From 509384a7a1ff8dff72dc5c2eff07ecaa244762bb Mon Sep 17 00:00:00 2001
From: liangliangyy <liangliangyy@gmail.com>
Date: Tue, 16 Apr 2019 23:17:21 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Doauth=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E5=8F=AF=E8=83=BD=E5=AD=98=E5=9C=A8access=20token=E4=B8=8D?=
 =?UTF-8?q?=E5=AD=98=E5=9C=A8=E5=BC=82=E5=B8=B8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 oauth/oauthmanager.py | 55 +++++++++++++++++++++++--------------------
 oauth/views.py        | 11 +++++++--
 2 files changed, 39 insertions(+), 27 deletions(-)

diff --git a/oauth/oauthmanager.py b/oauth/oauthmanager.py
index 5d7521a..32c337a 100644
--- a/oauth/oauthmanager.py
+++ b/oauth/oauthmanager.py
@@ -25,6 +25,12 @@ from DjangoBlog.utils import parse_dict_to_url, cache_decorator
 logger = logging.getLogger(__name__)
 
 
+class OAuthAccessTokenException(Exception):
+    '''
+    oauth授权失败异常
+    '''
+
+
 class BaseOauthManager(metaclass=ABCMeta):
     """获取用户授权"""
     AUTH_URL = None
@@ -106,14 +112,14 @@ class WBOauthManager(BaseOauthManager):
             'redirect_uri': self.callback_url
         }
         rsp = self.do_post(self.TOKEN_URL, params)
-        try:
-            obj = json.loads(rsp)
+
+        obj = json.loads(rsp)
+        if 'access_token' in obj:
             self.access_token = str(obj['access_token'])
             self.openid = str(obj['uid'])
             return self.get_oauth_userinfo()
-        except Exception as e:
-            logger.error(e)
-            return None
+        else:
+            raise OAuthAccessTokenException(rsp)
 
     def get_oauth_userinfo(self):
         if not self.is_authorized:
@@ -124,7 +130,6 @@ class WBOauthManager(BaseOauthManager):
         }
         rsp = self.do_get(self.API_URL, params)
         try:
-
             datas = json.loads(rsp)
             user = OAuthUser()
             user.matedata = rsp
@@ -178,15 +183,14 @@ class GoogleOauthManager(BaseOauthManager):
         rsp = self.do_post(self.TOKEN_URL, params)
 
         obj = json.loads(rsp)
-        try:
+
+        if 'access_token' in obj:
             self.access_token = str(obj['access_token'])
             self.openid = str(obj['id_token'])
             logger.info(self.ICON_NAME + ' oauth ' + rsp)
             return self.access_token
-        except Exception as e:
-            logger.error(e)
-            logger.error(self.ICON_NAME + ' oauth error ' + rsp)
-            return None
+        else:
+            raise OAuthAccessTokenException(rsp)
 
     def get_oauth_userinfo(self):
         if not self.is_authorized:
@@ -249,14 +253,13 @@ class GitHubOauthManager(BaseOauthManager):
         }
         rsp = self.do_post(self.TOKEN_URL, params)
 
-        try:
-            from urllib import parse
-            r = parse.parse_qs(rsp)
+        from urllib import parse
+        r = parse.parse_qs(rsp)
+        if 'access_token' in r:
             self.access_token = (r['access_token'][0])
             return self.access_token
-        except Exception as e:
-            logger.error(e)
-            return None
+        else:
+            raise OAuthAccessTokenException(rsp)
 
     def get_oauth_userinfo(self):
 
@@ -318,14 +321,13 @@ class FaceBookOauthManager(BaseOauthManager):
         }
         rsp = self.do_post(self.TOKEN_URL, params)
 
-        try:
-            obj = json.loads(rsp)
+        obj = json.loads(rsp)
+        if 'access_token' in obj:
             token = str(obj['access_token'])
             self.access_token = token
             return self.access_token
-        except Exception as e:
-            logger.error(e)
-            return None
+        else:
+            raise OAuthAccessTokenException(rsp)
 
     def get_oauth_userinfo(self):
         params = {
@@ -385,9 +387,12 @@ class QQOauthManager(BaseOauthManager):
         rsp = self.do_get(self.TOKEN_URL, params)
         if rsp:
             d = urllib.parse.parse_qs(rsp)
-            token = d['access_token']
-            self.access_token = token
-            return token
+            if 'access_token' in d:
+                token = d['access_token']
+                self.access_token = token
+                return token
+        else:
+            raise OAuthAccessTokenException(rsp)
 
     def get_open_id(self):
         if self.is_access_token_set:
diff --git a/oauth/views.py b/oauth/views.py
index 2e99a3d..9c828dc 100644
--- a/oauth/views.py
+++ b/oauth/views.py
@@ -15,7 +15,7 @@ from DjangoBlog.utils import send_email, get_md5, save_user_avatar
 from DjangoBlog.utils import get_current_site
 from django.core.exceptions import ObjectDoesNotExist
 from django.http import HttpResponseForbidden
-from .oauthmanager import get_manager_by_type
+from .oauthmanager import get_manager_by_type, OAuthAccessTokenException
 from DjangoBlog.blog_signals import oauth_user_login_signal
 
 import logging
@@ -57,7 +57,14 @@ def authorize(request):
     if not manager:
         return HttpResponseRedirect('/')
     code = request.GET.get('code', None)
-    rsp = manager.get_access_token_by_code(code)
+    try:
+        rsp = manager.get_access_token_by_code(code)
+    except OAuthAccessTokenException as e:
+        logger.warning("OAuthAccessTokenException:" + str(e))
+        return HttpResponseRedirect('/')
+    except Exception as e:
+        logger.error(e)
+        rsp = None
     nexturl = get_redirecturl(request)
     if not rsp:
         return HttpResponseRedirect(manager.get_authorization_url(nexturl))