bgneal@451
|
1 """
|
bgneal@451
|
2 This module handles the OAuth integration with Google.
|
bgneal@451
|
3
|
bgneal@451
|
4 """
|
bgneal@451
|
5 from __future__ import with_statement
|
bgneal@451
|
6 import logging
|
bgneal@451
|
7
|
bgneal@451
|
8 import gdata.gauth
|
bgneal@451
|
9 from gdata.calendar_resource.client import CalendarResourceClient
|
bgneal@451
|
10
|
bgneal@451
|
11 from django.conf import settings
|
bgneal@451
|
12
|
bgneal@451
|
13
|
bgneal@451
|
14 logger = logging.getLogger(__name__)
|
bgneal@451
|
15 USER_AGENT = 'surfguitar101-gcalendar-v1'
|
bgneal@451
|
16 REQ_TOKEN_SESSION_KEY = 'gcalendar oauth request token'
|
bgneal@451
|
17
|
bgneal@451
|
18
|
bgneal@451
|
19 def fetch_auth(request, scopes, callback_url):
|
bgneal@451
|
20 """
|
bgneal@451
|
21 This function fetches a request token from Google and stores it in the
|
bgneal@451
|
22 session. It then returns the authorization URL as a string.
|
bgneal@451
|
23
|
bgneal@451
|
24 request - the HttpRequest object for the user requesting the token. The
|
bgneal@451
|
25 token is stored in the session object attached to this request.
|
bgneal@451
|
26
|
bgneal@451
|
27 scopes - a list of scope strings that the request token is for. See
|
bgneal@451
|
28 http://code.google.com/apis/gdata/faq.html#AuthScopes
|
bgneal@451
|
29
|
bgneal@451
|
30 callback_url - a string that is the URL that Google should redirect the user
|
bgneal@451
|
31 to after the user has authorized our application access to their data.
|
bgneal@451
|
32
|
bgneal@451
|
33 This function only supports RSA-SHA1 authentication. Settings in the Django
|
bgneal@451
|
34 settings module determine the consumer key and path to the RSA private key.
|
bgneal@451
|
35 """
|
bgneal@453
|
36 logger.info("fetch_auth started; callback url='%s'", callback_url)
|
bgneal@451
|
37 client = CalendarResourceClient(None, source=USER_AGENT)
|
bgneal@451
|
38
|
bgneal@451
|
39 with open(settings.GOOGLE_OAUTH_PRIVATE_KEY_PATH, 'r') as f:
|
bgneal@451
|
40 rsa_key = f.read()
|
bgneal@451
|
41 logger.info("read RSA key; now getting request token")
|
bgneal@451
|
42
|
bgneal@451
|
43 request_token = client.GetOAuthToken(
|
bgneal@451
|
44 scopes,
|
bgneal@451
|
45 callback_url,
|
bgneal@451
|
46 settings.GOOGLE_OAUTH_CONSUMER_KEY,
|
bgneal@451
|
47 rsa_private_key=rsa_key)
|
bgneal@451
|
48
|
bgneal@451
|
49 logger.info("received token")
|
bgneal@451
|
50 request.session[REQ_TOKEN_SESSION_KEY] = request_token
|
bgneal@451
|
51
|
bgneal@452
|
52 auth_url = request_token.generate_authorization_url()
|
bgneal@451
|
53 logger.info("generated auth url '%s'", str(auth_url))
|
bgneal@451
|
54
|
bgneal@451
|
55 return str(auth_url)
|
bgneal@451
|
56
|
bgneal@451
|
57
|
bgneal@451
|
58 def get_access_token(request):
|
bgneal@451
|
59 """
|
bgneal@451
|
60 This function should be called after Google has sent the user back to us
|
bgneal@451
|
61 after the user authorized us. We retrieve the oauth token from the request
|
bgneal@451
|
62 URL and then upgrade it to an access token. We then return the access token.
|
bgneal@451
|
63
|
bgneal@451
|
64 """
|
bgneal@451
|
65 logger.info("get_access_token started; retrieving saved request_token...")
|
bgneal@451
|
66
|
bgneal@451
|
67 saved_token = request.session.get(REQ_TOKEN_SESSION_KEY)
|
bgneal@451
|
68 if saved_token is None:
|
bgneal@451
|
69 logger.error("saved request token not found in session!")
|
bgneal@451
|
70 return None
|
bgneal@451
|
71
|
bgneal@451
|
72 logger.info("extracting token...")
|
bgneal@451
|
73 request_token = gdata.gauth.AuthorizeRequestToken(saved_token,
|
bgneal@451
|
74 request.build_absolute_uri())
|
bgneal@451
|
75
|
bgneal@451
|
76 logger.info("upgrading to access token...")
|
bgneal@451
|
77
|
bgneal@451
|
78 client = CalendarResourceClient(None, source=USER_AGENT)
|
bgneal@451
|
79 access_token = client.GetAccessToken(request_token)
|
bgneal@451
|
80
|
bgneal@451
|
81 logger.info("upgraded to access token...")
|
bgneal@451
|
82 return access_token
|