Skip to content
Browse files

Refactor sanction / oauth code out of authentication policy

  • Loading branch information...
1 parent 39377e4 commit dadbca839992ba1f66faa83a5fa23e9e4c5f6710 @karenc committed Mar 11, 2014
View
43 openstax_accounts_pyramid/authentication_policy.py
@@ -1,15 +1,12 @@
# -*- coding: utf-8 -*-
-import json
-import urlparse
-import uuid
-
from pyramid.httpexceptions import HTTPFound
from pyramid.interfaces import IAuthenticationPolicy
from pyramid.security import Everyone, Authenticated
-import sanction
from zope.interface import implements
+from .interfaces import *
+
def get_user_from_session(request):
"""Create a helper function for getting the user profile from request.user
@@ -20,45 +17,24 @@ def get_user_from_session(request):
class OpenstaxAccountsAuthenticationPolicy(object):
implements(IAuthenticationPolicy)
- def __init__(self, server_url, application_id, application_secret,
- application_url, login_path, callback_path):
- resource_url = server_url
- authorize_url = urlparse.urljoin(server_url, '/oauth/authorize')
- token_url = urlparse.urljoin(server_url, '/oauth/token')
- self.redirect_uri = urlparse.urljoin(application_url, '/callback')
-
- self.sanction_client = sanction.Client(
- auth_endpoint=authorize_url,
- token_endpoint=token_url,
- resource_endpoint=resource_url,
- client_id=application_id,
- client_secret=application_secret)
-
+ def __init__(self, client, login_path, callback_path):
+ self.client = client
self.login_path = login_path
self.callback_path = callback_path
def _login(self, request):
- raise HTTPFound(location=self.sanction_client.auth_uri(redirect_uri=self.redirect_uri))
+ raise HTTPFound(location=self.client.auth_uri())
def _callback(self, request):
code = request.params['code']
- def parser_remove_null_expires_in(data):
- data = json.loads(data)
- if data.get('expires_in', '') is None:
- data.pop('expires_in')
- return data
-
- self.sanction_client.request_token(
- parser=parser_remove_null_expires_in,
- code=code,
- redirect_uri=self.redirect_uri)
+ self.client.request_token_with_code(code)
def authenticated_userid(self, request):
if request.path == self.login_path:
return self._login(request)
if request.path == self.callback_path:
self._callback(request)
- me = self.sanction_client.request('/api/v1/me.json')
+ me = self.client.request('/api/users/me.json')
request.session.update({
'profile': me,
'username': me.get('username'),
@@ -87,10 +63,7 @@ def main(config):
config.add_request_method(get_user_from_session, 'user', reify=True)
settings = config.registry.settings
config.set_authentication_policy(OpenstaxAccountsAuthenticationPolicy(
- server_url=settings['openstax_accounts.server_url'],
- application_id=settings['openstax_accounts.application_id'],
- application_secret=settings['openstax_accounts.application_secret'],
- application_url=settings['openstax_accounts.application_url'],
+ client=config.registry.getUtility(IOpenstaxAccounts, 'authentication'),
login_path=settings['openstax_accounts.login_path'],
callback_path=settings['openstax_accounts.callback_path'],
))
View
4 openstax_accounts_pyramid/interfaces.py
@@ -0,0 +1,4 @@
+from zope.interface import Interface
+
+class IOpenstaxAccounts(Interface):
+ pass
View
69 openstax_accounts_pyramid/openstax_accounts.py
@@ -0,0 +1,69 @@
+# -*- coding: utf-8 -*-
+
+import json
+import urllib
+import urlparse
+
+import sanction
+from zope.interface import implements
+
+from .interfaces import *
+
+# A json parser for data returned from a request_token request because sanction
+# does not work with a null expires_in
+def parser_remove_null_expires_in(data):
+ data = json.loads(data)
+ if data.get('expires_in', '') is None:
+ data.pop('expires_in')
+ return data
+
+class OpenstaxAccounts(object):
+ implements(IOpenstaxAccounts)
+
+ def __init__(self, server_url, application_id, application_secret,
+ application_url):
+ resource_url = server_url
+ authorize_url = urlparse.urljoin(server_url, '/oauth/authorize')
+ token_url = urlparse.urljoin(server_url, '/oauth/token')
+ self.redirect_uri = urlparse.urljoin(application_url, '/callback')
+
+ self.sanction_client = sanction.Client(
+ auth_endpoint=authorize_url,
+ token_endpoint=token_url,
+ resource_endpoint=resource_url,
+ client_id=application_id,
+ client_secret=application_secret)
+
+ def auth_uri(self):
+ return self.sanction_client.auth_uri(redirect_uri=self.redirect_uri)
+
+ def request_token_with_code(self, code):
+ self.sanction_client.request_token(
+ code=code,
+ redirect_uri=self.redirect_uri,
+ parser=parser_remove_null_expires_in)
+
+ def request_application_token(self):
+ self.sanction_client.request_token(
+ grant_type='client_credentials',
+ parser=parser_remove_null_expires_in)
+
+ def request(self, *args, **kwargs):
+ return self.sanction_client.request(*args, **kwargs)
+
+
+def main(config):
+ settings = config.registry.settings
+ server_url = settings['openstax_accounts.server_url']
+ application_id = settings['openstax_accounts.application_id']
+ application_secret = settings['openstax_accounts.application_secret']
+ application_url = settings['openstax_accounts.application_url']
+
+ args = (server_url, application_id, application_secret, application_url)
+
+ openstax_accounts = OpenstaxAccounts(*args)
+ openstax_accounts.request_application_token()
+ config.registry.registerUtility(openstax_accounts, IOpenstaxAccounts)
+
+ config.registry.registerUtility(OpenstaxAccounts(*args), IOpenstaxAccounts,
+ 'authentication')

0 comments on commit dadbca8

Please sign in to comment.
Something went wrong with that request. Please try again.