal@451 73 request_token = gdata.gauth.AuthorizeRequestToken(saved_token,
bgneal@451 74 request.build_absolute_uri())
bgneal@451 75
bgneal@451 76 logger.info("upgrading to access token...")
bgneal@451 77
bgneal@451 78 client = CalendarResourceClient(None, source=USER_AGENT)
bgneal@451 79 access_token = client.GetAccessToken(request_token)
bgneal@451 80
bgneal@451 81 logger.info("upgraded to access token...")
bgneal@451 82 return access_token