debug and fix callback

Author: Marco DiDomenico

README.md

@@ -27,24 +27,37 @@ Register Your Application with Replyify
 Configure the django-replyify-oauth2 module
 -------------------------------------------
 
-From your previously configured app, found at https://app.replyify.com/oauth2/applications add the following to your Django settings:
-* REPLYIFY_CLIENT_ID
-* REPLYIFY_CLIENT_SECRET
-* REPLYIFY_REDIRECT_URI
-* REPLYIFY_USER_ID_FIELD
+From your previously configured app, found at https://app.replyify.com/oauth2/applications add the following to your Django `settings.py`:
+	
+	REPLYIFY_CLIENT_ID = '{ update me }'
+	REPLYIFY_CLIENT_SECRET = '{ update me }'
+	REPLYIFY_USER_ID_FIELD = 'id'  # or other unique field like `id`
+
+	INSTALLED_APPS = [
+		...
+		'replyify_oauth2',
+		...
+	]
 
 And add the following to your `urls.py`
 
+	from django.conf.urls import patterns, include, url
 	urlpatterns = patterns(
     	...
     	url(r'^replyify/', include('replyify_oauth2.urls', namespace='replyify')),
     	...
     )
 
+Run migrate:
+
+	$ python manage.py migrate
+
+
 In your templates you can initiate the OAuth2 workflow like this:
 
-	<a href="{% url 'replyify:authorize' %}">Connect to Replyify</a>
+	<a href="{% url 'replyify:authorize' %}?next={% url 'home'|urlencode %}">Connect to Replyify</a>
 
+Note: you can pass `next` query parameter to the authorize view to direct the user to correct page after OAuth flow has completed successfully.  Default will send user to '/'
 
 
 

README.rst

@@ -31,20 +31,38 @@ Register Your Application with Replyify
 Configure the django-replyify-oauth2 module
 -------------------------------------------
 
-From your previously configured app, found at https://app.replyify.com/oauth2/applications add the following to your Django settings:
-- REPLYIFY_CLIENT_ID
-- REPLYIFY_CLIENT_SECRET
-- REPLYIFY_REDIRECT_URI
-- REPLYIFY_USER_ID_FIELD
+From your previously configured app, found at https://app.replyify.com/oauth2/applications add the following to your Django `settings.py`:
+::
+	REPLYIFY_CLIENT_ID = '{ update me }'
+	REPLYIFY_CLIENT_SECRET = '{ update me }'
+	REPLYIFY_USER_ID_FIELD = 'id'  # or other unique field like `id`
+
+	INSTALLED_APPS = [
+		...
+		'replyify_oauth2',
+		...
+	]
 
 And add the following to your `urls.py`
 ::
+	from django.conf.urls import patterns, include, url
 	urlpatterns = patterns(
 		...
 		url(r'^replyify/', include('replyify_oauth2.urls', namespace='replyify')),
 		...
 	)
 
+Run migrate
+::
+
+	$ python manage.py migrate
+
+In templates
+::
+	<a href="{% url 'replyify:authorize' %}?next={% url 'home'|urlencode %}">Connect to Replyify</a>
+
+Note: you can pass `next` query parameter to the authorize view to direct the user to correct page after OAuth flow has completed successfully.  Default will send user to '/'
+
 
 Using the Replyify API
 ----------------------

replyify_oauth2/admin.py

@@ -8,7 +8,7 @@
 
 from django.contrib import admin
 from django.contrib.auth import get_user_model
-from django.conf import settings
+from . import settings
 from .models import Credentials
 
 

replyify_oauth2/migrations/0001_initial.py

@@ -1,13 +1,17 @@
 # -*- coding: utf-8 -*-
+# Generated by Django 1.11 on 2017-04-11 21:18
 from __future__ import unicode_literals
 
+from django.conf import settings
 from django.db import migrations, models
+import django.db.models.deletion
 import django.utils.timezone
-from django.conf import settings
 
 
 class Migration(migrations.Migration):
 
+    initial = True
+
     dependencies = [
         migrations.swappable_dependency(settings.AUTH_USER_MODEL),
     ]
@@ -16,13 +20,15 @@ class Migration(migrations.Migration):
         migrations.CreateModel(
             name='Credentials',
             fields=[
-                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True, related_name='replyify_credentials')),
-                ('user', models.OneToOneField(null=True, to=settings.AUTH_USER_MODEL)),
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('access_token', models.CharField(max_length=50)),
                 ('refresh_token', models.CharField(max_length=50)),
                 ('expires', models.DateTimeField(default=django.utils.timezone.now)),
                 ('scope', models.CharField(max_length=50)),
                 ('token_type', models.CharField(max_length=50)),
+                ('updated', models.DateTimeField(auto_now=True)),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='replyify_credentials', to=settings.AUTH_USER_MODEL)),
             ],
         ),
     ]

replyify_oauth2/views.py

@@ -8,66 +8,73 @@
 from django.contrib.auth.decorators import login_required
 from django.http import HttpResponse
 from django.shortcuts import redirect
+from django.contrib import messages
 from django.utils import timezone
-from django.utils.crypto import get_random_string
 from .models import Credentials
 from . import settings
 from datetime import timedelta
 import requests
+import urllib
+import logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
 
 
 def index(request=None):
-    return HttpResponse("Replyify-OAuth2 index.")
+    return HttpResponse('Replyify-OAuth2 index.')
 
 
 @login_required
 def authorize(request=None):
-    uid = getattr(request.user, settings.REPLYIFY_USER_ID_FIELD)
-    client_id = settings.REPLYIFY_CLIENT_ID
-    redirect_uri = settings.REPLYIFY_REDIRECT_URI
-    response_type = 'code'
-
-    state = get_random_string(20, "abcdefghijklmnopqrstuvwxyz0123456789")
-    request.session['state'] = {state: uid}
-
-    args = [
-        "client_id={0}".format(client_id),
-        "redirect_uri={0}".format(redirect_uri),
-        "response_type={0}".format(response_type),
-        "state={0}".format(state)
-    ]
-    url = "{0}?{1}".format(settings.REPLYIFY_AUTH_URL, "&".join(args))
-
+    # uid = getattr(request.user, settings.REPLYIFY_USER_ID_FIELD)
+    next_url = request.GET.get('next', request.GET.get('state', '/'))
+    logger.info('** REPLYIFY: /authorize - Next URL: {}'.format(next_url))
+    # state = get_random_string(20, 'abcdefghijklmnopqrstuvwxyz0123456789')
+    request.session['state'] = next_url
+    params = {
+        'client_id': settings.REPLYIFY_CLIENT_ID,
+        'redirect_uri': settings.REPLYIFY_REDIRECT_URI,
+        'response_type': 'code',
+        'state': next_url,
+    }
+    url = '{0}?{1}'.format(settings.REPLYIFY_AUTH_URL, urllib.urlencode(params))
+    logger.info('** REPLYIFY: /authorize - Redirecting to: {}'.format(url))
     return redirect(url)
 
 
 @login_required
 def callback(request=None):
     if 'error' in request.GET:
         raise Exception(request.GET['error'])
-
-    uid = _check_state(request)
-    code = request.GET['code']
+    logger.info('** REPLYIFY: /callback')
     data = {
         'grant_type': 'authorization_code',
-        'code': code,
+        'code': request.GET['code'],
         'client_id': settings.REPLYIFY_CLIENT_ID,
+        'client_secret': settings.REPLYIFY_CLIENT_SECRET,
         'redirect_uri': settings.REPLYIFY_REDIRECT_URI
     }
     url = settings.REPLYIFY_TOKEN_URL
-    r = requests.post(url=url, data=data)
-    data = r.json()
-    creds = _store_credentials(uid, data)
-
-    return HttpResponse(creds)
+    logger.info('** REPLYIFY: Token URL - {}'.format(url))
+    logger.info('** REPLYIFY: Token data - {}'.format(data))
+    response = requests.post(url=url, data=data)
+    response_data = response.json()
+    logger.info('** REPLYIFY: Response data - {}'.format(response_data))
+    if response_data.get('error'):
+        logger.error('** REPLYIFY ERROR: {}'.format(response_data['error']))
+        messages.error(request, 'REPLYIFY ERROR: {}'.format(response_data['error']))
+    else:
+        _store_credentials(request.user, response_data)
+    return redirect(request.GET.get('state', '/'))
 
 
 @login_required
 def refresh(request=None):
     if 'error' in request.GET:
         raise Exception(request.GET['error'])
-
+    logger.info('** REPLYIFY: /refresh')
     try:
+        next_url = request.GET.get('next', request.GET.get('state', '/'))
         creds = Credentials.objects.get(user=request.user)
 
         data = {
@@ -78,38 +85,23 @@ def refresh(request=None):
         }
 
         url = settings.REPLYIFY_TOKEN_URL
-        r = requests.post(url=url, data=data)
-        data = r.json()
-
-        creds = _store_credentials(user=request.user, data=data)
-        return HttpResponse(creds)
+        logger.info('** REPLYIFY: Refresh Token URL - {}'.format(url))
+        logger.info('** REPLYIFY: Token data - {}'.format(data))
+        response = requests.post(url=url, data=data)
+        _store_credentials(request.user, response.json())
+        return redirect(next_url)
 
     except Credentials.DoesNotExist:
         authorize(request)
 
 
-def _check_state(request=None):
-    uid = getattr(request.user, settings.REPLYIFY_USER_ID_FIELD)
-    msg = "Something fishy is happening. Abort ..."
-
-    if 'state' not in request.session:
-        raise Exception(msg)
-    state = request.GET['state']
-    from_session = request.session['state'][state]
-    if from_session != uid:
-        raise Exception(msg)
-
-    request.session.pop('state')
-    return uid
-
-
-def _store_credentials(user, data=None):
+def _store_credentials(user, replyify_json=None):
     assert user is not None
     creds, _ = Credentials.objects.get_or_create(user=user)
-    creds.access_token = data['access_token']
-    creds.refresh_token = data['refresh_token']
-    creds.expires = timezone.now() + timedelta(seconds=data['expires_in'])
-    creds.scope = data['scope']
-    creds.token_type = data['token_type']
+    creds.access_token = replyify_json['access_token']
+    creds.refresh_token = replyify_json['refresh_token']
+    creds.expires = timezone.now() + timedelta(seconds=replyify_json['expires_in'])
+    creds.scope = replyify_json['scope']
+    creds.token_type = replyify_json['token_type']
     creds.save()
     return creds

setup.py

@@ -20,7 +20,7 @@
     VERSION = v.read()
 
 
-with open(os.path.join(os.path.dirname(__file__), 'README.rst')) as readme:
+with open(os.path.join(os.path.dirname(__file__), 'README.rst'), 'r') as readme:
     README = readme.read()
 
 
@@ -42,8 +42,8 @@
         'replyify_oauth2.migrations',
     ],
     install_requires=[
-        'Django>=1.6'
-        'requests>=0.8.8'
+        'Django>=1.6',
+        'requests>=0.8.8',
     ],
     scripts=[],
     include_package_data=True,