Last active
August 29, 2015 14:12
-
-
Save claytantor/1d1169e0cc6d77d2c3ff to your computer and use it in GitHub Desktop.
Backflips related to using Mailchimp OAuth2 Implementation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# AUTH | |
# ****************************************************************************************** | |
# Step 1: Your application begins the authorization process by redirecting the user to the authorize_uri | |
# | |
# - this is a GET request | |
# - response_type=code, your client_id, and the *urlencoded* redirect_uri are included | |
# ****************************************************************************************** | |
# | |
# authorize_uri = https://login.mailchimp.com/oauth2/authorize?response_type=code&client_id=635959587059&redirect_uri=http%3A%2F%2F192.168.1.8%2Foauth%2Fcomplete.php | |
def auth_mc(request): | |
bannanas = Bananas_OAuth() | |
return redirect(bannanas.authorize_url()) | |
# ****************************************************************************************** | |
# Step 4: Your application must make an out-of-band request to the access_token_uri using the "code" returned | |
# | |
# - This is a POST request | |
# - as you can see, grant_type, client_id, client_secret, code, and redirect_uri are *all* POSTed | |
# ****************************************************************************************** | |
# | |
# access_token_uri: https://login.mailchimp.com/oauth2/token | |
# | |
# REQUEST: | |
# | |
# POST /oauth2/token HTTP/1.1 | |
# User-Agent: oauth2-draft-v10 | |
# Host: login.mailchimp.com | |
# Accept: application/json | |
# Content-Length: 198 | |
# Content-Type: application/x-www-form-urlencoded | |
# | |
# grant_type=authorization_code&client_id=635959587059&client_secret=0da3e7744949e1406b7b250051ee1a95&code=1edf2589e664fd317f6a7ff5f97b42f7&redirect_uri=http%3A%2F%2F192.168.1.8%2Foauth%2Fcomplete.php | |
def redirect_mc(request, tempate_name='redirect_mc.html'): | |
bannanas = Bananas_OAuth() | |
#{'access_token': 'secret', 'scope': None, 'expires_in': 0} | |
bannanas_auth = bannanas.authenticate(request.GET['code']) | |
# what the user info that comes from bananas | |
# This is a bad approach because what we really need here | |
# is some user info so we can either look up the user if they already exist | |
# or create the user if it doesnt. Using the accountname is not a good idea | |
# because it can change. | |
# { | |
# "login_url": "https://login.mailchimp.com", | |
# "access_token": "secret", | |
# "expires_in": 0, | |
# "dc": "us1", | |
# "accountname": "Your Account Name Can Change Inc.,", | |
# "api_endpoint": "https://us1.api.mailchimp.com", | |
# "role": "owner", | |
# "scope": null | |
# } | |
if bannanas_auth['access_token']: | |
#try to get the user info | |
#account-details | |
mc = mailchimp.Mailchimp(bannanas_auth['access_token']) | |
#account-details(string apikey, array exclude) | |
details = mc.helper.account_details() | |
try: | |
cp_user = CallpugUser.objects.get(username=details['user_id']) | |
cp_user.access_token = bannanas_auth['access_token'] | |
cp_user.save() | |
except ObjectDoesNotExist: | |
#use the mailchimp user id which will not change | |
cp_user = CallpugUser.objects.create_user( | |
details['user_id'], details['contact']['email'], | |
settings.CALLPUG_SECRET_KEY) | |
cp_user.integration_type='mailchimp' | |
cp_user.integration_id=details['user_id'] | |
cp_user.access_token=bannanas_auth['access_token'] | |
cp_user.save() | |
# authenticate the user, this shouldnt use the account name because it can change | |
# we use the mailchimp username_i to authenticate | |
print 'authenticating: {0}:{1}'.format(dedtails['user_id'],settings.CALLPUG_SECRET_KEY) | |
auth_user = authenticate(username=details['user_id'], | |
password=settings.CALLPUG_SECRET_KEY) | |
if auth_user is not None: | |
if auth_user.is_active: | |
login(request, auth_user) | |
# Redirect to a success page. | |
#needs the full app url for redirect | |
return redirect(reverse('user_home')) | |
else: | |
# # Return a 'disabled account' error message | |
# context['message']=request.POST['username']+' account has been suspended.' | |
return render_to_response('error.html',{'message':'auth user is not empty but us unactive'}, | |
context_instance=RequestContext(request)) | |
#flail | |
return render_to_response('error.html',{'message':'unknown problem with login'}, | |
context_instance=RequestContext(request)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment