Last active
August 29, 2015 14:09
-
-
Save jmcelroy5/a12508f0d9ab886eb09a to your computer and use it in GitHub Desktop.
Flask OAuth for Facebook and BikeIndex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Working code for Facebook's OAuth using Flask-OAuth library | |
from flask import session as flask_session | |
from flask_oauth import OAuth | |
oauth = OAuth() | |
facebook = oauth.remote_app('facebook', | |
base_url='https://graph.facebook.com/', | |
request_token_url=None, | |
access_token_url='/oauth/access_token', | |
authorize_url='https://www.facebook.com/dialog/oauth', | |
consumer_key=FACEBOOK_APP_ID, | |
consumer_secret=FACEBOOK_APP_SECRET, | |
request_token_params={'scope': ('email, ')}) | |
@facebook.tokengetter | |
def get_facebook_token(): | |
return flask_session.get('facebook_token') | |
@app.route("/facebook_authorized") | |
@facebook.authorized_handler | |
def facebook_authorized(resp): | |
next_url = request.args.get('next') or url_for('index') | |
flash("You are logged in.") | |
if resp is None or 'access_token' not in resp: | |
flash("Facebook authentication failed.") | |
return redirect(next_url) | |
flask_session['logged_in'] = True | |
flask_session['facebook_token'] = (resp['access_token'], '') | |
return redirect(next_url) | |
@app.route("/getuser") | |
def get_user(): | |
data = facebook.get('/me').data | |
user_photo = facebook.get('/me/picture?redirect=false').data | |
return jsonify(data) | |
def pop_login_session(): | |
flask_session.pop('logged_in', None) | |
flask_session.pop('facebook_token', None) | |
@app.route("/facebook_login") | |
def facebook_login(): | |
return facebook.authorize(callback=url_for('facebook_authorized', | |
next=request.args.get('next'), _external=True)) | |
@app.route("/logout") | |
def logout(): | |
pop_login_session() | |
return redirect(url_for('index')) | |
# Non-working code for BikeIndex OAuth | |
oauth2 = OAuth() | |
bikeindex = oauth2.remote_app('bikeindex', | |
base_url='https://bikeindex.org', | |
request_token_url=None, | |
access_token_url='/oauth/authorize', | |
authorize_url='/oauth/authorize', | |
consumer_key=BIKEINDEX_KEY, #environment variable | |
consumer_secret=BIKEINDEX_SECRET, #environment variable | |
request_token_params={'scope': ('public'), 'response_type': 'code'}) | |
@bikeindex.tokengetter | |
def get_bikeindex_token(): | |
return flask_session.get('bikeindex_token') | |
@app.route("/bikeindex_login") # This works - takes you to BikeIndex authorization page | |
def bikeindex_login(): | |
return bikeindex.authorize(callback=url_for('bikeindex_authorized', _external=True)) | |
@app.route("/bikeindex_authorized", methods=['GET','POST']) # Something is going wrong here | |
@bikeindex.authorized_handler | |
def bikeindex_authorized(resp): | |
"""Getting flask oauth exception: Invalid response from BikeIndex""" | |
next_url = request.args.get('next') or url_for('index') | |
flash("You are logged in.") | |
if resp is None or 'access_token' not in resp: | |
flash("BikeIndex authentication failed.") | |
return redirect(next_url) | |
flask_session['bikeindex_authorized'] = True | |
flask_session['bikeindex_token'] = (resp['access_token'], '') | |
# Note: also tried request.form['access_token'], request.form['authenticity_token'] | |
@app.route("/getuser_bikeindex") # This works with hardcoded access token | |
def user_data(): | |
"""Grab user profile information from Bike Index.""" | |
access_token = os.environ.get('BIKEINDEX_ACCESS_TOKEN') | |
BI_request = requests.get('https://bikeindex.org/api/v2/users/current?access_token=' + access_token) | |
BI_user = BI_request.json() | |
bikeindex_userdata = { | |
'bikeindex_user_id': BI_user['id'], | |
'bike_ids': BI_user['bike_ids'] | |
} | |
# Will put something here that stores user's bike ids in database | |
return jsonify(bikeindex_userdata) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment