Oauth for Google API example using Python / Django

Question

I am trying to get Oauth working with the Google API using Python. I have tried different oauth libraries such as oauth, oauth2 and djanog-oauth but I cannot get it to work (inc

Answer 1

I have OAuth working in a python App Engine app:

http://github.com/sje397/Chess

The app is running at:

http://your-move.appspot.com

Answer 2

Have you tried the official gdata python api ? It ships with an oauth client and hides the complexity of oauth calls. http://code.google.com/p/gdata-python-client/

Answer 3

Tornado has working code for Google oauth. Check it out here. google auth. I 've used it and worked pretty well out of the box. All you need to do is pluck out the class and carefully put it into a django view.

PS: Tornado makes use of async module for the user to return. Since you are using django you need to rely on some get variable to identify that a user has just granted access to your application.

Answer 4

This may be the answer.

When calling OAuthGetRequestToken you sign the base_string with your consumer_secret followed by an & (ampersand)

When calling OAuthGetAccessToken you sign the base_string with your consumer_secret followed by an & (ampersand) followed by token_secret.

You would sign the base_string using (consumer_secret + "&") for OAuthGetRequestToken and you would sign the base_string using (consumer_secret + "&" + token_secret) for OAuthGetAccessToken

http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iii-security-architecture/ In the PLAINTEXT and HMAC-SHA1 methods, the shared secret is the combination of the Consumer Secret and Token Secret.

Answer 5

IIRC Google oauth is not quite following the standard, you have to specify what service you're requesting for (look at the examples provided in the google docs) in the request as an additional parameter, or it won't work.

Answer 6

This work for me.

def login(request):
     consumer_key    =   'blabla'
     consumer_secret =   'blabla'
     callback = request.GET['callback']
     request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken'
     authorize_url =     'https://api.linkedin.com/uas/oauth/authorize'
     access_token_url =  'https://api.linkedin.com/uas/oauth/accessToken'
     consumer = oauth.Consumer(consumer_key, consumer_secret)

     if ('oauth_verifier' not in request.GET):
       client = oauth.Client(consumer)
       body = 'oauth_callback=http://shofin.com/login?callback='+callback+"&placeId="+request.GET[placeId]
       resp,content = client.request(request_token_url,"POST",headers={'Content-Type':'application/x-www-form-urlencoded'},body=body)
       request_token = dict(urlparse.parse_qsl(content))
       loginUrl = authorize_url+"?oauth_token="+request_token['oauth_token']
       cache.set(request_token['oauth_token'],request_token['oauth_token_secret'])
       return HttpResponseRedirect(loginUrl)

     elif request.GET['oauth_verifier']:
       token = oauth.Token(request.GET['oauth_token'],cache.get(request.GET['oauth_token']))
       token.set_verifier(request.GET['oauth_verifier'])
       client = oauth.Client(consumer, token)
       resp,content = client.request(access_token_url,"POST",{})
       access_token = dict(urlparse.parse_qsl(content))
       token = oauth.Token(key=access_token['oauth_token'], secret=access_token['oauth_token_secret'])

       client = oauth.Client(consumer, token)
       resp,json = client.request("http://api.linkedin.com/v1/people/~?format=json")
       return render_to_response(callback,{'placeId':request.GET['placeId'],'userId':userId,'folkId':folkId)