Beispiel #1
0
    def get(self):
        try:
            tok, url = cascade.oauth_get_request_token(
                self._oaConsumer,
                'http://www.yttrium.ws/auth/oauth/finish?' +
                    urllib.urlencode([(u'url', self.request.get('url'))])
            )
        except cascade.CascadeError:
            self.response.set_status(403)
            return

        self.response.headers.add_header(
            u'Set-Cookie',
            u'%s=%s; domain=.yttrium.ws; path=/' % (
                REQUEST_TOKEN_COOKIE_NAME,
                cascade.oauth_token_to_query_string(tok)
            )
        )
        self.response.headers.add_header(
            u'Set-Cookie',
            u'%s=; domain=.yttrium.ws; path=/; max-age=0' % (
                ACCESS_TOKEN_COOKIE_NAME
            )
        )
        self.redirect(url)
Beispiel #2
0
    def get(self):
        url = self.request.get('url')

        self._oaToken.set_verifier(self.request.get('oauth_verifier'))

        # Make sure the token from our callback matches the one from
        # our cookie
        if self._oaToken.key != self.request.get('oauth_token'):
            logging.warning('Cookie and URL disagree about request token name')
            self.response.set_status(403)
            return

        try:
            tok = cascade.oauth_get_access_token(
                self._oaConsumer,
                self._oaToken
            )
        except cascade.CascadeError:
            self.response.set_status(403)
            return

        self.response.headers.add_header(
            u'Set-Cookie',
            u'%s=; domain=.yttrium.ws; path=/; max-age=0' % (
                REQUEST_TOKEN_COOKIE_NAME
            )
        )
        self.response.headers.add_header(
            u'Set-Cookie',
            u'%s=%s; domain=.yttrium.ws; path=/; max-age=2678400' % (
                ACCESS_TOKEN_COOKIE_NAME,
                cascade.oauth_token_to_query_string(tok)
            )
        )

        if url:
            self.redirect(url)
            return

        self.response.headers['Content-Type'] = 'text/plain'
        self.response.out.write('Access token: set')
Beispiel #3
0
                    self._oaToken
                )
            finally:
                if cascadeResp:
                    cascadeRespContent = ''.join(cascadeResp.readlines())
                    cascadeResp.close()

        # If we succeeded and we ended up refreshing the access token, update the
        # client with the new value
        if cascadeResp.code == 200 and \
           oaTokStr != self._oaToken.to_string():
            self.response.headers.add_header(
                u'Set-Cookie',
                u'%s=%s; domain=.yttrium.ws; path=/' % (
                    ACCESS_TOKEN_COOKIE_NAME,
                    cascade.oauth_token_to_query_string(self._oaToken)
                )
            )

        # Return some types of content pretty-printed, so that we don't have
        # to deal with doing this in the browser in JavaScript.
        if 'Content-Type' in cascadeResp.headers and \
           cascadeResp.headers['Content-Type'].startswith('application/json'):
            cascadeRespContent = simplejson.dumps(simplejson.loads(cascadeRespContent), indent=4)

        rc = cascadeResp.code
        if rc > 900:
            cascadeResp.headers['X-Yttrium-HTTP-Status'] = rc
            rc = 500

        self.response.set_status(rc)