Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(1712)
Issues Repositories Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Issue 4524063: OAuth 2 Decorator (Closed)

Can't Edit
Can't Publish+Mail
Start Review
Created:
13 years, 3 months ago by jcgregorio
Modified:
13 years, 3 months ago
Reviewers:
proppy, ade
CC:
google-api-python-client_googlegroups.com
Visibility:
Public.

Patch Set 1 #

Patch Set 2 : Added tests #

Total comments: 22
Unified diffs Side-by-side diffs Delta from patch set Stats (+427 lines, -68 lines) Patch
M README View 1 1 chunk +4 lines, -0 lines 0 comments Download
M oauth2client/appengine.py View 1 4 chunks +192 lines, -2 lines 21 comments Download
M runtests.py View 1 3 chunks +5 lines, -0 lines 1 comment Download
M samples/new_project_template/app.yaml View 1 chunk +3 lines, -0 lines 0 comments Download
A samples/new_project_template/grant.html View 1 chunk +17 lines, -0 lines 0 comments Download
M samples/new_project_template/main.py View 1 1 chunk +29 lines, -65 lines 0 comments Download
M samples/new_project_template/welcome.html View 1 chunk +1 line, -1 line 0 comments Download
A tests/test_oauth2client_appengine.py View 1 1 chunk +176 lines, -0 lines 0 comments Download

Messages

Total messages: 5
jcgregorio
Ignore the files in new_project_template, they are just there to show how the decorators are ...
13 years, 3 months ago (2011-05-20 20:50:55 UTC) #1
proppy
http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py File oauth2client/appengine.py (right): http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#newcode230 oauth2client/appengine.py:230: if not self.credentials or self.credentials.invalid: Consider using if not ...
13 years, 3 months ago (2011-05-20 21:25:39 UTC) #2
proppy
http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py File oauth2client/appengine.py (right): http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#newcode159 oauth2client/appengine.py:159: class CredentialsModel(db.Model): Consider adding non-opaque model for credentials. http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#newcode242 ...
13 years, 3 months ago (2011-05-20 23:59:36 UTC) #3
jcgregorio
http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py File oauth2client/appengine.py (right): http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#newcode159 oauth2client/appengine.py:159: class CredentialsModel(db.Model): On 2011/05/20 23:59:36, proppy wrote: > Consider ...
13 years, 3 months ago (2011-05-23 03:16:47 UTC) #4
proppy
13 years, 3 months ago (2011-05-23 06:00:17 UTC) #5 
http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py
File oauth2client/appengine.py (right):

http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#new...
oauth2client/appengine.py:242: def oauth_aware(self, method):
I think that we should provide an interface similar to the existing SDK helper
for login, i.e: 
- a @login_required decorator for the most common usecases
- help methods for more complex usecases: create_login_url, get_current_user

This would translate for oauth2 to:
- @oauth_required
- create_authorization_url, get_current_credentials


On 2011/05/23 03:16:47, jcgregorio wrote:
> I think the story here is that we have two convenience decorators that make it
> easy to get started. At some point the use cases get complex enough that the
> user should fall back to using Flows, Credentials and Storage directly.
> 
> 
> On 2011/05/20 23:59:36, proppy wrote:
> > You might consider adding a method like has_current_user_granted() that
check
> if
> > credentials exists instead of another decorator.
>

http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#new...
oauth2client/appengine.py:273: def authorize_url(self):
See comment above about existing SDK helper for login.

On 2011/05/23 03:16:47, jcgregorio wrote:
> See comment above about has_current_user_granted().
> 
> On 2011/05/20 23:59:36, proppy wrote:
> > You might consider adding handler param to authorize_url so it could be
called
> > in undecorated handler.
>

http://codereview.appspot.com/4524063/diff/2001/oauth2client/appengine.py#new...
oauth2client/appengine.py:307: flow = pickle.loads(memcache.get(user.user_id(),
namespace=OAUTH2CLIENT_NAMESPACE))
The (slow) datastore write would only happen, if the flow is not already in
database (i.e: on the first instance starts for this application), or if some
oauth parameters changed (unlikely to happen that often).

See:
http://codereview.appspot.com/4515101/diff/11001/oauth2client/appengine.py Line
156

As for the redirect_uri, it is already hardcoded to '/oauth2callback' in the
decorator anyway, so you can just assume it is a constant.

On 2011/05/23 03:16:47, jcgregorio wrote:
> The downsides to doing that are a (slow) datastore write when each instance
> starts and the special handling for pulling the redirect_uri out of 'state'. I
> may switch to the datastore method in the future.
> 
> On 2011/05/20 21:25:39, proppy wrote:
> > You might consider getting the flow values from the datastore and
reconstruct
> it
> > here.
> > 
> > You just need to assign the redirect_url again.
>
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b