forked from increpare/PuzzleScript
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccess_token.py
executable file
·78 lines (66 loc) · 2.06 KB
/
access_token.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/env python3
"""Proxies a request for a GitHub access_token.
This script handles the server-side part of Github authentication.
PuzzleScript uses it to get an access token after a user gives
PuzzleScript permission to write gists on their behalf.
To use this script, register a Github OAuth application at
https://github.com/settings/developers and update the OAUTH_CLIENT and
OAUTH_SECRET values below to match. Add any allowed domains to
ORIGIN_LIST (they need to use HTTPS).
Install python-requests:
$ sudo apt-get install python3-pip
$ sudo pip install requests
Set it up as a cgi script on your web server. The server needs to
provide the HTTP_ORIGIN header.
"""
import cgi
import json
import os
import requests
import sys
OAUTH_CLIENT = "211570277eb588cddf44"
OAUTH_SECRET = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
ORIGIN_LIST = [
"www.puzzlescript.net",
"www.increpare.com",
"ded.increpare.com",
"increpare.github.io",
"sfiera.github.io",
"www.flickgame.org",
"www.tinychoice.net",
"tinychoice.net",
"www.plingpling.org",
"plingpling.org",
"www.flickgame.org",
"flickgame.org",
]
LOGIN_URL = "https://github.com/login/oauth/access_token"
LOGIN_HEADERS = {
"user-agent": "puzzlescript",
"accept": "application/json",
}
origin = os.environ.get("HTTP_ORIGIN", "")
if not origin.startswith("https://") or (origin[8:] not in ORIGIN_LIST):
print("Content-type: text/plain")
print()
json.dump({"error": "invalid origin"}, sys.stdout)
sys.exit(0)
form = cgi.FieldStorage()
code = form.getfirst("code", "")
state = form.getfirst("state", "")
try:
data = requests.get(
LOGIN_URL,
headers=LOGIN_HEADERS,
data={
"client_id": OAUTH_CLIENT,
"client_secret": OAUTH_SECRET,
"code": code,
"state": state,
}).json()
except Exception as e:
data = {"error": type(e).__name__}
print("Content-type: application/json")
print("Access-Control-Allow-Origin: " + origin)
print()
json.dump(data, sys.stdout)