jmcelroy5/gist:a12508f0d9ab886eb09a

## gistfile1.txt
# Working code for Facebook's OAuth using Flask-OAuth library

from flask import session as flask_session
from flask_oauth import OAuth

oauth = OAuth()

facebook = oauth.remote_app('facebook',
    base_url='https://graph.facebook.com/',
    request_token_url=None,
    access_token_url='/oauth/access_token',
    authorize_url='https://www.facebook.com/dialog/oauth',
    consumer_key=FACEBOOK_APP_ID,
    consumer_secret=FACEBOOK_APP_SECRET,
    request_token_params={'scope': ('email, ')})

@facebook.tokengetter
def get_facebook_token():
    return flask_session.get('facebook_token')

@app.route("/facebook_authorized")
@facebook.authorized_handler
def facebook_authorized(resp):
    next_url = request.args.get('next') or url_for('index')
    flash("You are logged in.")
    if resp is None or 'access_token' not in resp:
    	flash("Facebook authentication failed.")
        return redirect(next_url)

    flask_session['logged_in'] = True
    flask_session['facebook_token'] = (resp['access_token'], '')

    return redirect(next_url)

@app.route("/getuser")
def get_user():
	data = facebook.get('/me').data
	user_photo = facebook.get('/me/picture?redirect=false').data
	return jsonify(data)

def pop_login_session():
    flask_session.pop('logged_in', None)
    flask_session.pop('facebook_token', None)

@app.route("/facebook_login")
def facebook_login():
    return facebook.authorize(callback=url_for('facebook_authorized',
        next=request.args.get('next'), _external=True))

@app.route("/logout")
def logout():
    pop_login_session()
    return redirect(url_for('index'))


# Non-working code for BikeIndex OAuth

oauth2 = OAuth()

bikeindex = oauth2.remote_app('bikeindex',
    base_url='https://bikeindex.org',
    request_token_url=None,
    access_token_url='/oauth/authorize',
    authorize_url='/oauth/authorize',
    consumer_key=BIKEINDEX_KEY, #environment variable
    consumer_secret=BIKEINDEX_SECRET, #environment variable
    request_token_params={'scope': ('public'), 'response_type': 'code'})

@bikeindex.tokengetter
def get_bikeindex_token():
	return flask_session.get('bikeindex_token')

@app.route("/bikeindex_login") # This works - takes you to BikeIndex authorization page
def bikeindex_login():
    return bikeindex.authorize(callback=url_for('bikeindex_authorized', _external=True))

@app.route("/bikeindex_authorized", methods=['GET','POST'])  # Something is going wrong here
@bikeindex.authorized_handler
def bikeindex_authorized(resp):
	"""Getting flask oauth exception: Invalid response from BikeIndex"""
    next_url = request.args.get('next') or url_for('index')
    flash("You are logged in.")
    if resp is None or 'access_token' not in resp:
    	flash("BikeIndex authentication failed.")
        return redirect(next_url)

    flask_session['bikeindex_authorized'] = True
    flask_session['bikeindex_token'] = (resp['access_token'], '')
    # Note: also tried request.form['access_token'], request.form['authenticity_token']

@app.route("/getuser_bikeindex") # This works with hardcoded access token
def user_data():
    """Grab user profile information from Bike Index."""
    access_token = os.environ.get('BIKEINDEX_ACCESS_TOKEN')
    BI_request = requests.get('https://bikeindex.org/api/v2/users/current?access_token=' + access_token)
    BI_user = BI_request.json()
    bikeindex_userdata = {
         	'bikeindex_user_id': BI_user['id'],
            	'bike_ids': BI_user['bike_ids']
         }
    # Will put something here that stores user's bike ids in database
    return jsonify(bikeindex_userdata)
	# Working code for Facebook's OAuth using Flask-OAuth library

	from flask import session as flask_session
	from flask_oauth import OAuth

	oauth = OAuth()

	facebook = oauth.remote_app('facebook',
	base_url='https://graph.facebook.com/',
	request_token_url=None,
	access_token_url='/oauth/access_token',
	authorize_url='https://www.facebook.com/dialog/oauth',
	consumer_key=FACEBOOK_APP_ID,
	consumer_secret=FACEBOOK_APP_SECRET,
	request_token_params={'scope': ('email, ')})

	@facebook.tokengetter
	def get_facebook_token():
	return flask_session.get('facebook_token')

	@app.route("/facebook_authorized")
	@facebook.authorized_handler
	def facebook_authorized(resp):
	next_url = request.args.get('next') or url_for('index')
	flash("You are logged in.")
	if resp is None or 'access_token' not in resp:
	flash("Facebook authentication failed.")
	return redirect(next_url)

	flask_session['logged_in'] = True
	flask_session['facebook_token'] = (resp['access_token'], '')

	return redirect(next_url)

	@app.route("/getuser")
	def get_user():
	data = facebook.get('/me').data
	user_photo = facebook.get('/me/picture?redirect=false').data
	return jsonify(data)

	def pop_login_session():
	flask_session.pop('logged_in', None)
	flask_session.pop('facebook_token', None)

	@app.route("/facebook_login")
	def facebook_login():
	return facebook.authorize(callback=url_for('facebook_authorized',
	next=request.args.get('next'), _external=True))

	@app.route("/logout")
	def logout():
	pop_login_session()
	return redirect(url_for('index'))




	# Non-working code for BikeIndex OAuth

	oauth2 = OAuth()

	bikeindex = oauth2.remote_app('bikeindex',
	base_url='https://bikeindex.org',
	request_token_url=None,
	access_token_url='/oauth/authorize',
	authorize_url='/oauth/authorize',
	consumer_key=BIKEINDEX_KEY, #environment variable
	consumer_secret=BIKEINDEX_SECRET, #environment variable
	request_token_params={'scope': ('public'), 'response_type': 'code'})

	@bikeindex.tokengetter
	def get_bikeindex_token():
	return flask_session.get('bikeindex_token')

	@app.route("/bikeindex_login") # This works - takes you to BikeIndex authorization page
	def bikeindex_login():
	return bikeindex.authorize(callback=url_for('bikeindex_authorized', _external=True))

	@app.route("/bikeindex_authorized", methods=['GET','POST']) # Something is going wrong here
	@bikeindex.authorized_handler
	def bikeindex_authorized(resp):
	"""Getting flask oauth exception: Invalid response from BikeIndex"""
	next_url = request.args.get('next') or url_for('index')
	flash("You are logged in.")
	if resp is None or 'access_token' not in resp:
	flash("BikeIndex authentication failed.")
	return redirect(next_url)

	flask_session['bikeindex_authorized'] = True
	flask_session['bikeindex_token'] = (resp['access_token'], '')
	# Note: also tried request.form['access_token'], request.form['authenticity_token']

	@app.route("/getuser_bikeindex") # This works with hardcoded access token
	def user_data():
	"""Grab user profile information from Bike Index."""
	access_token = os.environ.get('BIKEINDEX_ACCESS_TOKEN')
	BI_request = requests.get('https://bikeindex.org/api/v2/users/current?access_token=' + access_token)
	BI_user = BI_request.json()
	bikeindex_userdata = {
	'bikeindex_user_id': BI_user['id'],
	'bike_ids': BI_user['bike_ids']
	}
	# Will put something here that stores user's bike ids in database
	return jsonify(bikeindex_userdata)