#!/usr/bin/env python
import json
import urllib.parse
import http.server
import http.client

# Define credentials obtained from Wonde dashboard SSO settings
CLIENT_ID = <Your Client ID goes here>
CLIENT_SECRET = '<Your Client Secret goes here>'
REDIRECT_URI = 'http://localhost:8123'

# Now define the Wonde SSO and API endpoints
AUTH_URI = 'https://edu.wonde.com/oauth/authorize'
TOKEN_URI= 'https://api.wonde.com/oauth/token'
GRAPHQL_URI = 'https://api.wonde.com/graphql/me'


def httpRequest(url, params, access_token_authorization_bearer=None, method='POST'):
    headers = {'Content-Type': 'application/x-www-form-urlencoded'}

    if access_token_authorization_bearer:
        headers['Authorization'] = 'Bearer ' + access_token_authorization_bearer

    url_parsed = urllib.parse.urlparse(url)

    conn = http.client.HTTPSConnection(url_parsed.hostname)
    conn.request(method=method, url=url_parsed.path, body=urllib.parse.urlencode(params),
                 headers=headers)
    return conn.getresponse()


def makeApiRequest(access_token):
    query = '''{
        Me {
            id
            Person {
                __typename
                ... on Student {
                    id
                    type
                    forename
                    middle_names
                    surname
                }
                ... on Contact {
                    id
                    type
                    forename
                    middle_names
                    surname
                }
                ... on Employee {
                    id
                    type
                    forename
                    middle_names
                    surname
                }
            }
        }
    }'''

    response = httpRequest(GRAPHQL_URI, {'query': query}, access_token_authorization_bearer=access_token)
    response_text = response.read()
    return response_text.decode('utf8')


def getAccessToken(code):
    params_for_access_token = {'grant_type': 'authorization_code',
                               'client_id': CLIENT_ID,
                               'client_secret': CLIENT_SECRET,
                               'redirect_uri': REDIRECT_URI,
                               'code': code}

    response = httpRequest(TOKEN_URI, params_for_access_token)
    response_text = response.read()
    res_json = json.loads(response_text.decode('utf-8'))
    return res_json['access_token']


class appHTTPServer_RequestHandler(http.server.BaseHTTPRequestHandler):

    def do_GET(self):

        get_params = urllib.parse.parse_qs(self.path)

        if get_params:  # if we have GET parameter with code

            code = (get_params.get('code') or get_params.get('/?code'))[0]
            if code:

                access_token = getAccessToken(code)

                result = makeApiRequest(access_token)

            else:
                result = '"code" GET parameter required'

            message = '<pre>' + result + '</pre>'
            self.send_response(200)
            self.send_header('Content-type', 'text/html')
            self.end_headers()
            self.wfile.write(bytes(message, "utf8"))
            self.finish()

        else:  # we don't have CODE parameter, redirect to authorise

            params = {'client_id': CLIENT_ID,
                      'redirect_uri': REDIRECT_URI,
                      'response_type': 'code'}

            self.send_response(302)
            self.send_header('Location', AUTH_URI + '?' + urllib.parse.urlencode(params))
            self.end_headers()


def run():
    print('starting server...')

    # Server settings
    server_address = ('0.0.0.0', 8123)
    httpd = http.server.HTTPServer(server_address, appHTTPServer_RequestHandler)
    print('running server...')
    httpd.serve_forever()

run()
							

Single Sign-On API Docs

Wonde SSO gives students, staff and parents one login to access apps powered by the school data provided by Wonde.

Our simple to use industry standard OAuth2 API allows you to get up and running in minutes. The API can be used to access data relating to the individual, class or in conjunction with the School Sync API.

Our documentation and code samples allow you to get started straight away.