Example #1
0
def login(request):
    init_third_party_session(request)
    force_login = request.GET.get('force_login',
                                  settings.TWITTER_AUTH_FORCE_LOGIN)
    consumer = oauth.Consumer(settings.TWITTER_TOKEN,
                              settings.TWITTER_SECRET)
    client = oauth.Client(consumer)
    resp, content = client.request(request_token_url, "GET")
    if resp['status'] != '200':
        messages.error(request, 'Invalid Twitter response')
        logger.error("Invalid twitter response %s", resp)
        return HttpResponseRedirect(reverse('edit_profile'))

    oa_resp = dict(cgi.parse_qsl(content))
    if 'status' in oa_resp and oa_resp['status'] != '200':
        messages.error(request, 'Invalid Twitter response')
        logger.error("Invalid twitter response %s", resp)
        return HttpResponseRedirect(reverse('edit_profile'))

    request.session['request_token'] = dict(cgi.parse_qsl(content))
    params = {
        'oauth_token': request.session['request_token']['oauth_token'],
    }
    if force_login:
        params['force_login'] = 1

    if request.GET.get('key', None):
        request.session['pending_key'] = request.GET.get('key')

    if request.GET.get('next', None):
        request.session['next_url'] = request.GET.get('next')

    url = "%s?%s" % (authenticate_url, urllib.urlencode(params))
    return HttpResponseRedirect(url)
Example #2
0
 def commitPayment(self, userId, payerId, token, amt, itemId):
     returnObj = {}
     
     if identity.verifyUser(userId):
         postDetails = { 'USER': common.UID,
                          'PWD': common.PASSWORD,
                          'SIGNATURE': common.SIG,
                          'METHOD': 'DoExpressCheckoutPayment',
                          'VERSION': common.VER,
                          'AMT': amt,
                          'TOKEN': token,
                          'PAYERID': payerId,
                          'PAYMENTACTION': 'Sale' };
 
         response = common.curl(common.URLBASE, postDetails)
         
         #HACK: On sandbox the first request will fail - we need to wait for 2 seconds and then try again
         if response == False:
             time.sleep(2)
             response = dict(cgi.parse_qsl(common.curl(common.URLBASE, postDetails)))
         else:
             response = dict(cgi.parse_qsl(response))
         
         returnObj['transactionId'] = response["PAYMENTINFO_0_TRANSACTIONID"]
         returnObj['orderTime'] = response["PAYMENTINFO_0_ORDERTIME"]
         returnObj['paymentStatus'] = response["PAYMENTINFO_0_PAYMENTSTATUS"]
         returnObj['itemId'] = itemId
         returnObj['userId'] = userId
         
         identity.recordPayment(returnObj)
     
     return json.write(returnObj)
    def test_bucket_GET_max_keys(self):
        class FakeApp(object):
            def __call__(self, env, start_response):
                self.query_string = env['QUERY_STRING']
                start_response('200 OK', [])
                return '[]'
        fake_app = FakeApp()
        local_app = swift3.filter_factory({})(fake_app)
        bucket_name = 'junk'

        req = Request.blank('/%s' % bucket_name,
                environ={'REQUEST_METHOD': 'GET',
                         'QUERY_STRING': 'max-keys=5'},
                headers={'Authorization': 'AWS test:tester:hmac'})
        resp = local_app(req.environ, lambda *args: None)
        dom = xml.dom.minidom.parseString("".join(resp))
        self.assertEquals(dom.getElementsByTagName('MaxKeys')[0].
                childNodes[0].nodeValue, '5')
        args = dict(cgi.parse_qsl(fake_app.query_string))
        self.assert_(args['limit'] == '6')

        req = Request.blank('/%s' % bucket_name,
                environ={'REQUEST_METHOD': 'GET',
                         'QUERY_STRING': 'max-keys=5000'},
                headers={'Authorization': 'AWS test:tester:hmac'})
        resp = local_app(req.environ, lambda *args: None)
        dom = xml.dom.minidom.parseString("".join(resp))
        self.assertEquals(dom.getElementsByTagName('MaxKeys')[0].
                childNodes[0].nodeValue, '1000')
        args = dict(cgi.parse_qsl(fake_app.query_string))
        self.assertEquals(args['limit'], '1001')
Example #4
0
def parse_parameters(request):
    """
    Parse request parameters in a gds.burp.Burp request/response object.

    @param request: A gds.burp.Burp request/response object.
    @return: A dict containing parameters and values from query string,
    body and multipart/form-data.
    @rtype: dict
    """
    parameters = {}

    if request.url.query:
        parameters['query'] = dict(cgi.parse_qsl(request.url.query))

    content_type = request.get_request_header('Content-Type')

    if 'amf' in content_type.lower():
        # Don't even try to parse a binary AMF request
        return

    elif 'multipart/form-data' in content_type.lower():
        boundary = re.search(FORM_DATA, content_type).group(1)
        params = parse_multipart_form(request.get_request_body(), boundary)
        parameters['multipart_form'] = params

    elif 'json' in content_type.lower():
        parameters['json'] = json.loads(request.get_request_body())

    elif request.get_request_body():
        parameters['body'] = dict(cgi.parse_qsl(request.get_request_body()))

    return parameters
Example #5
0
def _build_signature_base_string(oauth_params, http_method, http_url, http_data):

    normalized_http_method = http_method.upper()

    url_parts = urlparse.urlsplit(http_url)
    scheme = url_parts.scheme
    host = url_parts.hostname
    port = url_parts.port
    if port is not None:
        if not ((port == 80 and scheme == 'http') or (port == 443 and scheme == 'https')):
            host += ':' + str(port)
    path = url_parts.path
    if not path:
        path = '/'
    normalized_http_url = scheme + '://' + host + path

    params = list(oauth_params)
    if url_parts.query:
        params.extend(cgi.parse_qsl(url_parts.query, True))
    if http_data:
        params.extend(cgi.parse_qsl(http_data, True))
    params = [(escape(k), escape(v)) for k, v in params]
    params.sort()
    normalized_params = '&'.join(k + '=' + v for k, v in params)

    return escape(normalized_http_method) + '&' + escape(normalized_http_url) + '&' + escape(normalized_params)
Example #6
0
def getAccess():
    # create the OAuth consumer credentials
    consumer = oauth.Consumer('bzj2pmrs283kepwbgu58aw47','xJSZwBZxFp')
     
    # make the initial request for the request token
    client = oauth.Client(consumer)
    response, content = client.request('http://api.rdio.com/oauth/request_token', 'POST', urllib.urlencode({'oauth_callback':'oob'}))
    parsed_content = dict(cgi.parse_qsl(content))
    request_token = oauth.Token(parsed_content['oauth_token'], parsed_content['oauth_token_secret'])
     
    # ask the user to authorize this application
    print 'Authorize this application at: %s?oauth_token=%s' % (parsed_content['login_url'], parsed_content['oauth_token'])
    oauth_verifier = raw_input('Enter the PIN / OAuth verifier: ').strip()
    # associate the verifier with the request token
    request_token.set_verifier(oauth_verifier)
     
    # upgrade the request token to an access token
    client = oauth.Client(consumer, request_token)
    response, content = client.request('http://api.rdio.com/oauth/access_token', 'POST')
    parsed_content = dict(cgi.parse_qsl(content))
    print(parsed_content)
    access_token = oauth.Token(parsed_content['oauth_token'], parsed_content['oauth_token_secret'])
    print access_token
    # make an authenticated API call
    client = oauth.Client(consumer, access_token)
    response = client.request('http://api.rdio.com/1/', 'POST', urllib.urlencode({'method': 'currentUser'}))
    print response[1]
    def test_bucket_GET_max_keys(self):
        class FakeApp(object):
            def __call__(self, env, start_response):
                self.query_string = env["QUERY_STRING"]
                start_response("200 OK", [])
                return "[]"

        fake_app = FakeApp()
        local_app = swift3.filter_factory({})(fake_app)
        bucket_name = "junk"

        req = Request.blank(
            "/%s" % bucket_name,
            environ={"REQUEST_METHOD": "GET", "QUERY_STRING": "max-keys=5"},
            headers={"Authorization": "AWS test:tester:hmac"},
        )
        resp = local_app(req.environ, lambda *args: None)
        dom = xml.dom.minidom.parseString("".join(resp))
        self.assertEquals(dom.getElementsByTagName("MaxKeys")[0].childNodes[0].nodeValue, "5")
        args = dict(cgi.parse_qsl(fake_app.query_string))
        self.assert_(args["limit"] == "6")

        req = Request.blank(
            "/%s" % bucket_name,
            environ={"REQUEST_METHOD": "GET", "QUERY_STRING": "max-keys=5000"},
            headers={"Authorization": "AWS test:tester:hmac"},
        )
        resp = local_app(req.environ, lambda *args: None)
        dom = xml.dom.minidom.parseString("".join(resp))
        self.assertEquals(dom.getElementsByTagName("MaxKeys")[0].childNodes[0].nodeValue, "1000")
        args = dict(cgi.parse_qsl(fake_app.query_string))
        self.assertEquals(args["limit"], "1001")
Example #8
0
    def register(self, oauth_token=None, oauth_secret=None, pin=None, callbackurl = None):
        #CONSUMER
        oauth_consumer = oauth2.Consumer(key=self.settings['CONSUMER_KEY'], secret=self.settings['CONSUMER_SECRET'])

        if oauth_token:
            #REGISTER FINAL STEP
            token = oauth2.Token(oauth_token, oauth_secret)
            token.set_verifier(pin)
            oauth_client = oauth2.Client(oauth_consumer, token)
            resp, content = oauth_client.request(self.settings['ACCESS_TOKEN_URL'], method='POST', body='oauth_verifier=%s' % pin)
            access_token = dict(cgi.parse_qsl(content))

            #CHECK RESPONSE
            if resp['status'] != '200':
                return False
            else:
                return access_token
        else:
            #REGISTER FIRST STEP
            oauth_client = oauth2.Client(oauth_consumer)
            resp, content = oauth_client.request(self.settings['REQUEST_TOKEN_URL'], 'POST', body='oauth_callback=%s' % callbackurl)

            #CHECK RESPONSE
            if resp['status'] != '200':
                return False
            else:
                request_token = dict(cgi.parse_qsl(content))
                return {"url": "%s?oauth_token=%s" % (self.settings['AUTHORIZATION_URL'], request_token['oauth_token']),
                        "data": request_token}
Example #9
0
    def test_bucket_GET_max_keys(self):
        bucket_name = 'junk'

        req = Request.blank('/%s?max-keys=5' % bucket_name,
                            environ={'REQUEST_METHOD': 'GET'},
                            headers={'Authorization': 'AWS test:tester:hmac',
                                     'Date': self.get_date_header()})
        status, headers, body = self.call_s3api(req)
        elem = fromstring(body, 'ListBucketResult')
        self.assertEqual(elem.find('./MaxKeys').text, '5')
        _, path = self.swift.calls[-1]
        _, query_string = path.split('?')
        args = dict(cgi.parse_qsl(query_string))
        self.assertEqual(args['limit'], '6')

        req = Request.blank('/%s?max-keys=5000' % bucket_name,
                            environ={'REQUEST_METHOD': 'GET'},
                            headers={'Authorization': 'AWS test:tester:hmac',
                                     'Date': self.get_date_header()})
        status, headers, body = self.call_s3api(req)
        elem = fromstring(body, 'ListBucketResult')
        self.assertEqual(elem.find('./MaxKeys').text, '5000')
        _, path = self.swift.calls[-1]
        _, query_string = path.split('?')
        args = dict(cgi.parse_qsl(query_string))
        self.assertEqual(args['limit'], '1001')
Example #10
0
    def test_bucket_GET_max_keys(self):
        bucket_name = 'junk'

        req = Request.blank('/%s' % bucket_name,
                            environ={'REQUEST_METHOD': 'GET',
                                     'QUERY_STRING': 'max-keys=5'},
                            headers={'Authorization': 'AWS test:tester:hmac'})
        status, headers, body = self.call_swift3(req)
        elem = fromstring(body)
        self.assertEquals(elem.find('./MaxKeys').text, '5')
        _, path = self.swift.calls[-1]
        _, query_string = path.split('?')
        args = dict(cgi.parse_qsl(query_string))
        self.assert_(args['limit'] == '6')

        req = Request.blank('/%s' % bucket_name,
                            environ={'REQUEST_METHOD': 'GET',
                                     'QUERY_STRING': 'max-keys=5000'},
                            headers={'Authorization': 'AWS test:tester:hmac'})
        status, headers, body = self.call_swift3(req)
        elem = fromstring(body)
        self.assertEquals(elem.find('./MaxKeys').text, '1000')
        _, path = self.swift.calls[-1]
        _, query_string = path.split('?')
        args = dict(cgi.parse_qsl(query_string))
        self.assertEquals(args['limit'], '1001')
	def do_POST(self):
		if self.path.find('?') != -1:
			self.path, parms = self.path.split('?',1)
		else:
			parms = ''

		self.query_string = self.rfile.read(int(self.headers['Content-Length']))
		self.args = dict(cgi.parse_qsl(self.query_string))

		urlparms = dict(cgi.parse_qsl(parms))

		try:
			if urlparms['json']:
				jsonrequest = True
				self.args["json"] = 1
		except:
			jsonrequest = False

		# add key for benefit of called script
		self.args["method"] = "POST"

		self.path = self.path[1:]	# strip off leading /
		# so it is available to the called script
		self.args["query_string"] = self.query_string

		'''
		self.send_response(200)
		self.send_header('Content-type', 'text/html')
		self.end_headers()
		self.wfile.write('<html><head><title>Post page</title></head><body>')

		self.wfile.write("<p>Location is %s</p>" % (self.path))
		self.wfile.write("<p>args are %s</p>" % (self.args))

		self.wfile.write("</pre>")
		self.wfile.write('</body></html>')

'''
		# check that file is there before running
		if os.path.isfile(self.path) and self.path[-2:] == "py":
			# run the script
			self.send_response(200)
			if jsonrequest:
				self.send_header('Content-type', 'application/json')
			else:
				self.send_header('Content-type', 'text/html')
			self.end_headers()
			# redirect output to browser
			stdsave = sys.stdout
			sys.stdout = self.wfile	
			execfile(self.path, self.args)
			sys.stdout = stdsave	# put back
		else:	# not found
			self.send_response(404)
			self.send_header('Content-type', 'text/html')
			self.end_headers()
			infile = open("404", "r")
			self.wfile.write( infile.read() )
			infile.close()
 def fetch(self):
     self.genre="Review"
     try:
        
         for i in range(2):
           print 'Inside i for loop...'
           self.parent_uri = self.currenturi
           conn = HTTPConnection()
           data1 = dict(parse_qsl(self.currenturi.split('?')[-1]))
           conn.createrequest(self.currenturi,data=data1)
           res = conn.fetch().read()
           temp_soup = BeautifulSoup(res)
           if i==1:
            print i
            break
         
         #This is to find out the no. of pages for the reviews.....
         #nop=no. of pages...
         count = float(temp_soup.find('span',id='revCountTot').renderContents().strip())
         temp_nop = count/25
         nop=int(math.ceil(temp_nop))
         print 'No. of pages....:::'
         print nop
                               
         temp_data = str(temp_soup.find('div', 'revSort').find('option',attrs={'title':'newest'})['value'])
         add_last = '&storeId=10153&callType=AJAX&methodType=GET&shcAJAX=1&pagination=true&offset='
         
         for j in range(1,(nop+1)): 
             print 'inside j for loop....'
             current_uri = 'http://www.sears.com/shc/s/RatingsAndReviewsCmd?'+temp_data+add_last+str(j)
             print '*************************************'
             print current_uri
             #self.soup = BeautifulSoup(urlopen(current_uri).read())
             
             for k in range(2):
                print 'inside k for loop....'
                new_conn = HTTPConnection()
                data2 = dict(parse_qsl(current_uri.split('?')[-1]))
                new_conn.createrequest(current_uri,data=data2)
                res = new_conn.fetch().read()
                self.soup = BeautifulSoup(res)
                if k==1:
                 print k
                 break
                
            
             self.__addReviews()
             if j==nop:
              print j   
              break
         
     
     except:
         #self.task.status['fetch_status']=False
         log.exception(self.log_msg('Exception in fetch'))
     return True
Example #13
0
def update_tokens():
  # fake urls for the test server (matches ones in server.py)
  REQUEST_TOKEN_URL = 'http://%s:%s/api/oauth/request_token/' % (SERVER, PORT)
  ACCESS_TOKEN_URL = 'http://%s:%s/api/oauth/access_token/' % (SERVER, PORT)
  AUTHORIZE_URL = 'http://%s:%s/api/oauth/authorize/' % (SERVER, PORT)
  
  # key and secret granted by the service provider for this consumer application - same as the MockOAuthDataStore
  
  client = oauth.Client(consumer)
  
  # Step 1: Get a request token. This is a temporary token that is used for
  # having the user authorize an access token and to sign the request to obtain
  # said access token.
  
  resp, content = client.request(REQUEST_TOKEN_URL, "GET")
  if resp['status'] != '200':
      raise Exception("Invalid response %s." % resp['status'])
      
  request_token = dict(cgi.parse_qsl(content))
  
  # Step 2: Redirect to the provider. Since this is a CLI script we do not
  # redirect. In a web application you would redirect the user to the URL
  # below.
  
  print "\nThis app needs to contact the server and to do that it needs your permission.\nIn order to do that, please visit the following website:\n\n    %s\n\nAfter you grant permission, a PIN (a 18 characters string) will be shown to you.\nYou then need to copy and paste that PIN in this window, and press enter.\n\nThis is a one-time action. If you need to do this again, use the 'auth' command.\n" % ("%s?oauth_token=%s" % (AUTHORIZE_URL, request_token['oauth_token']))
  
  # After the user has granted access to you, the consumer, the provider will
  # redirect you to whatever URL you have told them to redirect to. You can
  # usually define this in the oauth_callback argument as well.
  oauth_verifier = raw_input('PIN: ')

  if len(oauth_verifier) != 18:
    print "\nWrong PIN. Abort"
    exit(0)
  
  
  # Step 3: Once the consumer has redirected the user back to the oauth_callback
  # URL you can request the access token the user has approved. You use the
  # request token to sign this request. After this is done you throw away the
  # request token and use the access token returned. You should store this
  # access token somewhere safe, like a database, for future use.
  token = oauth.Token(request_token['oauth_token'], request_token['oauth_token_secret'])
  token.set_verifier(oauth_verifier)
  client = oauth.Client(consumer, token)
  
  resp, content = client.request(ACCESS_TOKEN_URL, "POST")
  access_token = dict(cgi.parse_qsl(content))
  
  if not os.path.exists(os.path.expanduser("~/.intigos")):
      os.makedirs(os.path.expanduser("~/.intigos"))
      
  path = os.path.expanduser("~/.intigos/tokens")
  f = open(path, "w")
  f.write("%s\n%s" % (access_token['oauth_token'],access_token['oauth_token_secret']))
  
  print "\nAuthentication Complete."
Example #14
0
def update_tokens():
  # fake urls for the test server (matches ones in server.py)
  REQUEST_TOKEN_URL = 'http://%s:%s/api/oauth/request_token/' % (SERVER, PORT)
  ACCESS_TOKEN_URL = 'http://%s:%s/api/oauth/access_token/' % (SERVER, PORT)
  AUTHORIZE_URL = 'http://%s:%s/api/oauth/authorize/' % (SERVER, PORT)
  
  # key and secret granted by the service provider for this consumer application - same as the MockOAuthDataStore
  
  client = oauth.Client(consumer)
  
  # Step 1: Get a request token. This is a temporary token that is used for
  # having the user authorize an access token and to sign the request to obtain
  # said access token.

  resp, content = client.request(REQUEST_TOKEN_URL, "GET")
  if resp['status'] != '200':
      raise Exception("Invalid response %s." % resp['status'])

  request_token = dict(cgi.parse_qsl(content))

  # Step 2: Redirect to the provider. Since this is a CLI script we do not
  # redirect. In a web application you would redirect the user to the URL
  # below.

  print "Plesae, go to the following link in your browser:"
  print "%s?oauth_token=%s" % (AUTHORIZE_URL, request_token['oauth_token'])
  print

  # After the user has granted access to you, the consumer, the provider will
  # redirect you to whatever URL you have told them to redirect to. You can
  # usually define this in the oauth_callback argument as well.
  accepted = 'n'
  while accepted.lower() != 'y' or accepted.lower() != 'Y':
      accepted = raw_input('Have you authorized me? (y/n) ')
  oauth_verifier = raw_input('Please paste here the key you were given ')

  # Step 3: Once the consumer has redirected the user back to the oauth_callback
  # URL you can request the access token the user has approved. You use the
  # request token to sign this request. After this is done you throw away the
  # request token and use the access token returned. You should store this
  # access token somewhere safe, like a database, for future use.
  token = oauth.Token(request_token['oauth_token'], request_token['oauth_token_secret'])
  token.set_verifier(oauth_verifier)
  client = oauth.Client(consumer, token)

  resp, content = client.request(ACCESS_TOKEN_URL, "POST")
  access_token = dict(cgi.parse_qsl(content))

  if not os.path.exists(os.path.expanduser("~/.intigos")):
      os.makedirs(os.path.expanduser("~/.intigos"))

  path = os.path.expanduser("~/.intigos/tokens")
  f = open(path, "w")
  f.write("%s\n%s" % (access_token['oauth_token'],access_token['oauth_token_secret']))

  print "\nAuthentication Complete."
Example #15
0
	def do_POST(self):
		scheme, netloc, path, params, query, fragment = urlparse.urlparse(self.path)
		kws = {}
		contentLength = int(self.headers.get('Content-Length', 0))
		if contentLength > 0:
			contentLength = max(contentLength, self.maxContentLength)
			postdata = self.rfile.read(contentLength)
			self.updatekws(kws, cgi.parse_qsl(postdata, True))
		self.updatekws(kws, cgi.parse_qsl(query, True))
		self.do('POST', path, kws)
Example #16
0
 def test_deprecated_parse_qsl(self):
     # this func is moved to urlparse, this is just a sanity check
     if due_to_ironpython_bug("http://ironpython.codeplex.com/workitem/28171"):
         self.assertEqual([('a', 'A1'), ('b', 'B2'), ('B', 'B3')],
                          cgi.parse_qsl('a=A1&b=B2&B=B3'))
     else:
         with check_warnings(('cgi.parse_qsl is deprecated, use urlparse.'
                              'parse_qsl instead', PendingDeprecationWarning)):
             self.assertEqual([('a', 'A1'), ('b', 'B2'), ('B', 'B3')],
                              cgi.parse_qsl('a=A1&b=B2&B=B3'))
Example #17
0
def get_post_thumbnail(video_src, default_img=None):
    if video_src.find('vimeo.com') != -1:
        clip_id = dict(cgi.parse_qsl(urlparse.urlparse(video_src).query)).get('clip_id')
        resp = json.load(urllib2.urlopen(urllib2.Request('http://vimeo.com/api/v2/video/%s.json'%clip_id, headers={'User-Agent':'ColumnsAgent'})))
        return unicode(resp[0]['thumbnail_small'])
    elif video_src.find('youtube.com') != -1:
        parsed_url = urlparse.urlparse(video_src)
        clip_id = dict(cgi.parse_qsl(parsed_url.query)).get('v', parsed_url.path.split('/')[-1].split('&')[0])
        return unicode("http://img.youtube.com/vi/%s/default.jpg" % clip_id)
    else:
        return default_img
Example #18
0
def LogIn(sender):
    if not Prefs['rdio_user'] or not Prefs['rdio_pass']:
        return MessageContainer('Credentials', 'Please enter your username and password.')
    elif len(Prefs['rdio_user']) == 0 or len(Prefs['rdio_pass']) == 0:
        return MessageContainer('Credentials', 'Please enter your username and password.')
    
    # create the OAuth consumer credentials
    CONSUMER = oauth.Consumer(CONSUMER_KEY, CONSUMER_SECRET)
    
    client = oauth.Client(CONSUMER)
    response, content = client.request('http://api.rdio.com/oauth/request_token', 'POST', urllib.urlencode({'oauth_callback':'oob'}))
    parsed_content = dict(cgi.parse_qsl(content))
    
    REQUEST_TOKEN = oauth.Token(parsed_content['oauth_token'], parsed_content['oauth_token_secret'])
    
    AUTH_URL = '%s?oauth_token=%s' % (parsed_content['login_url'], parsed_content['oauth_token'])
    
    response = HTTP.Request(AUTH_URL)
    
    if response.content.find('login') > -1:
        postValues = {'username':Prefs['rdio_user'], 'password': Prefs['rdio_pass'], 'remember_me': '1'}
        LOGIN_URL = 'https://www.rdio.com/signin/?next=/oauth/authorize?oauth_token=%s' % parsed_content['oauth_token']
        response = HTTP.Request(LOGIN_URL, values=postValues)
        if response.content.find('<li>auth</li>') > -1:
            return MessageContainer('Credentials', 'Invalid username/password.')
        elif response.content.find('login') > -1:
            return MessageContainer('Error', 'Couldn\'t log in.')
    
    xmlObject = HTML.ElementFromString(response.content)
    verifier = xmlObject.xpath("//input[@name='verifier']")[0].value
    
    postValues = {'oauth_token':parsed_content['oauth_token'], 'verifier':verifier, 'approve': ''}
    response = HTTP.Request(AUTH_URL, values=postValues)
    
    if response.content.find(verifier) == -1:
        return MessageContainer('Error', 'Problem obtaining pin.')
    
    # associate the verifier with the request token
    REQUEST_TOKEN.set_verifier(verifier)
    
    # upgrade the request token to an access token
    client = oauth.Client(CONSUMER, REQUEST_TOKEN)
    response, content = client.request('http://api.rdio.com/oauth/access_token', 'POST')
    parsed_content = dict(cgi.parse_qsl(content))
    ACCESS_TOKEN = oauth.Token(parsed_content['oauth_token'], parsed_content['oauth_token_secret'])
    
    Data.SaveObject('AccessToken', ACCESS_TOKEN)
    
    loggedInResult = CheckLoggedIn()
    if loggedInResult == 'True' or loggedInResult == 'Free':
        SavePlaybackToken()
    else:
        return MessageContainer('Error', 'Problem logging in.')
Example #19
0
 def load_query( self ):
    if not hasattr(self, "query"):
       self.query = {}
       if self.request.method == "GET":
         self.parsed_uri = urlparse.urlparse(self.request.path_qs)
         for k, v in cgi.parse_qsl(self.parsed_uri[4]):
            self.query[k] = v.decode('utf-8')
            
       elif self.request.method == "POST":
         post_data = self.request.body
         for k, v in cgi.parse_qsl(post_data):
             self.query[k] = v
Example #20
0
	def query(self, params, write = False, maxlagtries = 0, format='json'):
		global CJ
		self.maxlagtries = maxlagtries
		self.format = format
		if self.format != ('json' or 'xml'):
			self.format = 'json' #silently change it
		self.write = write
		self.params = params
		if type(self.params) == type({}):
			self.params['format'] = self.format
			self.pformat = 'dict'
		elif type(self.params) == type(''):
			self.params = dict(cgi.parse_qsl(self.params))
			self.params['format'] = self.format			
			self.pformat = 'dict'
		elif type(self.params) == type(u''):
			self.params = dict(cgi.parse_qsl(self.params))
			self.params['format'] = self.format
			self.pformat = 'dict'
		else:
			raise APIError('Invalid Parameter format')
		if self.write:
			if self.pformat == 'dict':
				self.params['maxlag'] = self.maxlag
			elif self.pformat == 'str':
				self.params += '&maxlag=%s' %self.maxlag
		if self.pformat == 'dict':
			self.encodeparams = urlencode(self.params)
		else:
			self.encodeparams = self.params
		if self.debug and not (write or login):
			print self.encodeparams
		self.headers = {
			"Content-type": "application/x-www-form-urlencoded",
			"User-agent": config.username,
			"Content-length": len(self.encodeparams),
		}
		if not self.api:
			self.api = self.wiki.getAPI()
		if gzip:
			self.headers['Accept-Encoding'] = 'gzip'
		self.opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(CJ))
		urllib2.install_opener(self.opener)
		self.request = urllib2.Request(self.api, self.encodeparams, self.headers)
#		print 'Querying API'
		try:
			del url
		except UnboundLocalError:
			0 #nothing
		try:
			self.response = urllib2.urlopen(self.request)
		except urllib2.URLError, e:
			raise APIError('urllib2.URLError:' + str(e))
Example #21
0
    def __call__(self, environ, start_response):
        path = environ["PATH_INFO"]
        qs = environ["QUERY_STRING"]

        if path == "/":
            # Step 1: Get a request token. This is a temporary token that is used for
            # having the user authorize an access token and to sign the request to obtain
            # said access token.

            appuri = application_uri(environ)
            if not appuri.endswith("/"):
                appuri += "/"
            oauth_callback = "%scallback" % appuri

            url = "%s?%s" % (self.request_token_url, urllib.urlencode({"oauth_callback": oauth_callback}))
            client = self.oauth.Client(self.consumer)
            resp, content = client.request(url, "GET")
            if resp["status"] != "200":
                raise Exception("Invalid response %s." % resp["status"])

            request_token = dict(parse_qsl(content))

            if "oauth_callback_confirmed" not in request_token or request_token["oauth_callback_confirmed"] != "true":
                raise Exception("Oauth callback must be confirmed.")

            self.request_tokens[request_token["oauth_token"]] = request_token

            # Step 2: Redirect to the provider.

            redirect_url = "%s?oauth_token=%s" % (self.authorize_url, request_token["oauth_token"])
            start_response("302 Found", [("Location", redirect_url)])
            return []
        elif path == "/callback":
            qsdict = dict(parse_qsl(qs))

            if qsdict["oauth_token"] not in self.request_tokens:
                raise Exception("invalid token: %s" % self.request_tokens)

            request_token = self.request_tokens[qsdict["oauth_token"]]
            del self.request_tokens[qsdict["oauth_token"]]

            token = self.oauth.Token(request_token["oauth_token"], request_token["oauth_token_secret"])
            token.set_verifier(qsdict["oauth_verifier"])
            client = self.oauth.Client(self.consumer, token)
            resp, content = client.request(self.access_token_url, "POST")
            if resp["status"] != "200":
                raise Exception("Invalid response %s." % resp["status"])
            access_token = dict(parse_qsl(content))
            environ["oauth.access_token"] = access_token
            return self.onsuccess(environ, start_response)

        start_response("404 Not Found", [("Content-Type", "text/plain")])
        return ["path not found: %s" % path]
Example #22
0
def _assert_same_urls(url1, url2):
    # The URL may have key/value parameters after the '?'
    # The order of these parameters is not defined
    split1 = urlparse.urlsplit(url1)
    split2 = urlparse.urlsplit(url2)
    assert split1[:3] == split2[:3], (split1[:3], split2[:3])
    d1 = dict(cgi.parse_qsl(split1[3]))
    d2 = dict(cgi.parse_qsl(split2[3]))
    for d in (d1, d2):
        if "tool" in d: del d["tool"]
        if "email" in d: del d["email"]
    assert d1 == d2, (d1, d2)
 def fetch(self):
     """
     Fetches all the search data for a given self.currenturi and returns fetched_status depending
     on the success and faliure of the task
     """
     try:
         self.genre = 'review'
         self.search_result_count = 0
         if self.__linkedinAuth():
             self.group_id = dict(cgi.parse_qsl(self.task.instance_data['uri'].split('?')[-1])).get('gid')
             self.keyword_term = dict(cgi.parse_qsl(self.task.instance_data['uri'])).get('keywords')
             self.category_id = dict(cgi.parse_qsl(self.task.instance_data['uri'])).get('categoryID')
             if self.__createSiteUrl():
                 res=self._getHTML(self.currenturi)
                 if res:
                     self.rawpage=res['result']
                     self._setCurrentPage()
                 else:
                     log.debug(self.log_msg("Could not set the search page url"))
                     return False
                 if self.group_id:
                     try:
                         self.currenturi = 'http://www.linkedin.com' + self.soup.find('a',title='See all general discussions')['href']
                         res=self._getHTML(self.currenturi)
                         self.rawpage=res['result']
                         self._setCurrentPage()
                         self.__fetchGroupDetails()
                         return True
                     except:
                         log.info(self.log_msg('Exception while fetching data'))
                         return False
                 if self.__getParentPage():
                     self.url_list = []
                     self.__iterateSearchPages()
                     for link in self.url_list:
                         self.currenturi = link
                         res=self._getHTML(self.currenturi)
                         if res:
                             self.rawpage=res['result']
                             self._setCurrentPage()
                             self.__getQuestionData(self.keyword_term + str(self.category_id))
                         else:
                             log.debug(self.log_msg("Could not set the search page url"))
                             return False
         if len(self.pages)>0:
             log.debug(self.log_msg("%d Linkedin search results  for uri %s added to self.pages" %(len(self.pages),self.task.instance_data['uri'])))
         else:
             log.debug(self.log_msg("No Linkedin search results fetched for uri %s" %(self.task.instance_data['uri'])))
         return True
     except:
         log.exception(self.log_msg("Exception occured while fetching data"))
         return False
Example #24
0
def parse_request(path, request_body):
    request_params = {}

    if '?' in path:
        path, params = path.split('?', 1)
        params = cgi.parse_qsl(params)
        request_params.update(params)

    if request_body:
        params = cgi.parse_qsl(request_body)
        request_params.update(params)

    return path, request_params
    def do_GET(self):
        authorization = self.headers.get('authorization')
	if (authorization == None):
	    self.send_response(401)
	    self.send_header('WWW-Authenticate', 'Basic realm="Siebel Srvrmgr"')
	    self.end_headers()
	    logger.error( "Missing auth header" )
	    self.wfile.write('Authentication failure')
	    return
	else:
	    (kind, data) = authorization.split(' ')
	    if (kind == 'Basic'):
	       (username, _, password) = b64decode(data).partition(':')
               if (username != config_props["web.username"] or password != config_props["web.password"]):
	          self.send_response(403)
	          self.send_header('WWW-Authenticate', 'Basic realm="Siebel Srvrmgr"')
	          self.end_headers()
	          logger.error( "Invalid auth header: %s -- %s" % (username,password) )
	          self.wfile.write('Authentication failure - Wrong user/password')
	          return

        if self.path.find('?') != -1:
            self.urlPath, self.query_string = self.path.split('?', 1)
        else:
            self.urlPath = self.path
            self.query_string = 'server=' + config_props.get("svc.mgmt.default.host", "UNKNOWN")
        
        logger.debug ("For path: %s the url is: %s and query is: %s" % (self.path,self.urlPath,self.query_string))
        
        
        if self.urlPath == config_props["web.path"]:
            qsl = dict(cgi.parse_qsl(self.query_string))
            logger.debug(qsl)
            
            servers = dict(cgi.parse_qsl(config_props["siebel.mgmt.server.map"]))
            #logger.debug(servers)
            
            hostServer = qsl.get("server", "UNKNOWN").upper()
            isFullMetrics = qsl.get("isFullMetrics", "FALSE").upper() == "TRUE"
            siebel_server = servers.get(hostServer, "UNKNOWN")
            if siebel_server == "UNKNOWN":
                self.send_error(500, "Missing valid server parameter: " + hostServer)
            else:
                self.send_response(200)
                self.send_header("Content-type", "text/plain")
                self.end_headers()
                logger.info("About to collect statistics for host: %s of siebel server: %s" % (hostServer,siebel_server))
                stats = getStatistics(siebel_server,hostServer, isFullMetrics)
                self.wfile.write(stats)
        else:
            self.send_error(404, "Requested resource not found")
Example #26
0
def twitter_auth(request):
    profile = request.profile

    if profile.tw_token and profile.tw_token_secret:
        # We have already authorized user
        # Probably should check to see if the tokens are still valid..
        auth_response = HttpResponse()
        auth_response.content = return_self_closing_page()

        return auth_response

    auth_token = request.GET.get("oauth_token",None)

    # Check if we're operating as callback
    if auth_token:
        oauth_consumer = oauth.Consumer(key=getattr(settings, 'TWITTER_API_KEY'),
                                        secret=getattr(settings, 'TWITTER_SECRET_KEY'))
        oauth_client = oauth.Client(oauth_consumer)
        resp = oauth_client.request('https://api.twitter.com/oauth/access_token',
                                    method='POST',
                                    body='oauth_token=%s' % (auth_token))

        content = dict(cgi.parse_qsl(resp.content))

        profile.tw_token = content['oauth_token']
        profile.tw_token_secret = content['oauth_token_secret']
        profile.tw_auth = True
        profile.put()

        auth_response = HttpResponse()
        auth_response.content = return_self_closing_page()

        return auth_response


    signature_method = oauth.SignatureMethod_HMAC_SHA1()
    oauth_consumer = oauth.Consumer(key=getattr(settings, 'TWITTER_API_KEY'),
                                    secret=getattr(settings, 'TWITTER_SECRET_KEY'))
    oauth_client = oauth.Client(oauth_consumer)
    resp = oauth_client.request('https://api.twitter.com/oauth/request_token', 'GET')

    content = dict(cgi.parse_qsl(resp.content))
    redirect_uri = request.build_absolute_uri()
    redirect_uri = redirect_uri.split("?")[0]

    auth_url = '%s?oauth_token=%s&oauth_callback=%s' % ('https://api.twitter.com/oauth/authorize',
                                                        content['oauth_token'],
                                                        redirect_uri)

    return HttpResponseRedirect(auth_url)
Example #27
0
 def _deleteAnnotation(self):
     """Deletes an Annotation."""
     params = {}
     params.update(parse_qsl(self.request['QUERY_STRING']))
     if self.request.environment.has_key('wsgi.input'):
         params.update(parse_qsl(self.request.environment['wsgi.input'].read()))
     
     annotation_id = params.get('id', None)
     annotation = self.getAnnotation(annotation_id)
     if annotation and annotation.quote_authorid == self.getAuthenticatedUserId():
         session = Session()
         session.delete(annotation)
         self.request.response.setStatus('NoContent')
         return
     self.request.response.setStatus('BadRequest') # No id
Example #28
0
    def make_async_request(self, url, token="", secret="", additional_params=None,
                   protected=False, method=urlfetch.GET):
        """Make Request.

        Make an authenticated request to any OAuth protected resource.

        If protected is equal to True, the Authorization: OAuth header will be set.

        A urlfetch response object is returned.
        """
        
        (scm, netloc, path, params, query, _) = urlparse.urlparse(url)
        url = None
        query_params = None
        if query:
            query_params = dict([(k,v) for k,v in parse_qsl(query)])
            additional_params.update(query_params)
        url = urlparse.urlunparse(('https', netloc, path, params, '', ''))
        
        payload = self.prepare_request(url, token, secret, additional_params, method)

        if method == urlfetch.GET:
            url = "%s?%s" % (url, payload)
            payload = None
        headers = {"Authorization": "OAuth"} if protected else {}

        rpc = urlfetch.create_rpc(deadline=10.0)
        urlfetch.make_fetch_call(rpc, url, method=method, headers=headers, payload=payload)
        return rpc
Example #29
0
	def getCookies(self):
		raw_cookies = self.env.get('HTTP_COOKIE')
		if raw_cookies:
			cookies = cgi.parse_qsl(raw_cookies)
			return {key.strip(): val for key, val in cookies}
		else:
			return {}
Example #30
0
    def descCov_url(self, service_url):
        """Return a describe coverage url
        @type service_url: string
        @param service_url: base url of WCS service
        @rtype: string
        @return: getCapabilities URL
        """
        qs = []
        if service_url.find('?') != -1:
            qs = cgi.parse_qsl(service_url.split('?')[1])

        params = [x[0] for x in qs]

        if 'service' not in params:
            qs.append(('service', 'WCS'))
        if 'request' not in params:
            qs.append(('request', 'DescribeCoverage'))
        if 'version' not in params:
            qs.append(('version', self.version))
        if self.version == '1.0.0':
            if 'coverage' not in params:
                qs.append(('coverage', self.identifier))
        elif self.version == '1.1.0' or self.version == '1.1.1':
            #NOTE: WCS 1.1.0 is ambigous about whether it should be identifier
            #or identifiers (see tables 9, 10 of specification)  
            if 'identifiers' not in params:
                qs.append(('identifiers', self.identifier))
            if 'identifier' not in params:
                qs.append(('identifier', self.identifier))
                qs.append(('format', 'text/xml'))
        urlqs = urlencode(tuple(qs))
        return service_url.split('?')[0] + '?' + urlqs
Example #31
0
def alter_query(url, param_dict):
    if not param_dict:
        return url

    from urllib import urlencode
    from urlparse import urlparse, urlunparse
    from cgi import parse_qsl

    bits = urlparse(url)
    qdict = parse_qsl(bits.query)
    qdict = [v for v in qdict if v[0] not in param_dict]
    for k, v in param_dict.items():
        if v:
            qdict.append((k, v))
    newqs = urlencode(qdict)
    altered = (bits.scheme, bits.netloc, bits.path, bits.params, newqs,
               bits.fragment)
    url = urlunparse(altered)
    return url
Example #32
0
    def __call__(self, uri):
        # urlparse doesnt understand zeo URLs so force to something that doesn't break
        uri = uri.replace('zeo://', 'http://', 1)
        (scheme, netloc, path, query, frag) = urlparse.urlsplit(uri)
        if netloc:
            # TCP URL
            if ':' in netloc:
                host, port = netloc.split(':')
                port = int(port)
            else:
                host = netloc
                port = 9991
            args = ((host, port), )
        else:
            # Unix domain socket URL
            path = os.path.normpath(path)
            args = (path, )
        kw = dict(cgi.parse_qsl(query))
        kw = self.interpret_kwargs(kw)
        dbkw = get_dbkw(kw)
        items = kw.items()
        items.sort()
        dbitems = dbkw.items()
        dbitems.sort()
        key = (args, tuple(items), tuple(dbitems))
        if 'demostorage' in kw:
            kw.pop('demostorage')

            def factory():
                from ZEO.ClientStorage import ClientStorage
                from ZODB.DB import DB
                from ZODB.DemoStorage import DemoStorage
                demostorage = DemoStorage(base=ClientStorage(*args, **kw))
                return DB(demostorage, **dbkw)  #pragma NO COVERAGE
        else:

            def factory():
                from ZEO.ClientStorage import ClientStorage
                from ZODB.DB import DB
                clientstorage = ClientStorage(*args, **kw)
                return DB(clientstorage, **dbkw)  #pragma NO COVERAGE

        return key, args, kw, factory
Example #33
0
 def authentification(self, consumer_key, consumer_secret, login, password, tokensFile):
     """
     Must be call in order to generate authentification tokens for further use.
     Rely on login and password from user
     
     Input:
         -'consumer_key' and 'consumer_secret' (given by gomiso when you create an application)
         -'login' and 'password' from the user
         -'tokensFile': file holder for tokens
         
     Output:
         -'True' or 'False' based on if the authentification was successful or not
         -A file named 'tokens' is created with user's tokens
     """
     self.consumer_credentials['key'] = consumer_key
     self.consumer_credentials['secret'] = consumer_secret
     if os.path.isfile(tokensFile) != True:
         consumer = oauth.Consumer(self.consumer_credentials['key'], self.consumer_credentials['secret'])
         client = oauth.Client(consumer)
         client.authorizations
         params = {}
         params["x_auth_username"] = login
         params["x_auth_password"] = password
         params["x_auth_mode"] = 'client_auth'
         client.set_signature_method = oauth.SignatureMethod_HMAC_SHA1()
         resp, token = client.request('https://gomiso.com/oauth/access_token', method='POST', body=urllib.urlencode(params))
         if resp['status'] != '401':
             self.access_tokens = dict(cgi.parse_qsl(token))
             f = open(tokensFile, 'w')
             f.write(self.access_tokens['oauth_token'])
             f.write('\n')
             f.write(self.access_tokens['oauth_token_secret'])
             f.write('\n')
             f.close()
             return True
         else:
             return False
     else:
         f = open(tokensFile, 'r')
         self.access_tokens['oauth_token'] = f.readline().rstrip('\n')
         self.access_tokens['oauth_token_secret'] = f.readline().rstrip('\n')
         f.close()
         return True
Example #34
0
 def send_request(self,
                  client=None,
                  url=None,
                  method='GET',
                  params=None,
                  **kwargs):
     url, body = self.normalize_url_and_params(url, params)
     response, content = client.request(url, method, body=body, **kwargs)
     if response['status'] == '200':
         parsed_response = dict(cgi.parse_qsl(content))
         #todo: validate parsed response. For now
         #a simple check for the dictionary emptiness
         if parsed_response:
             return parsed_response
         else:
             raise OAuthError(
                 'error obtaining request token {}'.format(content))
     else:
         raise OAuthError('response is {}'.format(response))
Example #35
0
def _parse_rfc1738_args(name):
    """ parse url str into options
    code orig from sqlalchemy.engine.url """
    pattern = re.compile(
        r'''
            (\w+)://
            (?:
                ([^:/]*)
                (?::([^/]*))?
            @)?
            (?:
                ([^/:]*)
                (?::([^/]*))?
            )?
            (?:/(.*))?
            ''', re.X)

    m = pattern.match(name)
    if m is not None:
        (name, username, password, host, port,
         database) = m.group(1, 2, 3, 4, 5, 6)
        if database is not None:
            tokens = database.split(r"?", 2)
            database = tokens[0]
            query = (len(tokens) > 1 and dict(cgi.parse_qsl(tokens[1]))
                     or None)
            if query is not None:
                query = dict([(k.encode('ascii'), query[k]) for k in query])
        else:
            query = None
        opts = {
            'username': username,
            'password': password,
            'host': host,
            'port': port,
            'database': database,
            'query': query
        }
        if opts['password'] is not None:
            opts['password'] = urllib.unquote_plus(opts['password'])
        return (name, opts)
    else:
        raise ValueError("Could not parse rfc1738 URL from string '%s'" % name)
Example #36
0
    def post(self, environ, start_response):
        LOG.info("post: environ=%s", environ)
        inpt = environ['wsgi.input']
        length = int(environ.get('CONTENT_LENGTH', 0))

        x = inpt.read(length)
        q = dict(cgi.parse_qsl(x))
        try:
            node_id = q['i']
            deploy_key = q['k']
            address = q['a']
            port = q.get('p', '3260')
            iqn = q['n']
            lun = q.get('l', '1')
        except KeyError as e:
            start_response('400 Bad Request', [('Content-type', 'text/plain')])
            return "parameter '%s' is not defined" % e

        context = ironic_context.get_admin_context()
        d = db.bm_node_get(context, node_id)

        if d['deploy_key'] != deploy_key:
            start_response('400 Bad Request', [('Content-type', 'text/plain')])
            return 'key is not match'

        params = {'address': address,
                  'port': port,
                  'iqn': iqn,
                  'lun': lun,
                  'image_path': d['image_path'],
                  'pxe_config_path': d['pxe_config_path'],
                  'root_mb': int(d['root_mb']),
                  'swap_mb': int(d['swap_mb']),
                 }
        # Restart worker, if needed
        if not self.worker.isAlive():
            self.worker = Worker()
            self.worker.start()
        LOG.info("request is queued: node %s, params %s", node_id, params)
        QUEUE.put((node_id, params))
        # Requests go to Worker.run()
        start_response('200 OK', [('Content-type', 'text/plain')])
        return ''
Example #37
0
 def _createAnnotation(self):
     """ Create annotation from POST.
     """
     # TODO: do something useful with 'access'. Plone already
     # enforces security based on ownership, so access is 'private'
     # by default. 'public' access could mean sharing the annotation
     # with the 'Anonymous' role, though a more restrictive
     # implementation such as 'Member' or 'MemberOfParliament'
     # probably makes more sense.
     params = {
         'url': '',
         'block-range': '',
         'xpath-range': '',
         'note': '',
         'access': '',
         'action': '',
         'quote': '',
         'quote_title': '',
         'quote_author': '',
         'link': '',
     }
     # TODO: Don't treat query string and body parameters as equivalent.
     # Query string parameters should identify the resources, while
     # parameters in the body should specify the action to take.
     params.update(self.REQUEST)
     params.update(parse_qsl(self.REQUEST.QUERY_STRING))
     sequenceRange = SequenceRange(params['sequence-range'])
     xpathRange = XPathRange(params['xpath-range'])
     params['start_block'] = sequenceRange.start.getPaddedPathStr()
     params['start_xpath'] = xpathRange.start.getPathStr()
     params['start_word'] = xpathRange.start.words
     params['start_char'] = xpathRange.start.chars
     params['end_block'] = sequenceRange.end.getPaddedPathStr()
     params['end_xpath'] = xpathRange.end.getPathStr()
     params['end_word'] = xpathRange.end.words
     params['end_char'] = xpathRange.end.chars
     del params['sequence-range']
     del params['xpath-range']
     plone = getToolByName(self, 'portal_url').getPortalObject()
     obj_id = plone.generateUniqueId('Annotation')
     new_id = self.invokeFactory('Annotation', id=obj_id, **params)
     self.REQUEST.RESPONSE.setStatus('Created')
     return new_id
Example #38
0
def strip_cgi_param(url, param):
    """ Returns a (stripped_url, value) with 'param' removed from the url and
    its value returned as value (or None if it wasn't present.)  If it was
    present but not assigned, value is ''.   If multiple instances of param are
    present, all are stripped but the value of the last one is returned. """
    parts = urlparse.urlsplit(url)
    params = cgi.parse_qsl(parts[3], keep_blank_values=True)
    value = [None]

    def is_match(item):
        if item[0] == param:
            value[0] = item[1]
            return False
        return True

    params = filter(is_match, params)
    return (urlparse.urlunsplit(
        (parts[0], parts[1], parts[2], urllib.urlencode(params), parts[4])),
            value[0])
Example #39
0
 def test_bucket_GET_with_nonascii_queries(self):
     bucket_name = 'junk'
     req = Request.blank(
         '/%s?delimiter=\xef\xbc\xa1&marker=\xef\xbc\xa2&'
         'prefix=\xef\xbc\xa3' % bucket_name,
         environ={'REQUEST_METHOD': 'GET'},
         headers={'Authorization': 'AWS test:tester:hmac',
                  'Date': self.get_date_header()})
     status, headers, body = self.call_s3api(req)
     elem = fromstring(body, 'ListBucketResult')
     self.assertEqual(elem.find('./Prefix').text, '\xef\xbc\xa3')
     self.assertEqual(elem.find('./Marker').text, '\xef\xbc\xa2')
     self.assertEqual(elem.find('./Delimiter').text, '\xef\xbc\xa1')
     _, path = self.swift.calls[-1]
     _, query_string = path.split('?')
     args = dict(cgi.parse_qsl(query_string))
     self.assertEqual(args['delimiter'], '\xef\xbc\xa1')
     self.assertEqual(args['marker'], '\xef\xbc\xa2')
     self.assertEqual(args['prefix'], '\xef\xbc\xa3')
Example #40
0
    def capabilities_url(self, service_url):
        """
            Return a capabilities url
        """
        qs = []
        if service_url.find('?') != -1:
            qs = cgi.parse_qsl(service_url.split('?')[1])

        params = [x[0] for x in qs]

        if 'service' not in params:
            qs.append(('service', 'SOS'))
        if 'request' not in params:
            qs.append(('request', 'GetCapabilities'))
        if 'acceptVersions' not in params:
            qs.append(('acceptVersions', self.version))

        urlqs = urlencode(tuple(qs))
        return service_url.split('?')[0] + '?' + urlqs
Example #41
0
 def test_bucket_GET_v2_passthroughs(self):
     bucket_name = 'junk'
     req = Request.blank(
         '/%s?list-type=2&delimiter=a&start-after=b&prefix=c' % bucket_name,
         environ={'REQUEST_METHOD': 'GET'},
         headers={'Authorization': 'AWS test:tester:hmac',
                  'Date': self.get_date_header()})
     status, headers, body = self.call_s3api(req)
     elem = fromstring(body, 'ListBucketResult')
     self.assertEqual(elem.find('./Prefix').text, 'c')
     self.assertEqual(elem.find('./StartAfter').text, 'b')
     self.assertEqual(elem.find('./Delimiter').text, 'a')
     _, path = self.swift.calls[-1]
     _, query_string = path.split('?')
     args = dict(cgi.parse_qsl(query_string))
     self.assertEqual(args['delimiter'], 'a')
     # "start-after" is converted to "marker"
     self.assertEqual(args['marker'], 'b')
     self.assertEqual(args['prefix'], 'c')
Example #42
0
 def get_oauth_token(self):
     """Returns the oauth access token."""
     if self._oauth_token is None:
         resp, content = self._client.request(
             TWITTER_ACCESS_TOKEN_URL + '?', 'POST',
             body=urlencode({
                 'x_auth_username':  self.username.encode('utf-8'),
                 'x_auth_password':  self.password.encode('utf-8'),
                 'x_auth_mode':      'client_auth'
             }),
             headers={'Content-Type': 'application/x-www-form-urlencoded'}
         )
         if resp['status'] != '200':
             raise RuntimeError('unable to login to Twitter')
         data = dict(parse_qsl(content))
         self._oauth_token = data['oauth_token']
         self._oauth_token_secret = data['oauth_token_secret']
     return self._oauth.Token(self._oauth_token,
                              self._oauth_token_secret)
Example #43
0
File: main.py Project: xwl/gtap
    def do_proxy(self, method):
        orig_url = self.request.url
        orig_body = self.request.body

        new_url, new_path = self.convert_url(orig_url)

        if new_path == '/' or new_path == '':
            global gtap_message
            gtap_message = gtap_message.replace('#gtap_version#', gtap_version)
            return success_output(self, gtap_message)

        username, password = self.parse_auth_header(self.request.headers)
        user_access_token = None

        callback_url = "%s/oauth/verify" % self.request.host_url
        client = oauth.TwitterClient(CONSUMER_KEY, CONSUMER_SECRET,
                                     callback_url)

        if username is None:
            protected = False
            user_access_token, user_access_secret = '', ''
        else:
            protected = True
            user_access_token, user_access_secret = client.get_access_from_db(
                username, password)
            if user_access_token is None:
                return error_output(self, 'Can not find this user from db')

        additional_params = dict([(k, v) for k, v in parse_qsl(orig_body)])

        use_method = urlfetch.GET if method == 'GET' else urlfetch.POST

        try:
            data = client.make_request(url=new_url,
                                       token=user_access_token,
                                       secret=user_access_secret,
                                       method=use_method,
                                       protected=protected,
                                       additional_params=additional_params)
        except Exception, error_message:
            logging.debug(error_message)
            error_output(self, content=error_message)
Example #44
0
def readability_authenticated(request):
    token = oauth.Token(request.session['request_token']['oauth_token'],
            request.session['request_token']['oauth_token_secret'])
    token.set_verifier(request.GET['oauth_verifier'])

    client = oauth.Client(consumer, token)

    resp, content = client.request(ACCESS_TOKEN_URL, "GET")
    if resp['status'] != '200':
        raise Exception("Invalid response from Readability")

    access_token = dict(cgi.parse_qsl(content))
    token = oauth.Token(access_token['oauth_token'], 
            access_token['oauth_token_secret'])
    client = oauth.Client(consumer, token)

    req = client.request(CURRENT_USER_URL, 'GET')
            
    req_json = json.loads(req[1])
    username = req_json['username']

    user = ''
    try:
        user = User.objects.get(username=username)
    except User.DoesNotExist:
        user = User.objects.create_user(username,
            '*****@*****.**' % username,
            access_token['oauth_token_secret'])
        profile = UserProfile()
        profile.user = user
        profile.oauth_token = access_token['oauth_token']
        profile.oauth_secret = access_token['oauth_token_secret']
        profile.is_public = False
        profile.save()

    user = authenticate(username=user.get_profile().user,
        password=user.get_profile().oauth_secret)
   

    login(request, user)

    return HttpResponseRedirect("/profile/" + username) 
Example #45
0
    def GetAuthorizationUri(self, redirect_uri, scopes, extra_params=None):
        """Gets the OAuth2 authorization URI and the specified scope(s).

    Applications should navigate/redirect the user's user agent to this URI. The
    user will be shown an approval UI requesting the user to approve access of
    this client to the requested scopes under the identity of the authenticated
    end user.

    The application should expect the user agent to be redirected to the
    specified redirect_uri after the user's approval/disapproval.

    Installed applications may use the special redirect_uri
    'urn:ietf:wg:oauth:2.0:oob' to indicate that instead of redirecting the
    browser, the user be shown a confirmation page with a verification code.
    The application should query the user for this code.

    Args:
      redirect_uri: Either the string 'urn:ietf:wg:oauth:2.0:oob' for a
          non-web-based application, or a URI that handles the callback from the
          authorization server.
      scopes: A list of strings specifying the OAuth scopes the application
          requests access to.
      extra_params: Optional dictionary of additional parameters to be passed to
          the OAuth2 authorization URI.
    Returns:
      The authorization URI for the specified scopes as a string.
    """

        request = {
            'response_type': 'code',
            'client_id': self.client_id,
            'redirect_uri': redirect_uri,
            'scope': ' '.join(scopes),
        }

        if extra_params:
            request.update(extra_params)
        url_parts = list(urlparse.urlparse(self.provider.authorization_uri))
        # 4 is the index of the query part
        request.update(dict(cgi.parse_qsl(url_parts[4])))
        url_parts[4] = urllib.urlencode(request)
        return urlparse.urlunparse(url_parts)
Example #46
0
def _parse_rfc1738_args(name):
    pattern = re.compile(
        r'''
            (?P<name>[\w\+]+)://
            (?:
                (?P<username>[^:/]*)
                (?::(?P<password>[^/]*))?
            @)?
            (?:
                (?P<host>[^/:]*)
                (?::(?P<port>[^/]*))?
            )?
            (?:/(?P<database>.*))?
            ''', re.X)

    m = pattern.match(name)
    if m is not None:
        components = m.groupdict()
        if components['database'] is not None:
            tokens = components['database'].split('?', 2)
            components['database'] = tokens[0]
            query = (len(tokens) > 1
                     and dict(cgi.parse_qsl(tokens[1]))) or None


# start Py2K
#            if query is not None:
#                query = dict((k.encode('ascii'), query[k]) for k in query)
# end Py2K
        else:
            query = None
        components['query'] = query

        if components['password'] is not None:
            components['password'] = urllib.parse.unquote_plus(
                components['password'])

        name = components.pop('name')
        return URL(name, **components)
    else:
        raise exc.ArgumentError(
            "Could not parse rfc1738 URL from string '%s'" % name)
Example #47
0
    def do_GET(self):

        try:
            self.parsed_uri = urlparse(self.path)

            self.query = {}
            for k, v in cgi.parse_qsl(self.parsed_uri[4]):
                self.query[k] = v

            print "GET query = %s" % str(self.query)
            print "GET headers = %s" % str(self.headers)

            self.setUser()

            path = self.parsed_uri[2].lower()

            if path == '/':
                self.showMainPage()
            elif path == '/openidserver':
                self.serverEndPoint(self.query)

            elif path == '/login':
                self.showLoginPage('/', '/')
            elif path == '/loginsubmit':
                self.doLogin()
            elif path.startswith('/id/'):
                self.showIdPage(path)
            elif path.startswith('/yadis/'):
                self.showYadis(path[7:])
            elif path == '/serveryadis':
                self.showServerYadis()
            else:
                self.send_response(404)
                self.end_headers()

        except (KeyboardInterrupt, SystemExit):
            raise
        except:
            self.send_response(500)
            self.send_header('Content-type', 'text/html')
            self.end_headers()
            self.wfile.write(cgitb.html(sys.exc_info(), context=10))
Example #48
0
    def get_oauth_access_token(self):
        request_token = self.get_oauth_token()

        token = oauth.Token(
            request_token['oauth_token'],
            request_token['oauth_token_secret'],
        )
        token.set_verifier(self.get_oauth_verifier())
        client = self.get_oauth_client(
            token=token)  #oauth.Client(self.get_oauth_consumer(), token)
        url = '%s?%s' % (self.get_oauth_access_endpoint(),
                         urllib.urlencode(
                             self.get_oauth_access_endpoint_params()))
        resp, content = client.request(url, 'GET')
        if resp['status'] != '200':
            print content
            raise Exception('Could not get access token from %s: HTTP %s' %
                            (url, resp['status']))
        token = dict(cgi.parse_qsl(content))
        return token
Example #49
0
 def receive(self, msg):
     if self.failure:
         return self.failure
     if hasattr(urlparse, 'parse_qsl'):
         data = dict(urlparse.parse_qsl(msg))
     else:
         data = dict(cgi.parse_qsl(msg))
     assert data['username']
     assert data['password']
     if 'type' not in data and data.get('customer_vault',
                                        None) == 'add_customer':
         self.validate_payment_info(data)
         return self.simple_vault_store(data)
     try:
         assert data['type'] in ('auth', 'sale', 'capture', 'void',
                                 'refund')
     except:
         print data
         raise
     return getattr(self, data['type'])(data)
Example #50
0
    def get_id_from_url(url, base_url):
        """
        Returns the id of a bug given a correctly-formatted URL,
            e.g.: https://bugzilla.mozilla.org/show_bug.cgi?id=490130
        otherwise, returns None.
        """
        path, query = urllib.splitquery(url)
        if not path.startswith(base_url):
            return None

        try:
            data = cgi.parse_qsl(query)
        except:
            return None

        remote_tracker_id = None
        for key, value in data:
            if key == 'id':
                return value
        return None
Example #51
0
    def do_POST(self):
        self.getEnv()
        self.parsed_uri = urlparse(self.path)

        content_length = int(self.headers['Content-Length'])
        post_data = self.rfile.read(content_length)

        self.query = {}
        for k, v in cgi.parse_qsl(post_data):
            self.query[k] = v

        path = self.parsed_uri[2]
        if path == '/openidserver':
            self.serverEndPoint(self.query)
        elif path == '/allow':
            self.handleAllow(self.query)
        elif path == '/update':
            self.updateParams(self.query)
        else:
            raise ValueError('404 Not Found: {0}'.format(path))
 def twitter_auth_url():
     callback_uri = urls.absurl("/redirects/twitter/")
     oauth = OAuth1(
         settings.TWITTER_CONSUMER_KEY,
         settings.TWITTER_CONSUMER_SECRET,
         callback_uri=callback_uri)
     r = requests.post(url=twitter_request_token_url, auth=oauth)
     if r.status_code != 200:
         raise TwitterVerificationError('Invalid response from Twitter.')
     as_bytes = dict(cgi.parse_qsl(r.content))
     token_b = as_bytes[b'oauth_token']
     token_secret_b = as_bytes[b'oauth_token_secret']
     request_token = {}
     request_token['oauth_token'] = token_b.decode('utf-8')
     request_token['oauth_token_secret'] = token_secret_b.decode('utf-8')
     session['request_token'] = request_token
     url = '{}?oauth_token={}'.format(
         twitter_authenticate_url,
         request_token['oauth_token'])
     return VerificationServiceResponse({'url': url})
Example #53
0
def twitter_login(request):
    # Step 1. Get a request token from Twitter.
    resp, content = client.request(request_token_url, "GET")
    print "============ twitter_login =========="
    if resp['status'] != '200':
        raise Exception("Invalid response from Twitter.")

    print "============ twitter_login aytu =========="

    if request.user.is_authenticated():
        "========== hi user --====="
    # Step 2. Store the request token in a session for later use.
    request.session['request_token'] = dict(cgi.parse_qsl(content))

    # Step 3. Redirect the user to the authentication URL.
    url = "%s?oauth_token=%s" % (
        authenticate_url, request.session['request_token']['oauth_token'])
    print "=====url====", url

    return HttpResponseRedirect("/authenticated")
Example #54
0
    def _get_new_token(self, request_url, *args, **kwargs):
        """
        Internal method that gets a new token from the request_url and sets it
        to self.token on success.
        """
        resp, content = self.client.request(
            request_url,
            "POST",
            body=urlencode({'oauth_callback': self.callback}))
        #resp, content = self.client.request(request_url, *args, **kwargs)

        if resp["status"] != "200":
            print "Vimeo token error: " + repr(resp) + " - " + repr(content)

        if self._is_success(resp):

            new_token = dict(cgi.parse_qsl(content))
            self.token = oauth2.Token(new_token["oauth_token"],
                                      new_token["oauth_token_secret"])
            self.client = oauth2.Client(self.consumer, self.token)
Example #55
0
    def __init__(self, name, repmess='status'):
        try:
            self.qstring = dict(
                cgi.parse_qsl(os.environ['REQUEST_URI'].split('?')[1]))
        except IndexError:
            self.qstring = {}
        except KeyError:
            self.qstring = {}

        self.name = name
        try:
            self.location = os.environ['SCRIPT_FILENAME']
        except KeyError:
            self.location = ''
        try:
            self.urllocation = 'http://toolserver.org' + os.environ[
                'SCRIPT_NAME']
        except KeyError:
            self.urllocation = ''
        self.repmess = repmess
Example #56
0
    def do_GET(self):
        url_tuple = urlparse.urlsplit(self.path)
        params = dict(cgi.parse_qsl(url_tuple[3]))
        req = url_tuple[2]
        session = self.GetSession(params)
        self._params = params

        try:
            cls, op = self.parse_req(req)
        except:
            self.log_error('Bad request: %s', req)
            self.return_error(400, 'bad request')
            return

        if (cls in DataService.classes_keys):
            with error_handler(self):
                DataService.classes[cls].GET(self, session, params, op)
        else:
            self.log_error('Bad GET: %s', self.path)
            self.return_error(400, 'bad request')
Example #57
0
    def scan(self, response, log, browser):
        """
        Takes a response object and checks if there the context matches.

        If it matches, this scanners handle() method is called with the
        reponse as the first argument, and any match groups from regular
        expressions as subsequent arguments in the order they are parsed
        (see urlparse.ParseResult._fields for field order).
        Raises NoMatch if not, otherwise calls handle

        If context does not match, NoMatch is raised
        """
        uri = urlparse.urlparse(response.url)
        results = []
        for field in uri._fields:
            regex = self.patterns[field]
            val = getattr(uri, field, '')
            match = regex.search(val)
            if match is None:
                raise NoMatch(response.url, field, val, regex)
            results.extend(match.groups())

        if self.query_patterns:
            queries = cgi.parse_qsl(uri.query)
            for patterns in self.query_patterns:
                for query in queries:
                    matches = []
                    for regex, val in zip(patterns, query):
                        match = regex.search(val)
                        if match is None:
                            break
                        matches.append(match)
                    if len(matches) == 2:
                        for match in matches:
                            results.extend(match.groups())
                        break

                else:
                    raise NoMatch(response.url, 'query', uri.query, *patterns)

        return self.handle(response, log, browser, *results)
Example #58
0
    def clean_url(self, url):
        # stolen from urlparse.urlsplit(), which doesn't handle
        # splitting frags correctly
        netloc = query = fragment = ''
        i = url.find(':')
        scheme = url[:i].lower()
        url = url[i + 1:]
        if url[:2] == '//':
            delim = len(url)
            for c in '/?#':
                wdelim = url.find(c, 2)
                if wdelim >= 0:
                    delim = min(delim, wdelim)
            netloc, url = url[2:delim], url[delim:]
        if '#' in url:
            try:
                url, fragment = self.get_frag_re.search(url).groups()
            except:
                pass
        if '?' in url:
            url, query = url.split('?', 1)

        ### now for memebots normalizing..
        # make hostname lowercase and remove www
        netloc = netloc.lower()
        netloc = urlparse.unquote(netloc).replace('+', ' ')
        if netloc.startswith('www.') and len(netloc) > 4:
            netloc = netloc[4:]
        if netloc.endswith('.') and len(netloc) > 1:
            netloc = netloc[:-1]
        # all urls have trailing slash
        if url == '':
            url = '/'
        url = urlparse.unquote(url).replace('+', ' ')
        # remove empty query settings, these are usually form artifacts
        # and put them in order
        try:
            query = urlencode(
                [item for item in sorted(parse_qsl(query)) if item[1]])
        except Exception, e:
            query = ''
Example #59
0
def xauth(consumer_key,
          consumer_secret,
          username,
          password,
          base_url_template=DEFAULT_BASE_URL_TEMPLATE):
    """Returns an OAuth token that can be used with clients.ReaderClient.

    :param consumer_key:  Readability consumer key
    :param consumer_secret: Readability consumer secret
    :param username: A username
    :param password: A password
    :param base_url_template: Template for generating Readability API urls.

    """
    # fetch oauth token from server
    consumer = oauth2.Consumer(consumer_key, consumer_secret)
    client = oauth2.Client(consumer)
    client.add_credentials(username, password)
    client.authorizations

    params = {}
    params['x_auth_username'] = username
    params['x_auth_password'] = password
    params['x_auth_mode'] = 'client_auth'

    client.set_signature_method = oauth2.SignatureMethod_HMAC_SHA1()
    url = base_url_template.format(ACCESS_TOKEN_URL)

    logger.debug('POST to %s.', url)

    r, content = client.request(url,
                                method='POST',
                                body=urllib.urlencode(params))

    token = dict(parse_qsl(content))
    try:
        token = (token['oauth_token'], token['oauth_token_secret'])
    except KeyError:
        raise Exception('Invalid Credentials.')

    return token
Example #60
0
    def do_GET(self):
        """Dispatching logic. There are three paths defined:

          / - Display an empty form asking for an identity URL to
              verify
          /verify - Handle form submission, initiating OpenID verification
          /process - Handle a redirect from an OpenID server

        Any other path gets a 404 response. This function also parses
        the query parameters.

        If an exception occurs in this function, a traceback is
        written to the requesting browser.
        """
        try:
            self.parsed_uri = urllib.parse.urlparse(self.path)
            self.query = {}
            for k, v in cgi.parse_qsl(self.parsed_uri[4]):
                self.query[k] = v

            path = self.parsed_uri[2]
            if path == '/':
                self.render()
            elif path == '/verify':
                self.doVerify()
            elif path == '/process':
                self.doProcess()
            elif path == '/affiliate':
                self.doAffiliate()
            else:
                self.notFound()

        except (KeyboardInterrupt, SystemExit):
            raise
        except:
            self.send_response(500)
            self.send_header('Content-type', 'text/html')
            self.setSessionCookie()
            self.end_headers()
            self.wfile.write(
                bytes(cgitb.html(sys.exc_info(), context=10), 'utf-8'))