From 1f65886dc23001a75275d84e363790683d9d84c7 Mon Sep 17 00:00:00 2001
From: Jonas Leder <jonas@jonasled.de>
Date: Sun, 10 Nov 2019 15:52:31 +0100
Subject: [PATCH] rewritten oauth without library
---
main.py | 40 +++++++++++++++++++++-------------------
1 file changed, 21 insertions(+), 19 deletions(-)
diff --git a/main.py b/main.py
index fff220a..f233d79 100644
--- a/main.py
+++ b/main.py
@@ -8,7 +8,6 @@ import base64 #Used to encode the generated QR as base64, to directly insert it
from requests import post, get #Used to validate recaptcha / oauth
from io import BytesIO #Needed for base64 encoding of the image
from PIL import Image #Needed for QR generation
-from flask_github import GitHub #github oauth library
import json #used for github oauth
from html import escape #This is used to escape characters, if they are send in the url
app = Flask(__name__)
@@ -68,12 +67,11 @@ except:
host="127.0.0.1"
try:
- app.config['GITHUB_CLIENT_ID'] = os.environ['GITHUB_CLIENT_ID']
- app.config['GITHUB_CLIENT_SECRET'] = os.environ['GITHUB_CLIENT_SECRET']
+ GITHUB_CLIENT_ID = os.environ['GITHUB_CLIENT_ID']
+ GITHUB_CLIENT_SECRET = os.environ['GITHUB_CLIENT_SECRET']
except:
print("github client id or client secret is not set, please set these and run again.")
exit()
-github = GitHub(app)
try:
if(os.environ["cookieNotice"] == 1):
@@ -219,23 +217,27 @@ def redirect_short_url(short_url):
@app.route('/user/login')
def login():
- return github.authorize(scope="user") #redirect the user to the github login page and ask for access to user data (name, email, ...)
+ return redirect("https://github.com/login/oauth/authorize/?client_id=" + GITHUB_CLIENT_ID + "&scope=user") #redirect the user to the github login page and ask for access to user data (name, email, ...)
@app.route('/user/github-callback') #Github redirects to this link after the user authenticated. Then we use the Token we get from github and request via the github api the username and the userid
-@github.authorized_handler
-def authorized(oauth_token):
- if oauth_token is None:
- return "oauth failed, please try again" #If you call this page manual you get this error
-
- headers = {'Authorization': 'token ' + oauth_token,} #Useragent doesn't matters, but is set here
- githubResponse = get("https://api.github.com/user", headers=headers).text
- userID = str(json.loads(githubResponse)['id'])
- username = str(json.loads(githubResponse)['login'])
-
- resp = make_response(redirect('/')) #redirect the user at the end back to the main page
- resp.set_cookie('userID', userID) #set the cookies with username and userid
- resp.set_cookie('username', username)
- return resp
+def authorized():
+ try:
+ code = request.args.get("code")
+ url = "https://github.com/login/oauth/access_token" #The baseurl
+ params = {'client_id': GITHUB_CLIENT_ID, 'client_secret': GITHUB_CLIENT_SECRET, 'code': code} #As paramtere we send the client id and the client secret which we get from github when registering an application and the user code from before
+ oauth_token = post(url,params).text.split("access_token=")[1].split("&")[0] #Send a post request with the parameters from
+
+ headers = {'Authorization': 'token ' + oauth_token,} #Useragent doesn't matters, but is set here
+ githubResponse = get("https://api.github.com/user", headers=headers).text
+ userID = str(json.loads(githubResponse)['id'])
+ username = str(json.loads(githubResponse)['login'])
+
+ resp = make_response(redirect('/')) #redirect the user at the end back to the main page
+ resp.set_cookie('userID', userID) #set the cookies with username and userid
+ resp.set_cookie('username', username)
+ return resp
+ except:
+ return "Authentication failed"
@app.route('/user/logout')
def logout():
--
GitLab