In [1]:
from IPython.display import Audio, Image, YouTubeVideo

# LESSON 6: Creating Google Sign In

## CHAPTER 1: Intro to Lesson 2

In [2]:
id = 'Ck9upDLuG6A'
YouTubeVideo(id=id, width=600)

## CHAPTER 2: Types of Flow

In [3]:
id = 'wElq1B6zBx8'
YouTubeVideo(id=id, width=600)

Check out this [blog](https://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified) that explains some of the flow options using OAuth 2.0

## CHAPTER 3: Google+ Auth for server side apps

In [4]:
id = '3siZuYXipkE'
YouTubeVideo(id=id, width=600)

Google OAuth2 documentation - https://developers.google.com/identity/protocols/OAuth2


## CHAPTER 4: Step 0 Get initial app running 

In [5]:
id = 'yMEAJK5xZUk'
YouTubeVideo(id=id, width=600)

### Installing the Vagrant VM

Note: If you already have a vagrant machine installed from previous Udacity courses skip to the 'Fetch the Source Code and VM Configuration' section

In this course, you'll use a virtual machine (VM) to run a web server and a web app that uses it. The VM is a Linux system that runs on top of your own machine. You can share files easily between your computer and the VM.

We're using the Vagrant software to configure and manage the VM. Here are the tools you'll need to install to get it running:


### Git

If you don't already have Git installed, download Git from www.git-scm.com. Install the version for your operating system.

On Windows, Git will provide you with a Unix-style terminal and shell (Git Bash). (On Mac or Linux systems you can use the regular terminal program.)

You will need Git to install the configuration for the VM. If you'd like to learn more about Git, take a look at [our course about Git and Github](https://www.udacity.com/course/how-to-use-git-and-github--ud775).


### VirtualBox

VirtualBox is the software that actually runs the VM. [You can download it from virtualbox.org, here](https://www.virtualbox.org/wiki/Downloads). Install the platform package for your operating system. You do not need the extension pack or the SDK. You do not need to launch VirtualBox after installing it.

Ubuntu 14.04 Note: If you are running Ubuntu 14.04, install VirtualBox using the Ubuntu Software Center, not the virtualbox.org web site. Due to a [reported bug](https://ubuntuforums.org/showthread.php?t=2227131), installing VirtualBox from the site may uninstall other software you need.

### Vagrant

Vagrant is the software that configures the VM and lets you share files between your host computer and the VM's filesystem. [You can download it from vagrantup.com](https://www.vagrantup.com/downloads.html). Install the version for your operating system.

Windows Note: The Installer may ask you to grant network permissions to Vagrant or make a firewall exception. Be sure to allow this.

#### Software Installations

If you already have these items installed, you are all set! No need to re-install them.
Task List
* Install Git
* Install Virtual Box
* Install Vagrant

### Fetch the Source Code and VM Configuration

__Windows__: Use the Git Bash program (installed with Git) to get a Unix-style terminal.

__Other systems__: Use your favorite terminal program.

#### Fork the starter repo

Log into your personal Github account, and fork the [oauth](https://github.com/udacity/OAuth2.0) repo so that you have a personal repo you can push to for backup. Later, you'll be able to use this repo for submitting your projects for review as well.

#### Clone the remote to your local machine

From the terminal, run the following command (be sure to replace ``<username> ``with your GitHub username): ``git clone http://github.com/<username>/OAuth2.0 oauth``

This will give you a directory named ``oauth`` that is a clone of your remote`` OAuth2.0`` repository, complete with the source code for the flask application, a vagrantfile, and a ``pg_config.sh`` file for installing all of the necessary tools.

#### Run the virtual machine!

Using the terminal, change directory to oauth using the command ``cd oauth``, then type ``vagrant up`` to launch your virtual machine.

#### Running the Restaurant Menu App

Once it is up and running, type ``vagrant ssh``. This will log your terminal into the virtual machine, and you'll get a Linux shell prompt. When you want to log out, type ``exit`` at the shell prompt. To turn the virtual machine off (without deleting anything), type ``vagrant halt``. If you do this, you'll need to run ``vagrant up`` again before you can log into it.

Now that you have Vagrant up and running type ``vagrant ssh`` to log into your VM. Change directory to the /vagrant directory by typing ``cd /vagrant``. This will take you to the shared folder between your virtual machine and host machine.

Type ``ls`` to ensure that you are inside the directory that contains project.py, database_setup.py, and two directories named 'templates' and 'static'

Now type ``python database_setup.py`` to initialize the database.

Type ``python lotsofmenus.py`` to populate the database with restaurants and menu items. (Optional)

Type ``python project.py`` to run the Flask web server. In your browser visit http://localhost:5000 to view the restaurant menu app. You should be able to view, add, edit, and delete menu items and restaurants.

#### Steps to Run the App in the Vagrant VM
Task List

* Fork the [starter repo](https://github.com/udacity/OAuth2.0)
* Clone the remote to your local machine from the terminal: `` git clone http://github.com/airdenis/OAuth2.0 oauth``
* Run the virtual machine: ``cd oauth``, ``vagrant up`` and ``vagrant ssh``


## CHAPTER 5: Step 1 Create Client ID & Secret

In [6]:
id = '8aGoty0VXgw'
YouTubeVideo(id=id, width=600)

### Errata:

Google has changed the user interface for obtaining OAuth credentials since this video was created. The functionality is the same, but the appearance is somewhat different from what's depicted here.

1. Go to your app's page in the Google APIs Console — https://console.developers.google.com/apis
2. Choose ``Credentials`` from the menu on the left.
3. Create an ``OAuth Client ID``.
4. This will require you to configure the ``consent screen``, with the same choices as in the video.
5. When you're presented with a list of application types, choose ``Web application``.
6. You can then set the authorized JavaScript origins, with the same settings as in the video.
7. You will then be able to get the client ID and client secret.

You can also download the client secret as a JSON data file once you have created it.


## CHAPTER 6: Step 2 Create anti forgery state token 

In [7]:
id = 'mHRPfJulLbg'
YouTubeVideo(id=id, width=600)

Line 20 onwards of this [project.py](https://github.com/udacity/ud330/blob/master/Lesson2/step2/project.py) file shows how our application can create an anti-forgery state token.


## CHAPTER 7: Step 3 Create login page

In [8]:
id = 'NKUFDFRg1Lo'
YouTubeVideo(id=id, width=600)

### Note:

Line 18 should read ``data-scope = "openid email"`` in order to retrieve a user's email address.

The [login.html](https://github.com/udacity/ud330/blob/master/Lesson2/step3/templates/login.html) file for this exercise can be found on GitHub.


## CHAPTER 8: Step 4 Make a Callback Method

In [9]:
id = 'Gq-LS8ykG7Y'
YouTubeVideo(id=id, width=600)

View the [login.html](https://github.com/udacity/ud330/blob/master/Lesson2/step4/templates/login.html) page now with the added callback function.

At the 1:00 minute mark, Lorenzo adds a template variable called STATE.

In order to populate that variable when the template is rendered, you need to pass it to the ``render_template`` function:

```python
# Create anti-forgery state token
@app.route('/login')
def showLogin():
    state = ''.join(random.choice(string.ascii_uppercase + string.digits)
                    for x in xrange(32))
    login_session['state'] = state
    # return "The current session state is %s" % login_session['state']
    return render_template('login.html', STATE=state)
```


## CHAPTER 9: Step 5 GConnect

In [10]:
id = 'yJFGk8v_-8Y'
YouTubeVideo(id=id, width=600)

The code from this video can be found [here](https://github.com/udacity/ud330/blob/master/Lesson2/step5/project.py).

__IMPORTANT__: Depending on the version of Flask you have, you may or may not be able to store a credentials object in the ``login_session`` the same way that Lorenzo does. You may get the following error:

OAuth2Credentials object is not JSON serializable

What should you do to fix this? There are three options:

1. Rather than storing the entire ``credentials`` object you can store just the access token instead. It can be accessed using ``credentials.access_token``.
2. The OAuth2Credentials class comes with methods that can help you. The ``.to_json()`` and ``.from_json()`` methods can help you store and retrieve the credentials object in json format.
3. Update your versions of Flask, _ and _ to match Lorenzo's. Use the following commands:
```PYTHON
pip install werkzeug==0.8.3
pip install flask==0.9
pip install Flask-Login==0.1.3
```
__Note__: If you get a permissions error, you will need to include ``sudo`` at the beginning of each command. That should look like this: ``sudo pip install flask==0.9``

Go to the GoogleDevConsole> API & Auth> Credentials>Select your app> Authorized Redirect URIs and add the following URIS: http://localhost:5000/login and http://localhost:5000/gconnect You may have to change the port number depending on the port number you have set your app to run on.

Example code: https://github.com/udacity/ud330/blob/master/Lesson2/step5/project.py


## CHAPTER 10: Step 6 Disconnect 

In [11]:
id = 'V79rAhffPA4'
YouTubeVideo(id=id, width=600)

The code form this video can be found at https://github.com/udacity/ud330/blob/master/Lesson2/step6/project.py

The example code from the previous video can be found at https://github.com/udacity/ud330/blob/master/Lesson2/step6/project.py


## CHAPTER 11: Step 7 Protecting Pages

In [12]:
id = 'ghedDtyBmaQ'
YouTubeVideo(id=id, width=600)

In [13]:
id = 'NzcCgh7wrQo'
YouTubeVideo(id=id, width=600)

## CHAPTER 12: Wrap-up

In [14]:
id = 'Fpa_jG-yYbs'
YouTubeVideo(id=id, width=600)