def initialize_server_request(request):
"""
Shortcut for initialization.
"""
if request.method in ('POST', 'PUT'):
params = dict(request.REQUEST.items())
else:
params = {}
# Seems that we want to put HTTP_AUTHORIZATION into 'Authorization'
# for oauth.py to understand. Lovely.
request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '')
oauth_request = oauth.OAuthRequest.from_request(
request.method,
request.build_absolute_uri(),
headers=request.META,
parameters=params,
query_string=request.environ.get('QUERY_STRING', ''),
is_ssl=request.is_secure())
if oauth_request:
oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request))
oauth_server.add_signature_method(
oauth.OAuthSignatureMethod_PLAINTEXT())
oauth_server.add_signature_method(
oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
return oauth_server, oauth_request
def initialize_server_request(request):
"""
Shortcut for initialization.
"""
# c.f. http://www.mail-archive.com/[email protected]/msg01556.html
if request.method == "POST" and request.META['CONTENT_TYPE'] == "application/x-www-form-urlencoded":
params = dict(request.POST.items())
params.update(dict(request.GET.items()))
else:
params = {}
# Seems that we want to put HTTP_AUTHORIZATION into 'Authorization'
# for oauth.py to understand. Lovely.
request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '')
oauth_request = oauth.OAuthRequest.from_request(
request.method, request.build_absolute_uri(),
headers=request.META, parameters=params,
query_string=request.environ.get('QUERY_STRING', ''))
if oauth_request:
oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request))
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
return oauth_server, oauth_request
def initialize_server_request(request):
"""Shortcut for initialization."""
auth_header = {}
if 'Authorization' in request.headers:
auth_header = {'Authorization': request.headers['Authorization']}
parameters = dict([(argument_name, request.get(argument_name))
for argument_name in request.arguments()])
oauth_request = oauth.OAuthRequest.from_request(
request.method,
request.url,
headers=request.headers,
parameters=parameters,
query_string=request.query_string)
if oauth_request:
oauth_server = oauth.OAuthServer(GAEOAuthDataStore(oauth_request))
if 'plaintext' in OAUTH_SIGNATURE_METHODS:
oauth_server.add_signature_method(
oauth.OAuthSignatureMethod_PLAINTEXT())
if 'hmac-sha1' in OAUTH_SIGNATURE_METHODS:
oauth_server.add_signature_method(
oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
return oauth_server, oauth_request
def handlelaunch(self, web):
# Check for sanity - silently return
version = web.request.get('lti_version')
if ( len(version) < 1 ) : return
message = web.request.get('lti_message_type')
if message != 'basic-lti-launch-request' : return
resource_link_id = web.request.get("resource_link_id")
oauth_consumer_key = web.request.get("oauth_consumer_key")
if len(oauth_consumer_key) <= 0 or len(resource_link_id) <= 0 :
self.launcherror(web, None, "Missing one of resource_link_id or oauth_consumer_key")
return
urlpath = web.request.path
# Do OAuth Here
options = None
self.oauth_server = oauth.OAuthServer(LTI_OAuthDataStore(web, options))
self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
params = dict(web.request.params)
# construct the oauth request from the request parameters
oauth_request = oauth.OAuthRequest.from_request("POST", web.request.url, headers=web.request.headers, parameters=params)
# verify the request has been oauth authorized
try:
logging.debug(self.requestdebug(web))
consumer, token, params = self.oauth_server.verify_request(oauth_request)
except oauth.OAuthError, err:
logging.info(err)
self.launcherror(web, None, "OAuth Security Validation failed:"+err.mymessage)
return
def verify_signature(post, url, key, secret, newsecret, launch) :
if secret is None or url is None:
# TODO Get mad and redirect
launch.message = 'Must have a secret and url to verify'
return
# We want to check the old secret and the new secret and if
# we have an http:// url, also try the https:// validation
# In case we are behind ngrok or cloudflare and have the correct
# Host but not the correct scheme
fail = None
urls = list()
urls.append(url)
if url.startswith('http://') :
urls.append(url.replace('http://', 'https://', 1))
for the_secret in [secret, newsecret] :
if the_secret is None : continue
for the_url in urls:
oauth_request = oauth.OAuthRequest.from_request('POST', the_url, None, post)
ts = trivialstore.TrivialDataStore()
trivialstore.secret = secret
server = oauth.OAuthServer(ts)
server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
consumer = oauth.OAuthConsumer(key,the_secret)
try:
verify = server._check_signature(oauth_request, consumer, None)
print "OAuth Success"
return True
except oauth.OAuthError as oae:
print "OAuth Failed"
# print oae.mymessage
if fail is None:
fail = oae.mymessage
if fail is None:
fail = 'Unknown error during OAuth validation'
launch.detail = fail
launch.message = fail
pos = fail.find(' Expected signature base string: ')
if pos > 0 : launch.message = fail[:pos]
url = post.get('launch_presentation_return_url')
if url is not None:
parms = { 'lti_errorlog' : launch.detail,
'lti_errormsg' : launch.message }
if '?' in url : url += '&'
else : url += '?'
url += urllib.urlencode(parms)
print url
launch.redirecturl = url
def initialize_server_request(request):
"""
Shortcut for initialization.
"""
oauth_datastore = load_data_store()
oauth_request = oauth.OAuthRequest.from_request(
request.method, request.build_absolute_uri(),
headers=request.META, parameters=dict(request.REQUEST.items()),
query_string=request.environ.get('QUERY_STRING', ''))
if oauth_request:
oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request))
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
return oauth_server, oauth_request
def lookup_token(self, oauth_consumer, token_type, token):
if token_type != 'access':
raise NotImplementedError
c = APIClient.objects.get(consumer_key=oauth_consumer.key)
return oauth.OAuthToken(c.consumer_key, c.consumer_secret)
def lookup_nonce(self, oauth_consumer, oauth_token, nonce):
"""
FIXME this to actually check for nonces
"""
return None
# create the oauth server
OAUTH_SERVER = oauth.OAuthServer(OAuthDataStore())
OAUTH_SERVER.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
def get_api_client(request):
parameters = request.POST.copy()
parameters.update(request.GET)
full_url = request.get_full_path()
oauth_request = oauth.OAuthRequest.from_request(request.method,
full_url,
headers=request.META,
parameters=parameters,
query_string=None)
def __init__(self, *args, **kwargs):
self.oauth_server = oauth.OAuthServer(MockOAuthDataStore())
self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
BaseHTTPRequestHandler.__init__(self, *args, **kwargs)
