Scarygami · July 14, 2018 08:36 · Apr 21, 2015 · Apr 21, 2015 · Apr 21, 2015 · Apr 21, 2015
diff --git a/necessary_client.html b/necessary_client.html
@@ -22,7 +22,7 @@
 
             auth2.isSignedIn.listen(function (signedIn) {
               /**
-               * This will be call after the auth library is initialized
+               * This will be called after the auth library is initialized
                * if the user has previously authenticated, or at the same time
                * that grantOfflineAccess returns a code.
                * We only want to verify the offline access for existing users

diff --git a/server.py b/server.py
@@ -65,7 +65,7 @@ def authorize():
 
   user_id = credentials.id_token['sub']
 
-  # store the credentials for this user via some function for later user
+  # store the credentials for this user via some function for later use
   store_credentials(user_id, credentials)
 
   response = make_response(json.dumps({'access_granted': True}), 200)

diff --git a/optional_server.py → server.py b/optional_server.py → server.py
@@ -11,7 +11,7 @@
 import oauth2client.client
 from oauth2client.crypt import AppIdentityError
 
-APPLICATION_NAME = 'Google Sign-in 2.0 - Basic Server'
+APPLICATION_NAME = 'Google Sign-in 2.0 - Server'
 
 app = Flask(__name__)
 app.secret_key = ''.join(random.choice(string.ascii_uppercase + string.digits)

diff --git a/necessary_client.html b/necessary_client.html
@@ -0,0 +1,61 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <title>Google Sign-in 2.0 - Necessary Client</title>
+    <script src="https://apis.google.com/js/client:platform.js?onload=clientLoaded" async defer></script>
+  </head>
+  <body>
+    <button id="enable_offline_access">Enable Offline Access</button>
+
+    <script type="text/javascript">
+      (function (global) {
+
+        global.clientLoaded = function () {
+          var authorizeProcessRunning = false;
+
+          global.gapi.load('auth2', function () {
+            var auth2 = gapi.auth2.init({
+              client_id: 'YOUR-CLIENT-ID.apps.googleusercontent.com',
+              scope: 'profile https://www.googleapis.com/auth/glass.timeline'
+            });
+
+            auth2.isSignedIn.listen(function (signedIn) {
+              /**
+               * This will be call after the auth library is initialized
+               * if the user has previously authenticated, or at the same time
+               * that grantOfflineAccess returns a code.
+               * We only want to verify the offline access for existing users
+               */
+              if (signedIn && !authorizeProcessRunning) {
+                sendPostRequest('/verify', {id_token: id_token}).then(function (response) {
+                  if (response.access_granted) {
+                    global.document.getElementById('enable_offline_access').style.display = 'none';
+                  }
+                });
+              }
+            });
+
+            auth2.then(function () {
+              global.document.getElementById("enable_offline_access").onclick = function () {
+                // request one-time code
+                authorizeProcessRunning = true;
+                gapi.auth2.getAuthInstance().grantOfflineAccess({
+                  redirect_uri: 'postmessage'
+                }).then(function (auth_response) {
+                  // send one-time code to the server and wait for response
+                  sendPostRequest('/authorize', {code: auth_response.code}).then(function (response) {
+                    if (response.access_granted) {
+                      global.document.getElementById('enable_offline_access').style.display = 'none';
+                    }
+                    authorizeProcessRunning = false;
+                  });
+                });
+              };
+            });
+          });
+        };
+      }(this));
+    </script>
+  </body>
+</html>
diff --git a/optional_server.py b/optional_server.py
@@ -0,0 +1,77 @@
+#!/usr/bin/python
+import json
+import random
+import string
+
+from flask import Flask
+from flask import make_response
+from flask import request
+
+import httplib2
+import oauth2client.client
+from oauth2client.crypt import AppIdentityError
+
+APPLICATION_NAME = 'Google Sign-in 2.0 - Basic Server'
+
+app = Flask(__name__)
+app.secret_key = ''.join(random.choice(string.ascii_uppercase + string.digits)
+                         for x in xrange(32))
+
+CLIENT_ID = json.loads(
+    open('client_secrets.json', 'r').read())['web']['client_id']
+
+@app.route('/verify', methods=['POST'])
+def verify():
+  id_token = request.get_json().get('id_token', None)
+
+  try:
+    # Verify the ID token using the client library.
+    jwt = verify_id_token(id_token, CLIENT_ID)
+    user_id = jwt['sub']
+  except AppIdentityError:
+    user_id = None
+
+  if user_id is None:
+    response = make_response('invalid token', 401)
+    return response
+
+  # try to retrieve previously stored credentials via some function
+  credentials = get_credentials(user_id)
+
+  response_data = {}
+  if credentials is None:
+    response_data['access_granted'] = False
+  else:
+    response_data['access_granted'] = True
+
+  response = make_response(json.dumps(response_data), 200)
+  response.headers['Content-Type'] = 'application/json'
+  return response
+
+
+@app.route('/authorize', methods=['POST'])
+def authorize():
+  code = request.get_json().get('code', None)
+
+  try:
+    # Upgrade the authorization code into a credentials object
+    oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
+    oauth_flow.redirect_uri = 'postmessage'
+    credentials = oauth_flow.step2_exchange(code)
+  except FlowExchangeError:
+    response = make_response(json.dumps({'access_granted': False}), 401)
+    response.headers['Content-Type'] = 'application/json'
+    return response
+
+  user_id = credentials.id_token['sub']
+
+  # store the credentials for this user via some function for later user
+  store_credentials(user_id, credentials)
+
+  response = make_response(json.dumps({'access_granted': True}), 200)
+  response.headers['Content-Type'] = 'application/json'
+  return response
+
+if __name__ == '__main__':
+  app.debug = True
+  app.run(host='0.0.0.0', port=4567)
diff --git a/verify_server.py b/verify_server.py
@@ -17,7 +17,8 @@
 app.secret_key = ''.join(random.choice(string.ascii_uppercase + string.digits)
                          for x in xrange(32))
 
-CLIENT_ID = 'YOUR-CLIENT-ID'
+CLIENT_ID = json.loads(
+    open('client_secrets.json', 'r').read())['web']['client_id']
 
 @app.route('/verify', methods=['POST'])
 def verify():

diff --git a/optional_client.html b/optional_client.html
@@ -28,9 +28,9 @@
           gapi.auth2.getAuthInstance().grantOfflineAccess({
             redirect_uri: 'postmessage',
             scope: 'https://www.googleapis.com/auth/glass.timeline'
-          }).then(function (response) {
+          }).then(function (auth_response) {
             // send one-time code to the server and wait for response
-            sendPostRequest('/authorize', {code: code}).then(function (response) {
+            sendPostRequest('/authorize', {code: auth_response.code}).then(function (response) {
               if (response.access_granted) {
                 global.document.getElementById('enable_offline_access').style.display = 'none';
               }

diff --git a/optional_client.html b/optional_client.html
@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <title>Google Sign-in 2.0 - Optional Client</title>
+    <script src="https://apis.google.com/js/client:platform.js" async defer></script>
+    <meta name="google-signin-client_id" content="YOUR-CLIENT-ID.apps.googleusercontent.com">
+  </head>
+  <body>
+    <div class="g-signin2" data-onsuccess="onSignIn"></div>
+    <button id="enable_offline_access" style="display: none">Enable Offline Access</button>
+
+    <script type="text/javascript">
+      (function (global) {
+        global.onSignIn = function (user) {
+          var id_token = user.getAuthResponse().id_token;
+
+          // Some function to send the id_token to your server
+          sendPostRequest('/verify', {id_token: id_token}).then(function (response) {
+            if (!response.access_granted) {
+              global.document.getElementById('enable_offline_access').style.display = 'block';
+            }
+          });
+        };
+
+        global.document.getElementById("enable_offline_access").onclick = function () {
+          // request one-time code
+          gapi.auth2.getAuthInstance().grantOfflineAccess({
+            redirect_uri: 'postmessage',
+            scope: 'https://www.googleapis.com/auth/glass.timeline'
+          }).then(function (response) {
+            // send one-time code to the server and wait for response
+            sendPostRequest('/authorize', {code: code}).then(function (response) {
+              if (response.access_granted) {
+                global.document.getElementById('enable_offline_access').style.display = 'none';
+              }
+            });
+          });
+        };
+      }(this));
+    </script>
+  </body>
+</html>
diff --git a/sample_id_token.json b/sample_id_token.json
@@ -0,0 +1,16 @@
+{
+  "iss": "accounts.google.com",
+  "sub": "112336147904981294875",
+  "azp": "YOUR-CLIENT-ID.apps.googleusercontent.com",
+  "email": "[email protected]",
+  "at_hash": "ABCHASJDKJAHJ1231w",
+  "email_verified": true,
+  "aud": "YOUR-CLIENT-ID.apps.googleusercontent.com",
+  "iat": 1429619207,
+  "exp": 1429622807,
+  "name": "Gerwin Sturm",
+  "picture": "https://lh3.googleusercontent.com/-khaIYLifQik/AAAAAAAAAAI/AAAAAAACclE/rspep_SceFo/s96-c/photo.jpg",
+  "given_name": "Gerwin",
+  "family_name": "Sturm",
+  "locale": "en"
+}
diff --git a/verify_server.py b/verify_server.py
@@ -11,7 +11,7 @@
 import oauth2client.client
 from oauth2client.crypt import AppIdentityError
 
-APPLICATION_NAME = 'Google Sign-in 2.0 Basic Server'
+APPLICATION_NAME = 'Google Sign-in 2.0 - Basic Server'
 
 app = Flask(__name__)
 app.secret_key = ''.join(random.choice(string.ascii_uppercase + string.digits)

diff --git a/verify_server.py b/verify_server.py
@@ -11,7 +11,7 @@
 import oauth2client.client
 from oauth2client.crypt import AppIdentityError
 
-APPLICATION_NAME = 'Google+ Python Token Verification'
+APPLICATION_NAME = 'Google Sign-in 2.0 Basic Server'
 
 app = Flask(__name__)
 app.secret_key = ''.join(random.choice(string.ascii_uppercase + string.digits)

diff --git a/verify_server.py b/verify_server.py
@@ -0,0 +1,45 @@
+#!/usr/bin/python
+import json
+import random
+import string
+
+from flask import Flask
+from flask import make_response
+from flask import request
+
+import httplib2
+import oauth2client.client
+from oauth2client.crypt import AppIdentityError
+
+APPLICATION_NAME = 'Google+ Python Token Verification'
+
+app = Flask(__name__)
+app.secret_key = ''.join(random.choice(string.ascii_uppercase + string.digits)
+                         for x in xrange(32))
+
+CLIENT_ID = 'YOUR-CLIENT-ID'
+
+@app.route('/verify', methods=['POST'])
+def verify():
+
+  id_token = request.get_json().get('id_token', None)
+
+  try:
+    # Verify the ID token using the client library.
+    jwt = verify_id_token(id_token, CLIENT_ID)
+    user_id = jwt['sub']
+  except AppIdentityError:
+    user_id = None
+
+  if user_id is None:
+    response = make_response('invalid token', 401)
+    return response
+
+  # Here you can get data relevant to user_id and return it
+  response = make_response('successfully verified', 200)
+  return reponse
+
+
+if __name__ == '__main__':
+  app.debug = True
+  app.run(host='0.0.0.0', port=4567)
diff --git a/verify_client.html b/verify_client.html
@@ -16,7 +16,7 @@
 
           // some function to send the id_token to your server
           sendPostRequest('/verify', {id_token: id_token})
-        }
+        };
       }(this));
     </script>
   </body>

diff --git a/verify_client.html b/verify_client.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <title>Google Sign-in 2.0 - Basic Client</title>
+    <script src="https://apis.google.com/js/client:platform.js" async defer></script>
+    <meta name="google-signin-client_id" content="YOUR-CLIENT-ID.apps.googleusercontent.com">
+  </head>
+  <body>
+    <div class="g-signin2" data-onsuccess="onSignIn"></div>
+
+    <script type="text/javascript">
+      (function (global) {
+        global.onSignIn = function (user) {
+          var id_token = user.getAuthResponse().id_token;
+
+          // some function to send the id_token to your server
+          sendPostRequest('/verify', {id_token: id_token})
+        }
+      }(this));
+    </script>
+  </body>
+</html>
No results found