def get_access_token(request):
oauth_request = get_oauth_request(request)
is_xauth = oauth_request is not None and 'x_auth_mode' in oauth_request
if is_xauth:
if oauth_request['x_auth_mode'] != 'client_auth':
return HttpResponseBadRequest('Invalid x_auth_mode value, expected "client_auth".')
missing_params = require_params(oauth_request, ('x_auth_username', 'x_auth_password'))
else:
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid consumer.')
if is_xauth:
if not consumer.xauth_allowed:
return HttpResponseForbidden('xAuth not allowed for this consumer.')
request_token = None
else:
try:
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if not is_xauth and oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
if is_xauth:
xauth_user = oauth_request['x_auth_username']
xauth_pass = oauth_request['x_auth_password']
user = authenticate(username=xauth_user, password=xauth_pass)
if user and user.is_active:
access_token = store.create_access_token_for_user(request, oauth_request, consumer, user)
else:
return HttpResponseForbidden('xAuth username/password combination invalid.')
else:
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
try:
screen_name = access_token.user.visible_name
except AttributeError:
screen_name = access_token.user.username
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret,
'userid': access_token.user.id,
'screen_name': screen_name.encode('utf-8'),
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def get_access_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid consumer.')
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid request token.')
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def authorize_request_token(request, form_class=AuthorizeRequestTokenForm, template_name='piston/oauth/authorize.html', verification_template_name='piston/oauth/authorize_verification_code.html'):
if 'oauth_token' not in request.REQUEST:
return HttpResponseBadRequest('No request token specified.')
oauth_request = get_oauth_request(request)
try:
request_token = store.get_request_token(request, oauth_request, request.REQUEST['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
consumer = store.get_consumer_for_request_token(request, oauth_request, request_token)
if request.method == 'POST':
form = form_class(request.POST)
if form.is_valid() and form.cleaned_data['authorize_access']:
request_token = store.authorize_request_token(request, oauth_request, request_token)
if request_token.callback is not None and request_token.callback != 'oob':
return HttpResponseRedirect('%s&%s' % (request_token.get_callback_url(), urlencode({'oauth_token': request_token.key})))
else:
return render_to_response(verification_template_name, {'consumer': consumer, 'verification_code': request_token.verifier}, RequestContext(request))
else:
form = form_class(initial={'oauth_token': request_token.key})
return render_to_response(template_name, {'consumer': consumer, 'form': form}, RequestContext(request))
def get_access_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request,
('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
request_token = store.get_request_token(request, oauth_request,
oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid consumer.')
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid request token.')
if not verify_oauth_request(request, oauth_request, consumer,
request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
access_token = store.create_access_token(request, oauth_request, consumer,
request_token)
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def authorize_request_token(request,
form_class=AuthorizeRequestTokenForm,
template_name='piston/oauth/authorize.html',
verification_template_name=DEFAULT_VERIFY_TPL):
if 'oauth_token' not in request.REQUEST:
return HttpResponseBadRequest('No request token specified.')
oauth_request = get_oauth_request(request)
try:
request_token = store.get_request_token(request, oauth_request,
request.REQUEST['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
consumer = store.get_consumer_for_request_token(request, oauth_request,
request_token)
if request.method == 'POST':
form = form_class(request.POST)
if form.is_valid() and form.cleaned_data['authorize_access']:
request_token = store.authorize_request_token(
request, oauth_request, request_token)
if request_token.callback is not None and \
request_token.callback != 'oob':
url = '%s&%s' % (request_token.get_callback_url(),
urlencode({
'oauth_token': request_token.key,
}))
return HttpResponseRedirect(url)
else:
return render_to_response(
verification_template_name, {
'consumer': consumer,
'verification_code': request_token.verifier,
}, RequestContext(request))
else:
form = form_class(initial={
'oauth_token': request_token.key,
})
return render_to_response(template_name, {
'consumer': consumer,
'form': form,
}, RequestContext(request))
