Refresh docs
diff --git a/docs/epy/oauth2client.appengine-module.html b/docs/epy/oauth2client.appengine-module.html
index 43d576e..a9131ef 100644
--- a/docs/epy/oauth2client.appengine-module.html
+++ b/docs/epy/oauth2client.appengine-module.html
@@ -93,6 +93,22 @@
<td width="15%" align="right" valign="top" class="summary">
<span class="summary-type"> </span>
</td><td class="summary">
+ <a href="oauth2client.appengine.InvalidXsrfTokenError-class.html" class="summary-name">InvalidXsrfTokenError</a><br />
+ The XSRF token is invalid or expired.
+ </td>
+ </tr>
+<tr>
+ <td width="15%" align="right" valign="top" class="summary">
+ <span class="summary-type"> </span>
+ </td><td class="summary">
+ <a href="oauth2client.appengine.SiteXsrfSecretKey-class.html" class="summary-name">SiteXsrfSecretKey</a><br />
+ Storage for the sites XSRF secret key.
+ </td>
+ </tr>
+<tr>
+ <td width="15%" align="right" valign="top" class="summary">
+ <span class="summary-type"> </span>
+ </td><td class="summary">
<a href="oauth2client.appengine.AppAssertionCredentials-class.html" class="summary-name">AppAssertionCredentials</a><br />
Credentials object for App Engine Assertion Grants
</td>
@@ -146,14 +162,6 @@
An OAuth2Decorator that builds from a clientsecrets file.
</td>
</tr>
-<tr>
- <td width="15%" align="right" valign="top" class="summary">
- <span class="summary-type"> </span>
- </td><td class="summary">
- <a href="oauth2client.appengine.OAuth2Handler-class.html" class="summary-name">OAuth2Handler</a><br />
- Handler for the redirect_uri of the OAuth 2.0 dance.
- </td>
- </tr>
</table>
<!-- ==================== FUNCTIONS ==================== -->
<a name="section-Functions"></a>
@@ -172,19 +180,16 @@
</table>
</td>
</tr>
-<tr>
+<tr class="private">
<td width="15%" align="right" valign="top" class="summary">
<span class="summary-type"> </span>
</td><td class="summary">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
- <td><span class="summary-sig"><a href="oauth2client.appengine-module.html#oauth2decorator_from_clientsecrets" class="summary-sig-name">oauth2decorator_from_clientsecrets</a>(<span class="summary-sig-arg">filename</span>,
- <span class="summary-sig-arg">scope</span>,
- <span class="summary-sig-arg">message</span>=<span class="summary-sig-default">None</span>,
- <span class="summary-sig-arg">cache</span>=<span class="summary-sig-default">None</span>)</span><br />
- Creates an OAuth2Decorator populated from a clientsecrets file.</td>
+ <td><span class="summary-sig"><a name="_generate_new_xsrf_secret_key"></a><span class="summary-sig-name">_generate_new_xsrf_secret_key</span>()</span><br />
+ Returns a random XSRF secret key.</td>
<td align="right" valign="top">
- <span class="codelink"><a href="oauth2client.appengine-pysrc.html#oauth2decorator_from_clientsecrets">source code</a></span>
+ <span class="codelink"><a href="oauth2client.appengine-pysrc.html#_generate_new_xsrf_secret_key">source code</a></span>
</td>
</tr>
@@ -198,9 +203,46 @@
</td><td class="summary">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
- <td><span class="summary-sig"><a name="main"></a><span class="summary-sig-name">main</span>()</span></td>
+ <td><span class="summary-sig"><a href="oauth2client.appengine-module.html#xsrf_secret_key" class="summary-sig-name">xsrf_secret_key</a>()</span><br />
+ Return the secret key for use for XSRF protection.</td>
<td align="right" valign="top">
- <span class="codelink"><a href="oauth2client.appengine-pysrc.html#main">source code</a></span>
+ <span class="codelink"><a href="oauth2client.appengine-pysrc.html#xsrf_secret_key">source code</a></span>
+
+ </td>
+ </tr>
+ </table>
+
+ </td>
+ </tr>
+<tr class="private">
+ <td width="15%" align="right" valign="top" class="summary">
+ <span class="summary-type"> </span>
+ </td><td class="summary">
+ <table width="100%" cellpadding="0" cellspacing="0" border="0">
+ <tr>
+ <td><span class="summary-sig"><a href="oauth2client.appengine-module.html#_build_state_value" class="summary-sig-name" onclick="show_private();">_build_state_value</a>(<span class="summary-sig-arg">request_handler</span>,
+ <span class="summary-sig-arg">user</span>)</span><br />
+ Composes the value for the 'state' parameter.</td>
+ <td align="right" valign="top">
+ <span class="codelink"><a href="oauth2client.appengine-pysrc.html#_build_state_value">source code</a></span>
+
+ </td>
+ </tr>
+ </table>
+
+ </td>
+ </tr>
+<tr class="private">
+ <td width="15%" align="right" valign="top" class="summary">
+ <span class="summary-type"> </span>
+ </td><td class="summary">
+ <table width="100%" cellpadding="0" cellspacing="0" border="0">
+ <tr>
+ <td><span class="summary-sig"><a href="oauth2client.appengine-module.html#_parse_state_value" class="summary-sig-name" onclick="show_private();">_parse_state_value</a>(<span class="summary-sig-arg">state</span>,
+ <span class="summary-sig-arg">user</span>)</span><br />
+ Parse the value of the 'state' parameter.</td>
+ <td align="right" valign="top">
+ <span class="codelink"><a href="oauth2client.appengine-pysrc.html#_parse_state_value">source code</a></span>
</td>
</tr>
@@ -244,7 +286,7 @@
<td width="15%" align="right" valign="top" class="summary">
<span class="summary-type"> </span>
</td><td class="summary">
- <a href="oauth2client.appengine-module.html#application" class="summary-name">application</a> = <code title="webapp.WSGIApplication([('/oauth2callback', OAuth2Handler)])">webapp.WSGIApplication([('/oauth2callback', OAut<code class="variable-ellipsis">...</code></code>
+ <a name="XSRF_MEMCACHE_ID"></a><span class="summary-name">XSRF_MEMCACHE_ID</span> = <code title="'xsrf_secret_key'"><code class="variable-quote">'</code><code class="variable-string">xsrf_secret_key</code><code class="variable-quote">'</code></code>
</td>
</tr>
<tr>
@@ -273,78 +315,99 @@
</td>
</tr>
</table>
-<a name="oauth2decorator_from_clientsecrets"></a>
+<a name="xsrf_secret_key"></a>
<div>
<table class="details" border="1" cellpadding="3"
cellspacing="0" width="100%" bgcolor="white">
<tr><td>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr valign="top"><td>
- <h3 class="epydoc"><span class="sig"><span class="sig-name">oauth2decorator_from_clientsecrets</span>(<span class="sig-arg">filename</span>,
- <span class="sig-arg">scope</span>,
- <span class="sig-arg">message</span>=<span class="sig-default">None</span>,
- <span class="sig-arg">cache</span>=<span class="sig-default">None</span>)</span>
+ <h3 class="epydoc"><span class="sig"><span class="sig-name">xsrf_secret_key</span>()</span>
</h3>
</td><td align="right" valign="top"
- ><span class="codelink"><a href="oauth2client.appengine-pysrc.html#oauth2decorator_from_clientsecrets">source code</a></span>
+ ><span class="codelink"><a href="oauth2client.appengine-pysrc.html#xsrf_secret_key">source code</a></span>
</td>
</tr></table>
<pre class="literalblock">
-Creates an OAuth2Decorator populated from a clientsecrets file.
+Return the secret key for use for XSRF protection.
-Args:
- filename: string, File name of client secrets.
- scope: string or list of strings, scope(s) of the credentials being
- requested.
- message: string, A friendly string to display to the user if the
- clientsecrets file is missing or invalid. The message may contain HTML and
- will be presented on the web interface for any method that uses the
- decorator.
- cache: An optional cache service client that implements get() and set()
- methods. See clientsecrets.loadfile() for details.
+If the Site entity does not have a secret key, this method will also create
+one and persist it.
-Returns: An OAuth2Decorator
+Returns:
+ The secret key.
</pre>
<dl class="fields">
</dl>
</td></tr></table>
</div>
-<br />
-<!-- ==================== VARIABLES DETAILS ==================== -->
-<a name="section-VariablesDetails"></a>
-<table class="details" border="1" cellpadding="3"
- cellspacing="0" width="100%" bgcolor="white">
-<tr bgcolor="#70b0f0" class="table-header">
- <td colspan="2" class="table-header">
- <table border="0" cellpadding="0" cellspacing="0" width="100%">
- <tr valign="top">
- <td align="left"><span class="table-header">Variables Details</span></td>
- <td align="right" valign="top"
- ><span class="options">[<a href="#section-VariablesDetails"
- class="privatelink" onclick="toggle_private();"
- >hide private</a>]</span></td>
- </tr>
- </table>
- </td>
-</tr>
-</table>
-<a name="application"></a>
-<div>
+<a name="_build_state_value"></a>
+<div class="private">
<table class="details" border="1" cellpadding="3"
cellspacing="0" width="100%" bgcolor="white">
<tr><td>
- <h3 class="epydoc">application</h3>
+ <table width="100%" cellpadding="0" cellspacing="0" border="0">
+ <tr valign="top"><td>
+ <h3 class="epydoc"><span class="sig"><span class="sig-name">_build_state_value</span>(<span class="sig-arg">request_handler</span>,
+ <span class="sig-arg">user</span>)</span>
+ </h3>
+ </td><td align="right" valign="top"
+ ><span class="codelink"><a href="oauth2client.appengine-pysrc.html#_build_state_value">source code</a></span>
+ </td>
+ </tr></table>
+ <pre class="literalblock">
+Composes the value for the 'state' parameter.
+
+Packs the current request URI and an XSRF token into an opaque string that
+can be passed to the authentication server via the 'state' parameter.
+
+Args:
+ request_handler: webapp.RequestHandler, The request.
+ user: google.appengine.api.users.User, The current user.
+
+Returns:
+ The state value as a string.
+
+</pre>
<dl class="fields">
</dl>
+</td></tr></table>
+</div>
+<a name="_parse_state_value"></a>
+<div class="private">
+<table class="details" border="1" cellpadding="3"
+ cellspacing="0" width="100%" bgcolor="white">
+<tr><td>
+ <table width="100%" cellpadding="0" cellspacing="0" border="0">
+ <tr valign="top"><td>
+ <h3 class="epydoc"><span class="sig"><span class="sig-name">_parse_state_value</span>(<span class="sig-arg">state</span>,
+ <span class="sig-arg">user</span>)</span>
+ </h3>
+ </td><td align="right" valign="top"
+ ><span class="codelink"><a href="oauth2client.appengine-pysrc.html#_parse_state_value">source code</a></span>
+ </td>
+ </tr></table>
+
+ <pre class="literalblock">
+Parse the value of the 'state' parameter.
+
+Parses the value and validates the XSRF token in the state parameter.
+
+Args:
+ state: string, The value of the state parameter.
+ user: google.appengine.api.users.User, The current user.
+
+Raises:
+ InvalidXsrfTokenError: if the XSRF token is invalid.
+
+Returns:
+ The redirect URI.
+
+</pre>
<dl class="fields">
- <dt>Value:</dt>
- <dd><table><tr><td><pre class="variable">
-webapp.WSGIApplication([('/oauth2callback', OAuth2Handler)])
-</pre></td></tr></table>
-</dd>
</dl>
</td></tr></table>
</div>
@@ -372,7 +435,7 @@
<table border="0" cellpadding="0" cellspacing="0" width="100%%">
<tr>
<td align="left" class="footer">
- Generated by Epydoc 3.0.1 on Fri Aug 3 07:38:25 2012
+ Generated by Epydoc 3.0.1 on Fri Aug 24 11:02:00 2012
</td>
<td align="right" class="footer">
<a target="mainFrame" href="http://epydoc.sourceforge.net"