oauth_dropins

Reference documentation.

blogger_v2

Blogger v2 GData API OAuth drop-in.

Blogger API docs: https://developers.google.com/blogger/docs/2.0/developers_guide_protocol

Python GData API docs: http://gdata-python-client.googlecode.com/hg/pydocs/gdata.blogger.data.html

Uses google-api-python-client to auth via OAuth 2. This describes how to get gdata-python-client to use an OAuth 2 token from google-api-python-client: http://blog.bossylobster.com/2012/12/bridging-oauth-20-objects-between-gdata.html#comment-form

Support was added to gdata-python-client here: https://code.google.com/p/gdata-python-client/source/detail?r=ecb1d49b5fbe05c9bc6c8525e18812ccc02badc0

class oauth_dropins.blogger_v2.BloggerV2Auth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Blogger user.

Provides methods that return information about this user (or page) and make OAuth-signed requests to the Blogger API. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Blogger-specific details: implements http() and api() but not urlopen(). api() returns a gdata.blogger.client.BloggerClient. The datastore entity key name is the Blogger user id.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user’s Blogger username.

creds()[source]

Returns an oauth2client.OAuth2Credentials.

access_token()[source]

Returns the OAuth access token string.

http()[source]

Returns an httplib2.Http that adds OAuth credentials to requests.

static api_from_creds()[source]

Returns a gdata.blogger.client.BloggerClient.

Parameters:oauth2_creds – OAuth2Credentials
class oauth_dropins.blogger_v2.StorageByKeyName_Blogger(**kwargs)[source]

Bases: oauth2client.appengine.StorageByKeyName

class oauth_dropins.blogger_v2.CredentialsModel_Blogger(parent=None, key_name=None, _app=None, _from_entity=False, **kwds)[source]

Bases: oauth2client.appengine.CredentialsModel

class oauth_dropins.blogger_v2.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler, oauth_dropins.handlers.CallbackHandler

Connects a Blogger account. Authenticates via OAuth.

handle_exception(e, debug)

Exception handler that passes back HttpErrors as real HTTP errors.

classmethod to(to_path, scopes=None)[source]

Override this since we need to_path to instantiate the oauth decorator.

class oauth_dropins.blogger_v2.CallbackHandler[source]

Bases: object

OAuth callback handler factory.

__weakref__

list of weak references to the object (if defined)

disqus

Disqus OAuth drop-in.

Disqus API docs: https://disqus.com/api/docs/

This drop-in is even more similar to Instagram than Instagram is to Facebook. Differences:

  • urlopen must pass the api_key with each request (in addition to the access_token)
  • Response to access_token does not give much information about the user, so we additionally fetch /user/details before saving
  • Deny appears to be broken on Disqus’s side (clicking “No Thanks” has no effect), so we ignore that possibility for now.

TODO unify Disqus, Facebook, and Instagram

class oauth_dropins.disqus.DisqusAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Disqus user.

Provides methods that return information about this user (or page) and make OAuth-signed requests to Instagram’s HTTP-based APIs. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Disqus-specific details: implements urlopen() but not http() or api(). The key name is the Disqus user id.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user’s name.

access_token()[source]

Returns the OAuth access token string.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

class oauth_dropins.disqus.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts Disqus auth. Requests an auth code and expects a redirect back.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.disqus.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The auth callback. Fetches an access token, stores it, and redirects home.

handle_error()[source]

Handles any error reported in the callback query parameters.

Parameters:handler – CallbackHandler
Returns:True if there was an error, False otherwise.

dropbox

Dropbox OAuth drop-in.

Standard OAuth 2.0 flow. Docs: https://www.dropbox.com/developers/core/docs https://www.dropbox.com/developers/reference/oauthguide

class oauth_dropins.dropbox.DropboxAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Dropbox user or page.

Provides methods that return information about this user (or page) and make OAuth-signed requests to Dropbox’s HTTP-based APIs. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Implements urlopen() but not http() or api().

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the Dropbox user id.

access_token()[source]

Returns the OAuth access token string.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

class oauth_dropins.dropbox.DropboxCsrf(**kwds)[source]

Bases: google.appengine.ext.ndb.model.Model

Stores a CSRF token for the Dropbox OAuth2 flow.

class oauth_dropins.dropbox.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts Dropbox auth. Requests an auth code and expects a redirect back.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.dropbox.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The auth callback. Fetches an access token, stores it, and redirects home.

facebook

Facebook OAuth drop-in.

https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow

TODO: implement client state param TODO: unify this with instagram. see file docstring comment there.

class oauth_dropins.facebook.FacebookAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Facebook user or page.

Provides methods that return information about this user (or page) and make OAuth-signed requests to Facebook’s HTTP-based APIs. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Facebook-specific details: implements urlopen() but not http() or api(). The key name is the user’s or page’s Facebook ID.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user’s or page’s name.

access_token()[source]

Returns the OAuth access token string.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

for_page(page_id)[source]

Returns a new, unsaved FacebookAuth entity for a page in pages_json.

The returned entity’s properties will be populated with the page’s data. access_token will be the page access token, user_json will be the page object, and pages_json will be a single-element list with the page.

If page_id is not in pages_json, returns None.

Parameters:page_id – string, Facebook page id
is_authority_for(key)[source]

Additionally check if the key represents a Page that this user has authority over.

Parameters:auth_entity_key – ndb.Key
Returns:true if key represents this user or one of the user’s pages.
Return type:boolean
class oauth_dropins.facebook.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts Facebook auth. Requests an auth code and expects a redirect back.

redirect_url(state=None, app_id=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.facebook.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The auth callback. Fetches an access token, stores it, and redirects home.

static handle_error()[source]

Handles any error reported in the callback query parameters.

Parameters:handler – CallbackHandler
Returns:True if there was an error, False otherwise.

flickr

Flickr OAuth drop-in.

Uses oauthlib directly to authenticate and sign requests with OAuth 1.0 credentials. https://www.flickr.com/services/api/auth.oauth.html

Note that when users decline Flickr’s OAuth prompt by clicking the Cancel button, Flickr redirects them to its home page, not to us.

class oauth_dropins.flickr.FlickrAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Flickr user.

Provides methods that return information about this user and make OAuth-signed requests to the Flickr API. Stores OAuth credentials in the datastore. Key is the Flickr user ID. See models.BaseAuth for usage details.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user id.

access_token()[source]

Returns the OAuth access token as a (string key, string secret) tuple.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

Use this for making direct HTTP REST request to a site’s API. Not guaranteed to be implemented by all sites.

The arguments, return value (urllib2.Response), and exceptions raised (urllib2.URLError) are the same as urllib2.urlopen.

class oauth_dropins.flickr.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts three-legged OAuth with Flickr.

Fetches an OAuth request token, then redirects to Flickr’s auth page to request an access token.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.flickr.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The OAuth callback. Fetches an access token and redirects to the front page.

flickr_auth

Utility functions for calling signed Flickr API methods.

oauth_dropins.flickr_auth.signed_urlopen(url, token_key, token_secret, **kwargs)[source]

Call urllib2.urlopen(), signing the request with Flickr credentials.

Parameters:
  • url (string) – the url to open
  • token_key (string) – user’s access token
  • token_secret (string) – the user’s access token secret
  • timeout (Optional[int]) – the request timeout, falls back to HTTP_TIMEOUT if not specified
Returns:

the file-like object that is the result of urllib2.urlopen()

oauth_dropins.flickr_auth.call_api_method(method, params, token_key, token_secret)[source]

Call a Flickr API method.

Flickr has one API endpoint, where different methods are called by name.

If the “stat” field contains “fail”, then this method creates an artificial HTTPError 400 or 401 depending on the type of failure.

Parameters:
  • method (string) – the API method name (e.g. flickr.photos.getInfo)
  • params (dict) – the parameters to send to the API method
  • token_key (string) – the user’s API access token
  • token_secret (string) – the user’s API access token secret
Returns:

json object response from the API

oauth_dropins.flickr_auth.upload(params, file, token_key, token_secret)[source]

Upload a photo or video to this user’s Flickr account.

Flickr uploads use their own API endpoint, that returns only XML. https://www.flickr.com/services/api/upload.api.html

Unlike call_api_method(), this uses the requests library because urllib2 doesn’t support multi-part POSTs on its own.

Parameters:
  • params (dict) – the parameters to send to the API method
  • file (file-like object) – the image or video to upload
  • token_key (string) – the user’s API access token
  • token_secret (string) – the user’s API access token secret
Returns:

dict containing the photo id (as ‘id’)

Raises:
  • requests.HTTPError on HTTP error or urllib2.HTTPError if
  • we get a stat=’fail’ response from Flickr.

googleplus

Google+ OAuth drop-in.

Google+ API docs: https://developers.google.com/+/api/latest/ Python API client docs: https://developers.google.com/api-client-library/python/

TODO: check that overriding CallbackHandler.finish() actually works.

class oauth_dropins.googleplus.GooglePlusAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Google+ user or page.

Provides methods that return information about this user (or page) and make OAuth-signed requests to the Google+ API. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Google+-specific details: implements http() and api() but not urlopen(). api() returns a apiclient.discovery.Resource. The datastore entity key name is the Google+ user id. Uses credentials from the stored CredentialsModel since google-api-python-client stores refresh tokens there.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user’s name.

creds()[source]

Returns an oauth2client.OAuth2Credentials.

access_token()[source]

Returns the OAuth access token string.

http(**kwargs)[source]

Returns an httplib2.Http that adds OAuth credentials to requests.

api()[source]

Returns an apiclient.discovery.Resource for the Google+ JSON API.

To use it, first choose a resource type (e.g. People), then make a call, then execute that call with an authorized Http instance. For example:

gpa = GooglePlusAuth.get_by_id(‘123’) results_json = gpa.people().search(query=’ryan’).execute(gpa.http())

More details: https://developers.google.com/api-client-library/python/

oauth_dropins.googleplus.handle_exception(self, e, debug)[source]

Exception handler that passes back HttpErrors as real HTTP errors.

class oauth_dropins.googleplus.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler, oauth_dropins.handlers.CallbackHandler

Starts and finishes the OAuth flow. The decorator handles the redirects.

handle_exception(e, debug)

Exception handler that passes back HttpErrors as real HTTP errors.

classmethod to(to_path, scopes=None)[source]

Override this since we need to_path to instantiate the oauth decorator.

class oauth_dropins.googleplus.CallbackHandler[source]

Bases: object

OAuth callback handler factory.

__weakref__

list of weak references to the object (if defined)

handlers

Based flow request handlers. Clients should use the individual site modules.

Example usage:

application = webapp2.WSGIApplication([
(‘/oauth_start’, facebook.StartHandler.to(‘/oauth_callback’)), (‘/oauth_callback’, facebook.CallbackHandler.to(‘/done’)), (‘/done’, AuthenticatedHandler), … ]
class oauth_dropins.handlers.BaseHandler(request=None, response=None)[source]

Bases: webapp2.RequestHandler

Base request handler class. Provides the to() factory method.

handle_exception(e, debug)

A webapp2 exception handler that propagates HTTP exceptions into the response.

Use this as a webapp2.RequestHandler.handle_exception() method by adding this line to your handler class definition:

handle_exception = handlers.handle_exception

I originally tried to put this in a webapp2.RequestHandler subclass, but it gave me this exception:

File ".../webapp2-2.5.1/webapp2_extras/local.py", line 136, in _get_current_object
  raise RuntimeError('no object bound to %s' % self.__name__) RuntimeError: no object bound to app

These are probably related:

classmethod make_scope_str(extra, separator=', ')[source]

Returns an OAuth scopes query parameter value.

Combines DEFAULT_SCOPE and extra.

Parameters:
  • extra – string, sequence of strings, or None
  • separator – string (optional), the separator between multiple scopes. defaults to ‘,’
to_url(state=None)[source]

Returns a fully qualified callback URL based on to_path.

Includes scheme, host, and optional state.

request_url_with_state()[source]

Returns the current request URL, with the state query param if provided.

class oauth_dropins.handlers.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.BaseHandler

Base class for starting an OAuth flow.

Users should use the to() class method when using this request handler in a WSGI application. See the file docstring for details.

If the ‘state’ query parameter is provided in the request data, it will be returned to the client in the OAuth callback handler. If the ‘scope’ query parameter is provided, it will be added to the existing OAuth scopes.

Alternatively, clients may call redirect_url() and HTTP 302 redirect to it manually, which will start the same OAuth flow.

__init__(*args, **kwargs)[source]

Initializes this request handler with the given WSGI application, Request and Response.

When instantiated by webapp.WSGIApplication, request and response are not set on instantiation. Instead, initialize() is called right after the handler is created to set them.

Also in webapp dispatching is done by the WSGI app, while webapp2 does it here to allow more flexibility in extended classes: handlers can wrap dispatch() to check for conditions before executing the requested method and/or post-process the response.

Note

Parameters are optional only to support webapp’s constructor which doesn’t take any arguments. Consider them as required.

Parameters:
  • request – A Request instance.
  • response – A Response instance.
redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.handlers.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.BaseHandler

Base OAuth callback request handler.

Users can use the to() class method when using this request handler in a WSGI application to make it redirect to a given URL path on completion. See the file docstring for details.

Alternatively, you can subclass it and implement finish(), which will be called in the OAuth callback request directly, after the user has been authenticated.

The auth entity and optional state parameter provided to StartHandler will be passed to finish() or as query parameters to the redirect URL.

finish(auth_entity, state=None)[source]

Called when the OAuth flow is complete. Clients may override.

Parameters:
  • auth_entity – a site-specific subclass of models.BaseAuth, or None if the user declined the site’s OAuth authorization request.
  • state – the string passed to StartHandler.redirect_url()

indieauth

IndieAuth drop-in.

https://indieauth.com/developers

oauth_dropins.indieauth.discover_authorization_endpoint(me, resp=None)[source]

Fetch a URL and look for authorization_endpoint Link header or rel-value.

Parameters:
  • me – string, URL to fetch
  • resp – requests.Response (optional), re-use response if it’s already been fetched
Returns:

string, the discovered indieauth URL or the default indieauth.com URL

oauth_dropins.indieauth.build_user_json(me, resp=None)[source]

user_json contains an h-card, rel-me links, and “me” :param me: string, URL of the user, returned by :param resp: requests.Response (optional), re-use response if it’s already been fetched

Returns:
dict, with ‘me’, the URL for this person; ‘h-card’, the representative h-card
for this page; ‘rel-me’, a list of rel-me URLs found at this page
class oauth_dropins.indieauth.IndieAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated IndieAuth user.

Provides methods that return information about this user. Stores credentials in the datastore. Key is the domain name. See models.BaseAuth for usage details.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user’s domain.

access_token()[source]

Return the access token, N/A for IndieAuth

class oauth_dropins.indieauth.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts the IndieAuth flow. Requires the ‘me’ parameter with the user URL that we want to authenticate.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.indieauth.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The callback handler from the IndieAuth request. POSTs back to the auth endpoint to verify the authentication code.

instagram

Instagram OAuth drop-in.

Instagram API docs: http://instagram.com/developer/endpoints/

Almost identical to Facebook, except the access token request has code and grant_type query parameters instead of just auth_code, the response has a user object instead of id, and the call to GET_ACCESS_TOKEN_URL is a POST instead of a GET. TODO: unify them.

class oauth_dropins.instagram.InstagramAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Instagram user or page.

Provides methods that return information about this user (or page) and make OAuth-signed requests to Instagram’s HTTP-based APIs. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Instagram-specific details: implements urlopen() but not api() nor http(). The key name is the Instagram username.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the Instagram username.

access_token()[source]

Returns the OAuth access token string.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

class oauth_dropins.instagram.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts Instagram auth. Requests an auth code and expects a redirect back.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.instagram.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The auth callback. Fetches an access token, stores it, and redirects home.

medium

Medium OAuth drop-in.

API docs: https://github.com/Medium/medium-api-docs#contents https://medium.com/developers/welcome-to-the-medium-api-3418f956552

Medium doesn’t let you use a localhost redirect URL. : / A common workaround is to map an arbitrary host to localhost in your /etc/hosts, e.g.:

127.0.0.1 my.dev.com

You can then test on your local machine by running dev_appserver and opening http://my.dev.com:8080/ instead of http://localhost:8080/ .

class oauth_dropins.medium.MediumAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Medium user.

Provides methods that return information about this user and make OAuth-signed requests to the Medium REST API. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Medium-specific details: implements get() but not urlopen(), http(), or api(). The key name is the user id (not username).

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the user’s full name or username.

access_token()[source]

Returns the OAuth access token string.

get(*args, **kwargs)[source]

Wraps requests.get() and adds the Bearer token header.

class oauth_dropins.medium.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts Medium auth. Requests an auth code and expects a redirect back.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.medium.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The OAuth callback. Fetches an access token and stores it.

models

Base datastore model class for an authenticated account.

class oauth_dropins.models.BaseAuth(**kwds)[source]

Bases: oauth_dropins.webutil.models.StringIdModel

Datastore base model class for an authenticated user.

Provides methods that return information about this user and make OAuth-signed requests to the site’s API(s). Stores OAuth credentials in the datastore. The key name is usually the user’s username or id.

Many sites provide additional methods and store additional user information in a JSON property.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns a string user identifier, e.g. ‘Ryan Barrett’ or ‘snarfed’.

api()[source]

Returns the site-specific Python API object, if any.

Returns None if the site doesn’t have a Python API. Only some do, currently Blogger, Instagram, Google+, and Tumblr.

access_token()[source]

Returns the OAuth access token.

This is a string for OAuth 2 sites or a (string key, string secret) tuple for OAuth 1.1 sites (currently just Twitter and Tumblr).

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

Use this for making direct HTTP REST request to a site’s API. Not guaranteed to be implemented by all sites.

The arguments, return value (urllib2.Response), and exceptions raised (urllib2.URLError) are the same as urllib2.urlopen.

is_authority_for(key)[source]

When disabling or modifying an account, it’s useful to re-auth the user to make sure they have have permission to modify that account. Typically this means the auth entity represents the exact same user, but in some cases (e.g., Facebook Pages), a user may control several unique identities. So authenticating as a user should give you authority over their pages.

Parameters:key – ndb.Key
Returns:boolean, true if key represents the same account as this entity
static urlopen_access_token(access_token, api_key=None, **kwargs)[source]

Wraps urllib2.urlopen() and adds an access_token query parameter.

Kwargs are passed through to urlopen().

http()[source]

Returns an httplib2.Http that adds OAuth credentials to requests.

Use this for making direct HTTP REST request to a site’s API. Not guaranteed to be implemented by all sites.

class oauth_dropins.models.OAuthRequestToken(**kwds)[source]

Bases: oauth_dropins.webutil.models.StringIdModel

Datastore model class for an OAuth 1.1 request token.

This is only intermediate data. Client should use BaseAuth subclasses to make API calls.

The key name is the token key.

tumblr

Tumblr OAuth drop-in.

API docs: http://www.tumblr.com/docs/en/api/v2 http://www.tumblr.com/oauth/apps

class oauth_dropins.tumblr.TumblrAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Tumblr user.

Provides methods that return information about this user and make OAuth-signed requests to the Tumblr API. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Tumblr-specific details: implements api() but not urlopen() or http(). api() returns a tumblpy.Tumblpy. The datastore entity key name is the Tumblr username.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the username.

access_token()[source]

Returns the OAuth access token as a (string key, string secret) tuple.

oauth_dropins.tumblr.handle_exception(self, e, debug)[source]

Exception handler that handles Tweepy errors.

class oauth_dropins.tumblr.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts Tumblr auth. Requests an auth code and expects a redirect back.

handle_exception(e, debug)

Exception handler that handles Tweepy errors.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.tumblr.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

OAuth callback. Fetches the user’s blogs and stores the credentials.

handle_exception(e, debug)

Exception handler that handles Tweepy errors.

twitter

Twitter OAuth drop-in.

TODO: port to http://code.google.com/p/oauth/source/browse/#svn%2Fcode%2Fpython . tweepy is just a wrapper around that anyway.

class oauth_dropins.twitter.TwitterAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated Twitter user.

Provides methods that return information about this user and make OAuth-signed requests to the Twitter v1.1 API. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

Twitter-specific details: implements api(), get(), and post() but not http(). api() returns a tweepy.API; get() and post() wrap the corresponding requests methods. The datastore entity key name is the Twitter username.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the username.

access_token()[source]

Returns the OAuth access token as a (string key, string secret) tuple.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds an OAuth signature.

get(*args, **kwargs)[source]

Wraps requests.get() and adds an OAuth signature.

post(*args, **kwargs)[source]

Wraps requests.post() and adds an OAuth signature.

api()[source]

Returns a tweepy.API.

oauth_dropins.twitter.handle_exception(self, e, debug)[source]

Exception handler that handles Tweepy errors.

class oauth_dropins.twitter.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts three-legged OAuth with Twitter.

Fetches an OAuth request token, then redirects to Twitter’s auth page to request an access token.

access_type

optional, ‘read’ or ‘write’. Passed through to Twitter as x_auth_access_type. If the twitter app has read/write or read/write/dm permissions, this lets you request a read-only token. Details: https://dev.twitter.com/docs/api/1/post/oauth/request_token

handle_exception(e, debug)

Exception handler that handles Tweepy errors.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.twitter.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The OAuth callback. Fetches an access token and redirects to the front page.

handle_exception(e, debug)

Exception handler that handles Tweepy errors.

twitter_auth

Utility functions for generating Twitter OAuth headers and making API calls.

This is a separate module from twitter.py so that projects like granary can use it without pulling in App Engine dependencies.

oauth_dropins.twitter_auth.auth_header(url, token_key, token_secret, method='GET')[source]

Generates an Authorization header and returns it in a header dict.

Parameters:
  • url – string
  • token_key – string
  • token_secret – string
  • method – string
Returns:

single element with key ‘Authorization’

Return type:

dict

oauth_dropins.twitter_auth.signed_urlopen(url, token_key, token_secret, headers=None, **kwargs)[source]

Wraps urllib2.urlopen() and adds an OAuth signature.

oauth_dropins.twitter_auth.tweepy_auth(token_key, token_secret)[source]

Returns a tweepy.OAuthHandler.

wordpress_rest

WordPress.com OAuth drop-in.

API docs: https://developer.wordpress.com/docs/api/ https://developer.wordpress.com/docs/oauth2/

Note that unlike Blogger and Tumblr, WordPress.com’s OAuth tokens are per blog. It asks you which blog to use on its authorization page.

Also, wordpress.com doesn’t let you use an oauth redirect URL with “local” or “localhost” anywhere in it. : / A common workaround is to map an arbitrary host to localhost in your /etc/hosts, e.g.:

127.0.0.1 my.dev.com

You can then test on your local machine by running dev_appserver and opening http://my.dev.com:8080/ instead of http://localhost:8080/ .

class oauth_dropins.wordpress_rest.WordPressAuth(**kwds)[source]

Bases: oauth_dropins.models.BaseAuth

An authenticated WordPress user or page.

Provides methods that return information about this user (or page) and make OAuth-signed requests to the WordPress REST API. Stores OAuth credentials in the datastore. See models.BaseAuth for usage details.

WordPress-specific details: implements urlopen() but not http() or api(). The key name is the blog hostname.

site_name()[source]

Returns the string name of the site, e.g. ‘Facebook’.

user_display_name()[source]

Returns the blog hostname.

access_token()[source]

Returns the OAuth access token string.

urlopen(url, **kwargs)[source]

Wraps urllib2.urlopen() and adds OAuth credentials to the request.

class oauth_dropins.wordpress_rest.StartHandler(*args, **kwargs)[source]

Bases: oauth_dropins.handlers.StartHandler

Starts WordPress auth. Requests an auth code and expects a redirect back.

redirect_url(state=None)[source]

oauth-dropin subclasses must implement this.

class oauth_dropins.wordpress_rest.CallbackHandler(request=None, response=None)[source]

Bases: oauth_dropins.handlers.CallbackHandler

The OAuth callback. Fetches an access token and stores it.