def wrapper(request, *args, **kwargs): data = request.headers authorization = decode_authorization_header(data) if authorization == dict(): error = "Missing required parameter." return json_response({"error": error}, status=400) request_validator = GMGRequestValidator() resource_endpoint = ResourceEndpoint(request_validator) valid, r = resource_endpoint.validate_protected_resource_request( uri=request.url, http_method=request.method, body=request.data, headers=dict(request.headers), ) if not valid: error = "Invalid oauth prarameter." return json_response({"error": error}, status=400) # Fill user if not already token = authorization[u"oauth_token"] request.access_token = AccessToken.query.filter_by(token=token).first() if request.access_token is not None and request.user is None: user_id = request.access_token.actor request.user = LocalUser.query.filter_by(id=user_id).first() return controller(request, *args, **kwargs)
def wrapper(request, *args, **kwargs): data = request.headers authorization = decode_authorization_header(data) if authorization == dict(): error = "Missing required parameter." return json_response({"error": error}, status=400) request_validator = GMGRequestValidator() resource_endpoint = ResourceEndpoint(request_validator) valid, r = resource_endpoint.validate_protected_resource_request( uri=request.url, http_method=request.method, body=request.data, headers=dict(request.headers), ) if not valid: error = "Invalid oauth prarameter." return json_response({"error": error}, status=400) # Fill user if not already token = authorization[u"oauth_token"] request.access_token = AccessToken.query.filter_by(token=token).first() if request.access_token is not None and request.user is None: user_id = request.access_token.actor request.user = LocalUser.query.filter_by(id=user_id).first() return controller(request, *args, **kwargs)
def setup_user_in_request(request): """ Examine a request and tack on a request.user parameter if that's appropriate. """ # If API request the user will be associated with the access token authorization = decode_authorization_header(request.headers) if authorization.get(u"access_token"): # Check authorization header. token = authorization[u"oauth_token"] token = AccessToken.query.filter_by(token=token).first() if token is not None: request.user = token.user return if 'user_id' not in request.session: request.user = None return request.user = User.query.get(request.session['user_id']) if not request.user: # Something's wrong... this user doesn't exist? Invalidate # this session. _log.warn("Killing session for user id %r", request.session['user_id']) request.session.delete()
def setup_user_in_request(request): """ Examine a request and tack on a request.user parameter if that's appropriate. """ # If API request the user will be associated with the access token authorization = decode_authorization_header(request.headers) if authorization.get(u"access_token"): # Check authorization header. token = authorization[u"oauth_token"] token = AccessToken.query.filter_by(token=token).first() if token is not None: request.user = token.user return if 'user_id' not in request.session: request.user = None return request.user = User.query.get(request.session['user_id']) if not request.user: # Something's wrong... this user doesn't exist? Invalidate # this session. _log.warn("Killing session for user id %r", request.session['user_id']) request.session.delete()
def access_token(request): """ Provides an access token based on a valid verifier and request token """ data = request.headers parsed_tokens = decode_authorization_header(data) if parsed_tokens == dict() or "oauth_token" not in parsed_tokens: error = "Missing required parameter." return json_response({"error": error}, status=400) request.resource_owner_key = parsed_tokens["oauth_consumer_key"] request.oauth_token = parsed_tokens["oauth_token"] request_validator = GMGRequestValidator(data) # Check that the verifier is valid verifier_valid = request_validator.validate_verifier( token=request.oauth_token, verifier=parsed_tokens["oauth_verifier"] ) if not verifier_valid: error = "Verifier code or token incorrect" return json_response({"error": error}, status=401) av = AccessTokenEndpoint(request_validator) tokens = av.create_access_token(request, {}) return form_response(tokens)
def access_token(request): """ Provides an access token based on a valid verifier and request token """ data = request.headers parsed_tokens = decode_authorization_header(data) if parsed_tokens == dict() or "oauth_token" not in parsed_tokens: error = "Missing required parameter." return json_response({"error": error}, status=400) request.oauth_token = parsed_tokens["oauth_token"] request_validator = GMGRequestValidator(data) av = AccessTokenEndpoint(request_validator) tokens = av.create_access_token(request, {}) return form_response(tokens)
def access_token(request): """ Provides an access token based on a valid verifier and request token """ data = request.headers parsed_tokens = decode_authorization_header(data) if parsed_tokens == dict() or "oauth_token" not in parsed_tokens: error = "Missing required parameter." return json_response({"error": error}, status=400) request.oauth_token = parsed_tokens["oauth_token"] request_validator = GMGRequestValidator(data) av = AccessTokenEndpoint(request_validator) tokens = av.create_access_token(request, {}) return form_response(tokens)
def request_token(request): """ Returns request token """ try: data = decode_request(request) except ValueError: error = "Could not decode data." return json_response({"error": error}, status=400) if data == "": error = "Unknown Content-Type" return json_response({"error": error}, status=400) if not data and request.headers: data = request.headers data = dict(data) # mutableifying authorization = decode_authorization_header(data) if authorization == dict() or u"oauth_consumer_key" not in authorization: error = "Missing required parameter." return json_response({"error": error}, status=400) # check the client_id client_id = authorization[u"oauth_consumer_key"] client = Client.query.filter_by(id=client_id).first() if client == None: # client_id is invalid error = "Invalid client_id" return json_response({"error": error}, status=400) # make request token and return to client request_validator = GMGRequestValidator(authorization) rv = RequestTokenEndpoint(request_validator) tokens = rv.create_request_token(request, authorization) # store the nonce & timestamp before we return back nonce = authorization[u"oauth_nonce"] timestamp = authorization[u"oauth_timestamp"] timestamp = datetime.datetime.fromtimestamp(float(timestamp)) nc = NonceTimestamp(nonce=nonce, timestamp=timestamp) nc.save() return form_response(tokens)
def request_token(request): """ Returns request token """ try: data = decode_request(request) except ValueError: error = "Could not decode data." return json_response({"error": error}, status=400) if data == "": error = "Unknown Content-Type" return json_response({"error": error}, status=400) if not data and request.headers: data = request.headers data = dict(data) # mutableifying authorization = decode_authorization_header(data) if authorization == dict() or u"oauth_consumer_key" not in authorization: error = "Missing required parameter." return json_response({"error": error}, status=400) # check the client_id client_id = authorization[u"oauth_consumer_key"] client = Client.query.filter_by(id=client_id).first() if client == None: # client_id is invalid error = "Invalid client_id" return json_response({"error": error}, status=400) # make request token and return to client request_validator = GMGRequestValidator(authorization) rv = RequestTokenEndpoint(request_validator) tokens = rv.create_request_token(request, authorization) # store the nonce & timestamp before we return back nonce = authorization[u"oauth_nonce"] timestamp = authorization[u"oauth_timestamp"] timestamp = datetime.datetime.fromtimestamp(float(timestamp)) nc = NonceTimestamp(nonce=nonce, timestamp=timestamp) nc.save() return form_response(tokens)
def wrapper(request, *args, **kwargs): data = request.headers authorization = decode_authorization_header(data) if authorization == dict(): error = "Missing required parameter." return json_response({"error": error}, status=400) request_validator = GMGRequestValidator() resource_endpoint = ResourceEndpoint(request_validator) valid, request = resource_endpoint.validate_protected_resource_request( uri=request.url, http_method=request.method, body=request.get_data(), headers=dict(request.headers), ) if not valid: error = "Invalid oauth prarameter." return json_response({"error": error}, status=400) return controller(request, *args, **kwargs)
def wrapper(request, *args, **kwargs): data = request.headers authorization = decode_authorization_header(data) if authorization == dict(): error = "Missing required parameter." return json_response({"error": error}, status=400) request_validator = GMGRequestValidator() resource_endpoint = ResourceEndpoint(request_validator) valid, request = resource_endpoint.validate_protected_resource_request( uri=request.url, http_method=request.method, body=request.get_data(), headers=dict(request.headers), ) if not valid: error = "Invalid oauth prarameter." return json_response({"error": error}, status=400) return controller(request, *args, **kwargs)
def access_token(request): """ Provides an access token based on a valid verifier and request token """ data = request.headers parsed_tokens = decode_authorization_header(data) if parsed_tokens == dict() or "oauth_token" not in parsed_tokens: error = "Missing required parameter." return json_response({"error": error}, status=400) request.resource_owner_key = parsed_tokens["oauth_consumer_key"] request.oauth_token = parsed_tokens["oauth_token"] request_validator = GMGRequestValidator(data) # Check that the verifier is valid verifier_valid = request_validator.validate_verifier( token=request.oauth_token, verifier=parsed_tokens["oauth_verifier"]) if not verifier_valid: error = "Verifier code or token incorrect" return json_response({"error": error}, status=401) av = AccessTokenEndpoint(request_validator) tokens = av.create_access_token(request, {}) return form_response(tokens)