Last active
May 21, 2017 17:39
-
-
Save patrickfuller/ce8d4cb0666b9229dbcf to your computer and use it in GitHub Desktop.
Compares tornado.auth.GoogleMixin with tornado.auth.GoogleOAuth2Mixin. The latter is required after google's OAuth updates.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| A webserver to test Google OAuth in a couple of scenarios. | |
| """ | |
| import argparse | |
| import time | |
| import tornado.ioloop | |
| import tornado.web | |
| import tornado.auth | |
| import tornado.gen | |
| COOKIE_NAME = "tornado_google_oauth_test" | |
| class IndexHandler(tornado.web.RequestHandler): | |
| def get(self): | |
| if not self.get_secure_cookie(COOKIE_NAME): | |
| self.redirect("/auth") | |
| else: | |
| self.write("<html><head></head><body><h1>Hi</h1></body></html>") | |
| class GoogleHandler(tornado.web.RequestHandler, tornado.auth.GoogleMixin): | |
| @tornado.web.asynchronous | |
| def get(self): | |
| if self.get_argument("openid.mode", None): | |
| self.get_authenticated_user(self.async_callback(self._on_auth)) | |
| else: | |
| self.authenticate_redirect() | |
| def _on_auth(self, user): | |
| if user: | |
| self.set_secure_cookie(COOKIE_NAME, str(time.time())) | |
| self.redirect("/") | |
| else: | |
| raise tornado.web.HTTPError(500, "Google auth failed") | |
| class GoogleOAuth2Handler(tornado.web.RequestHandler, | |
| tornado.auth.GoogleOAuth2Mixin): | |
| @tornado.gen.coroutine | |
| def get(self): | |
| redirect_uri = "http://localhost:%d/auth" % args.port | |
| if self.get_argument("code", False): | |
| yield self.get_authenticated_user( | |
| redirect_uri=redirect_uri, | |
| code=self.get_argument("code")) | |
| self.set_secure_cookie(COOKIE_NAME, str(time.time())) | |
| self.redirect("/") | |
| else: | |
| yield self.authorize_redirect( | |
| redirect_uri=redirect_uri, | |
| client_id=self.settings["google_oauth"]["key"], | |
| scope=["profile", "email"], | |
| response_type="code", | |
| extra_params={"approval_prompt": "auto"}) | |
| parser = argparse.ArgumentParser(description="Starts a basic test webserver.") | |
| parser.add_argument("--port", type=int, default=15000, help="The port on " | |
| "which to serve the website") | |
| parser.add_argument("--oauth2", action="store_true", help="Uses " | |
| "GoogleOAuth2Mixin instead of GoogleMixin") | |
| args = parser.parse_args() | |
| # Be sure to edit COOKIE_SECRET with a uuid and CLIENT_ID and CLIENT_SECRET | |
| # with the registered values from http://console.developers.google.com | |
| handler = [(r"/", IndexHandler)] | |
| kwargs = {"cookie_secret": "COOKIE_SECRET"} | |
| if args.oauth2: | |
| handler.append((r"/auth", GoogleOAuth2Handler)) | |
| kwargs["google_oauth"] = {"key": "CLIENT_ID", "secret": "CLIENT_SECRET"} | |
| else: | |
| handler.append((r"/auth", GoogleHandler)) | |
| application = tornado.web.Application(handler, **kwargs) | |
| application.listen(args.port) | |
| tornado.ioloop.IOLoop.instance().start() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment