Help pass authorization in python. There is a code like this:

def main ():
  webbrowser.open ('http://oauth.vk.com/authorize?client_id='+APP_ID+'& scope =' + SETTINGS + '& amp; redirect_uri =' + REDIRECT_URI + '& amp; display =' + DISPLAY + '& amp; response_type = token ')

A username / password is entered in the browser and permission is requested, but after all this, how do you pull out the token and user ID from the browser?

Answer 1, authority 100%

I solved your problem some time ago. In short, you can parse login pages and submit forms without using a browser. A detailed description of the solution can be found in the article . The module sources are at github . The module uses only standard Python modules, so it should work almost everywhere without unnecessary gestures.

Answer 2, authority 99%

The meaning of authorization through a third-party service (in this case OAuth 2) is as follows:

1. On the service (in this case, VK), you need to register an application and get an API key.
2. After that, the application (site) can make a request for the user’s personal data from the third-party service through this same API, for which:
   • redirect the user (the user’s browser by sending him a 302 Redirect HTTP response) to a specially formed link (from your message) to the service providing the API;
   • the user will perform some actions there, presumably log in and allow access to the data;
   • upon completion of the actions, the user will be redirected by the third-party service through the same 302 Redirect to the URL passed in the parameters of the specially formed link (in this case, it is '& amp; redirect_uri =' + REDIRECT_URI ).
3. The user gets on the very link of your return to the site. And if the user agreed to provide his data stored on a third-party service to your site, then this link in the GET parameters will contain the access key to the user’s data on this third-party service, otherwise it will contain a refusal code (see the documentation on the target service) .

In a positive situation, it is required to save this access key and use it and the API key in the future to receive the necessary information by direct application requests to the service. Depending on the protocol, this access key can be used to obtain another key with which it will already be possible to operate with user data. In any case, after the third step, user participation is no longer required and all data must be sent by direct requests from your site to a third-party, for example, via urllib2.urlopen .

This is a general principle of operation, specific nuances should be clarified in the documentation for developers from a specific service. In this case, this is Authorization of sites on VKontakte .

Answer 3, authority 93%

Two options.

1. Soviet. Before sending a user with a browser to the site, tell him “now your browser will open, you enter your password there, agree with everything, and then copy the entire address bar here into our program with pens.”
2. Bourgeois. Use some kind of environment, inside which there is a browser component. Whether it’s a native Windows application written in Delphi, or a Mac in XCode. In this case, the application has power over the browser it contains, and can retrieve the address bar from it at the right time.

Answer 4, authority 67%

The token will come in the request URL for REDIRECT_URI . From here: Client application authorization

Get Access_Token

After successful application authorization
Browser user will be
Redirected to Redirect_uri ,
specified when opening dialogue
authorization. In this case, the key access to
Access_Token API and other parameters
will be transferred to the URL fragment links:
http: // redirect_uri # access_token = 533bacf01e11f55b536a565b57531ad114461ae8736d6506a3 & amp; expires_in = 86400 & amp; user_id = 8492