def get_access_token(request):
oauth_request = get_oauth_request(request)
is_xauth = oauth_request is not None and 'x_auth_mode' in oauth_request
if is_xauth:
if oauth_request['x_auth_mode'] != 'client_auth':
return HttpResponseBadRequest('Invalid x_auth_mode value, expected "client_auth".')
missing_params = require_params(oauth_request, ('x_auth_username', 'x_auth_password'))
else:
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid consumer.')
if is_xauth:
if not consumer.xauth_allowed:
return HttpResponseForbidden('xAuth not allowed for this consumer.')
request_token = None
else:
try:
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if not is_xauth and oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
if is_xauth:
xauth_user = oauth_request['x_auth_username']
xauth_pass = oauth_request['x_auth_password']
user = authenticate(username=xauth_user, password=xauth_pass)
if user and user.is_active:
access_token = store.create_access_token_for_user(request, oauth_request, consumer, user)
else:
return HttpResponseForbidden('xAuth username/password combination invalid.')
else:
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
try:
screen_name = access_token.user.visible_name
except AttributeError:
screen_name = access_token.user.username
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret,
'userid': access_token.user.id,
'screen_name': screen_name.encode('utf-8'),
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def get_access_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid consumer.')
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid request token.')
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def get_access_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request,
('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
request_token = store.get_request_token(request, oauth_request,
oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid consumer.')
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid request token.')
if not verify_oauth_request(request, oauth_request, consumer,
request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
access_token = store.create_access_token(request, oauth_request, consumer,
request_token)
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def get_request_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request, ('oauth_callback', ))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid Consumer.')
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify OAuth request.')
request_token = store.create_request_token(request, oauth_request,
consumer,
oauth_request['oauth_callback'])
ret = urlencode({
'oauth_token': request_token.key,
'oauth_token_secret': request_token.secret,
'oauth_callback_confirmed': 'true'
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def _authenticate_two_legged(self, request, oauth_request):
missing_params = require_params(oauth_request)
if missing_params is not None:
return False
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return False
if not verify_oauth_request(request, oauth_request, consumer):
return False
request.user = store.get_user_for_consumer(request, oauth_request, consumer)
request.consumer = consumer
request.throttle_extra = consumer.key
return True
def _authenticate_three_legged(self, request, oauth_request):
missing_params = require_params(oauth_request, ('oauth_token',))
if missing_params is not None:
return False
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
access_token = store.get_access_token(request, oauth_request, consumer, oauth_request['oauth_token'])
except (InvalidConsumerError, InvalidTokenError):
return False
if not verify_oauth_request(request, oauth_request, consumer, access_token):
return False
request.user = store.get_user_for_access_token(request, oauth_request, access_token)
request.consumer = store.get_consumer_for_access_token(request, oauth_request, access_token)
request.throttle_extra = request.consumer.key
return True
def get_request_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request, ('oauth_callback',))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid Consumer.')
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify OAuth request.')
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
ret = urlencode({
'oauth_token': request_token.key,
'oauth_token_secret': request_token.secret,
'oauth_callback_confirmed': 'true'
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')