#!/usr/bin/env python3 # -*- coding: utf-8 -*- # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. """ Github OAuth plugin. This follows the workflow described at: https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps To make this work, please set up an application at https://github.com/settings/applications/ copy the client ID and secret to your ponymail.yaml's oauth configuration, as such: oauth: github_client_id: abcdef123456 github_client_secret: bcfdgefa572564576 """ import aiohttp.client import plugins.server import typing async def process(formdata: dict, _session, server: plugins.server.BaseServer) -> typing.Optional[dict]: formdata["client_id"] = server.config.oauth.github_client_id formdata["client_secret"] = server.config.oauth.github_client_secret headers = {"Accept": "application/json"} async with aiohttp.client.request( "POST", "https://github.com/login/oauth/access_token", headers=headers, data=formdata ) as rv: resp = await rv.json() if "access_token" in resp: async with aiohttp.client.request( "GET", "https://api.github.com/user", headers={"authorization": "token %s" % resp["access_token"]} ) as orv: js = await orv.json() js["oauth_domain"] = "github.com" # Full name and email address might not always be available to us. Fake it till you make it. js["name"] = js.get("name", js["login"]) js["email"] = js.get("email", "%s@users.github.com" % js["login"]) return js return None