def initialize_server_request(request): """ Shortcut for initialization. """ if request.method in ('POST', 'PUT'): params = dict(request.REQUEST.items()) else: params = {} # Seems that we want to put HTTP_AUTHORIZATION into 'Authorization' # for oauth.py to understand. Lovely. request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '') oauth_request = oauth.OAuthRequest.from_request( request.method, request.build_absolute_uri(), headers=request.META, parameters=params, query_string=request.environ.get('QUERY_STRING', ''), is_ssl=request.is_secure()) if oauth_request: oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request)) oauth_server.add_signature_method( oauth.OAuthSignatureMethod_PLAINTEXT()) oauth_server.add_signature_method( oauth.OAuthSignatureMethod_HMAC_SHA1()) else: oauth_server = None return oauth_server, oauth_request
def initialize_server_request(request): """ Shortcut for initialization. """ # c.f. http://www.mail-archive.com/[email protected]/msg01556.html if request.method == "POST" and request.META['CONTENT_TYPE'] == "application/x-www-form-urlencoded": params = dict(request.POST.items()) params.update(dict(request.GET.items())) else: params = {} # Seems that we want to put HTTP_AUTHORIZATION into 'Authorization' # for oauth.py to understand. Lovely. request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '') oauth_request = oauth.OAuthRequest.from_request( request.method, request.build_absolute_uri(), headers=request.META, parameters=params, query_string=request.environ.get('QUERY_STRING', '')) if oauth_request: oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request)) oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT()) oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) else: oauth_server = None return oauth_server, oauth_request
def initialize_server_request(request): """Shortcut for initialization.""" auth_header = {} if 'Authorization' in request.headers: auth_header = {'Authorization': request.headers['Authorization']} parameters = dict([(argument_name, request.get(argument_name)) for argument_name in request.arguments()]) oauth_request = oauth.OAuthRequest.from_request( request.method, request.url, headers=request.headers, parameters=parameters, query_string=request.query_string) if oauth_request: oauth_server = oauth.OAuthServer(GAEOAuthDataStore(oauth_request)) if 'plaintext' in OAUTH_SIGNATURE_METHODS: oauth_server.add_signature_method( oauth.OAuthSignatureMethod_PLAINTEXT()) if 'hmac-sha1' in OAUTH_SIGNATURE_METHODS: oauth_server.add_signature_method( oauth.OAuthSignatureMethod_HMAC_SHA1()) else: oauth_server = None return oauth_server, oauth_request
def handlelaunch(self, web): # Check for sanity - silently return version = web.request.get('lti_version') if ( len(version) < 1 ) : return message = web.request.get('lti_message_type') if message != 'basic-lti-launch-request' : return resource_link_id = web.request.get("resource_link_id") oauth_consumer_key = web.request.get("oauth_consumer_key") if len(oauth_consumer_key) <= 0 or len(resource_link_id) <= 0 : self.launcherror(web, None, "Missing one of resource_link_id or oauth_consumer_key") return urlpath = web.request.path # Do OAuth Here options = None self.oauth_server = oauth.OAuthServer(LTI_OAuthDataStore(web, options)) self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT()) self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) params = dict(web.request.params) # construct the oauth request from the request parameters oauth_request = oauth.OAuthRequest.from_request("POST", web.request.url, headers=web.request.headers, parameters=params) # verify the request has been oauth authorized try: logging.debug(self.requestdebug(web)) consumer, token, params = self.oauth_server.verify_request(oauth_request) except oauth.OAuthError, err: logging.info(err) self.launcherror(web, None, "OAuth Security Validation failed:"+err.mymessage) return
def verify_signature(post, url, key, secret, newsecret, launch) : if secret is None or url is None: # TODO Get mad and redirect launch.message = 'Must have a secret and url to verify' return # We want to check the old secret and the new secret and if # we have an http:// url, also try the https:// validation # In case we are behind ngrok or cloudflare and have the correct # Host but not the correct scheme fail = None urls = list() urls.append(url) if url.startswith('http://') : urls.append(url.replace('http://', 'https://', 1)) for the_secret in [secret, newsecret] : if the_secret is None : continue for the_url in urls: oauth_request = oauth.OAuthRequest.from_request('POST', the_url, None, post) ts = trivialstore.TrivialDataStore() trivialstore.secret = secret server = oauth.OAuthServer(ts) server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) consumer = oauth.OAuthConsumer(key,the_secret) try: verify = server._check_signature(oauth_request, consumer, None) print "OAuth Success" return True except oauth.OAuthError as oae: print "OAuth Failed" # print oae.mymessage if fail is None: fail = oae.mymessage if fail is None: fail = 'Unknown error during OAuth validation' launch.detail = fail launch.message = fail pos = fail.find(' Expected signature base string: ') if pos > 0 : launch.message = fail[:pos] url = post.get('launch_presentation_return_url') if url is not None: parms = { 'lti_errorlog' : launch.detail, 'lti_errormsg' : launch.message } if '?' in url : url += '&' else : url += '?' url += urllib.urlencode(parms) print url launch.redirecturl = url
def initialize_server_request(request): """ Shortcut for initialization. """ oauth_datastore = load_data_store() oauth_request = oauth.OAuthRequest.from_request( request.method, request.build_absolute_uri(), headers=request.META, parameters=dict(request.REQUEST.items()), query_string=request.environ.get('QUERY_STRING', '')) if oauth_request: oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request)) oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT()) oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) else: oauth_server = None return oauth_server, oauth_request
def lookup_token(self, oauth_consumer, token_type, token): if token_type != 'access': raise NotImplementedError c = APIClient.objects.get(consumer_key=oauth_consumer.key) return oauth.OAuthToken(c.consumer_key, c.consumer_secret) def lookup_nonce(self, oauth_consumer, oauth_token, nonce): """ FIXME this to actually check for nonces """ return None # create the oauth server OAUTH_SERVER = oauth.OAuthServer(OAuthDataStore()) OAUTH_SERVER.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) def get_api_client(request): parameters = request.POST.copy() parameters.update(request.GET) full_url = request.get_full_path() oauth_request = oauth.OAuthRequest.from_request(request.method, full_url, headers=request.META, parameters=parameters, query_string=None)
def __init__(self, *args, **kwargs): self.oauth_server = oauth.OAuthServer(MockOAuthDataStore()) self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT()) self.oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) BaseHTTPRequestHandler.__init__(self, *args, **kwargs)