def post(self):
"""
Exchange client supplied oauth code for credentials.
This does not require idtoken auth. User id is obtained form the
oauth flow instead.
"""
code = validation.auth_code_schema(self.json).get('code')
try:
credentials = auth.credentials_from_code(code)
except FlowExchangeError:
raise HTTPBadRequest('invalid code')
# reject if we did not get a refresh token and id_token
if not credentials.refresh_token:
logging.warning('got no refresh token')
raise HTTPForbidden('not initial code')
id_token = credentials.id_token
if id_token is None:
raise HTTPForbidden('got no id token')
try:
email = id_token['email']
user_id = id_token['sub']
except KeyError:
raise HTTPForbidden('no valid id')
account = models.Account(email=email, id=user_id,
credentials=credentials)
account.put()
评论列表
文章目录
