Mercurial > public > sg101
view gpp/gcalendar/oauth.py @ 507:8631d32e6b16
Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.
author | Brian Neal <bgneal@gmail.com> |
---|---|
date | Sun, 04 Dec 2011 03:05:21 +0000 |
parents | 9a4bffdf37c3 |
children |
line wrap: on
line source
""" This module handles the OAuth integration with Google. """ from __future__ import with_statement import logging import gdata.gauth from gdata.calendar_resource.client import CalendarResourceClient from django.conf import settings logger = logging.getLogger(__name__) USER_AGENT = 'surfguitar101-gcalendar-v1' REQ_TOKEN_SESSION_KEY = 'gcalendar oauth request token' def fetch_auth(request, scopes, callback_url): """ This function fetches a request token from Google and stores it in the session. It then returns the authorization URL as a string. request - the HttpRequest object for the user requesting the token. The token is stored in the session object attached to this request. scopes - a list of scope strings that the request token is for. See http://code.google.com/apis/gdata/faq.html#AuthScopes callback_url - a string that is the URL that Google should redirect the user to after the user has authorized our application access to their data. This function only supports RSA-SHA1 authentication. Settings in the Django settings module determine the consumer key and path to the RSA private key. """ logger.info("fetch_auth started; callback url='%s'", callback_url) client = CalendarResourceClient(None, source=USER_AGENT) with open(settings.GOOGLE_OAUTH_PRIVATE_KEY_PATH, 'r') as f: rsa_key = f.read() logger.info("read RSA key; now getting request token") request_token = client.GetOAuthToken( scopes, callback_url, settings.GOOGLE_OAUTH_CONSUMER_KEY, rsa_private_key=rsa_key) logger.info("received token") request.session[REQ_TOKEN_SESSION_KEY] = request_token auth_url = request_token.generate_authorization_url() logger.info("generated auth url '%s'", str(auth_url)) return str(auth_url) def get_access_token(request): """ This function should be called after Google has sent the user back to us after the user authorized us. We retrieve the oauth token from the request URL and then upgrade it to an access token. We then return the access token. """ logger.info("get_access_token called as '%s'", request.get_full_path()) saved_token = request.session.get(REQ_TOKEN_SESSION_KEY) if saved_token is None: logger.error("saved request token not found in session!") return None logger.info("extracting token...") request_token = gdata.gauth.AuthorizeRequestToken(saved_token, request.build_absolute_uri()) logger.info("upgrading to access token...") client = CalendarResourceClient(None, source=USER_AGENT) access_token = client.GetAccessToken(request_token) logger.info("upgraded to access token...") return access_token def serialize_token(token): """ This function turns a token into a string and returns it. """ return gdata.gauth.TokenToBlob(token) def deserialize_token(s): """ This function turns a string into a token returns it. The string must have previously been created with serialize_token(). """ return gdata.gauth.TokenFromBlob(s)