def wrapper(request, *args, **kwargs):
data = request.headers
authorization = decode_authorization_header(data)
if authorization == dict():
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request_validator = GMGRequestValidator()
resource_endpoint = ResourceEndpoint(request_validator)
valid, r = resource_endpoint.validate_protected_resource_request(
uri=request.url,
http_method=request.method,
body=request.data,
headers=dict(request.headers),
)
if not valid:
error = "Invalid oauth prarameter."
return json_response({"error": error}, status=400)
# Fill user if not already
token = authorization[u"oauth_token"]
request.access_token = AccessToken.query.filter_by(token=token).first()
if request.access_token is not None and request.user is None:
user_id = request.access_token.actor
request.user = LocalUser.query.filter_by(id=user_id).first()
return controller(request, *args, **kwargs)
def wrapper(request, *args, **kwargs):
data = request.headers
authorization = decode_authorization_header(data)
if authorization == dict():
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request_validator = GMGRequestValidator()
resource_endpoint = ResourceEndpoint(request_validator)
valid, r = resource_endpoint.validate_protected_resource_request(
uri=request.url,
http_method=request.method,
body=request.data,
headers=dict(request.headers),
)
if not valid:
error = "Invalid oauth prarameter."
return json_response({"error": error}, status=400)
# Fill user if not already
token = authorization[u"oauth_token"]
request.access_token = AccessToken.query.filter_by(token=token).first()
if request.access_token is not None and request.user is None:
user_id = request.access_token.actor
request.user = LocalUser.query.filter_by(id=user_id).first()
return controller(request, *args, **kwargs)
def setup_user_in_request(request):
"""
Examine a request and tack on a request.user parameter if that's
appropriate.
"""
# If API request the user will be associated with the access token
authorization = decode_authorization_header(request.headers)
if authorization.get(u"access_token"):
# Check authorization header.
token = authorization[u"oauth_token"]
token = AccessToken.query.filter_by(token=token).first()
if token is not None:
request.user = token.user
return
if 'user_id' not in request.session:
request.user = None
return
request.user = User.query.get(request.session['user_id'])
if not request.user:
# Something's wrong... this user doesn't exist? Invalidate
# this session.
_log.warn("Killing session for user id %r", request.session['user_id'])
request.session.delete()
def setup_user_in_request(request):
"""
Examine a request and tack on a request.user parameter if that's
appropriate.
"""
# If API request the user will be associated with the access token
authorization = decode_authorization_header(request.headers)
if authorization.get(u"access_token"):
# Check authorization header.
token = authorization[u"oauth_token"]
token = AccessToken.query.filter_by(token=token).first()
if token is not None:
request.user = token.user
return
if 'user_id' not in request.session:
request.user = None
return
request.user = User.query.get(request.session['user_id'])
if not request.user:
# Something's wrong... this user doesn't exist? Invalidate
# this session.
_log.warn("Killing session for user id %r", request.session['user_id'])
request.session.delete()
def access_token(request):
""" Provides an access token based on a valid verifier and request token """
data = request.headers
parsed_tokens = decode_authorization_header(data)
if parsed_tokens == dict() or "oauth_token" not in parsed_tokens:
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request.resource_owner_key = parsed_tokens["oauth_consumer_key"]
request.oauth_token = parsed_tokens["oauth_token"]
request_validator = GMGRequestValidator(data)
# Check that the verifier is valid
verifier_valid = request_validator.validate_verifier(
token=request.oauth_token,
verifier=parsed_tokens["oauth_verifier"]
)
if not verifier_valid:
error = "Verifier code or token incorrect"
return json_response({"error": error}, status=401)
av = AccessTokenEndpoint(request_validator)
tokens = av.create_access_token(request, {})
return form_response(tokens)
def access_token(request):
""" Provides an access token based on a valid verifier and request token """
data = request.headers
parsed_tokens = decode_authorization_header(data)
if parsed_tokens == dict() or "oauth_token" not in parsed_tokens:
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request.oauth_token = parsed_tokens["oauth_token"]
request_validator = GMGRequestValidator(data)
av = AccessTokenEndpoint(request_validator)
tokens = av.create_access_token(request, {})
return form_response(tokens)
def access_token(request):
""" Provides an access token based on a valid verifier and request token """
data = request.headers
parsed_tokens = decode_authorization_header(data)
if parsed_tokens == dict() or "oauth_token" not in parsed_tokens:
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request.oauth_token = parsed_tokens["oauth_token"]
request_validator = GMGRequestValidator(data)
av = AccessTokenEndpoint(request_validator)
tokens = av.create_access_token(request, {})
return form_response(tokens)
def request_token(request):
""" Returns request token """
try:
data = decode_request(request)
except ValueError:
error = "Could not decode data."
return json_response({"error": error}, status=400)
if data == "":
error = "Unknown Content-Type"
return json_response({"error": error}, status=400)
if not data and request.headers:
data = request.headers
data = dict(data) # mutableifying
authorization = decode_authorization_header(data)
if authorization == dict() or u"oauth_consumer_key" not in authorization:
error = "Missing required parameter."
return json_response({"error": error}, status=400)
# check the client_id
client_id = authorization[u"oauth_consumer_key"]
client = Client.query.filter_by(id=client_id).first()
if client == None:
# client_id is invalid
error = "Invalid client_id"
return json_response({"error": error}, status=400)
# make request token and return to client
request_validator = GMGRequestValidator(authorization)
rv = RequestTokenEndpoint(request_validator)
tokens = rv.create_request_token(request, authorization)
# store the nonce & timestamp before we return back
nonce = authorization[u"oauth_nonce"]
timestamp = authorization[u"oauth_timestamp"]
timestamp = datetime.datetime.fromtimestamp(float(timestamp))
nc = NonceTimestamp(nonce=nonce, timestamp=timestamp)
nc.save()
return form_response(tokens)
def request_token(request):
""" Returns request token """
try:
data = decode_request(request)
except ValueError:
error = "Could not decode data."
return json_response({"error": error}, status=400)
if data == "":
error = "Unknown Content-Type"
return json_response({"error": error}, status=400)
if not data and request.headers:
data = request.headers
data = dict(data) # mutableifying
authorization = decode_authorization_header(data)
if authorization == dict() or u"oauth_consumer_key" not in authorization:
error = "Missing required parameter."
return json_response({"error": error}, status=400)
# check the client_id
client_id = authorization[u"oauth_consumer_key"]
client = Client.query.filter_by(id=client_id).first()
if client == None:
# client_id is invalid
error = "Invalid client_id"
return json_response({"error": error}, status=400)
# make request token and return to client
request_validator = GMGRequestValidator(authorization)
rv = RequestTokenEndpoint(request_validator)
tokens = rv.create_request_token(request, authorization)
# store the nonce & timestamp before we return back
nonce = authorization[u"oauth_nonce"]
timestamp = authorization[u"oauth_timestamp"]
timestamp = datetime.datetime.fromtimestamp(float(timestamp))
nc = NonceTimestamp(nonce=nonce, timestamp=timestamp)
nc.save()
return form_response(tokens)
def wrapper(request, *args, **kwargs):
data = request.headers
authorization = decode_authorization_header(data)
if authorization == dict():
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request_validator = GMGRequestValidator()
resource_endpoint = ResourceEndpoint(request_validator)
valid, request = resource_endpoint.validate_protected_resource_request(
uri=request.url,
http_method=request.method,
body=request.get_data(),
headers=dict(request.headers),
)
if not valid:
error = "Invalid oauth prarameter."
return json_response({"error": error}, status=400)
return controller(request, *args, **kwargs)
def wrapper(request, *args, **kwargs):
data = request.headers
authorization = decode_authorization_header(data)
if authorization == dict():
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request_validator = GMGRequestValidator()
resource_endpoint = ResourceEndpoint(request_validator)
valid, request = resource_endpoint.validate_protected_resource_request(
uri=request.url,
http_method=request.method,
body=request.get_data(),
headers=dict(request.headers),
)
if not valid:
error = "Invalid oauth prarameter."
return json_response({"error": error}, status=400)
return controller(request, *args, **kwargs)
def access_token(request):
""" Provides an access token based on a valid verifier and request token """
data = request.headers
parsed_tokens = decode_authorization_header(data)
if parsed_tokens == dict() or "oauth_token" not in parsed_tokens:
error = "Missing required parameter."
return json_response({"error": error}, status=400)
request.resource_owner_key = parsed_tokens["oauth_consumer_key"]
request.oauth_token = parsed_tokens["oauth_token"]
request_validator = GMGRequestValidator(data)
# Check that the verifier is valid
verifier_valid = request_validator.validate_verifier(
token=request.oauth_token, verifier=parsed_tokens["oauth_verifier"])
if not verifier_valid:
error = "Verifier code or token incorrect"
return json_response({"error": error}, status=401)
av = AccessTokenEndpoint(request_validator)
tokens = av.create_access_token(request, {})
return form_response(tokens)