A corporation manager and dashboard for EVE Online
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

113 lines
3.9 KiB

  1. # -*- coding: utf-8 -*-
  2. from urllib.parse import urlencode
  3. import requests
  4. from ..exceptions import EVEAPIError
  5. __all__ = ["SSOManager"]
  6. class SSOManager:
  7. """EVE API module for Single Sign-On (SSO)."""
  8. def __init__(self, session, logger):
  9. self._session = session
  10. self._logger = logger
  11. self._debug = logger.debug
  12. def get_authorize_url(self, client_id, redirect_uri, scopes=None,
  13. state=None):
  14. """Return a URL that the end user can use to start a login."""
  15. baseurl = "https://login.eveonline.com/oauth/authorize?"
  16. params = {
  17. "response_type": "code",
  18. "redirect_uri": redirect_uri,
  19. "client_id": client_id
  20. }
  21. if scopes:
  22. params["scope"] = " ".join(scopes)
  23. if state is not None:
  24. params["state"] = state
  25. return baseurl + urlencode(params)
  26. def get_access_token(self, client_id, client_secret, code, refresh=False):
  27. """Given an auth code or refresh token, return an access token.
  28. If refresh is True, code should be a refresh token. Otherwise, it
  29. should be an authorization code.
  30. Does a step of OAuth2 and returns a 3-tuple of (access_token,
  31. token_expiry, refresh_token) if successful. Returns None if one of the
  32. arguments is not valid. Raises EVEAPIError if the API did not respond
  33. in a sensible way or looks to be down.
  34. """
  35. url = "https://login.eveonline.com/oauth/token"
  36. params = {}
  37. if refresh:
  38. params["grant_type"] = "refresh_token"
  39. params["code"] = code
  40. else:
  41. params["grant_type"] = "authorization_code"
  42. params["refresh_token"] = code
  43. self._debug("[POST] /oauth/token")
  44. try:
  45. resp = self._session.post(url, data=params, timeout=10,
  46. auth=(client_id, client_secret))
  47. json = resp.json()
  48. except (requests.RequestException, ValueError):
  49. self._logger.exception("Access token fetch failed")
  50. raise EVEAPIError()
  51. if not resp.ok or "error" in json:
  52. self._debug("Access token fetch error: %s", json["error"])
  53. return None
  54. if json.get("token_type") != "Bearer":
  55. self._logger.error("Invalid token_type in response body: %s",
  56. json.get("token_type"))
  57. raise EVEAPIError()
  58. token = json.get("access_token")
  59. expiry = json.get("expires_in")
  60. refresh = json.get("refresh_token")
  61. if not token or not expiry or not refresh:
  62. self._logger.error("Missing data in token response body")
  63. raise EVEAPIError()
  64. return token, expiry, refresh
  65. def get_character_info(self, token):
  66. """Given an access token, return character info.
  67. If successful, returns a 2-tuple of (character_id, character_name).
  68. Returns None if the token isn't valid. Raises EVEAPIError if the API
  69. did not respond in a sensible way or looks to be down.
  70. """
  71. url = "https://login.eveonline.com/oauth/verify"
  72. headers = {"Authorization": "Bearer " + token}
  73. self._debug("[GET] /oauth/verify")
  74. try:
  75. resp = self._session.get(url, timeout=10, headers=headers)
  76. json = resp.json()
  77. except (requests.RequestException, ValueError):
  78. self._logger.exception("Access token verify failed")
  79. raise EVEAPIError()
  80. if not resp.ok or "error" in json:
  81. self._debug("Access token verify error: %s", json["error"])
  82. return None
  83. char_id = json.get("CharacterID")
  84. char_name = json.get("CharacterName")
  85. if not char_id or not char_name:
  86. self._logger.error("Missing character ID or name in response body")
  87. raise EVEAPIError()
  88. return char_id, char_name