- Make the OAuth config system centralized
- Add support for Github Enterprise login
This commit is contained in:
Joseph Schorr
parent
6deafe8c86
commit
3e79379942
11 changed files with 196 additions and 83 deletions
81
util/oauth.py
Normal file
81
util/oauth.py
Normal file
|
|
@ -0,0 +1,81 @@
|
|||
import urlparse
|
||||
|
||||
class OAuthConfig(object):
|
||||
def __init__(self, app, key_name):
|
||||
self.key_name = key_name
|
||||
self.config = app.config.get(key_name, {})
|
||||
|
||||
def service_name(self):
|
||||
raise NotImplementedError
|
||||
|
||||
def token_endpoint(self):
|
||||
raise NotImplementedError
|
||||
|
||||
def user_endpoint(self):
|
||||
raise NotImplementedError
|
||||
|
||||
def login_endpoint(self):
|
||||
raise NotImplementedError
|
||||
|
||||
def client_id(self):
|
||||
return self.config.get('CLIENT_ID')
|
||||
|
||||
def client_secret(self):
|
||||
return self.config.get('CLIENT_SECRET')
|
||||
|
||||
def _get_url(self, endpoint, *args):
|
||||
if not endpoint:
|
||||
raise Exception('Missing endpoint configuration for OAuth config %s', self.key_name)
|
||||
|
||||
for arg in args:
|
||||
endpoint = urlparse.urljoin(endpoint, arg)
|
||||
|
||||
return endpoint
|
||||
|
||||
|
||||
class GithubOAuthConfig(OAuthConfig):
|
||||
def __init__(self, app, key_name):
|
||||
super(GithubOAuthConfig, self).__init__(app, key_name)
|
||||
|
||||
def service_name(self):
|
||||
return 'GitHub'
|
||||
|
||||
def authorize_endpoint(self):
|
||||
endpoint = self.config.get('GITHUB_ENDPOINT')
|
||||
return self._get_url(endpoint, '/login/oauth/authorize') + '?'
|
||||
|
||||
def token_endpoint(self):
|
||||
endpoint = self.config.get('GITHUB_ENDPOINT')
|
||||
return self._get_url(endpoint, '/login/oauth/access_token')
|
||||
|
||||
def _api_endpoint(self):
|
||||
endpoint = self.config.get('GITHUB_ENDPOINT')
|
||||
return self.config.get('API_ENDPOINT', self._get_url(endpoint, '/api/v3/'))
|
||||
|
||||
def user_endpoint(self):
|
||||
api_endpoint = self._api_endpoint()
|
||||
return self._get_url(api_endpoint, 'user')
|
||||
|
||||
def email_endpoint(self):
|
||||
api_endpoint = self._api_endpoint()
|
||||
return self._get_url(api_endpoint, 'user/emails')
|
||||
|
||||
|
||||
class GoogleOAuthConfig(OAuthConfig):
|
||||
def __init__(self, app, key_name):
|
||||
super(GoogleOAuthConfig, self).__init__(app, key_name)
|
||||
|
||||
def service_name(self):
|
||||
return 'Google'
|
||||
|
||||
def authorize_endpoint(self):
|
||||
return 'https://accounts.google.com/o/oauth2/auth?response_type=code&'
|
||||
|
||||
def token_endpoint(self):
|
||||
return 'https://accounts.google.com/o/oauth2/token'
|
||||
|
||||
def user_endpoint(self):
|
||||
return 'https://www.googleapis.com/oauth2/v1/userinfo'
|
||||
|
||||
|
||||
|
||||
Reference in a new issue