chromium-dashboard/api/login_api.py

# -*- coding: utf-8 -*-
# Copyright 2021 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License")
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import logging

from google.oauth2 import id_token
from google.auth.transport import requests
from flask import session

from framework import basehandlers
from framework import xsrf
import settings


class LoginAPI(basehandlers.APIHandler):
  """Create a session using the credential generated by Google Sign-In."""

  def do_post(self):
    # TODO(jrobbins): Remove id_token after next deployment.
    token = (self.get_param('id_token', required=False) or
             self.get_param('credential'))
    message = "Unable to Authenticate. Please sign in again."

    try:
      idinfo = id_token.verify_oauth2_token(
          token, requests.Request(),
          settings.GOOGLE_SIGN_IN_CLIENT_ID)
      user_info = {
          'email': idinfo['email'],
          }
      signature = xsrf.generate_token(str(user_info))
      session['signed_user_info'] = user_info, signature
      message = "Done"
      # print(idinfo['email'], file=sys.stderr)
    except ValueError:
      message = "Invalid token"

    return {'message': message}
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from _tests.py) Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py 2021-05-07 02:37:30 +03:00			`# -- coding: utf-8 --`
			`# Copyright 2021 Google Inc.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License")`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`

			`import logging`

			`from google.oauth2 import id_token`
			`from google.auth.transport import requests`
			`from flask import session`

			`from framework import basehandlers`
Use new session contents (#1773) * Use new session contents * Added unit tests 2022-03-10 23:22:19 +03:00			`from framework import xsrf`
Fix tests as suggested by shivamag00. (#1309) 2021-05-07 03:29:03 +03:00			`import settings`
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from _tests.py) Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py 2021-05-07 02:37:30 +03:00
Use new session contents (#1773) * Use new session contents * Added unit tests 2022-03-10 23:22:19 +03:00
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from _tests.py) Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py 2021-05-07 02:37:30 +03:00			`class LoginAPI(basehandlers.APIHandler):`
Migrate sign-in Google Identity Services library (#1729) * Migrate Google sign-in * fix * Reapply changes * Fix tests Co-authored-by: Joseph Medley <jmedley@google.com> 2022-03-11 22:52:54 +03:00			`"""Create a session using the credential generated by Google Sign-In."""`
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from _tests.py) Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py 2021-05-07 02:37:30 +03:00
			`def do_post(self):`
Accept either old or new login requests during transition. (#1785) * Accept either old or new login requests during transition. * Made suggested edit * Update api/login_api.py Co-authored-by: Kyle Ju <kyleju@google.com> 2022-03-15 02:30:50 +03:00			`# TODO(jrobbins): Remove id_token after next deployment.`
			`token = (self.get_param('id_token', required=False) or`
			`self.get_param('credential'))`
			`message = "Unable to Authenticate. Please sign in again."`
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from _tests.py) Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py 2021-05-07 02:37:30 +03:00
			`try:`
Use new session contents (#1773) * Use new session contents * Added unit tests 2022-03-10 23:22:19 +03:00			`idinfo = id_token.verify_oauth2_token(`
Fix tests as suggested by shivamag00. (#1309) 2021-05-07 03:29:03 +03:00			`token, requests.Request(),`
			`settings.GOOGLE_SIGN_IN_CLIENT_ID)`
Use new session contents (#1773) * Use new session contents * Added unit tests 2022-03-10 23:22:19 +03:00			`user_info = {`
			`'email': idinfo['email'],`
			`}`
			`signature = xsrf.generate_token(str(user_info))`
			`session['signed_user_info'] = user_info, signature`
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from _tests.py) Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py 2021-05-07 02:37:30 +03:00			`message = "Done"`
			`# print(idinfo['email'], file=sys.stderr)`
			`except ValueError:`
			`message = "Invalid token"`

			`return {'message': message}`