Repository: sciyoshi/pyfacebook Branch: master Commit: ec2bbfb0c687 Files: 33 Total size: 128.9 KB Directory structure: gitextract_kosjvwio/ ├── .gitignore ├── .project ├── .pydevproject ├── MANIFEST.in ├── README ├── bin/ │ └── djangofb.py ├── examples/ │ └── fbsample/ │ ├── .project │ ├── .pydevproject │ ├── __init__.py │ ├── db.sqlite3 │ ├── fbapp/ │ │ ├── __init__.py │ │ ├── models.py │ │ ├── templates/ │ │ │ └── canvas.fbml │ │ ├── urls.py │ │ └── views.py │ ├── manage.py │ ├── run.bat │ ├── settings.py │ └── urls.py ├── facebook/ │ ├── __init__.py │ ├── djangofb/ │ │ ├── __init__.py │ │ ├── context_processors.py │ │ ├── default_app/ │ │ │ ├── __init__.py │ │ │ ├── models.py │ │ │ ├── templates/ │ │ │ │ └── canvas.fbml │ │ │ ├── urls.py │ │ │ └── views.py │ │ └── models.py │ ├── webappfb.py │ └── wsgi.py ├── setup.py └── tests/ ├── __init__.py └── test.py ================================================ FILE CONTENTS ================================================ ================================================ FILE: .gitignore ================================================ *.py? *.egg-info ================================================ FILE: .project ================================================ pyfacebook org.python.pydev.PyDevBuilder org.python.pydev.pythonNature ================================================ FILE: .pydevproject ================================================ python 2.6 Default ================================================ FILE: MANIFEST.in ================================================ recursive-include examples * ================================================ FILE: README ================================================ == PyFacebook == PyFacebook is a Python client library for the Facebook API. Samuel Cormier-Iijima (sciyoshi@gmail.com) Niran Babalola (iamniran@gmail.com) Shannon -jj Behrens (jjinux@gmail.com) David B. Edelstein (David.B.Edelstein@gmail.com) Max Battcher (max.battcher@gmail.com) Rohan Deshpande (rohan.deshpande@gmail.com) Matthew Stevens (matthew.stevens@gmail.com) Sandro Turriate (sandro.turriate@gmail.com) Benjamin Zimmerman (benjamin.zimmerman@gmail.com) Gisle Aas (gisle.aas@gmail.com) Rand Bradley (rand.bradley@gmail.com) Luke Worth (luke.worth@gmail.com) Andreas Cederström (andreas@klydd.se) Samuel Hoffstaetter (samuel@hoffstaetter.com) Andreas Ehn (ehn@a8n.se) Lee Li (shuge.lee@gmail.com) http://github.com/sciyoshi/pyfacebook/ == Usage == To use this in your own projects, do the standard: python setup.py install == Documentation == Have a look at the examples/ directory. Most of the stuff should be self-explanatory. There is also an example Django app in examples/facebook, which should have enough to get you started. See the developer wiki for more information. == License == Copyright (c) 2008, Samuel Cormier-Iijima All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the author nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ================================================ FILE: bin/djangofb.py ================================================ #!/usr/bin/env python if __name__ == '__main__': import sys import os import re def usage(): sys.stderr.write('Usage: djangofb.py startapp \n') sys.exit(1) if len(sys.argv) not in (2, 3): usage() if sys.argv[1] != 'startapp': usage() app_name = len(sys.argv) == 3 and sys.argv[2] or 'fbapp' try: sys.path.insert(0, os.getcwd()) # Assumed to be in the same directory or current directory. import settings except ImportError: sys.stderr.write("Error: Can't find the file 'settings.py' in the directory containing %r " "or in the current directory. It appears you've customized things.\n" "You'll have to run django-admin.py, passing it your settings module.\n" "(If the file settings.py does indeed exist, it's causing an ImportError somehow.)\n" % __file__) sys.exit(1) from django.core import management directory = management.setup_environ(settings) if hasattr(management, 'color'): # Current svn version of django from django.core.management.color import color_style style = color_style() else: # Compatibility with 0.96 from django.core.management import style project_dir = os.path.normpath(os.path.join(directory, '..')) parent_dir = os.path.basename(project_dir) project_name = os.path.basename(directory) if app_name == project_name: sys.stderr.write( style.ERROR( 'Error: You cannot create an app with the same name (%r) as your project.\n' % app_name)) sys.exit(1) if app_name == 'facebook': sys.stderr.write(style.ERROR( 'Error: You cannot name your app "facebook", ' 'since this can cause conflicts with imports in Python < 2.5.\n')) sys.exit(1) if not re.search(r'^\w+$', app_name): sys.stderr.write( style.ERROR( 'Error: %r is not a valid app name. Please use only numbers, letters and underscores.\n' % app_name)) sys.exit(1) top_dir = os.path.join(directory, app_name) try: os.mkdir(top_dir) except OSError as e: sys.stderr.write(style.ERROR("Error: %s\n" % e)) sys.exit(1) import facebook template_dir = os.path.join( facebook.__path__[0], 'djangofb', 'default_app') sys.stderr.write('Creating Facebook application %r...\n' % app_name) for d, subdirs, files in os.walk(template_dir): relative_dir = d[len(template_dir) + 1:] if relative_dir: os.mkdir(os.path.join(top_dir, relative_dir)) subdirs[:] = [s for s in subdirs if not s.startswith('.')] for f in files: if f.endswith('.pyc'): continue path_old = os.path.join(d, f) path_new = os.path.join(top_dir, relative_dir, f) f_old = open(path_old, 'r') f_new = open(path_new, 'w') sys.stderr.write('Writing %s...\n' % path_new) f_new.write( f_old.read().replace( '{{ project }}', project_name).replace( '{{ app }}', app_name)) f_new.close() f_old.close() sys.stderr.write('Done!\n\n') from django.conf import settings need_api_key = not hasattr(settings, 'FACEBOOK_API_KEY') need_middleware = 'facebook.djangofb.FacebookMiddleware' not in settings.MIDDLEWARE_CLASSES need_loader = 'django.template.loaders.app_directories.load_template_source' not in settings.TEMPLATE_LOADERS need_install_app = not '%s.%s' % ( project_name, app_name) in settings.INSTALLED_APPS if need_api_key or need_middleware or need_loader or need_install_app: sys.stderr.write( """There are a couple of things you NEED to do before you can use this app:\n\n""") if need_api_key: sys.stderr.write( """ * Set FACEBOOK_API_KEY and FACEBOOK_SECRET_KEY to the appropriate values in settings.py\n\n""") if need_middleware: sys.stderr.write( """ * Add 'facebook.djangofb.FacebookMiddleware' to your MIDDLEWARE_CLASSES in settings.py\n\n""") if need_loader: sys.stderr.write( """ * Add 'django.template.loaders.app_directories.load_template_source' to your TEMPLATE_LOADERS in settings.py\n\n""") if need_install_app: sys.stderr.write( """ * Add '%s.%s' to your INSTALLED_APPS in settings.py\n\n""" % (project_name, app_name)) sys.stderr.write( """The final step is to add (r'^%s/', include('%s.%s.urls')) to your urls.py, and then set your callback page in the application settings on Facebook to 'http://your.domain.com/%s/'. Good luck! """ % (project_name, project_name, app_name, project_name)) ================================================ FILE: examples/fbsample/.project ================================================ fbsample org.python.pydev.PyDevBuilder org.python.pydev.pythonNature ================================================ FILE: examples/fbsample/.pydevproject ================================================ python 2.6 Default ================================================ FILE: examples/fbsample/__init__.py ================================================ ================================================ FILE: examples/fbsample/fbapp/__init__.py ================================================ ================================================ FILE: examples/fbsample/fbapp/models.py ================================================ from django.db import models # get_facebook_client lets us get the current Facebook object # from outside of a view, which lets us have cleaner code from facebook.djangofb import get_facebook_client def _2int(d, k): try: d = d.__dict__ except: pass t = d.get(k, '') if t == 'None': t = 0 else: t = int(t) return t class UserManager(models.Manager): """Custom manager for a Facebook User.""" def get_current(self): """Gets a User object for the logged-in Facebook user.""" facebook = get_facebook_client() user, created = self.get_or_create(id=_2int(facebook, 'uid')) if created: # we could do some custom actions for new users here... pass return user class User(models.Model): """A simple User model for Facebook users.""" # We use the user's UID as the primary key in our database. id = models.IntegerField(primary_key=True) # TODO: The data that you want to store for each user would go here. # For this sample, we let users let people know their favorite progamming # language, in the spirit of Extended Info. language = models.CharField(max_length=64, default='Python') # Add the custom manager objects = UserManager() ================================================ FILE: examples/fbsample/fbapp/templates/canvas.fbml ================================================ {% comment %} We can use {{ fbuser }} to get at the current user. {{ fbuser.id }} will be the user's UID, and {{ fbuser.language }} is his/her favorite language (Python :-). {% endcomment %} Welcome, !

Your favorite language is {{ fbuser.language|escape }}.

================================================ FILE: examples/fbsample/fbapp/urls.py ================================================ from django.conf.urls.defaults import * urlpatterns = patterns('fbsample.fbapp.views', (r'^$', 'canvas'), # Define other pages you want to create here ) ================================================ FILE: examples/fbsample/fbapp/views.py ================================================ from django.http import HttpResponse from django.views.generic.simple import direct_to_template # uncomment the following two lines and the one below # if you don't want to use a decorator instead of the middleware # from django.utils.decorators import decorator_from_middleware # from facebook.djangofb import FacebookMiddleware # Import the Django helpers import facebook.djangofb as facebook # The User model defined in models.py from models import User # We'll require login for our canvas page. This # isn't necessarily a good idea, as we might want # to let users see the page without granting our app # access to their info. See the wiki for details on how # to do this. # @decorator_from_middleware(FacebookMiddleware) @facebook.require_login() def canvas(request): # Get the User object for the currently logged in user user = User.objects.get_current() # Check if we were POSTed the user's new language of choice if 'language' in request.POST: user.language = request.POST['language'][:64] user.save() # User is guaranteed to be logged in, so pass canvas.fbml # an extra 'fbuser' parameter that is the User object for # the currently logged in user. return direct_to_template( request, 'canvas.fbml', extra_context={ 'fbuser': user}) @facebook.require_login() def ajax(request): return HttpResponse('hello world') ================================================ FILE: examples/fbsample/manage.py ================================================ #!/usr/bin/env python from django.core.management import execute_manager try: import settings # Assumed to be in the same directory. except ImportError: import sys sys.stderr.write("Error: Can't find the file 'settings.py' in the directory containing %r. " "It appears you've customized things.\nYou'll have to run django-admin.py, " "passing it your settings module.\n(If the file settings.py does indeed exist, " "it's causing an ImportError somehow.)\n" % __file__) sys.exit(1) if __name__ == "__main__": execute_manager(settings) ================================================ FILE: examples/fbsample/run.bat ================================================ python manage.py runserver 0.0.0.0:80 ================================================ FILE: examples/fbsample/settings.py ================================================ # Django settings for fbsample project. DEBUG = True TEMPLATE_DEBUG = DEBUG ADMINS = ( # ('Your Name', 'your_email@domain.com'), ) MANAGERS = ADMINS # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. DATABASE_ENGINE = 'sqlite3' # Or path to database file if using sqlite3. DATABASE_NAME = 'db.sqlite3' DATABASE_USER = '' # Not used with sqlite3. DATABASE_PASSWORD = '' # Not used with sqlite3. # Set to empty string for localhost. Not used with sqlite3. DATABASE_HOST = '' # Set to empty string for default. Not used with sqlite3. DATABASE_PORT = '' # Local time zone for this installation. Choices can be found here: # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name # although not all choices may be available on all operating systems. # If running in a Windows environment this must be set to the same as your # system time zone. TIME_ZONE = 'America/Chicago' # Language code for this installation. All choices can be found here: # http://www.i18nguy.com/unicode/language-identifiers.html LANGUAGE_CODE = 'en-us' SITE_ID = 1 # If you set this to False, Django will make some optimizations so as not # to load the internationalization machinery. USE_I18N = True # Absolute path to the directory that holds media. # Example: "/home/media/media.lawrence.com/" MEDIA_ROOT = '' # URL that handles the media served from MEDIA_ROOT. Make sure to use a # trailing slash if there is a path component (optional in other cases). # Examples: "http://media.lawrence.com", "http://example.com/media/" MEDIA_URL = '' # URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a # trailing slash. # Examples: "http://foo.com/media/", "/media/". ADMIN_MEDIA_PREFIX = '/media/' # Make this unique, and don't share it with anybody. SECRET_KEY = 'yg6zh@+u^w3agtjwy^da)#277d3j#a%3m@)pev8_j0ozztwe4+' # List of callables that know how to import templates from various sources. TEMPLATE_LOADERS = ( 'django.template.loaders.filesystem.load_template_source', 'django.template.loaders.app_directories.load_template_source', # 'django.template.loaders.eggs.load_template_source', ) MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'facebook.djangofb.FacebookMiddleware', ) ROOT_URLCONF = 'fbsample.urls' TEMPLATE_DIRS = ( # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates". # Always use forward slashes, even on Windows. # Don't forget to use absolute paths, not relative paths. ) INSTALLED_APPS = ( 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'fbsample.fbapp', ) # get it from here # http://www.facebook.com/editapps.php?ref=mb FACEBOOK_API_KEY = 'x' FACEBOOK_SECRET_KEY = 'xx' ================================================ FILE: examples/fbsample/urls.py ================================================ from django.conf.urls.defaults import * # Uncomment the next two lines to enable the admin: # from django.contrib import admin # admin.autodiscover() urlpatterns = patterns('', # Example: # (r'^fbsample/', include('fbsample.foo.urls')), # Uncomment the admin/doc line below and add 'django.contrib.admindocs' # to INSTALLED_APPS to enable admin documentation: # (r'^admin/doc/', include('django.contrib.admindocs.urls')), # Uncomment the next line to enable the admin: # (r'^admin/', include(admin.site.urls)), (r'^fbsample/', include('fbsample.fbapp.urls')), ) ================================================ FILE: facebook/__init__.py ================================================ #! /usr/bin/env python # # pyfacebook - Python bindings for the Facebook API # # Copyright (c) 2008, Samuel Cormier-Iijima # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # * Neither the name of the author nor the names of its contributors may # be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS``AS IS'' AND ANY # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ Python bindings for the Facebook API (pyfacebook - http://code.google.com/p/pyfacebook) PyFacebook is a client library that wraps the Facebook API. For more information, see Home Page: http://code.google.com/p/pyfacebook Developer Wiki: http://wiki.developers.facebook.com/index.php/Python Facebook IRC Channel: #facebook on irc.freenode.net PyFacebook can use simplejson if it is installed, which is much faster than XML and also uses less bandwith. Go to http://undefined.org/python/#simplejson to download it, or do apt-get install python-simplejson on a Debian-like system. """ import sys import time import struct import urllib import urllib2 import httplib import hmac try: import hashlib except ImportError: import md5 as hashlib import binascii import urlparse import mimetypes # try to use simplejson first, otherwise fallback to XML RESPONSE_FORMAT = 'JSON' try: import json as simplejson simplejson.loads except (ImportError, AttributeError): try: import simplejson simplejson.loads except (ImportError, AttributeError): try: from django.utils import simplejson simplejson.loads except (ImportError, AttributeError): try: import jsonlib as simplejson simplejson.loads except (ImportError, AttributeError): from xml.dom import minidom RESPONSE_FORMAT = 'XML' # support Google App Engine. GAE does not have a working urllib.urlopen. try: from google.appengine.api import urlfetch def urlread(url, data=None, headers=None): if data is not None: if headers is None: headers = {"Content-type": "application/x-www-form-urlencoded"} method = urlfetch.POST else: if headers is None: headers = {} method = urlfetch.GET result = urlfetch.fetch(url, method=method, payload=data, headers=headers) if result.status_code == 200: return result.content else: raise urllib2.URLError( "fetch error url=%s, code=%d" % (url, result.status_code)) except ImportError: def urlread(url, data=None): res = urllib2.urlopen(url, data=data) return res.read() __all__ = ['Facebook', 'create_hmac'] VERSION = '1.0a2' FACEBOOK_URL = 'http://api.facebook.com/restserver.php' FACEBOOK_VIDEO_URL = 'http://api-video.facebook.com/restserver.php' FACEBOOK_SECURE_URL = 'https://api.facebook.com/restserver.php' def create_hmac(key, tbhashed): return hmac.new(key, tbhashed, hashlib.sha1).hexdigest() class json(object): pass # simple IDL for the Facebook API METHODS = { # dashboard methods 'dashboard': { 'incrementCount': [ ('uid', int, ['optional']) ], 'decrementCount': [ ('uid', int, ['optional']) ], 'getCount': [ ('uid', int, ['optional']) ], 'setCount': [ ('count', int, []), ('uid', int, ['optional']) ], 'getActivity': [ ('activity_ids', list, ['optional']), ('uid', int, ['optional']) ], 'publishActivity': [ ('activity', json, []), ] }, 'application': { 'getPublicInfo': [ ('application_id', int, ['optional']), ('application_api_key', str, ['optional']), ('application_canvas_name', str, ['optional']), ], }, # admin methods 'admin': { 'getAllocation': [ ('integration_point_name', str, []), ], 'getRestrictionInfo': [], 'setRestrictionInfo': [ ('format', str, ['optional']), ('callback', str, ['optional']), ('restriction_str', json, ['optional']), ], # Some methods don't work with access_tokens, the signed option forces # use of the secret_key signature (avoids error 15 and, sometimes, 8) 'getAppProperties': [ ('properties', list, []), 'signed' ], 'setAppProperties': [ ('properties', json, []), 'signed' ], }, # auth methods 'auth': { 'revokeAuthorization': [ ('uid', int, ['optional']), ], 'revokeExtendedPermission': [ ('perm', str, []), ('uid', int, ['optional']), ], }, # feed methods 'feed': { 'publishStoryToUser': [ ('title', str, []), ('body', str, ['optional']), ('image_1', str, ['optional']), ('image_1_link', str, ['optional']), ('image_2', str, ['optional']), ('image_2_link', str, ['optional']), ('image_3', str, ['optional']), ('image_3_link', str, ['optional']), ('image_4', str, ['optional']), ('image_4_link', str, ['optional']), ('priority', int, ['optional']), ], 'publishActionOfUser': [ ('title', str, []), ('body', str, ['optional']), ('image_1', str, ['optional']), ('image_1_link', str, ['optional']), ('image_2', str, ['optional']), ('image_2_link', str, ['optional']), ('image_3', str, ['optional']), ('image_3_link', str, ['optional']), ('image_4', str, ['optional']), ('image_4_link', str, ['optional']), ('priority', int, ['optional']), ], 'publishTemplatizedAction': [ ('title_template', str, []), ('page_actor_id', int, ['optional']), ('title_data', json, ['optional']), ('body_template', str, ['optional']), ('body_data', json, ['optional']), ('body_general', str, ['optional']), ('image_1', str, ['optional']), ('image_1_link', str, ['optional']), ('image_2', str, ['optional']), ('image_2_link', str, ['optional']), ('image_3', str, ['optional']), ('image_3_link', str, ['optional']), ('image_4', str, ['optional']), ('image_4_link', str, ['optional']), ('target_ids', list, ['optional']), ], 'registerTemplateBundle': [ ('one_line_story_templates', json, []), ('short_story_templates', json, ['optional']), ('full_story_template', json, ['optional']), ('action_links', json, ['optional']), ], 'deactivateTemplateBundleByID': [ ('template_bundle_id', int, []), ], 'getRegisteredTemplateBundles': [], 'getRegisteredTemplateBundleByID': [ ('template_bundle_id', str, []), ], 'publishUserAction': [ ('template_bundle_id', int, []), ('template_data', json, ['optional']), ('target_ids', list, ['optional']), ('body_general', str, ['optional']), ('story_size', int, ['optional']), ], }, # fql methods 'fql': { 'query': [ ('query', str, []), ], 'multiquery': [ ('queries', json, []), ], }, # friends methods 'friends': { 'areFriends': [ ('uids1', list, []), ('uids2', list, []), ], 'get': [ ('flid', int, ['optional']), ], 'getLists': [], 'getAppUsers': [], 'getMutualFriends': [ ('target_uid', int, []), ('source_uid', int, ['optional']), ], }, # notifications methods 'notifications': { 'get': [], 'send': [ ('to_ids', list, []), ('notification', str, []), ('email', str, ['optional']), ('type', str, ['optional']), ], 'sendRequest': [ ('to_ids', list, []), ('type', str, []), ('content', str, []), ('image', str, []), ('invite', bool, []), ], 'sendEmail': [ ('recipients', list, []), ('subject', str, []), ('text', str, ['optional']), ('fbml', str, ['optional']), ] }, # profile methods 'profile': { 'setFBML': [ ('markup', str, ['optional']), ('uid', int, ['optional']), ('profile', str, ['optional']), ('profile_action', str, ['optional']), ('mobile_fbml', str, ['optional']), ('profile_main', str, ['optional']), ], 'getFBML': [ ('uid', int, ['optional']), ('type', int, ['optional']), ], 'setInfo': [ ('title', str, []), ('type', int, []), ('info_fields', json, []), ('uid', int, []), ], 'getInfo': [ ('uid', int, []), ], 'setInfoOptions': [ ('field', str, []), ('options', json, []), ], 'getInfoOptions': [ ('field', str, []), ], }, # users methods 'users': { 'getInfo': [ ('uids', list, []), ('fields', list, [('default', ['name'])]), ], 'getStandardInfo': [ ('uids', list, []), ('fields', list, [('default', ['uid'])]), ], 'getLoggedInUser': [], 'isAppAdded': [], 'isAppUser': [ ('uid', int, []), ], 'hasAppPermission': [ ('ext_perm', str, []), ('uid', int, ['optional']), ], 'setStatus': [ ('status', str, []), ('clear', bool, []), ('status_includes_verb', bool, ['optional']), ('uid', int, ['optional']), ], }, # events methods 'events': { 'cancel': [ ('eid', int, []), ('cancel_message', str, ['optional']), ], 'create': [ ('event_info', json, []), ], 'edit': [ ('eid', int, []), ('event_info', json, []), ], 'get': [ ('uid', int, ['optional']), ('eids', list, ['optional']), ('start_time', int, ['optional']), ('end_time', int, ['optional']), ('rsvp_status', str, ['optional']), ], 'getMembers': [ ('eid', int, []), ], 'invite': [ ('eid', int, []), ('uids', list, []), ('personal_message', str, ['optional']), ], 'rsvp': [ ('eid', int, []), ('rsvp_status', str, []), ], 'edit': [ ('eid', int, []), ('event_info', json, []), ], 'invite': [ ('eid', int, []), ('uids', list, []), ('personal_message', str, ['optional']), ], }, # update methods 'update': { 'decodeIDs': [ ('ids', list, []), ], }, # groups methods 'groups': { 'get': [ ('uid', int, ['optional']), ('gids', list, ['optional']), ], 'getMembers': [ ('gid', int, []), ], }, # marketplace methods 'marketplace': { 'createListing': [ ('listing_id', int, []), ('show_on_profile', bool, []), ('listing_attrs', str, []), ], 'getCategories': [], 'getListings': [ ('listing_ids', list, []), ('uids', list, []), ], 'getSubCategories': [ ('category', str, []), ], 'removeListing': [ ('listing_id', int, []), ('status', str, []), ], 'search': [ ('category', str, ['optional']), ('subcategory', str, ['optional']), ('query', str, ['optional']), ], }, # pages methods 'pages': { 'getInfo': [ ('fields', list, [('default', ['page_id', 'name'])]), ('page_ids', list, ['optional']), ('uid', int, ['optional']), ], 'isAdmin': [ ('page_id', int, []), ], 'isAppAdded': [ ('page_id', int, []), ], 'isFan': [ ('page_id', int, []), ('uid', int, []), ], }, # photos methods 'photos': { 'addTag': [ ('pid', int, []), ('tag_uid', int, [('default', 0)]), ('tag_text', str, [('default', '')]), ('x', float, [('default', 50)]), ('y', float, [('default', 50)]), ('tags', json, ['optional']), ], 'createAlbum': [ ('name', str, []), ('location', str, ['optional']), ('description', str, ['optional']), ], 'get': [ ('subj_id', int, ['optional']), ('aid', int, ['optional']), ('pids', list, ['optional']), ], 'getAlbums': [ ('uid', int, ['optional']), ('aids', list, ['optional']), ], 'getTags': [ ('pids', list, []), ], }, # videos methods 'video': { 'getUploadLimits': [ ], }, # status methods 'status': { 'get': [ ('uid', int, ['optional']), ('limit', int, ['optional']), ], 'set': [ ('status', str, ['optional']), ('uid', int, ['optional']), ], }, # fbml methods 'fbml': { 'refreshImgSrc': [ ('url', str, []), ], 'refreshRefUrl': [ ('url', str, []), ], 'setRefHandle': [ ('handle', str, []), ('fbml', str, []), ], }, # SMS Methods 'sms': { 'canSend': [ ('uid', int, []), ], 'send': [ ('uid', int, []), ('message', str, []), ('session_id', int, []), ('req_session', bool, []), ], }, 'data': { 'getCookies': [ ('uid', int, []), ('string', str, ['optional']), ], 'setCookie': [ ('uid', int, []), ('name', str, []), ('value', str, []), ('expires', int, ['optional']), ('path', str, ['optional']), ], }, # connect methods 'connect': { 'registerUsers': [ ('accounts', json, []), ], 'unregisterUsers': [ ('email_hashes', json, []), ], 'getUnconnectedFriendsCount': [ ], }, 'links': { 'post': [ ('url', str, []), ('comment', str, []), ('uid', int, []), ('image', str, ['optional']), ('callback', str, ['optional']), ], 'preview': [ ('url', str, []), ('callback', str, ['optional']), ], }, # stream methods (beta) 'stream': { 'addComment': [ ('post_id', int, []), ('comment', str, []), ('uid', int, ['optional']), ], 'addLike': [ ('uid', int, ['optional']), ('post_id', int, ['optional']), ], 'get': [ ('viewer_id', int, ['optional']), ('source_ids', list, ['optional']), ('start_time', int, ['optional']), ('end_time', int, ['optional']), ('limit', int, ['optional']), ('filter_key', str, ['optional']), ], 'getComments': [ ('post_id', int, []), ], 'getFilters': [ ('uid', int, ['optional']), ], 'publish': [ ('message', str, ['optional']), ('attachment', json, ['optional']), ('action_links', json, ['optional']), ('target_id', str, ['optional']), ('uid', str, ['optional']), ], 'remove': [ ('post_id', int, []), ('uid', int, ['optional']), ], 'removeComment': [ ('comment_id', int, []), ('uid', int, ['optional']), ], 'removeLike': [ ('uid', int, ['optional']), ('post_id', int, ['optional']), ], }, # livemessage methods (beta) 'livemessage': { 'send': [ ('recipient', int, []), ('event_name', str, []), ('message', str, []), ], }, # dashboard methods (beta) 'dashboard': { # setting counters for a single user 'decrementCount': [ ('uid', int, []), ], 'incrementCount': [ ('uid', int, []), ], 'getCount': [ ('uid', int, []), ], 'setCount': [ ('uid', int, []), ('count', int, []), ], # setting counters for multiple users 'multiDecrementCount': [ ('uids', list, []), ], 'multiIncrementCount': [ ('uids', list, []), ], 'multiGetCount': [ ('uids', list, []), ], 'multiSetCount': [ ('uids', list, []), ], # setting news for a single user 'addNews': [ ('news', json, []), ('image', str, ['optional']), ('uid', int, ['optional']), ], 'getNews': [ ('uid', int, []), ('news_ids', list, ['optional']), ], 'clearNews': [ ('uid', int, []), ('news_ids', list, ['optional']), ], # setting news for multiple users 'multiAddNews': [ ('uids', list, []), ('news', json, []), ('image', str, ['optional']), ], 'multiGetNews': [ ('uids', json, []), ], 'multiClearNews': [ ('uids', json, []), ], # setting application news for all users 'addGlobalNews': [ ('news', json, []), ('image', str, ['optional']), ], 'getGlobalNews': [ ('news_ids', list, ['optional']), ], 'clearGlobalNews': [ ('news_ids', list, ['optional']), ], # user activity 'getActivity': [ ('activity_ids', list, ['optional']), ], 'publishActivity': [ ('activity', json, []), ], 'removeActivity': [ ('activity_ids', list, []), ], }, # comments methods (beta) 'comments': { 'add': [ # text should be after xid/object_id, but is required ('text', str, []), # One of xid and object_is is required. Can this be expressed? ('xid', str, ['optional']), ('object_id', str, ['optional']), ('uid', int, ['optional']), ('title', str, ['optional']), ('url', str, ['optional']), ('publish_to_stream', bool, [('default', False)]), ], 'remove': [ # One of xid and object_is is required. Can this be expressed? ('xid', str, ['optional']), ('object_id', str, ['optional']), # comment_id should be required ('comment_id', str, ['optional']), ], 'get': [ # One of xid and object_is is required. Can this be expressed? ('xid', str, ['optional']), ('object_id', str, ['optional']), ], } } def __fixup_param(name, klass, options, param): optional = 'optional' in options default = [x[1] for x in options if isinstance(x, tuple) and x[ 0] == 'default'] if default: default = default[0] else: default = None if param is None: if klass is list and default: param = default[:] else: param = default if klass is json and isinstance(param, (list, dict)): param = simplejson.dumps(param) return param def __generate_facebook_method(namespace, method_name, param_data): # This method-level option forces the method to be signed rather than using # the access_token signed = False if 'signed' in param_data: signed = True param_data.remove('signed') # a required parameter doesn't have 'optional' in the options, # and has no tuple option that starts with 'default' required = [x for x in param_data if 'optional' not in x[2] and not [ y for y in x[2] if isinstance(y, tuple) and y and y[0] == 'default']] def facebook_method(self, *args, **kwargs): params = {} for i, arg in enumerate(args): params[param_data[i][0]] = arg params.update(kwargs) for param in required: if param[0] not in params: raise TypeError("missing parameter %s" % param[0]) for name, klass, options in param_data: if name in params: params[name] = __fixup_param( name, klass, options, params[name]) return self(method_name, params, signed=signed) facebook_method.__name__ = method_name facebook_method.__doc__ = "Facebook API call. See http://developers.facebook.com/documentation.php?v=1.0&method=%s.%s" % ( namespace, method_name) return facebook_method class Proxy(object): """Represents a "namespace" of Facebook API calls.""" def __init__(self, client, name): self._client = client self._name = name def __call__( self, method=None, args=None, add_session_args=True, signed=False): # for Django templates if method is None: return self if add_session_args: self._client._add_session_args(args) return self._client( '%s.%s' % (self._name, method), args, signed=signed) # generate the Facebook proxies def __generate_proxies(): for namespace in METHODS: methods = {} for method, param_data in METHODS[namespace].iteritems(): methods[method] = __generate_facebook_method( namespace, method, param_data) proxy = type('%sProxy' % namespace.title(), (Proxy,), methods) globals()[proxy.__name__] = proxy __generate_proxies() class FacebookError(Exception): """Exception class for errors received from Facebook.""" def __init__(self, code, msg, args=None): self.code = code self.msg = msg self.extra_args = args Exception.__init__(self, code, msg, args) def __str__(self): return 'Error %s: %s' % (self.code, self.msg) class AuthProxy(AuthProxy): """Special proxy for facebook.auth.""" def getSession(self): """Facebook API call. See http://developers.facebook.com/documentation.php?v=1.0&method=auth.getSession""" args = {} try: args['auth_token'] = self._client.auth_token except AttributeError: raise RuntimeError('Client does not have auth_token set.') try: args['generate_session_secret'] = self._client.generate_session_secret except AttributeError: pass result = self._client('%s.getSession' % self._name, args) self._client.session_key = result['session_key'] self._client.uid = result['uid'] self._client.secret = result.get('secret') self._client.session_key_expires = result['expires'] return result def createToken(self): """Facebook API call. See http://developers.facebook.com/documentation.php?v=1.0&method=auth.createToken""" token = self._client('%s.createToken' % self._name) self._client.auth_token = token return token class FriendsProxy(FriendsProxy): """Special proxy for facebook.friends.""" def get(self, **kwargs): """Facebook API call. See http://developers.facebook.com/documentation.php?v=1.0&method=friends.get""" if not kwargs.get('flid') and self._client._friends: return self._client._friends return super(FriendsProxy, self).get(**kwargs) class PhotosProxy(PhotosProxy): """Special proxy for facebook.photos.""" def upload( self, image, aid=None, uid=None, caption=None, size=( 720, 720), filename=None, callback=None): """Facebook API call. See http://developers.facebook.com/documentation.php?v=1.0&method=photos.upload size -- an optional size (width, height) to resize the image to before uploading. Resizes by default to Facebook's maximum display dimension of 720. """ args = {} if uid is not None: args['uid'] = uid if aid is not None: args['aid'] = aid if caption is not None: args['caption'] = caption if self._client.oauth2: url = self._client.facebook_secure_url else: url = self._client.facebook_url args = self._client._build_post_args( 'facebook.photos.upload', self._client._add_session_args(args)) try: import cStringIO as StringIO except ImportError: import StringIO # check for a filename specified...if the user is passing binary data in # image then a filename will be specified if filename is None: try: import Image except ImportError: data = StringIO.StringIO(open(image, 'rb').read()) else: img = Image.open(image) if size: img.thumbnail(size, Image.ANTIALIAS) data = StringIO.StringIO() img.save(data, img.format) else: # there was a filename specified, which indicates that image was not # the path to an image file but rather the binary data of a file data = StringIO.StringIO(image) image = filename content_type, body = self.__encode_multipart_formdata( list(args.iteritems()), [(image, data)]) urlinfo = urlparse.urlsplit(url) try: content_length = len(body) chunk_size = 4096 if self._client.oauth2: h = httplib.HTTPSConnection(urlinfo[1]) else: h = httplib.HTTPConnection(urlinfo[1]) h.putrequest('POST', urlinfo[2]) h.putheader('Content-Type', content_type) h.putheader('Content-Length', str(content_length)) h.putheader('MIME-Version', '1.0') h.putheader('User-Agent', 'PyFacebook Client Library') h.endheaders() if callback: count = 0 while len(body) > 0: if len(body) < chunk_size: data = body body = '' else: data = body[0:chunk_size] body = body[chunk_size:] h.send(data) count += 1 callback(count, chunk_size, content_length) else: h.send(body) response = h.getresponse() if response.status != 200: raise Exception( 'Error uploading photo: Facebook returned HTTP %s (%s)' % (response.status, response.reason)) response = response.read() except: # sending the photo failed, perhaps we are using GAE try: from google.appengine.api import urlfetch try: response = urlread( url=url, data=body, headers={ 'POST': urlinfo[2], 'Content-Type': content_type, 'MIME-Version': '1.0'}) except urllib2.URLError: raise Exception( 'Error uploading photo: Facebook returned %s' % (response)) except ImportError: # could not import from google.appengine.api, so we are not # running in GAE raise Exception('Error uploading photo.') return self._client._parse_response(response, 'facebook.photos.upload') def __encode_multipart_formdata(self, fields, files): """Encodes a multipart/form-data message to upload an image.""" boundary = '-------tHISiStheMulTIFoRMbOUNDaRY' crlf = '\r\n' l = [] for (key, value) in fields: l.append('--' + boundary) l.append('Content-Disposition: form-data; name="%s"' % str(key)) l.append('') l.append(str(value)) for (filename, value) in files: l.append('--' + boundary) l.append( 'Content-Disposition: form-data; filename="%s"' % (str(filename), )) l.append('Content-Type: %s' % self.__get_content_type(filename)) l.append('') l.append(value.getvalue()) l.append('--' + boundary + '--') l.append('') body = crlf.join(l) content_type = 'multipart/form-data; boundary=%s' % boundary return content_type, body def __get_content_type(self, filename): """Returns a guess at the MIME type of the file from the filename.""" return str(mimetypes.guess_type(filename)[ 0]) or 'application/octet-stream' class VideoProxy(VideoProxy): """Special proxy for facebook.video.""" def upload( self, video, aid=None, title=None, description=None, filename=None, uid=None, privacy=None, callback=None): """Facebook API call. See http://wiki.developers.facebook.com/index.php/Video.upload""" args = {} if aid is not None: args['aid'] = aid if title is not None: args['title'] = title if description is not None: args['description'] = description if uid is not None: args['uid'] = uid if privacy is not None: args['privacy'] = privacy args = self._client._build_post_args( 'facebook.video.upload', self._client._add_session_args(args)) try: import cStringIO as StringIO except ImportError: import StringIO # check for a filename specified...if the user is passing binary data in # video then a filename will be specified if filename is None: data = StringIO.StringIO(open(video, 'rb').read()) else: # there was a filename specified, which indicates that video was not # the path to an video file but rather the binary data of a file data = StringIO.StringIO(video) video = filename content_type, body = self.__encode_multipart_formdata( list(args.iteritems()), [(video, data)]) # Set the correct End Point Url, note this is different to all other FB # EndPoints urlinfo = urlparse.urlsplit(FACEBOOK_VIDEO_URL) try: content_length = len(body) chunk_size = 4096 h = httplib.HTTPConnection(urlinfo[1]) h.putrequest('POST', urlinfo[2]) h.putheader('Content-Type', content_type) h.putheader('Content-Length', str(content_length)) h.putheader('MIME-Version', '1.0') h.putheader('User-Agent', 'PyFacebook Client Library') h.endheaders() if callback: count = 0 while len(body) > 0: if len(body) < chunk_size: data = body body = '' else: data = body[0:chunk_size] body = body[chunk_size:] h.send(data) count += 1 callback(count, chunk_size, content_length) else: h.send(body) response = h.getresponse() if response.status != 200: raise Exception( 'Error uploading video: Facebook returned HTTP %s (%s)' % (response.status, response.reason)) response = response.read() except: # sending the photo failed, perhaps we are using GAE try: from google.appengine.api import urlfetch try: response = urlread( url=FACEBOOK_VIDEO_URL, data=body, headers={ 'POST': urlinfo[2], 'Content-Type': content_type, 'MIME-Version': '1.0'}) except urllib2.URLError: raise Exception( 'Error uploading video: Facebook returned %s' % (response)) except ImportError: # could not import from google.appengine.api, so we are not # running in GAE raise Exception('Error uploading video.') return self._client._parse_response(response, 'facebook.video.upload') def __encode_multipart_formdata(self, fields, files): """Encodes a multipart/form-data message to upload an image.""" boundary = '-------tHISiStheMulTIFoRMbOUNDaRY' crlf = '\r\n' l = [] for (key, value) in fields: l.append('--' + boundary) l.append('Content-Disposition: form-data; name="%s"' % str(key)) l.append('') l.append(str(value)) for (filename, value) in files: l.append('--' + boundary) l.append( 'Content-Disposition: form-data; filename="%s"' % (str(filename), )) l.append('Content-Type: %s' % self.__get_content_type(filename)) l.append('') l.append(value.getvalue()) l.append('--' + boundary + '--') l.append('') body = crlf.join(l) content_type = 'multipart/form-data; boundary=%s' % boundary return content_type, body def __get_content_type(self, filename): """Returns a guess at the MIME type of the file from the filename.""" return str(mimetypes.guess_type(filename)[ 0]) or 'application/octet-stream' class Facebook(object): """ Provides access to the Facebook API. Instance Variables: added True if the user has added this application. api_key Your API key, as set in the constructor. app_id Your application id, as set in the constructor or fetched from fb_sig_app_id request parameter. app_name Your application's name, i.e. the APP_NAME in http://apps.facebook.com/APP_NAME/ if this is for an internal web application. Optional, but useful for automatic redirects to canvas pages. auth_token The auth token that Facebook gives you, either with facebook.auth.createToken, or through a GET parameter. callback_path The path of the callback set in the Facebook app settings. If your callback is set to http://www.example.com/facebook/callback/, this should be '/facebook/callback/'. Optional, but useful for automatic redirects back to the same page after login. desktop True if this is a desktop app, False otherwise. Used for determining how to authenticate. ext_perms Any extended permissions that the user has granted to your application. This parameter is set only if the user has granted any. facebook_url The url to use for Facebook requests. facebook_secure_url The url to use for secure Facebook requests. in_canvas True if the current request is for a canvas page. in_iframe True if the current request is for an HTML page to embed in Facebook inside an iframe. is_session_from_cookie True if the current request session comes from a session cookie. in_profile_tab True if the current request is for a user's tab for your application. internal True if this Facebook object is for an internal application (one that can be added on Facebook) locale The user's locale. Default: 'en_US' oauth2: Whether to use the new OAuth 2.0 authentication mechanism. Default: False oauth2_token: The current OAuth 2.0 token. oauth2_token_expires: The UNIX time when the OAuth 2.0 token expires (seconds). page_id Set to the page_id of the current page (if any) profile_update_time The time when this user's profile was last updated. This is a UNIX timestamp. Default: None if unknown. secret Secret that is used after getSession for desktop apps. secret_key Your application's secret key, as set in the constructor. session_key The current session key. Set automatically by auth.getSession, but can be set manually for doing infinite sessions. session_key_expires The UNIX time of when this session key expires, or 0 if it never expires. uid After a session is created, you can get the user's UID with this variable. Set automatically by auth.getSession. ---------------------------------------------------------------------- """ def __init__(self, api_key, secret_key, auth_token=None, app_name=None, callback_path=None, internal=None, proxy=None, facebook_url=None, facebook_secure_url=None, generate_session_secret=0, app_id=None, oauth2=False, iframe_validation_timeout=10): """ Initializes a new Facebook object which provides wrappers for the Facebook API. If this is a desktop application, the next couple of steps you might want to take are: facebook.auth.createToken() # create an auth token facebook.login() # show a browser window wait_login() # somehow wait for the user to log in facebook.auth.getSession() # get a session key For web apps, if you are passed an auth_token from Facebook, pass that in as a named parameter. Then call: facebook.auth.getSession() """ self.api_key = api_key self.secret_key = secret_key self.app_id = app_id self.oauth2 = oauth2 self.oauth2_token = None self.oauth2_token_expires = None self.session_key = None self.session_key_expires = None self.auth_token = auth_token self.secret = None self.generate_session_secret = generate_session_secret self.uid = None self.page_id = None self.in_canvas = False self.in_iframe = False self.is_session_from_cookie = False self.in_profile_tab = False self.added = False self.app_name = app_name self.callback_path = callback_path self.internal = internal self._friends = None self.locale = 'en_US' self.profile_update_time = None self.ext_perms = [] self.proxy = proxy self.iframe_validation_timeout = iframe_validation_timeout if facebook_url is None: self.facebook_url = FACEBOOK_URL else: self.facebook_url = facebook_url if facebook_secure_url is None: self.facebook_secure_url = FACEBOOK_SECURE_URL else: self.facebook_secure_url = facebook_secure_url for namespace in METHODS: self.__dict__[namespace] = eval( '%sProxy(self, \'%s\')' % (namespace.title(), 'facebook.%s' % namespace)) def _hash_args(self, args, secret=None): """Hashes arguments by joining key=value pairs, appending a secret, and then taking the MD5 hex digest.""" # @author: houyr # fix for UnicodeEncodeError hasher = hashlib.md5( ''.join( [ '%s=%s' % (isinstance( x, unicode) and x.encode("utf-8") or x, isinstance( args[x], unicode) and args[x].encode("utf-8") or args[x]) for x in sorted( args.keys())])) if secret: hasher.update(secret) elif self.secret: hasher.update(self.secret) else: hasher.update(self.secret_key) return hasher.hexdigest() def _parse_response_item(self, node): """Parses an XML response node from Facebook.""" if node.nodeType == node.DOCUMENT_NODE and \ node.childNodes[0].hasAttributes() and \ node.childNodes[0].hasAttribute('list') and \ node.childNodes[0].getAttribute('list') == "true": return { node.childNodes[0].nodeName: self._parse_response_list( node.childNodes[0])} elif node.nodeType == node.ELEMENT_NODE and \ node.hasAttributes() and \ node.hasAttribute('list') and \ node.getAttribute('list') == "true": return self._parse_response_list(node) elif len(filter(lambda x: x.nodeType == x.ELEMENT_NODE, node.childNodes)) > 0: return self._parse_response_dict(node) else: return ''.join( node.data for node in node.childNodes if node.nodeType == node.TEXT_NODE) def _parse_response_dict(self, node): """Parses an XML dictionary response node from Facebook.""" result = {} for item in filter( lambda x: x.nodeType == x.ELEMENT_NODE, node.childNodes): result[item.nodeName] = self._parse_response_item(item) if node.nodeType == node.ELEMENT_NODE and node.hasAttributes(): if node.hasAttribute('id'): result['id'] = node.getAttribute('id') return result def _parse_response_list(self, node): """Parses an XML list response node from Facebook.""" result = [] for item in filter( lambda x: x.nodeType == x.ELEMENT_NODE, node.childNodes): result.append(self._parse_response_item(item)) return result def _check_error(self, response): """Checks if the given Facebook response is an error, and then raises the appropriate exception.""" if isinstance(response, dict) and 'error_code' in response: raise FacebookError( response['error_code'], response['error_msg'], response['request_args']) def _build_post_args(self, method, args=None, signed=False): """Adds to args parameters that are necessary for every call to the API.""" if args is None: args = {} for arg in args.items(): if isinstance(arg[1], list): args[arg[0]] = ','.join(str(a) for a in arg[1]) elif isinstance(arg[1], unicode): args[arg[0]] = arg[1].encode("UTF-8") elif isinstance(arg[1], bool): args[arg[0]] = str(arg[1]).lower() args['method'] = method args['format'] = RESPONSE_FORMAT if not signed and self.oauth2 and self.oauth2_token: args['access_token'] = self.oauth2_token else: args['api_key'] = self.api_key args['v'] = '1.0' args['sig'] = self._hash_args(args) return args def _add_session_args(self, args=None): """Adds 'session_key' and 'call_id' to args, which are used for API calls that need sessions.""" if args is None: args = {} if not self.session_key: return args # some calls don't need a session anymore. this might be better done in the markup # raise RuntimeError('Session key not set. Make sure auth.getSession has been called.') if not self.oauth2 or not self.oauth2_token: args['session_key'] = self.session_key args['call_id'] = str(int(time.time() * 1000)) return args def _parse_response(self, response, method, format=None): """Parses the response according to the given (optional) format, which should be either 'JSON' or 'XML'.""" if not format: format = RESPONSE_FORMAT if format == 'JSON': result = simplejson.loads(response) self._check_error(result) elif format == 'XML': dom = minidom.parseString(response) result = self._parse_response_item(dom) dom.unlink() if 'error_response' in result: self._check_error(result['error_response']) result = result[method[9:].replace('.', '_') + '_response'] else: raise RuntimeError('Invalid format specified.') return result def hash_email(self, email): """ Hash an email address in a format suitable for Facebook Connect. """ email = email.lower().strip() return "%s_%s" % ( struct.unpack("I", struct.pack("i", binascii.crc32(email)))[0], hashlib.md5(email).hexdigest(), ) def unicode_urlencode(self, params): """ @author: houyr A unicode aware version of urllib.urlencode. """ if isinstance(params, dict): params = params.items() return urllib.urlencode([(k, isinstance(v, unicode) and v.encode('utf-8') or v) for k, v in params]) def __call__(self, method=None, args=None, secure=False, signed=False): """Make a call to Facebook's REST server.""" # for Django templates, if this object is called without any arguments # return the object itself if method is None: return self # __init__ hard-codes into en_US if args is not None and 'locale' not in args: args['locale'] = self.locale # @author: houyr # fix for bug of UnicodeEncodeError post_data = self.unicode_urlencode( self._build_post_args(method, args, signed)) if self.proxy: proxy_handler = urllib2.ProxyHandler(self.proxy) opener = urllib2.build_opener(proxy_handler) if self.oauth2 or secure: response = opener.open( self.facebook_secure_url, post_data).read() else: response = opener.open(self.facebook_url, post_data).read() else: if self.oauth2 or secure: response = urlread(self.facebook_secure_url, post_data) else: response = urlread(self.facebook_url, post_data) return self._parse_response(response, method) def oauth2_access_token(self, code, next, required_permissions=None): """ We've called authorize, and received a code, now we need to convert this to an access_token """ args = { 'client_id': self.app_id, 'client_secret': self.secret_key, 'redirect_uri': next, 'code': code } if required_permissions: args['scope'] = ",".join(required_permissions) # TODO see if immediate param works as per OAuth 2.0 spec? url = self.get_graph_url('oauth/access_token', **args) if self.proxy: proxy_handler = urllib2.ProxyHandler(self.proxy) opener = urllib2.build_opener(proxy_handler) response = opener.open(url).read() else: response = urlread(url) result = urlparse.parse_qs(response) self.oauth2_token = result['access_token'][0] self.oauth2_token_expires = time.time() + int(result['expires'][0]) # URL helpers def get_url(self, page, **args): """ Returns one of the Facebook URLs (www.facebook.com/SOMEPAGE.php). Named arguments are passed as GET query string parameters. """ return 'http://www.facebook.com/%s.php?%s' % ( page, urllib.urlencode(args)) def get_app_url(self, path=''): """ Returns the URL for this app's canvas page, according to app_name. """ return 'http://apps.facebook.com/%s/%s' % (self.app_name, path) def get_graph_url(self, path='', **args): """ Returns the URL for the graph API with the supplied path and parameters """ return 'https://graph.facebook.com/%s?%s' % ( path, urllib.urlencode(args)) def get_add_url(self, next=None): """ Returns the URL that the user should be redirected to in order to add the application. """ args = {'api_key': self.api_key, 'v': '1.0'} if next is not None: args['next'] = next return self.get_url('install', **args) def get_authorize_url(self, next=None, next_cancel=None): """ Returns the URL that the user should be redirected to in order to authorize certain actions for application. """ args = {'api_key': self.api_key, 'v': '1.0'} if next is not None: args['next'] = next if next_cancel is not None: args['next_cancel'] = next_cancel return self.get_url('authorize', **args) def get_login_url(self, next=None, popup=False, canvas=True, required_permissions=None): """ Returns the URL that the user should be redirected to in order to login. next -- the URL that Facebook should redirect to after login required_permissions -- permission required by the application """ if self.oauth2: args = { 'client_id': self.app_id, 'redirect_uri': next } if required_permissions: args['scope'] = required_permissions if popup: args['display'] = 'popup' return self.get_graph_url('oauth/authorize', **args) else: args = {'api_key': self.api_key, 'v': '1.0'} if next is not None: args['next'] = next if canvas is True: args['canvas'] = 1 if popup is True: args['popup'] = 1 if required_permissions: args['req_perms'] = ",".join(required_permissions) if self.auth_token is not None: args['auth_token'] = self.auth_token return self.get_url('login', **args) def login(self, popup=False): """Open a web browser telling the user to login to Facebook.""" import webbrowser webbrowser.open(self.get_login_url(popup=popup)) def get_ext_perm_url(self, ext_perm, next=None, popup=False): """ Returns the URL that the user should be redirected to in order to grant an extended permission. ext_perm -- the name of the extended permission to request next -- the URL that Facebook should redirect to after login """ args = {'ext_perm': ext_perm, 'api_key': self.api_key, 'v': '1.0'} if next is not None: args['next'] = next if popup is True: args['popup'] = 1 return self.get_url('authorize', **args) def request_extended_permission(self, ext_perm, popup=False): """Open a web browser telling the user to grant an extended permission.""" import webbrowser webbrowser.open(self.get_ext_perm_url(ext_perm, popup=popup)) def check_session(self, request, params=None): """ Checks the given Django HttpRequest for Facebook parameters such as POST variables or an auth token. If the session is valid, returns True and this object can now be used to access the Facebook API. Otherwise, it returns False, and the application should take the appropriate action (either log the user in or have him add the application). """ self.in_canvas = (request.POST.get('fb_sig_in_canvas') == '1') if 'auth_token' not in request.GET and self.session_key and ( self.uid or self.page_id): return True if not params: if request.method == 'POST': params = self.validate_signature(request.POST) else: if 'installed' in request.GET: self.added = True if 'fb_page_id' in request.GET: self.page_id = request.GET['fb_page_id'] if 'auth_token' in request.GET: self.added = True # added by Marinho self.auth_token = request.GET['auth_token'] try: self.auth.getSession() except FacebookError as e: self.auth_token = None return False return True params = self.validate_signature(request.GET) if not params: cookies = None # first check if we are in django - to check cookies if hasattr(request, 'COOKIES'): cookies = request.COOKIES else: if hasattr(request, 'cookies'): cookies = request.cookies if cookies: params = self.validate_oauth_cookie_signature(cookies) if params: self.is_oauth = True self.oauth_token = params['access_token'] else: params = self.validate_cookie_signature(cookies) self.is_session_from_cookie = True if not params: if self.validate_iframe(request): return True else: params = {} if not params: return False if 'in_canvas' in params and params.get('in_canvas') == '1': self.in_canvas = True if 'in_iframe' in params and params.get('in_iframe') == '1': self.in_iframe = True if 'in_profile_tab' in params and params.get('in_profile_tab') == '1': self.in_profile_tab = True if 'added' in params and params.get('added') == '1': self.added = True if params.get('expires'): # Marinho Brandao - fixing problem with no session self.session_key_expires = params.get( 'expires', '').isdigit() and int( params['expires']) or 0 if 'locale' in params: self.locale = params['locale'] if 'profile_update_time' in params: try: self.profile_update_time = int(params['profile_update_time']) except ValueError: pass if 'ext_perms' in params: if params['ext_perms']: self.ext_perms = params['ext_perms'].split(',') else: self.ext_perms = [] if 'friends' in params: if params['friends']: self._friends = params['friends'].split(',') else: self._friends = [] # If app_id is not set explicitly, pick it up from the param if not self.app_id and 'app_id' in params: self.app_id = params['app_id'] if 'session_key' in params: self.session_key = params['session_key'] if 'user' in params: self.uid = params['user'] elif 'page_id' in params: self.page_id = params['page_id'] elif 'uid' in params: self.uid = params['uid'] else: return False elif 'profile_session_key' in params: self.session_key = params['profile_session_key'] if 'profile_user' in params: self.uid = params['profile_user'] else: return False elif 'canvas_user' in params: self.uid = params['canvas_user'] elif 'uninstall' in params: self.uid = params['user'] else: return False return True def validate_oauth_session(self, session_json): session = simplejson.loads(session_json) sig = session.pop('sig') hash = self._hash_args(session) if hash == sig: return session return None def validate_signature(self, post, prefix='fb_sig', timeout=None): """ Validate parameters passed to an internal Facebook app from Facebook. """ args = post.copy() if prefix not in args: return None del args[prefix] if timeout and '%s_time' % prefix in post and time.time( ) - float(post['%s_time' % prefix]) > timeout: return None args = dict([(key[len(prefix + '_'):], value) for key, value in args.items() if key.startswith(prefix)]) hash = self._hash_args(args) if hash == post[prefix]: return args else: return None def validate_iframe(self, request): request_dict = request.POST if request.method == 'POST' else request.GET if any( key not in request_dict for key in [ 'userid', 'reqtime', 'appsig']): return False request_time = request_dict['reqtime'] time_now = int(time.time()) if time_now - int(request_time) > self.iframe_validation_timeout: return False userid = int(request_dict['userid']) self.uid = userid app_sig = request_dict['appsig'] digest = create_hmac( self.secret_key, "%s%s" % (str(userid), str(request_time))) return digest == app_sig def validate_oauth_cookie_signature(self, cookies): cookie_name = 'fbs_%s' % self.app_id if cookie_name in cookies: # value like # "access_token=104302089510310%7C2.HYYLow1Vlib0s_sJSAESjw__.3600.1275037200-100000214342553%7CtC1aolM22Lauj_dZhYnv_tF2CK4.&base_domain=yaycy.com&expires=1275037200&secret=FvIHkbAFwEy_0sueRk2ZYQ__&session_key=2.HYYoow1Vlib0s_sJSAESjw__.3600.1275037200-100000214342553&sig=7bb035a0411be7aa801964ae34416f28&uid=100000214342553" params = dict([part.split('=') for part in cookies[cookie_name].split('&')]) sig = params.pop('sig') hash = self._hash_args(params) if hash == sig: return params return None def validate_cookie_signature(self, cookies): """ Validate parameters passed by cookies, namely facebookconnect or js api. """ api_key = self.api_key if api_key not in cookies: return None prefix = api_key + "_" params = {} vals = '' for k in sorted(cookies): if k.startswith(prefix): key = k.replace(prefix, "") value = cookies[k] if value != 'None': params[key] = value vals += '%s=%s' % (key, value) hasher = hashlib.md5(vals) hasher.update(self.secret_key) digest = hasher.hexdigest() if digest == cookies[api_key]: params['is_session_from_cookie'] = True return params else: return False if __name__ == '__main__': # sample desktop application api_key = '' secret_key = '' facebook = Facebook(api_key, secret_key) facebook.auth.createToken() # Show login window # Set popup=True if you want login without navigational elements facebook.login() # Login to the window, then press enter print 'After logging in, press enter...' raw_input() facebook.auth.getSession() print 'Session Key: ', facebook.session_key print 'Your UID: ', facebook.uid info = facebook.users.getInfo( [facebook.uid], ['name', 'birthday', 'affiliations', 'sex'])[0] print 'Your Name: ', info['name'] print 'Your Birthday: ', info['birthday'] print 'Your Gender: ', info['sex'] friends = facebook.friends.get() friends = facebook.users.getInfo( friends[ 0:5], [ 'name', 'birthday', 'relationship_status']) for friend in friends: print friend['name'], 'has a birthday on', friend['birthday'], 'and is', friend['relationship_status'] arefriends = facebook.friends.areFriends( [friends[0]['uid']], [friends[1]['uid']]) photos = facebook.photos.getAlbums(facebook.uid) ================================================ FILE: facebook/djangofb/__init__.py ================================================ import re import time import datetime import facebook from django.http import HttpResponse, HttpResponseRedirect from django.utils.http import urlquote from django.core.exceptions import ImproperlyConfigured from django.conf import settings try: from threading import local except ImportError: from django.utils._threading_local import local __all__ = [ 'Facebook', 'FacebookMiddleware', 'get_facebook_client', 'require_login', 'require_add'] _thread_locals = local() class Facebook(facebook.Facebook): def redirect(self, url): """ Helper for Django which redirects to another page. If inside a canvas page, writes a instead to achieve the same effect. """ if self.in_canvas: return HttpResponse('' % (url,)) elif re.search("^https?:\/\/([^\/]*\.)?facebook\.com(:\d+)?", url.lower()): return HttpResponse( '' % url) else: return HttpResponseRedirect(url) def url_for(self, path): """ Expand the path into a full URL, depending on whether we're in a canvas page or not. """ if self.in_canvas: return self.get_app_url(path[1:]) else: return '%s%s' % (settings.SITE_URL, path) def _oauth2_process_params(self, request): """ Check a few key parameters for oauth methods """ self.in_canvas = (request.REQUEST.get('fb_sig_in_canvas') == '1') self.added = (request.REQUEST.get('fb_sig_added') == '1') # If app_id is not set explicitly, pick it up from the params if not self.app_id: self.app_id = request.REQUEST.get('fb_sig_app_id') if not self.uid: self.uid = request.REQUEST.get('fb_sig_user') def oauth2_check_session(self, request): """ Check to see if we have an access_token in our session """ valid_token = False # See if they're in the request if 'session' in request.POST: print 'session from POST' values = self.validate_oauth_session(request.POST['session']) # Might be in the query string (e.g. from iframe) elif 'session' in request.GET: print 'session from GET' values = self.validate_oauth_session(request.GET['session']) # Look out for an access_token in our cookies from the JS SDK FB.init elif request.COOKIES: values = self.validate_oauth_cookie_signature(request.COOKIES) print 'session from COOKIE %s' % values if values and 'access_token' in values: request.session['oauth2_token'] = values['access_token'] request.session['oauth2_token_expires'] = values['expires'] self.session_key = values['session_key'] self.uid = values['uid'] self.added = True # If we've been accepted by the user if self.added: # See if we've got this user's access_token in our session if 'oauth2_token' in request.session: self.oauth2_token = request.session['oauth2_token'] self.oauth2_token_expires = request.session[ 'oauth2_token_expires'] if self.oauth2_token_expires: if self.oauth2_token_expires > time.time(): # Got a token, and it's valid valid_token = True else: del request.session['oauth2_token'] del request.session['oauth2_token_expires'] return valid_token def oauth2_check_permissions(self, request, required_permissions, additional_permissions=None, fql_check=True, force_check=True): """ Check for specific extended_permissions. If fql_check is True (default), oauth2_check_session() should be called first to ensure the access_token is in place and valid to make query. """ has_permissions = False req_perms = set(required_permissions.split(',')) if 'oauth2_extended_permissions' in request.session: cached_perms = request.session['oauth2_extended_permissions'] # so now, fb_sig_ext_perms seems to contain the right perms (!) if not force_check and cached_perms and req_perms.issubset( cached_perms): # Note that this has the potential to be out of date! has_permissions = True elif fql_check: # TODO allow option to use preload FQL for this? perms_query = required_permissions # Note that we can query additional permissions that we # don't require. This can be useful for optional # functionality (or simply for better caching) if additional_permissions: perms_query += ',' + additional_permissions perms_results = self.fql.query( 'select %s from permissions where uid=%s' % (perms_query, self.uid))[0] actual_perms = set() for permission, allowed in perms_results.items(): if allowed == 1: actual_perms.add(permission) request.session['oauth2_extended_permissions'] = actual_perms has_permissions = req_perms.issubset(actual_perms) return has_permissions def oauth2_process_code(self, request, redirect_uri): """ Convert the code into an access_token. """ if 'code' in request.GET: # We've got a code from an authorisation, so convert it to a # access_token self.oauth2_access_token(request.GET['code'], next=redirect_uri) request.session['oauth2_token'] = self.oauth2_token request.session['oauth2_token_expires'] = self.oauth2_token_expires return True # else: 'error_reason' in request.GET return False def get_facebook_client(): """ Get the current Facebook object for the calling thread. """ try: return _thread_locals.facebook except AttributeError: raise ImproperlyConfigured( 'Make sure you have the Facebook middleware installed.') def _check_middleware(request): try: fb = request.facebook except: raise ImproperlyConfigured( 'Make sure you have the Facebook middleware installed.') if not fb.oauth2: raise ImproperlyConfigured( 'Please ensure that oauth2 is enabled (e.g. via settings.FACEBOOK_OAUTH2).') return fb def require_oauth( redirect_path=None, keep_state=True, in_canvas=True, required_permissions=None, check_permissions=None, force_check=True): """ Decorator for Django views that requires the user to be OAuth 2.0'd. The FacebookMiddleware must be installed. Note that OAuth 2.0 does away with the app added/logged in distinction - it is now the case that users have now either authorised facebook users or not, and if they are, they may have granted the app a number of extended permissions - there is no lightweight/automatic login any more. Standard usage: @require_oauth() def some_view(request): ... """ def decorator(view): def newview(request, *args, **kwargs): # permissions=newview.permissions try: fb = _check_middleware(request) valid_token = fb.oauth2_check_session(request) if required_permissions: has_permissions = fb.oauth2_check_permissions( request, required_permissions, check_permissions, valid_token, force_check) else: has_permissions = True if not valid_token or not has_permissions: if in_canvas: fb.in_canvas = in_canvas return _redirect_login(request, fb, redirect_path, keep_state, required_permissions) return view(request, *args, **kwargs) except facebook.FacebookError as e: # Invalid token (I think this can happen if the user logs out) # Unfortunately we don't find this out until we use the api if e.code == 190: del request.session['oauth2_token'] del request.session['oauth2_token_expires'] return _redirect_login(request, fb, redirect_path, keep_state, required_permissions) # newview.permissions = permissions return newview return decorator def _redirect_path(redirect_path, fb, path): """ Resolve the path to use for the redirect_uri for authorization """ if not redirect_path and fb.oauth2_redirect: redirect_path = fb.oauth2_redirect if redirect_path: if callable(redirect_path): redirect_path = redirect_path(path) else: redirect_path = path return redirect_path def _redirect_login( request, fb, redirect_path, keep_state, required_permissions): """ Fully resolve the redirect path for an oauth login and add in any state info required to bring us back to the correct place afterwards """ redirect_uri = fb.url_for(_redirect_path(redirect_path, fb, request.path)) if keep_state: if callable(keep_state): state = keep_state(request) else: state = request.get_full_path() # passing state directly to facebook oauth endpoint doesn't work redirect_uri += '?state=%s' % urlquote(state) url = fb.get_login_url(next=redirect_uri, required_permissions=required_permissions) return fb.redirect(url) def process_oauth(restore_state=True, in_canvas=True): """ Decorator for Django views that processes the user's code and converts it into an access_token. The FacebookMiddleware must be installed. Standard usage: @process_oauth() def some_view(request): ... """ def decorator(view): def newview(request, *args, **kwargs): # permissions=newview.permissions fb = _check_middleware(request) if in_canvas: fb.in_canvas = in_canvas # Work out what the original redirect_uri value was redirect_uri = fb.url_for(_strip_code(request.get_full_path())) if fb.oauth2_process_code(request, redirect_uri): if restore_state: state = request.GET['state'] if callable(restore_state): state = restore_state(state) else: state = fb.url_for(state) return fb.redirect(state) return view(request, *args, **kwargs) # newview.permissions = permissions return newview return decorator def _strip_code(path): """ Restore the path to the original redirect_uri without the code parameter. """ try: begin = path.find('&code') if begin == -1: begin = path.index('?code') end = path.find('&', begin + 1) if end == -1: end = len(path) return path[:begin] + path[end:] except ValueError: # no code, probably failed to authenticate # TODO strip error_reason instead here? return path def require_login(next=None, internal=None, required_permissions=None): """ Decorator for Django views that requires the user to be logged in. The FacebookMiddleware must be installed. Standard usage: @require_login() def some_view(request): ... Redirecting after login: To use the 'next' parameter to redirect to a specific page after login, a callable should return a path relative to the Post-add URL. 'next' can also be an integer specifying how many parts of request.path to strip to find the relative URL of the canvas page. If 'next' is None, settings.callback_path and settings.app_name are checked to redirect to the same page after logging in. (This is the default behavior.) @require_login(next=some_callable) def some_view(request): ... """ def decorator(view): def newview(request, *args, **kwargs): next = newview.next internal = newview.internal try: fb = request.facebook except: raise ImproperlyConfigured( 'Make sure you have the Facebook middleware installed.') if internal is None: internal = request.facebook.internal if callable(next): next = next(request.path) elif isinstance(next, int): next = '/'.join(request.path.split('/')[next + 1:]) elif next is None and fb.callback_path and request.path.startswith(fb.callback_path): next = request.path[len(fb.callback_path):] elif not isinstance(next, str): next = '' if internal and request.method == 'GET' and fb.app_name: next = "%s%s" % (fb.get_app_url(), next) try: session_check = fb.check_session(request) except ValueError: session_check = False if session_check and required_permissions: req_perms = set(required_permissions) perms = set(fb.ext_perms) has_permissions = req_perms.issubset(perms) else: has_permissions = True if not (session_check and has_permissions): # If user has never logged in before, the get_login_url will # redirect to the TOS page return fb.redirect( fb.get_login_url( next=next, required_permissions=required_permissions)) return view(request, *args, **kwargs) newview.next = next newview.internal = internal return newview return decorator def require_add(next=None, internal=None, on_install=None): """ Decorator for Django views that requires application installation. The FacebookMiddleware must be installed. Standard usage: @require_add() def some_view(request): ... Redirecting after installation: To use the 'next' parameter to redirect to a specific page after login, a callable should return a path relative to the Post-add URL. 'next' can also be an integer specifying how many parts of request.path to strip to find the relative URL of the canvas page. If 'next' is None, settings.callback_path and settings.app_name are checked to redirect to the same page after logging in. (This is the default behavior.) @require_add(next=some_callable) def some_view(request): ... Post-install processing: Set the on_install parameter to a callable in order to handle special post-install processing. The callable should take a request object as the parameter. @require_add(on_install=some_callable) def some_view(request): ... """ def decorator(view): def newview(request, *args, **kwargs): next = newview.next internal = newview.internal try: fb = request.facebook except: raise ImproperlyConfigured( 'Make sure you have the Facebook middleware installed.') if internal is None: internal = request.facebook.internal if callable(next): next = next(request.path) elif isinstance(next, int): next = '/'.join(request.path.split('/')[next + 1:]) elif next is None and fb.callback_path and request.path.startswith(fb.callback_path): next = request.path[len(fb.callback_path):] else: next = '' if not fb.check_session(request): if fb.added: if request.method == 'GET' and fb.app_name: return fb.redirect('%s%s' % (fb.get_app_url(), next)) return fb.redirect(fb.get_login_url(next=next)) else: return fb.redirect(fb.get_add_url(next=next)) if not fb.added: return fb.redirect(fb.get_add_url(next=next)) if 'installed' in request.GET and callable(on_install): on_install(request) if internal and request.method == 'GET' and fb.app_name: return fb.redirect('%s%s' % (fb.get_app_url(), next)) return view(request, *args, **kwargs) newview.next = next newview.internal = internal return newview return decorator # try to preserve the argspecs try: import decorator except ImportError: pass else: # Can this be done with functools.wraps, but maintaining kwargs? def updater(f): def updated(*args, **kwargs): original = f(*args, **kwargs) def newdecorator(view): return decorator.new_wrapper(original(view), view) return decorator.new_wrapper(newdecorator, original) return decorator.new_wrapper(updated, f) require_oauth = updater(require_oauth) process_oauth = updater(process_oauth) require_login = updater(require_login) require_add = updater(require_add) class FacebookMiddleware(object): """ Middleware that attaches a Facebook object to every incoming request. The Facebook object created can also be accessed from models for the current thread by using get_facebook_client(). callback_path can be a string or a callable. Using a callable lets us pass in something like lambda reverse('our_canvas_view') so we can follow the DRY principle. """ def __init__(self, api_key=None, secret_key=None, app_name=None, callback_path=None, internal=None, app_id=None, oauth2=None, oauth2_redirect=None): self.api_key = api_key or settings.FACEBOOK_API_KEY self.secret_key = secret_key or settings.FACEBOOK_SECRET_KEY self.app_name = app_name or getattr( settings, 'FACEBOOK_APP_NAME', None) self.callback_path = callback_path or getattr( settings, 'FACEBOOK_CALLBACK_PATH', None) self.internal = internal or getattr( settings, 'FACEBOOK_INTERNAL', True) self.app_id = app_id or getattr(settings, 'FACEBOOK_APP_ID', None) self.oauth2 = oauth2 or getattr(settings, 'FACEBOOK_OAUTH2', False) self.oauth2_redirect = oauth2_redirect or getattr( settings, 'FACEBOOK_OAUTH2_REDIRECT', None) self.proxy = None if getattr(settings, 'USE_HTTP_PROXY', False): self.proxy = settings.HTTP_PROXY def process_request(self, request): callback_path = self.callback_path if callable(callback_path): callback_path = callback_path() _thread_locals.facebook = request.facebook = Facebook( self.api_key, self.secret_key, app_name=self.app_name, callback_path=callback_path, internal=self.internal, proxy=self.proxy, app_id=self.app_id, oauth2=self.oauth2) if self.oauth2: if self.oauth2_redirect: request.facebook.oauth2_redirect = self.oauth2_redirect request.facebook._oauth2_process_params(request) if not self.internal: if 'fb_sig_session_key' in request.GET and ( 'fb_sig_user' in request.GET or 'fb_sig_canvas_user' in request.GET): request.facebook.session_key = request.session[ 'facebook_session_key'] = request.GET['fb_sig_session_key'] request.facebook.uid = request.session['facebook_user_id'] = request.GET[ 'fb_sig_user'] or request.GET['fb_sig_canvas_user'] elif int(request.GET.get('fb_sig_added', '1')) and request.session.get('facebook_session_key', None) \ and request.session.get('facebook_user_id', None): request.facebook.session_key = request.session[ 'facebook_session_key'] request.facebook.uid = request.session['facebook_user_id'] def process_response(self, request, response): # Don't assume that request.facebook exists # - it's not necessarily true that all process_requests will have been called try: fb = request.facebook except AttributeError: return response if not self.internal and fb.session_key and fb.uid: request.session['facebook_session_key'] = fb.session_key request.session['facebook_user_id'] = fb.uid if fb.session_key_expires: expiry = datetime.datetime.utcfromtimestamp( fb.session_key_expires) request.session.set_expiry(expiry) if not fb.is_session_from_cookie: # Make sure the browser accepts our session cookies inside an # Iframe response['P3P'] = 'CP="NOI DSP COR NID ADMa OPTa OUR NOR"' fb_cookies = { 'expires': fb.session_key_expires, 'session_key': fb.session_key, 'user': fb.uid, } fb_cookies = dict((k, v) for k, v in fb_cookies.items() if v is not None) expire_time = None if fb.session_key_expires: expire_time = datetime.datetime.utcfromtimestamp( fb.session_key_expires) for k in fb_cookies: response.set_cookie( self.api_key + '_' + k, fb_cookies[k], expires=expire_time) if fb_cookies: response.set_cookie( self.api_key, fb._hash_args(fb_cookies), expires=expire_time) return response ================================================ FILE: facebook/djangofb/context_processors.py ================================================ def messages(request): """Returns messages similar to ``django.core.context_processors.auth``.""" if hasattr(request, 'facebook') and request.facebook.uid is not None: from models import Message messages = Message.objects.get_and_delete_all(uid=request.facebook.uid) return {'messages': messages} ================================================ FILE: facebook/djangofb/default_app/__init__.py ================================================ ================================================ FILE: facebook/djangofb/default_app/models.py ================================================ from django.db import models # get_facebook_client lets us get the current Facebook object # from outside of a view, which lets us have cleaner code from facebook.djangofb import get_facebook_client def _2int(d, k): try: d = d.__dict__ except: pass t = d.get(k, '') if t == 'None': t = 0 else: t = int(t) return t class UserManager(models.Manager): """Custom manager for a Facebook User.""" def get_current(self): """Gets a User object for the logged-in Facebook user.""" facebook = get_facebook_client() user, created = self.get_or_create(id=_2int(facebook, 'uid')) if created: # we could do some custom actions for new users here... pass return user class User(models.Model): """A simple User model for Facebook users.""" # We use the user's UID as the primary key in our database. id = models.IntegerField(primary_key=True) # TODO: The data that you want to store for each user would go here. # For this sample, we let users let people know their favorite progamming # language, in the spirit of Extended Info. language = models.CharField(max_length=64, default='Python') # Add the custom manager objects = UserManager() ================================================ FILE: facebook/djangofb/default_app/templates/canvas.fbml ================================================ {% comment %} We can use {{ fbuser }} to get at the current user. {{ fbuser.id }} will be the user's UID, and {{ fbuser.language }} is his/her favorite language (Python :-). {% endcomment %} Welcome, !

Your favorite language is {{ fbuser.language|escape }}.

================================================ FILE: facebook/djangofb/default_app/urls.py ================================================ from django.conf.urls.defaults import * urlpatterns = patterns('{{ project }}.{{ app }}.views', (r'^$', 'canvas'), # Define other pages you want to create here ) ================================================ FILE: facebook/djangofb/default_app/views.py ================================================ from django.http import HttpResponse from django.views.generic.simple import direct_to_template # uncomment the following two lines and the one below # if you dont want to use a decorator instead of the middleware # from django.utils.decorators import decorator_from_middleware # from facebook.djangofb import FacebookMiddleware # Import the Django helpers import facebook.djangofb as facebook # The User model defined in models.py from models import User # We'll require login for our canvas page. This # isn't necessarily a good idea, as we might want # to let users see the page without granting our app # access to their info. See the wiki for details on how # to do this. # @decorator_from_middleware(FacebookMiddleware) @facebook.require_login() def canvas(request): # Get the User object for the currently logged in user user = User.objects.get_current() # Check if we were POSTed the user's new language of choice if 'language' in request.POST: user.language = request.POST['language'][:64] user.save() # User is guaranteed to be logged in, so pass canvas.fbml # an extra 'fbuser' parameter that is the User object for # the currently logged in user. return direct_to_template( request, 'canvas.fbml', extra_context={ 'fbuser': user}) @facebook.require_login() def ajax(request): return HttpResponse('hello world') ================================================ FILE: facebook/djangofb/models.py ================================================ from django.db import models from django.utils.html import escape from django.utils.safestring import mark_safe FB_MESSAGE_STATUS = ( (0, 'Explanation'), (1, 'Error'), (2, 'Success'), ) class MessageManager(models.Manager): def get_and_delete_all(self, uid): messages = [] for m in self.filter(uid=uid): messages.append(m) m.delete() return messages class Message(models.Model): """Represents a message for a Facebook user.""" uid = models.CharField(max_length=25) status = models.IntegerField(choices=FB_MESSAGE_STATUS) message = models.CharField(max_length=300) objects = MessageManager() def __unicode__(self): return self.message def _fb_tag(self): return self.get_status_display().lower() def as_fbml(self): return mark_safe(u'' % ( self._fb_tag(), escape(self.message), )) ================================================ FILE: facebook/webappfb.py ================================================ # # webappfb - Facebook tools for Google's AppEngine "webapp" Framework # # Copyright (c) 2009, Max Battcher # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # * Neither the name of the author nor the names of its contributors may # be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS``AS IS'' AND ANY # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. from google.appengine.api import memcache from google.appengine.ext.webapp import RequestHandler from facebook import Facebook import yaml """ Facebook tools for Google AppEngine's object-oriented "webapp" framework. """ # This global configuration dictionary is for configuration variables # for Facebook requests such as the application's API key and secret # key. Defaults to loading a 'facebook.yaml' YAML file. This should be # useful and familiar for most AppEngine development. FACEBOOK_CONFIG = yaml.load(file('facebook.yaml', 'r')) class FacebookRequestHandler(RequestHandler): """ Base class for request handlers for Facebook apps, providing useful Facebook-related tools: a local """ def _fbconfig_value(self, name, default=None): """ Checks the global config dictionary and then for a class/instance variable, using a provided default if no value is found. """ if name in FACEBOOK_CONFIG: default = FACEBOOK_CONFIG[name] return getattr(self, name, default) def initialize(self, request, response): """ Initialize's this request's Facebook client. """ super(FacebookRequestHandler, self).initialize(request, response) app_name = self._fbconfig_value('app_name', '') api_key = self._fbconfig_value('api_key', None) secret_key = self._fbconfig_value('secret_key', None) self.facebook = Facebook(api_key, secret_key, app_name=app_name) require_app = self._fbconfig_value('require_app', False) require_login = self._fbconfig_value('require_login', False) need_session = self._fbconfig_value('need_session', False) check_session = self._fbconfig_value('check_session', True) self._messages = None self.redirecting = False if require_app or require_login: if not self.facebook.check_session(request): self.redirect(self.facebook.get_login_url(next=request.url)) self.redirecting = True return elif check_session: self.facebook.check_session(request) # ignore response # NOTE: require_app is deprecated according to modern Facebook login # policies. Included for completeness, but unnecessary. if require_app and not self.facebook.added: self.redirect(self.facebook.get_add_url(next=request.url)) self.redirecting = True return if not (require_app or require_login) and need_session: self.facebook.auth.getSession() def redirect(self, url, **kwargs): """ For Facebook canvas pages we should use instead of a normal redirect. """ if self.facebook.in_canvas: self.response.clear() self.response.out.write('' % (url, )) else: super(FacebookRequestHandler, self).redirect(url, **kwargs) def add_user_message(self, kind, msg, detail='', time=15 * 60): """ Add a message to the current user to memcache. """ if self.facebook.uid: key = 'messages:%s' % self.facebook.uid self._messages = memcache.get(key) message = { 'kind': kind, 'message': msg, 'detail': detail, } if self._messages is not None: self._messages.append(message) else: self._messages = [message] memcache.set(key, self._messages, time=time) def get_and_delete_user_messages(self): """ Get all of the messages for the current user; removing them. """ if self.facebook.uid: key = 'messages:%s' % self.facebook.uid if not hasattr(self, '_messages') or self._messages is None: self._messages = memcache.get(key) memcache.delete(key) return self._messages return None class FacebookCanvasHandler(FacebookRequestHandler): """ Request handler for Facebook canvas (FBML application) requests. """ def canvas(self, *args, **kwargs): """ This will be your handler to deal with Canvas requests. """ raise NotImplementedError() def get(self, *args): """ All valid canvas views are POSTS. """ # TODO: Attempt to auto-redirect to Facebook canvas? self.error(404) def post(self, *args, **kwargs): """ Check a couple of simple safety checks and then call the canvas handler. """ if self.redirecting: return if not self.facebook.in_canvas: self.error(404) return self.canvas(*args, **kwargs) # vim: ai et ts=4 sts=4 sw=4 ================================================ FILE: facebook/wsgi.py ================================================ """This is some simple helper code to bridge the Pylons / PyFacebook gap. There's some generic WSGI middleware, some Paste stuff, and some Pylons stuff. Once you put FacebookWSGIMiddleware into your middleware stack, you'll have access to ``environ["pyfacebook.facebook"]``, which is a ``facebook.Facebook`` object. If you're using Paste (which includes Pylons users), you can also access this directly using the facebook global in this module. """ # Be careful what you import. Don't expect everyone to have Pylons, # Paste, etc. installed. Degrade gracefully. from facebook import Facebook __docformat__ = "restructuredtext" # Setup Paste, if available. This needs to stay in the same module as # FacebookWSGIMiddleware below. try: from paste.registry import StackedObjectProxy from webob.exc import _HTTPMove try: from string import Template except ImportError: from webob.util.stringtemplate import Template from webob import html_escape except ImportError: pass else: facebook = StackedObjectProxy(name="PyFacebook Facebook Connection") class CanvasRedirect(_HTTPMove): """This is for canvas redirects.""" title = "See Other" code = 200 html_template_obj = Template('') def html_body(self, environ): return self.html_template_obj.substitute(location=self.detail) class FacebookWSGIMiddleware(object): """This is WSGI middleware for Facebook.""" def __init__(self, app, config, facebook_class=Facebook): """Initialize the Facebook middleware. ``app`` This is the WSGI application being wrapped. ``config`` This is a dict containing the keys "pyfacebook.apikey" and "pyfacebook.secret". ``facebook_class`` If you want to subclass the Facebook class, you can pass in your replacement here. Pylons users will want to use PylonsFacebook. """ self.app = app self.config = config self.facebook_class = facebook_class def __call__(self, environ, start_response): config = self.config real_facebook = self.facebook_class(config["pyfacebook.apikey"], config["pyfacebook.secret"]) registry = environ.get('paste.registry') if registry: registry.register(facebook, real_facebook) environ['pyfacebook.facebook'] = real_facebook return self.app(environ, start_response) # The remainder is Pylons specific. try: import pylons from pylons.controllers.util import redirect_to as pylons_redirect_to from routes import url_for except ImportError: pass else: class PylonsFacebook(Facebook): """Subclass Facebook to add Pylons goodies.""" def check_session(self, request=None): """The request parameter is now optional.""" if request is None: request = pylons.request return Facebook.check_session(self, request) # The Django request object is similar enough to the Paste # request object that check_session and validate_signature # should *just work*. def redirect_to(self, url): """Wrap Pylons' redirect_to function so that it works in_canvas. By the way, this won't work until after you call check_session(). """ if self.in_canvas: raise CanvasRedirect(url) pylons_redirect_to(url) def apps_url_for(self, *args, **kargs): """Like url_for, but starts with "http://apps.facebook.com".""" return "http://apps.facebook.com" + url_for(*args, **kargs) def create_pylons_facebook_middleware(app, config): """This is a simple wrapper for FacebookWSGIMiddleware. It passes the correct facebook_class. """ return FacebookWSGIMiddleware(app, config, facebook_class=PylonsFacebook) ================================================ FILE: setup.py ================================================ #!/usr/bin/env python from setuptools import setup, find_packages setup(name='pyfacebook', version='1.0a2.1', description='Python Client Library for the Facebook API', author='Samuel Cormier-Iijima', author_email='sciyoshi@gmail.com', url='http://code.google.com/p/pyfacebook', packages=['facebook', 'facebook.djangofb', 'facebook.djangofb.default_app'], test_suite='tests', tests_require=['MiniMock']) ================================================ FILE: tests/__init__.py ================================================ ================================================ FILE: tests/test.py ================================================ import unittest import sys import os import facebook import urllib2 try: from hashlib import md5 md5_constructor = md5 except ImportError: import md5 md5_constructor = md5.new try: import simplejson except ImportError: from django.utils import simplejson import httplib from minimock import Mock my_api_key = "e1e9cfeb5e0d7a52e4fbd5d09e1b873e" my_secret_key = "1bebae7283f5b79aaf9b851addd55b90" # '{"error_code":100,\ # "error_msg":"Invalid parameter",\ # "request_args":[{"key":"format","value":"JSON"},\ # {"key":"auth_token","value":"24626e24bb12919f2f142145070542e8"},\ # {"key":"sig","value":"36af2af3b93da784149301e77cb1621a"},\ # {"key":"v","value":"1.0"},\ # {"key":"api_key","value":"e1e9cfeb5e0d7a52e4fbd5d09e1b873e"},\ # {"key":"method","value":"facebook.auth.getSession"}]}' response_str = '{"stuff":"abcd"}' class MyUrlOpen: def __init__(self, *args, **kwargs): pass def read(self): global response_str return response_str class pyfacebook_UnitTests(unittest.TestCase): def setUp(self): facebook.urllib2.urlopen = Mock('urllib2.urlopen') facebook.urllib2.urlopen.mock_returns_func = MyUrlOpen pass def tearDown(self): pass def login(self): pass def test1(self): f = facebook.Facebook(api_key=my_api_key, secret_key=my_secret_key) f.login = self.login self.assertEquals(f.api_key, my_api_key) self.assertEquals(f.secret_key, my_secret_key) self.assertEquals(f.auth_token, None) self.assertEquals(f.app_name, None) self.assertEquals(f.callback_path, None) self.assertEquals(f.internal, None) def test2(self): args = {"arg1": "a", "arg2": "b", "arg3": "c"} hasher = md5_constructor( ''.join(['%s=%s' % (x, args[x]) for x in sorted(args.keys())])) hasher.update("acdnj") f = facebook.Facebook(api_key="abcdf", secret_key="acdnj") f.login = self.login digest = f._hash_args(args) self.assertEquals(hasher.hexdigest(), digest) hasher = md5_constructor( ''.join(['%s=%s' % (x, args[x]) for x in sorted(args.keys())])) hasher.update("klmn") # trunk code has error hash.updated instead of hash.update digest = f._hash_args(args, secret="klmn") self.assertEquals(hasher.hexdigest(), digest) hasher = md5_constructor( ''.join(['%s=%s' % (x, args[x]) for x in sorted(args.keys())])) f.secret = "klmn" hasher.update(f.secret) # trunk code has error hash.updated instead of hash.update digest = f._hash_args(args) self.assertEquals(hasher.hexdigest(), digest) def test3(self): global response_str response = {'stuff': 'abcd'} response_str = simplejson.dumps(response) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login fb.auth.createToken() self.assertEquals(str(fb.auth_token['stuff']), "abcd") fb.login() response = { "session_key": "key", "uid": "my_uid", "secret": "my_secret", "expires": "my_expires"} response_str = simplejson.dumps(response) res = fb.auth.getSession() self.assertEquals(str(res["expires"]), response["expires"]) self.assertEquals(str(res["secret"]), response["secret"]) self.assertEquals(str(res["session_key"]), response["session_key"]) self.assertEquals(str(res["uid"]), response["uid"]) def test4(self): global response_str response = 'abcdef' response_str = simplejson.dumps(response) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login fb.auth.createToken() self.assertEquals(str(fb.auth_token), "abcdef") url = fb.get_login_url(next="nowhere", popup=True, canvas=True) self.assertEquals( url, 'http://www.facebook.com/login.php?canvas=1&popup=1&auth_token=abcdef&next=nowhere&v=1.0&api_key=%s' % (my_api_key, )) def test5(self): class Request: def __init__(self, post, get, method): self.POST = post self.GET = get self.method = method req = Request({'fb_sig_in_canvas': 1}, {}, 'POST') fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login res = fb.check_session(req) self.assertFalse(res) req = Request({'fb_sig': 1}, {}, 'POST') res = fb.check_session(req) self.assertFalse(res) req = Request({'fb_sig': fb._hash_args({'in_canvas': '1', 'added': '1', 'expires': '1', 'friends': 'joe,mary', 'session_key': 'abc', 'user': 'bob'}), 'fb_sig_in_canvas': '1', 'fb_sig_added': '1', 'fb_sig_expires': '1', 'fb_sig_friends': 'joe,mary', 'fb_sig_session_key': 'abc', 'fb_sig_user': 'bob'}, {}, 'POST') res = fb.check_session(req) self.assertTrue(res) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login req = Request({'fb_sig': fb._hash_args({'in_canvas': '1', 'added': '1', 'expires': '1', 'friends': '', 'session_key': 'abc', 'user': 'bob'}), 'fb_sig_in_canvas': '1', 'fb_sig_added': '1', 'fb_sig_expires': '1', 'fb_sig_friends': '', 'fb_sig_session_key': 'abc', 'fb_sig_user': 'bob'}, {}, 'POST') res = fb.check_session(req) self.assertTrue(res) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login req = Request({'fb_sig': fb._hash_args({'in_canvas': '1', 'added': '1', 'expires': '1', 'friends': '', 'session_key': 'abc', 'page_id': 'id'}), 'fb_sig_in_canvas': '1', 'fb_sig_added': '1', 'fb_sig_expires': '1', 'fb_sig_friends': '', 'fb_sig_session_key': 'abc', 'fb_sig_page_id': 'id'}, {}, 'POST') res = fb.check_session(req) self.assertTrue(res) def test6(self): global response_str response = 'abcdef' response_str = simplejson.dumps(response) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login fb.auth.createToken() # self.failUnlessRaises(RuntimeError,fb._add_session_args) response = { "session_key": "key", "uid": "my_uid", "secret": "my_secret", "expires": "my_expires"} response_str = simplejson.dumps(response) fb.auth.getSession() args = fb._add_session_args() def test7(self): global response_str response = 'abcdef' response_str = simplejson.dumps(response) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login fb.auth.createToken() self.assertEquals(str(fb.auth_token), "abcdef") url = fb.get_authorize_url(next="next", next_cancel="next_cancel") self.assertEquals( url, 'http://www.facebook.com/authorize.php?api_key=%s&next_cancel=next_cancel&v=1.0&next=next' % (my_api_key, )) def test8(self): class Request: def __init__(self, post, get, method): self.POST = post self.GET = get self.method = method global response_str response = { "session_key": "abcdef", "uid": "my_uid", "secret": "my_secret", "expires": "my_expires"} response_str = simplejson.dumps(response) req = Request({}, {'installed': 1, 'fb_page_id': 'id', 'auth_token': 'abcdef'}, 'GET') fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login res = fb.check_session(req) self.assertTrue(res) def test9(self): global response_str response = 'abcdef' response_str = simplejson.dumps(response) fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login fb.auth.createToken() self.assertEquals(str(fb.auth_token), "abcdef") url = fb.get_add_url(next="next") self.assertEquals( url, 'http://www.facebook.com/install.php?api_key=%s&v=1.0&next=next' % (my_api_key,)) def send(self, xml): self.xml = xml def test10(self): import Image image1 = Image.new("RGB", (400, 300), (255, 255, 255)) filename = "image_file.jpg" image1.save(filename) global response_str fb = facebook.Facebook(my_api_key, my_secret_key) fb.login = self.login facebook.httplib.HTTP = Mock('httplib.HTTP') http_connection = Mock('http_connection') facebook.httplib.HTTP.mock_returns = http_connection http_connection.send.mock_returns_func = self.send def _http_passes(): return [200, ] http_connection.getreply.mock_returns_func = _http_passes def read(): response = {"stuff": "stuff"} response_str = simplejson.dumps(response) return response_str http_connection.file.read.mock_returns_func = read response = { "session_key": "key", "uid": "my_uid", "secret": "my_secret", "expires": "my_expires"} response_str = simplejson.dumps(response) res = fb.auth.getSession() result = fb.photos.upload( image=filename, aid="aid", caption="a caption") self.assertEquals(str(result["stuff"]), "stuff") os.remove(filename) if __name__ == "__main__": # Build the test suite suite = unittest.TestSuite() suite.addTest(unittest.makeSuite(pyfacebook_UnitTests)) # Execute the test suite print("Testing Proxy class\n") result = unittest.TextTestRunner(verbosity=2).run(suite) sys.exit(len(result.errors) + len(result.failures))