Eos/eosweb/redditauth/main.py

#   Eos - Verifiable elections
#   Copyright © 2017  RunasSudo (Yingtong Li)
#
#   This program is free software: you can redistribute it and/or modify
#   it under the terms of the GNU Affero General Public License as published by
#   the Free Software Foundation, either version 3 of the License, or
#   (at your option) any later version.
#
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU Affero General Public License for more details.
#
#   You should have received a copy of the GNU Affero General Public License
#   along with this program.  If not, see <http://www.gnu.org/licenses/>.

from flask_oauthlib.client import OAuth

import flask

from eos.redditauth.election import *

import base64
import uuid

def main(app):
	oauth = OAuth()
	reddit = oauth.remote_app('Reddit',
		request_token_url=None,
		authorize_url='https://www.reddit.com/api/v1/authorize.compact',
		request_token_params={'duration': 'temporary', 'scope': 'identity'},
		access_token_url='https://www.reddit.com/api/v1/access_token',
		access_token_method='POST',
		access_token_headers={
			'Authorization': 'Basic ' + base64.b64encode('{}:{}'.format(app.config['REDDIT_OAUTH_CLIENT_ID'], app.config['REDDIT_OAUTH_CLIENT_SECRET']).encode('ascii')).decode('ascii'),
			'User-Agent': app.config['REDDIT_USER_AGENT']
		},
		consumer_key=app.config['REDDIT_OAUTH_CLIENT_ID'],
		consumer_secret=app.config['REDDIT_OAUTH_CLIENT_SECRET']
	)
	
	@app.route('/auth/reddit/login')
	def reddit_login():
		return reddit.authorize(callback=app.config['BASE_URI'] + flask.url_for('reddit_oauth_authorized'), state=uuid.uuid4())
	
	@reddit.tokengetter
	def get_reddit_oauth_token():
		return (flask.session.get('user').oauth_token, '')
	
	@app.route('/auth/reddit/oauth_callback')
	def reddit_oauth_authorized():
		resp = reddit.authorized_response()
		if resp is None:
			# Request denied
			return flask.redirect(flask.url_for('login_cancelled'))
		
		user = RedditUser()
		user.oauth_token = resp['access_token']
		flask.session['user'] = user
		
		me = reddit.get('https://oauth.reddit.com/api/v1/me', headers={
			'User-Agent': app.config['REDDIT_USER_AGENT']
		})
		user.username = me.data['name']
		
		return flask.redirect(flask.url_for('login_complete'))
Basic Reddit authentication flow 2017-11-25 22:37:54 +11:00			`# Eos - Verifiable elections`
			`# Copyright © 2017 RunasSudo (Yingtong Li)`
			`#`
			`# This program is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU Affero General Public License as published by`
			`# the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Affero General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Affero General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>.`

			`from flask_oauthlib.client import OAuth`

			`import flask`

Implement voters in terms of users 2017-11-26 11:17:28 +11:00			`from eos.redditauth.election import *`
Basic Reddit authentication flow 2017-11-25 22:37:54 +11:00
			`import base64`
			`import uuid`

			`def main(app):`
			`oauth = OAuth()`
			`reddit = oauth.remote_app('Reddit',`
			`request_token_url=None,`
			`authorize_url='https://www.reddit.com/api/v1/authorize.compact',`
			`request_token_params={'duration': 'temporary', 'scope': 'identity'},`
			`access_token_url='https://www.reddit.com/api/v1/access_token',`
			`access_token_method='POST',`
			`access_token_headers={`
			`'Authorization': 'Basic ' + base64.b64encode('{}:{}'.format(app.config['REDDIT_OAUTH_CLIENT_ID'], app.config['REDDIT_OAUTH_CLIENT_SECRET']).encode('ascii')).decode('ascii'),`
			`'User-Agent': app.config['REDDIT_USER_AGENT']`
			`},`
			`consumer_key=app.config['REDDIT_OAUTH_CLIENT_ID'],`
			`consumer_secret=app.config['REDDIT_OAUTH_CLIENT_SECRET']`
			`)`

			`@app.route('/auth/reddit/login')`
			`def reddit_login():`
			`return reddit.authorize(callback=app.config['BASE_URI'] + flask.url_for('reddit_oauth_authorized'), state=uuid.uuid4())`

			`@reddit.tokengetter`
			`def get_reddit_oauth_token():`
			`return (flask.session.get('user').oauth_token, '')`

			`@app.route('/auth/reddit/oauth_callback')`
			`def reddit_oauth_authorized():`
			`resp = reddit.authorized_response()`
			`if resp is None:`
			`# Request denied`
			`return flask.redirect(flask.url_for('login_cancelled'))`

			`user = RedditUser()`
			`user.oauth_token = resp['access_token']`
			`flask.session['user'] = user`

Integrate authentication into voting booth Also fix a number (several too many) bugs that found their way into the system following the previous few commits 2017-11-25 23:16:29 +11:00			`me = reddit.get('https://oauth.reddit.com/api/v1/me', headers={`
			`'User-Agent': app.config['REDDIT_USER_AGENT']`
			`})`
Basic Reddit authentication flow 2017-11-25 22:37:54 +11:00			`user.username = me.data['name']`

			`return flask.redirect(flask.url_for('login_complete'))`