Skip to content

2021-11-19 FIXED: Google_oauth2, Facebook, Github #150

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
katzlbt wants to merge 10 commits into
base: master
Choose a base branch
from
Open

2021-11-19 FIXED: Google_oauth2, Facebook, Github #150

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
54401f9
Google_oauth2 get optional fields without KeyError.
katzlbt Feb 16, 2015
a5e7f7f
Facebook broken: https://github.com/bbangert/velruse/issues/158
katzlbt Apr 11, 2017
7b57fdf
Fixed Facebook key-error
katzlbt May 12, 2020
de28d36
Added comments and passed on raw data from google.
katzlbt May 12, 2020
730ff64
Added comments for unversioned API calls from FB.
katzlbt May 12, 2020
353a8f8
Fix github.com login deprecated GET Access
katzlbt Nov 19, 2021
663b6f7
Do not pollute the session
katzlbt Nov 19, 2021
afcc0f2
Moved unsupported providers to main dir
katzlbt Oct 23, 2023
d3c6239
Python 3.9 and Pyramid 1.10 support of a few providers.
katzlbt Oct 25, 2023
2f151ff
github.py add github's error_description to raised CSRFError
katzlbt Jan 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Do not pollute the session
  • Loading branch information
@katzlbt
katzlbt committed Nov 19, 2021
commit 663b6f718d9e1ec1c591598c9c0ca7dadc5f2ec7
4 changes: 2 additions & 2 deletions velruse/providers/facebook.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ def login(self, request):
"""Initiate a facebook login"""
scope = request.POST.get('scope', self.scope)
display = request.POST.get('display', self.display)
request.session['state'] = state = uuid.uuid4().hex
request.session['velruse.state'] = state = uuid.uuid4().hex
fb_url = flat_url(
'https://www.facebook.com/dialog/oauth/',
# We refer to an API call made without specifying a version as an unversioned call. An unversioned call will always point to the oldest available version.
Expand All @@ -91,7 +91,7 @@ def login(self, request):

def callback(self, request):
"""Process the facebook redirect"""
sess_state = request.session.get('state')
sess_state = request.session.pop('velruse.state', None)
req_state = request.GET.get('state')
if not sess_state or sess_state != req_state:
raise CSRFError(
Expand Down
2 changes: 1 addition & 1 deletion velruse/providers/google_oauth2.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ def login(self, request):

def callback(self, request):
"""Process the google redirect"""
sess_state = request.session.get('velruse.state')
sess_state = request.session.pop('velruse.state', None)
req_state = request.GET.get('state')
if not sess_state or sess_state != req_state:
raise CSRFError(
Expand Down