Remove _OAUTH_USERINFO_URL.

author Ben Darnell <ben@bendarnell.com>

Sat, 4 Jul 2015 15:22:12 +0000 (11:22 -0400)

committer Ben Darnell <ben@bendarnell.com>

Sat, 4 Jul 2015 15:22:12 +0000 (11:22 -0400)
author Ben Darnell <ben@bendarnell.com>
Sat, 4 Jul 2015 15:22:12 +0000 (11:22 -0400)
committer Ben Darnell <ben@bendarnell.com>
Sat, 4 Jul 2015 15:22:12 +0000 (11:22 -0400)
diff --git a/tornado/auth.py b/tornado/auth.py

index c904847b348873d7ffc9d4895793d99452042b60..32d0e226ff8ad5d1b252e02e3cb3bd4300786258 100644 (file)
--- a/tornado/auth.py
+++ b/tornado/auth.py
@@ -885,10 +885,11 @@ class GoogleOAuth2Mixin(OAuth2Mixin):
                          access = yield self.get_authenticated_user(
                              redirect_uri='http://your.site.com/auth/google',
                              code=self.get_argument('code'))
-                        args = dict(access_token=access["access_token"])
-                        url = self._OAUTH_USERINFO_URL + "?" + urllib_parse.urlencode(args)
-                        user = yield self.oauth2_request(url)
-                        # Save the user with e.g. set_secure_cookie
+                        user = yield self.oauth2_request(
+                            "https://www.googleapis.com/oauth2/v1/userinfo",
+                            access_token=access["access_token"])
+                        # Save the user and access token with
+                        # e.g. set_secure_cookie.
                      else:
                          yield self.authorize_redirect(
                              redirect_uri='http://your.site.com/auth/google',
diff --git a/tornado/test/auth_test.py b/tornado/test/auth_test.py

index 9ea4e00ed0a846727e24cbf076c6b4068a87f981..56de93a5c4c1d4aa97bf9c6d21fec7a1c0acdc37 100644 (file)
--- a/tornado/test/auth_test.py
+++ b/tornado/test/auth_test.py
@@ -418,10 +418,10 @@ class AuthTest(AsyncHTTPTestCase):
  
  class GoogleLoginHandler(RequestHandler, GoogleOAuth2Mixin):
      def initialize(self, test):
+        self.test = test
          self._OAUTH_REDIRECT_URI = test.get_url('/client/login')
          self._OAUTH_AUTHORIZE_URL = test.get_url('/google/oauth2/authorize')
          self._OAUTH_ACCESS_TOKEN_URL = test.get_url('/google/oauth2/token')
-        self._OAUTH_USERINFO_URL = test.get_url('/google/oauth2/userinfo')
  
      @gen.coroutine
      def get(self):
@@ -430,9 +430,11 @@ class GoogleLoginHandler(RequestHandler, GoogleOAuth2Mixin):
              # retrieve authenticate google user
              access = yield self.get_authenticated_user(self._OAUTH_REDIRECT_URI,
                                                         code)
-            url = self._OAUTH_USERINFO_URL + "?access_token=" + access["access_token"]
-            user = yield self.oauth2_request(url)
-            # return the user as json
+            user = yield self.oauth2_request(
+                self.test.get_url("/google/oauth2/userinfo"),
+                access_token=access["access_token"])
+            # return the user and access token as json
+            user["access_token"] = access["access_token"]
              self.write(user)
          else:
              yield self.authorize_redirect(
@@ -494,4 +496,5 @@ class GoogleOAuth2Test(AsyncHTTPTestCase):
          self.assertDictEqual({
              u('name'): u('Foo'),
              u('email'): u('foo@example.com'),
+            u('access_token'): u('fake-access-token'),
          }, json_decode(response.body))
author	Ben Darnell <ben@bendarnell.com>
	Sat, 4 Jul 2015 15:22:12 +0000 (11:22 -0400)
committer	Ben Darnell <ben@bendarnell.com>
	Sat, 4 Jul 2015 15:22:12 +0000 (11:22 -0400)
tornado/auth.py		patch \| blob \| blame \| history
tornado/test/auth_test.py		patch \| blob \| blame \| history