def _x_request_elements_filter(cls, request_type, request_elements,
credentials):
if request_type == cls.ACCESS_TOKEN_REQUEST_TYPE:
url, method, params, headers, body = request_elements
params['grant_type'] = 'client_credentials'
request_elements = core.RequestElements(url, method, params,
headers, body)
return request_elements
def _x_request_elements_filter(cls, request_type, request_elements,
credentials):
if request_type == cls.PROTECTED_RESOURCE_REQUEST_TYPE:
# LinkedIn too has it's own terminology!
url, method, params, headers, body = request_elements
params['oauth2_access_token'] = params.pop('access_token')
request_elements = core.RequestElements(url, method, params,
headers, body)
return request_elements
def _x_request_elements_filter(cls, request_type, request_elements,
credentials):
if request_type == cls.PROTECTED_RESOURCE_REQUEST_TYPE:
# Foursquare uses OAuth 1.0 "oauth_token" for what should be "access_token" in OAuth 2.0!
url, method, params, headers, body = request_elements
params['oauth_token'] = params.pop('access_token')
request_elements = core.RequestElements(url, method, params,
headers, body)
return request_elements
def _x_request_elements_filter(cls, request_type, request_elements,
credentials):
if request_type == cls.REFRESH_TOKEN_REQUEST_TYPE:
# As always, Facebook has it's original name for "refresh_token"!
url, method, params, headers, body = request_elements
params['fb_exchange_token'] = params.pop('refresh_token')
params['grant_type'] = 'fb_exchange_token'
request_elements = core.RequestElements(url, method, params,
headers, body)
return request_elements
def _x_request_elements_filter(cls, request_type, request_elements,
credentials):
if request_type == cls.PROTECTED_RESOURCE_REQUEST_TYPE:
# Foursquare uses OAuth 1.0 "oauth_token" for what should be
# "access_token" in OAuth 2.0!
url, method, params, headers, body = request_elements
params['oauth_token'] = params.pop('access_token')
# Foursquare needs the version "v" parameter in every request.
# https://developer.foursquare.com/overview/versioning
if not params.get('v'):
params['v'] = '20140501'
request_elements = core.RequestElements(url, method, params,
headers, body)
return request_elements
def create_request_elements(cls, request_type, credentials, url, params=None, headers=None,
body='', method='GET', verifier='', callback=''):
"""
Creates |oauth1| request elements.
"""
params = params or {}
headers = headers or {}
consumer_key = credentials.consumer_key or ''
consumer_secret = credentials.consumer_secret or ''
token = credentials.token or ''
token_secret = credentials.token_secret or ''
# separate url base and query parameters
url, base_params = cls._split_url(url)
# add extracted params to future params
params.update(dict(base_params))
if request_type == cls.USER_AUTHORIZATION_REQUEST_TYPE:
# no need for signature
if token:
params['oauth_token'] = token
else:
raise OAuth1Error('Credentials with valid token are required to create User Authorization URL!')
else:
# signature needed
if request_type == cls.REQUEST_TOKEN_REQUEST_TYPE:
# Request Token URL
if consumer_key and consumer_secret and callback:
params['oauth_consumer_key'] = consumer_key
params['oauth_callback'] = callback
else:
raise OAuth1Error('Credentials with valid consumer_key, consumer_secret and ' +\
'callback are required to create Request Token URL!')
elif request_type == cls.ACCESS_TOKEN_REQUEST_TYPE:
# Access Token URL
if consumer_key and consumer_secret and token and verifier:
params['oauth_token'] = token
params['oauth_consumer_key'] = consumer_key
params['oauth_verifier'] = verifier
else:
raise OAuth1Error('Credentials with valid consumer_key, consumer_secret, token ' +\
'and argument verifier are required to create Access Token URL!')
elif request_type == cls.PROTECTED_RESOURCE_REQUEST_TYPE:
# Protected Resources URL
if consumer_key and consumer_secret and token and token_secret:
params['oauth_token'] = token
params['oauth_consumer_key'] = consumer_key
else:
raise OAuth1Error('Credentials with valid consumer_key, consumer_secret, token and ' +\
'token_secret are required to create Protected Resources URL!')
# Sign request.
# http://oauth.net/core/1.0a/#anchor13
# Prepare parameters for signature base string
# http://oauth.net/core/1.0a/#rfc.section.9.1
params['oauth_signature_method'] = cls._signature_generator.method
params['oauth_timestamp'] = str(int(time.time()))
params['oauth_nonce'] = cls.csrf_generator(str(uuid.uuid4()))
params['oauth_version'] = '1.0'
# add signature to params
params['oauth_signature'] = cls._signature_generator.create_signature(method, url, params, consumer_secret, token_secret)
request_elements = core.RequestElements(url, method, params, headers, body)
return cls._x_request_elements_filter(request_type, request_elements, credentials)
def create_request_elements(cls,
request_type,
credentials,
url,
method='GET',
params=None,
headers=None,
body='',
redirect_uri='',
scope='',
csrf=''):
"""
Creates |oauth2| request elements.
"""
headers = headers or {}
params = params or {}
consumer_key = credentials.consumer_key or ''
consumer_secret = credentials.consumer_secret or ''
token = credentials.token or ''
refresh_token = credentials.refresh_token or credentials.token or ''
# Separate url base and query parameters.
url, base_params = cls._split_url(url)
# Add params extracted from URL.
params.update(dict(base_params))
if request_type == cls.USER_AUTHORIZATION_REQUEST_TYPE:
# User authorization request.
if consumer_key and redirect_uri and (
csrf or not cls.supports_csrf_protection):
params['client_id'] = consumer_key
params['redirect_uri'] = redirect_uri
params['scope'] = scope
params['state'] = csrf or cls.csrf_generator()
params['response_type'] = 'code'
# Add authorization header
headers.update(cls._authorization_header(credentials))
else:
raise OAuth2Error('Credentials with valid consumer_key and arguments redirect_uri, scope and ' + \
'state are required to create OAuth 2.0 user authorization request elements!')
elif request_type == cls.ACCESS_TOKEN_REQUEST_TYPE:
# Access token request.
if consumer_key and consumer_secret:
params['code'] = token
params['client_id'] = consumer_key
params['client_secret'] = consumer_secret
params['redirect_uri'] = redirect_uri
params['grant_type'] = 'authorization_code'
# TODO: Check whether all providers accept it
headers.update(cls._authorization_header(credentials))
else:
raise OAuth2Error('Credentials with valid token, consumer_key, consumer_secret and argument ' + \
'redirect_uri are required to create OAuth 2.0 access token request elements!')
elif request_type == cls.REFRESH_TOKEN_REQUEST_TYPE:
# Refresh access token request.
if refresh_token and consumer_key and consumer_secret:
params['refresh_token'] = refresh_token
params['client_id'] = consumer_key
params['client_secret'] = consumer_secret
params['grant_type'] = 'refresh_token'
else:
raise OAuth2Error('Credentials with valid refresh_token, consumer_key, consumer_secret ' + \
'are required to create OAuth 2.0 refresh token request elements!')
elif request_type == cls.PROTECTED_RESOURCE_REQUEST_TYPE:
# Protected resource request.
# Add Authorization header. See: http://tools.ietf.org/html/rfc6749#section-7.1
if credentials.token_type == cls.BEARER:
# http://tools.ietf.org/html/rfc6750#section-2.1
headers.update(
{'Authorization': 'Bearer {}'.format(credentials.token)})
elif token:
params['access_token'] = token
else:
raise OAuth2Error('Credentials with valid token are required to create ' + \
'OAuth 2.0 protected resources request elements!')
request_elements = core.RequestElements(url, method, params, headers,
body)
return cls._x_request_elements_filter(request_type, request_elements,
credentials)
