def get_access_token(request): oauth_request = get_oauth_request(request) is_xauth = oauth_request is not None and 'x_auth_mode' in oauth_request if is_xauth: if oauth_request['x_auth_mode'] != 'client_auth': return HttpResponseBadRequest('Invalid x_auth_mode value, expected "client_auth".') missing_params = require_params(oauth_request, ('x_auth_username', 'x_auth_password')) else: missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier')) if missing_params is not None: return missing_params try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return HttpResponseBadRequest('Invalid consumer.') if is_xauth: if not consumer.xauth_allowed: return HttpResponseForbidden('xAuth not allowed for this consumer.') request_token = None else: try: request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token']) except InvalidTokenError: return HttpResponseBadRequest('Invalid request token.') if not verify_oauth_request(request, oauth_request, consumer, request_token): return HttpResponseBadRequest('Could not verify OAuth request.') if not is_xauth and oauth_request.get('oauth_verifier', None) != request_token.verifier: return HttpResponseBadRequest('Invalid OAuth verifier.') if is_xauth: xauth_user = oauth_request['x_auth_username'] xauth_pass = oauth_request['x_auth_password'] user = authenticate(username=xauth_user, password=xauth_pass) if user and user.is_active: access_token = store.create_access_token_for_user(request, oauth_request, consumer, user) else: return HttpResponseForbidden('xAuth username/password combination invalid.') else: access_token = store.create_access_token(request, oauth_request, consumer, request_token) try: screen_name = access_token.user.visible_name except AttributeError: screen_name = access_token.user.username ret = urlencode({ 'oauth_token': access_token.key, 'oauth_token_secret': access_token.secret, 'userid': access_token.user.id, 'screen_name': screen_name.encode('utf-8'), }) return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def get_access_token(request): oauth_request = get_oauth_request(request) missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier')) if missing_params is not None: return missing_params try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token']) except InvalidTokenError: return HttpResponseBadRequest('Invalid consumer.') except InvalidConsumerError: return HttpResponseBadRequest('Invalid request token.') if not verify_oauth_request(request, oauth_request, consumer, request_token): return HttpResponseBadRequest('Could not verify OAuth request.') if oauth_request.get('oauth_verifier', None) != request_token.verifier: return HttpResponseBadRequest('Invalid OAuth verifier.') access_token = store.create_access_token(request, oauth_request, consumer, request_token) ret = urlencode({ 'oauth_token': access_token.key, 'oauth_token_secret': access_token.secret }) return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def get_request_token(request): oauth_request = get_oauth_request(request) missing_params = require_params(oauth_request, ('oauth_callback', )) if missing_params is not None: return missing_params try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return HttpResponseBadRequest('Invalid Consumer.') if not verify_oauth_request(request, oauth_request, consumer): return HttpResponseBadRequest('Could not verify OAuth request.') request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback']) ret = urlencode({ 'oauth_token': request_token.key, 'oauth_token_secret': request_token.secret, 'oauth_callback_confirmed': 'true' }) return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def _authenticate_two_legged(self, request, oauth_request): missing_params = require_params(oauth_request) if missing_params is not None: return False try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return False if not verify_oauth_request(request, oauth_request, consumer): return False request.user = store.get_user_for_consumer(request, oauth_request, consumer) request.consumer = consumer request.throttle_extra = consumer.key return True
def _authenticate_three_legged(self, request, oauth_request): missing_params = require_params(oauth_request, ('oauth_token',)) if missing_params is not None: return False try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) access_token = store.get_access_token(request, oauth_request, consumer, oauth_request['oauth_token']) except (InvalidConsumerError, InvalidTokenError): return False if not verify_oauth_request(request, oauth_request, consumer, access_token): return False request.user = store.get_user_for_access_token(request, oauth_request, access_token) request.consumer = store.get_consumer_for_access_token(request, oauth_request, access_token) request.throttle_extra = request.consumer.key return True
def get_request_token(request): oauth_request = get_oauth_request(request) missing_params = require_params(oauth_request, ('oauth_callback',)) if missing_params is not None: return missing_params try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return HttpResponseBadRequest('Invalid Consumer.') if not verify_oauth_request(request, oauth_request, consumer): return HttpResponseBadRequest('Could not verify OAuth request.') request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback']) ret = urlencode({ 'oauth_token': request_token.key, 'oauth_token_secret': request_token.secret, 'oauth_callback_confirmed': 'true' }) return HttpResponse(ret, content_type='application/x-www-form-urlencoded')