Skip to content

Allow for server side flow for Google+ #92

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
omab merged 1 commit into from
Nov 18, 2013
Merged

Allow for server side flow for Google+ #92

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 43 additions & 6 deletions social/backends/google.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,11 @@

OpenID also works straightforward, it doesn't need further configurations.
"""
from requests import HTTPError

from social.backends.open_id import OpenIdAuth
from social.backends.oauth import BaseOAuth2, BaseOAuth1
from social.exceptions import AuthMissingParameter
from social.exceptions import AuthMissingParameter, AuthUnknownError, AuthCanceled


class BaseGoogleAuth(object):
Expand Down Expand Up @@ -72,18 +74,36 @@ def revoke_token_headers(self, token, uid):
class GooglePlusAuth(BaseGoogleOAuth2API, BaseOAuth2):
name = 'google-plus'
REDIRECT_STATE = False
STATE_PARAMETER = False
ACCESS_TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'
ACCESS_TOKEN_METHOD = 'POST'
REVOKE_TOKEN_URL = 'https://accounts.google.com/o/oauth2/revoke'
REVOKE_TOKEN_METHOD = 'GET'
DEFAULT_SCOPE = ['https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile']
EXTRA_DATA = [
('user_id', 'user_id'),
('id', 'user_id'),
('refresh_token', 'refresh_token', True),
('expires_in', 'expires'),
('access_type', 'access_type', True)
]

def extra_data(self, user, uid, response, details):
return {'code': response.get('code')}
data = super(GooglePlusAuth, self).extra_data(user, uid, response, details)
if 'refresh_token' in data and (data['refresh_token'] is None or len(data['refresh_token']) == 0):
data.pop('refresh_token')
return data

def auth_complete_params(self, state=None):
client_id, client_secret = self.get_key_and_secret()
return {
'grant_type': 'authorization_code', # request auth code
'code': self.data.get('code', ''), # server response code
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': 'postmessage'
}

def auth_complete(self, *args, **kwargs):
token = self.data.get('access_token')
Expand All @@ -94,9 +114,26 @@ def auth_complete(self, *args, **kwargs):
params={'access_token': token}
)
self.process_error(verification)
verification.update({'access_token': token,
'code': self.data.get('code')})
return self.do_auth(token, response=verification, *args, **kwargs)
verification.update({'access_token': token})

try:
response = self.request_access_token(
self.ACCESS_TOKEN_URL,
data=self.auth_complete_params(),
headers=self.auth_headers(),
method=self.ACCESS_TOKEN_METHOD
)
except HTTPError as err:
if err.response.status_code == 400:
raise AuthCanceled(self)
else:
raise
except KeyError:
raise AuthUnknownError(self)
self.process_error(response)

return self.do_auth(response['access_token'], response=response,
*args, **kwargs)


class GoogleOAuth(BaseGoogleAuth, BaseOAuth1):
Expand Down