Skip to content

Instantly share code, notes, and snippets.

@patrickfuller
Last active May 21, 2017 17:39
Show Gist options
  • Save patrickfuller/ce8d4cb0666b9229dbcf to your computer and use it in GitHub Desktop.
Save patrickfuller/ce8d4cb0666b9229dbcf to your computer and use it in GitHub Desktop.
Compares tornado.auth.GoogleMixin with tornado.auth.GoogleOAuth2Mixin. The latter is required after google's OAuth updates.
"""
A webserver to test Google OAuth in a couple of scenarios.
"""
import argparse
import time
import tornado.ioloop
import tornado.web
import tornado.auth
import tornado.gen
COOKIE_NAME = "tornado_google_oauth_test"
class IndexHandler(tornado.web.RequestHandler):
def get(self):
if not self.get_secure_cookie(COOKIE_NAME):
self.redirect("/auth")
else:
self.write("<html><head></head><body><h1>Hi</h1></body></html>")
class GoogleHandler(tornado.web.RequestHandler, tornado.auth.GoogleMixin):
@tornado.web.asynchronous
def get(self):
if self.get_argument("openid.mode", None):
self.get_authenticated_user(self.async_callback(self._on_auth))
else:
self.authenticate_redirect()
def _on_auth(self, user):
if user:
self.set_secure_cookie(COOKIE_NAME, str(time.time()))
self.redirect("/")
else:
raise tornado.web.HTTPError(500, "Google auth failed")
class GoogleOAuth2Handler(tornado.web.RequestHandler,
tornado.auth.GoogleOAuth2Mixin):
@tornado.gen.coroutine
def get(self):
redirect_uri = "http://localhost:%d/auth" % args.port
if self.get_argument("code", False):
yield self.get_authenticated_user(
redirect_uri=redirect_uri,
code=self.get_argument("code"))
self.set_secure_cookie(COOKIE_NAME, str(time.time()))
self.redirect("/")
else:
yield self.authorize_redirect(
redirect_uri=redirect_uri,
client_id=self.settings["google_oauth"]["key"],
scope=["profile", "email"],
response_type="code",
extra_params={"approval_prompt": "auto"})
parser = argparse.ArgumentParser(description="Starts a basic test webserver.")
parser.add_argument("--port", type=int, default=15000, help="The port on "
"which to serve the website")
parser.add_argument("--oauth2", action="store_true", help="Uses "
"GoogleOAuth2Mixin instead of GoogleMixin")
args = parser.parse_args()
# Be sure to edit COOKIE_SECRET with a uuid and CLIENT_ID and CLIENT_SECRET
# with the registered values from http://console.developers.google.com
handler = [(r"/", IndexHandler)]
kwargs = {"cookie_secret": "COOKIE_SECRET"}
if args.oauth2:
handler.append((r"/auth", GoogleOAuth2Handler))
kwargs["google_oauth"] = {"key": "CLIENT_ID", "secret": "CLIENT_SECRET"}
else:
handler.append((r"/auth", GoogleHandler))
application = tornado.web.Application(handler, **kwargs)
application.listen(args.port)
tornado.ioloop.IOLoop.instance().start()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment