from django.shortcuts import render from django.views import View from django.conf import settings from django.http import HttpResponse from django.http import HttpResponseRedirect import requests import hashlib import json # Create your views here. # Redirect url should point to this view class LoginRedirect(View): def get(self, req): # Check request has correct arguments request_valid = 'state' in req.GET and 'code' in req.GET if not request_valid: r = HttpResponse('

Error

There was an error in your request. Please try again

') r.status = 400 return r # Check state userstate = generateState(req) if userstate == req.GET['state']: code = req.GET['code'] resp = requests.post( settings.AUTH_TOKEN_ENDPOINT+"token", data={ 'grant_type':'authorization_code', 'code':code, 'redirect_uri':settings.AUTH_REDIRECT_URL, 'client_id':settings.AUTH_CLIENT_ID }, headers = { 'Authorization':'Basic %s'%settings.AUTH_B64 } ) resp_json = resp.json() if 'error' in resp_json: r = HttpResponse('

OAuth Error

%s
'%json.dumps(resp_json)) r.status = 500 return r else: req.session['token'] = resp_json['access_token'] return HttpResponseRedirect('/') else: return HttpResponse('

Unmatching state tokens


It looks like the request to login wasn\'t started by you. Try going back to the home page and logging in again.

', status=400) class Login(View): def get(self, req): url = '%sauthorize?response_type=code&client_id=%s&redirect_uri=%s&scope=email&state=%s'%(settings.AUTH_TOKEN_ENDPOINT,settings.AUTH_CLIENT_ID,settings.AUTH_REDIRECT_URL, generateState(req)) response = HttpResponse("Redirecting you to the IcyNet auth page...") response.status_code = 302 response['Location'] = url return response def generateState(request): request.session.save() m = hashlib.sha256() m.update(bytearray(request.session.session_key, 'utf-8')) m.update(bytearray(settings.SECRET_KEY, 'utf-8')) return m.hexdigest()