如何使用 Python 制作一个长期有效的 Picasa 令牌(或一般的 Google 启用 oAuth 2.0 的服务)?
How to make a long live Picasa token (or general Google oAuth 2.0 enabled services) using Python?
不得不说,我不太清楚如何将 oAuth 2.0 与 Picasa API 版本 2 一起使用。从 Google 文档本身 (cmiiw),我得到的印象是 Picasa API 版本 1 已弃用,这意味着 Python Picasa 的 gdata(仅支持版本 1)根本没用。
因此,我使用基本的 Picasa documentation 开发了自己的 class。但是,我发现生成的令牌非常短暂:用户必须再次重新验证 him/herself。我们能否让用户只重新验证一个,并且令牌过期后会以某种方式自动刷新?
这是我为解决这个 Picasa 问题而开发的 oAuth class。很想就如何解决此问题提出建议 class 以允许长期存在的令牌
class OAuth():
"""
Simplify oauth process
"""
def __init__(self, **kwargs):
self.client_secret_file = kwargs.get('client_secret_file')
self.token_location = os.path.join(kwargs.get('token_location'), kwargs.get('token_filename'))
self.scope = kwargs.get('scope')
self.credentials = None
def is_authenticated(self):
storage = Storage(self.token_location)
self.credentials = storage.get()
authenticated = self.credentials is not None and not self.credentials.invalid
Logger.debug('oAuth: authenticated = %s' % authenticated)
return authenticated
def authenticate(self):
if self.scope is None:
Logger.error('oauth: please specify scope')
return
missing_message = '''
WARNING: Please configure OAuth 2.0
To make this code run you will need to populate the client_secrets.json file
found at: %s
with information from the Developers Console
https://console.developers.google.com/
For more information about the client_secrets.json file format, please visit:
https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
''' % self.client_secret_file
flow = flow_from_clientsecrets(self.client_secret_file,
message=missing_message,
scope=self.scope)
# ca_certs_file = os.path.join('cacert.pem')
flags = argparser.parse_args()
storage = Storage(self.token_location)
self.credentials = run_flow(flow, storage, flags)#, http=httplib2.Http(ca_certs=ca_certs_file))
已编辑:
我在这里添加我的解决方案。
def get_album_list(self):
if self._album_list is not None:
return self._album_list
http = httplib2.Http(ca_certs=os.environ['REQUESTS_CA_BUNDLE'])
http = self.oauth.credentials.authorize(http)
response, album_list = http.request(Picasa.PHOTOS_URL, 'GET')
if response['status'] == '403':
self.oauth.credentials.refresh(http)
response, album_list = http.request(Picasa.PHOTOS_URL, 'GET')
album_list = json.load(StringIO(album_list))
self._album_list = {}
for e in album_list['feed']['entry']:
album_id = unicode(e['id']['$t'].split('/')[9]).split('?')[0]
self._album_list[e['title']['$t']] = album_id
return self._album_list
有两种类型的令牌:访问令牌和刷新令牌。当用户首次授予您访问权限时,您的应用程序应该会同时收到这两种信息。
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
保存刷新令牌以供进一步使用很重要。当第一个访问令牌过期时,您必须使用刷新令牌来获取新的。
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
不得不说,我不太清楚如何将 oAuth 2.0 与 Picasa API 版本 2 一起使用。从 Google 文档本身 (cmiiw),我得到的印象是 Picasa API 版本 1 已弃用,这意味着 Python Picasa 的 gdata(仅支持版本 1)根本没用。
因此,我使用基本的 Picasa documentation 开发了自己的 class。但是,我发现生成的令牌非常短暂:用户必须再次重新验证 him/herself。我们能否让用户只重新验证一个,并且令牌过期后会以某种方式自动刷新?
这是我为解决这个 Picasa 问题而开发的 oAuth class。很想就如何解决此问题提出建议 class 以允许长期存在的令牌
class OAuth():
"""
Simplify oauth process
"""
def __init__(self, **kwargs):
self.client_secret_file = kwargs.get('client_secret_file')
self.token_location = os.path.join(kwargs.get('token_location'), kwargs.get('token_filename'))
self.scope = kwargs.get('scope')
self.credentials = None
def is_authenticated(self):
storage = Storage(self.token_location)
self.credentials = storage.get()
authenticated = self.credentials is not None and not self.credentials.invalid
Logger.debug('oAuth: authenticated = %s' % authenticated)
return authenticated
def authenticate(self):
if self.scope is None:
Logger.error('oauth: please specify scope')
return
missing_message = '''
WARNING: Please configure OAuth 2.0
To make this code run you will need to populate the client_secrets.json file
found at: %s
with information from the Developers Console
https://console.developers.google.com/
For more information about the client_secrets.json file format, please visit:
https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
''' % self.client_secret_file
flow = flow_from_clientsecrets(self.client_secret_file,
message=missing_message,
scope=self.scope)
# ca_certs_file = os.path.join('cacert.pem')
flags = argparser.parse_args()
storage = Storage(self.token_location)
self.credentials = run_flow(flow, storage, flags)#, http=httplib2.Http(ca_certs=ca_certs_file))
已编辑: 我在这里添加我的解决方案。
def get_album_list(self):
if self._album_list is not None:
return self._album_list
http = httplib2.Http(ca_certs=os.environ['REQUESTS_CA_BUNDLE'])
http = self.oauth.credentials.authorize(http)
response, album_list = http.request(Picasa.PHOTOS_URL, 'GET')
if response['status'] == '403':
self.oauth.credentials.refresh(http)
response, album_list = http.request(Picasa.PHOTOS_URL, 'GET')
album_list = json.load(StringIO(album_list))
self._album_list = {}
for e in album_list['feed']['entry']:
album_id = unicode(e['id']['$t'].split('/')[9]).split('?')[0]
self._album_list[e['title']['$t']] = album_id
return self._album_list
有两种类型的令牌:访问令牌和刷新令牌。当用户首次授予您访问权限时,您的应用程序应该会同时收到这两种信息。
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
保存刷新令牌以供进一步使用很重要。当第一个访问令牌过期时,您必须使用刷新令牌来获取新的。
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh