1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
"""
Github OAuth2 backend, docs at:
http://psa.matiasaguirre.net/docs/backends/github.html
"""
from requests import HTTPError
from social.exceptions import AuthFailed
from social.backends.oauth import BaseOAuth2
class GithubOAuth2(BaseOAuth2):
"""Github OAuth authentication backend"""
name = 'github'
AUTHORIZATION_URL = 'https://github.com/login/oauth/authorize'
ACCESS_TOKEN_URL = 'https://github.com/login/oauth/access_token'
ACCESS_TOKEN_METHOD = 'POST'
SCOPE_SEPARATOR = ','
EXTRA_DATA = [
('id', 'id'),
('expires', 'expires')
]
def get_user_details(self, response):
"""Return user details from Github account"""
fullname, first_name, last_name = self.get_user_names(
response.get('name')
)
return {'username': response.get('login'),
'email': response.get('email') or '',
'fullname': fullname,
'first_name': first_name,
'last_name': last_name}
def user_data(self, access_token, *args, **kwargs):
"""Loads user data from service"""
data = self._user_data(access_token)
if not data.get('email'):
try:
email = self._user_data(access_token, '/emails')[0]
except (HTTPError, IndexError, ValueError, TypeError):
email = ''
if isinstance(email, dict):
email = email.get('email', '')
data['email'] = email
return data
def _user_data(self, access_token, path=None):
url = 'https://api.github.com/user{0}'.format(path or '')
return self.get_json(url, params={'access_token': access_token})
class GithubMemberOAuth2(GithubOAuth2):
no_member_string = ''
def user_data(self, access_token, *args, **kwargs):
"""Loads user data from service"""
user_data = super(GithubMemberOAuth2, self).user_data(
access_token, *args, **kwargs
)
try:
self.request(self.member_url(user_data), params={
'access_token': access_token
})
except HTTPError as err:
# if the user is a member of the organization, response code
# will be 204, see http://bit.ly/ZS6vFl
if err.response.status_code != 204:
raise AuthFailed(self,
'User doesn\'t belong to the organization')
return user_data
def member_url(self, user_data):
raise NotImplementedError('Implement in subclass')
class GithubOrganizationOAuth2(GithubMemberOAuth2):
"""Github OAuth2 authentication backend for organizations"""
name = 'github-org'
no_member_string = 'User doesn\'t belong to the organization'
def member_url(self, user_data):
return 'https://api.github.com/orgs/{org}/members/{username}'\
.format(org=self.setting('NAME'),
username=user_data.get('login'))
class GithubTeamOAuth2(GithubMemberOAuth2):
"""Github OAuth2 authentication backend for teams"""
name = 'github-team'
no_member_string = 'User doesn\'t belong to the team'
def member_url(self, user_data):
return 'https://api.github.com/teams/{team_id}/members/{username}'\
.format(team_id=self.setting('ID'),
username=user_data.get('login'))
|
