python實現(xiàn)github oauth2認(rèn)證

# !/usr/bin/env python3

# -*- coding: utf-8 -*-

import requests

import json

import subprocess

from http import HTTPStatus

from bottle import Bottle, request, redirect, template, static_file, run

from requests.packages.urllib3.exceptions import InsecureRequestWarning

requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

app = Bottle()

CLIENT_ID = '4520e5d3f12345b26c0'

CLIENT_SECRET = '505974f6764fe4123456186007256fae00b3f652'

AUTHORIZATION_URL = 'https://github.com/login/oauth/authorize'

ACCESS_TOKEN_URL = 'https://github.com/login/oauth/access_token'

USER_INFO_URL = 'https://api.github.com/user'

# REDIRECT_URL = 'https://b97b-223-112-131-202.ngrok-free.app/api/vdi-server/user/localLogin'

REDIRECT_URL = 'http://vdi.local.com/callback'

@app.route('/')

def index():

? ? # 構(gòu)造授權(quán)鏈接

? ? auth_url = f"{AUTHORIZATION_URL}?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URL}&state=terminal_or_admin_id"

? ? return template('''

? ? <html>

? ? <body>

? ? ? ? <h1>Welcome!</h1>

? ? ? ? <h1>Please click href login!</h1>

? ? ? ? <a href="{{auth_url}}">Login with GitHub</a>

? ? </body>

? ? </html>

? ? ''', auth_url=auth_url)

? ? # print(auth_url)

? ? # redirect(auth_url)

@app.route('/callback')

def app_redirect():

? ? # 從GitHub獲取code

? ? query = request.query

? ? print('code_request_url=', request.url)

? ? print(query, type(query))

? ? code = query.get('code')

? ? if not code:

? ? ? ? print('params code not found!')

? ? ? ? return template('''?

? ? ? ? <html>?

? ? ? ? <body>?

? ? ? ? ? ? <h1>Welcome, {{login}}!</h1>

? ? ? ? </body>?

? ? ? ? </html>?

? ? ? ? ''', login='NOT FOUND')

? ? print('code=', code)

? ? print('state=', query.get('state'))

? ? # 使用code獲取access_token

? ? data = {

? ? ? ? 'client_id': CLIENT_ID,

? ? ? ? 'client_secret': CLIENT_SECRET,

? ? ? ? 'code': code,

? ? ? ? # 'redirect_uri': 'http://localhost:5000/customer/github/redirect'

? ? }

? ? headers = {'Accept': 'application/json'}

? ? response = requests.post(ACCESS_TOKEN_URL, params=data, headers=headers, verify=False, timeout=5)

? ? print('request url', response.request.url)

? ? if response.status_code != HTTPStatus.OK:

? ? ? ? print('request token error', response.status_code)

? ? ? ? return

? ? access_token = response.json().get('access_token')

? ? print('access_token=', access_token)

? ? # 使用access_token獲取用戶信息

? ? headers = {'Authorization': f'token {access_token}'}

? ? user_response = requests.get(USER_INFO_URL, headers=headers, verify=False, timeout=5)

? ? if user_response.status_code != HTTPStatus.OK:

? ? ? ? print('request user error', user_response.status_code)

? ? ? ? return

? ? user_data = user_response.json()

? ? print('user=', json.dumps(user_data))

? ? # 顯示用戶信息

? ? return template('''

? ? <html>

? ? <body>

? ? ? ? <h1>Welcome, {{login}}!</h1>

? ? ? ? <p>Your GitHub id is {{id}}.</p>

? ? ? ? <p>Your GitHub login is {{login}}.</p>

? ? </body>

? ? </html>

? ? ''', **user_data)

# 運行服務(wù)器

if __name__ == '__main__':

? ? run(app, host='localhost', port=80)

? ? # run(app, host='0.0.0.0', port=5000)