From 2b57d3c912c5b1e5fe66f92064b82e7d2763f1cc Mon Sep 17 00:00:00 2001
From: Ben Adida <ben@adida.net>
Date: Thu, 29 Oct 2015 23:56:25 +0000
Subject: [PATCH] first pass at login with clever

---
 .gitignore                           |  3 +-
 helios_auth/auth_systems/__init__.py |  3 +-
 helios_auth/auth_systems/clever.py   | 80 ++++++++++++++++++++++++++++
 settings.py                          |  4 ++
 4 files changed, 88 insertions(+), 2 deletions(-)
 create mode 100644 helios_auth/auth_systems/clever.py

diff --git a/.gitignore b/.gitignore
index 8c060f8..5c112cc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,4 +4,5 @@ deploy-latest.sh
 *~
 media/*
 venv
-celerybeat-*
\ No newline at end of file
+celerybeat-*
+env.sh
\ No newline at end of file
diff --git a/helios_auth/auth_systems/__init__.py b/helios_auth/auth_systems/__init__.py
index 202fe95..5a0e923 100644
--- a/helios_auth/auth_systems/__init__.py
+++ b/helios_auth/auth_systems/__init__.py
@@ -1,7 +1,7 @@
 
 AUTH_SYSTEMS = {}
 
-import twitter, password, cas, facebook, google, yahoo, linkedin
+import twitter, password, cas, facebook, google, yahoo, linkedin, clever
 AUTH_SYSTEMS['twitter'] = twitter
 AUTH_SYSTEMS['linkedin'] = linkedin
 AUTH_SYSTEMS['password'] = password
@@ -9,6 +9,7 @@ AUTH_SYSTEMS['cas'] = cas
 AUTH_SYSTEMS['facebook'] = facebook
 AUTH_SYSTEMS['google'] = google
 AUTH_SYSTEMS['yahoo'] = yahoo
+AUTH_SYSTEMS['clever'] = clever
 
 # not ready
 #import live
diff --git a/helios_auth/auth_systems/clever.py b/helios_auth/auth_systems/clever.py
new file mode 100644
index 0000000..b83eb33
--- /dev/null
+++ b/helios_auth/auth_systems/clever.py
@@ -0,0 +1,80 @@
+"""
+Clever Authentication
+
+"""
+
+from django.http import *
+from django.core.mail import send_mail
+from django.conf import settings
+
+import httplib2,json
+
+import sys, os, cgi, urllib, urllib2, re
+
+from oauth2client.client import OAuth2WebServerFlow
+
+# some parameters to indicate that status updating is not possible
+STATUS_UPDATES = False
+
+# display tweaks
+LOGIN_MESSAGE = "Log in with Clever"
+
+def get_flow(redirect_url=None):
+  return OAuth2WebServerFlow(
+    client_id=settings.CLEVER_CLIENT_ID,
+    client_secret=settings.CLEVER_CLIENT_SECRET,
+    scope='read:students read:teachers read:user_id read:sis',
+    auth_uri="https://clever.com/oauth/authorize",
+    token_uri="https://clever.com/oauth/tokens",
+    redirect_uri=redirect_url)
+  
+def get_auth_url(request, redirect_url):
+  flow = get_flow(redirect_url)
+
+  request.session['clever-redirect-url'] = redirect_url
+  return flow.step1_get_authorize_url()
+
+def get_user_info_after_auth(request):
+  flow = get_flow(request.session['clever-redirect-url'])
+  del request.session['clever-redirect-url']
+
+  code = request.GET['code']
+  credentials = flow.step2_exchange(code)
+
+  # at this stage, just an access token
+
+  # get the nice name
+  http = httplib2.Http(".cache")
+  http = credentials.authorize(http)
+  (resp_headers, content) = http.request("https://api.clever.com/me", "GET")
+
+  response = json.loads(content)
+
+  # watch out, response also contains email addresses, but not sure whether thsoe are verified or not
+  # so for email address we will only look at the id_token
+  
+  return {'type' : 'clever', 'user_id': response["data"]["id"], 'name': "" , 'info': {"district": response["data"]["district"], "type": response["data"]["type"]}, 'token':{}}
+    
+def do_logout(user):
+  """
+  logout of Google
+  """
+  return None
+  
+def update_status(token, message):
+  """
+  simple update
+  """
+  pass
+
+def send_message(user_id, name, user_info, subject, body):
+  """
+  send email to google users. user_id is the email for google.
+  """
+  pass
+  
+def check_constraint(constraint, user_info):
+  """
+  for eligibility
+  """
+  pass
diff --git a/settings.py b/settings.py
index 4c14c76..5535803 100644
--- a/settings.py
+++ b/settings.py
@@ -234,6 +234,10 @@ CAS_PASSWORD = get_from_env('CAS_PASSWORD', "")
 CAS_ELIGIBILITY_URL = get_from_env('CAS_ELIGIBILITY_URL', "")
 CAS_ELIGIBILITY_REALM = get_from_env('CAS_ELIGIBILITY_REALM', "")
 
+# Clever
+CLEVER_CLIENT_ID = get_from_env('CLEVER_CLIENT_ID', "")
+CLEVER_CLIENT_SECRET = get_from_env('CLEVER_CLIENT_SECRET', "")
+
 # email server
 EMAIL_HOST = get_from_env('EMAIL_HOST', 'localhost')
 EMAIL_PORT = int(get_from_env('EMAIL_PORT', "2525"))
-- 
GitLab