def token(request):
method = request.method
if method != 'POST':
raise InvalidRequest(err.invalid_request_method, ext=method)
client_id = __check_request_required_var('client_id')
client_secret = __check_request_required_var('client_secret')
grant_type = __check_request_required_var('grant_type')
apikey = ApiKey.get_by_client_id(client_id)
if not apikey:
raise InvalidRequest(err.invalid_apikey, ext=client_id)
if apikey.client_secret != client_secret:
raise InvalidRequest(err.client_secret_mismatch, ext=client_secret)
if grant_type == GRANT_TYPE_AUTHORIZATION_CODE:
return __token_grant_by_authorization_code(apikey)
if grant_type == GRANT_TYPE_REFRESH_TOKEN:
return __token_grant_by_refresh_token(apikey)
if grant_type == GRANT_TYPE_PASSWORD:
return __token_grant_by_password(apikey)
def token(request):
method = request.method
if method != 'POST':
raise InvalidRequest(err.invalid_request_method, ext=method)
client_id = __check_request_required_var('client_id')
client_secret = __check_request_required_var('client_secret')
grant_type = __check_request_required_var('grant_type')
apikey = ApiKey.get_by_client_id(client_id)
if not apikey:
raise InvalidRequest(err.invalid_apikey, ext=client_id)
if apikey.client_secret != client_secret:
raise InvalidRequest(err.client_secret_mismatch, ext=client_secret)
if grant_type == GRANT_TYPE_AUTHORIZATION_CODE:
return __token_grant_by_authorization_code(apikey)
if grant_type == GRANT_TYPE_REFRESH_TOKEN:
return __token_grant_by_refresh_token(apikey)
if grant_type == GRANT_TYPE_PASSWORD:
return __token_grant_by_password(apikey)
def _add_api_key(self):
name = 'test'
desc = ''
type = ApiKey.TYPE_WEB
url = 'http://www.douban.com'
redirect_uri = 'http://www.douban.com/callback'
owner_id = 'testuser'
return ApiKey.add(name, desc, type, url, redirect_uri, owner_id)
def _add_api_key(self):
name = 'test'
desc = ''
type = ApiKey.TYPE_WEB
url = 'http://www.douban.com'
redirect_uri = 'http://www.douban.com/callback'
owner_id = 'testuser'
return ApiKey.add(name, desc, type, url, redirect_uri, owner_id)
def add(cls, client_id, user_id, expire_time=None, status=NORMAL):
if not ApiKey.get_by_client_id(client_id):
return
now = datetime.now()
if not expire_time:
expire_time = now + timedelta(days=7)
refresh_expire_time = expire_time + timedelta(days=7)
token = uuid.uuid4().hex
refresh_token = uuid.uuid4().hex
id = store.execute("insert into api_token (`client_id`,`user_id`,`token`,`expire_time`, "
"`refresh_token`, `refresh_expire_time`, `status`, `created_at`) "
"values(%s, %s, %s, %s, %s, %s, %s, %s)",
(client_id, user_id, token, expire_time, refresh_token, refresh_expire_time, status, now))
store.commit()
return id and cls.get(id)
def add(cls, client_id, user_id, expire_time=None, status=NORMAL):
if not ApiKey.get_by_client_id(client_id):
return
now = datetime.now()
if not expire_time:
expire_time = now + timedelta(days=7)
refresh_expire_time = expire_time + timedelta(days=7)
token = uuid.uuid4().hex
refresh_token = uuid.uuid4().hex
id = store.execute(
"insert into api_token (`client_id`,`user_id`,`token`,`expire_time`, "
"`refresh_token`, `refresh_expire_time`, `status`, `created_at`) "
"values(%s, %s, %s, %s, %s, %s, %s, %s)",
(client_id, user_id, token, expire_time, refresh_token,
refresh_expire_time, status, now))
store.commit()
return id and cls.get(id)
def authorize(request):
client_id = __check_request_required_var('client_id')
redirect_uri = __check_request_required_var('redirect_uri')
response_type = __check_request_required_var('response_type')
refuse = request.get_form_var('refuse')
state = request.get_form_var('state', '')
cid = request.get_form_var('cid', '')
connector = '?' if redirect_uri.find('?') == -1 else '&'
if refuse:
return request.redirect("%s%serror=access_denied" % (redirect_uri,
connector))
if not request.user:
return __login_authorize(request, client_id, redirect_uri,
response_type, state)
apikey = ApiKey.get_by_client_id(client_id)
if not apikey:
raise InvalidRequest(err.invalid_apikey, ext=client_id)
if apikey.status == ApiKey.STATUS_BLOCKED:
raise InvalidRequest(err.apikey_blocked, ext=client_id)
if apikey.status != ApiKey.STATUS_DEV:
if apikey.redirect_uri != redirect_uri:
raise InvalidRequest(err.redirect_uri_mismatch, ext=redirect_uri)
user_id = request.user.username
if request.method == 'POST' and OAuthConfirm.confirm(user_id, cid):
code = OAuthCode(apikey.client_id, user_id).code
params = dict(code=code, state=state)
return request.redirect("%s%s%s" % (redirect_uri,
connector,
urllib.urlencode(params)))
cid = OAuthConfirm(user_id).cid
return st('/oauth_confirm.html', **dict(request=request,
cid=cid,
apikey=apikey))
def authorize(request):
client_id = __check_request_required_var('client_id')
redirect_uri = __check_request_required_var('redirect_uri')
response_type = __check_request_required_var('response_type')
refuse = request.get_form_var('refuse')
state = request.get_form_var('state', '')
cid = request.get_form_var('cid', '')
connector = '?' if redirect_uri.find('?') == -1 else '&'
if refuse:
return request.redirect("%s%serror=access_denied" %
(redirect_uri, connector))
if not request.user:
return __login_authorize(request, client_id, redirect_uri,
response_type, state)
apikey = ApiKey.get_by_client_id(client_id)
if not apikey:
raise InvalidRequest(err.invalid_apikey, ext=client_id)
if apikey.status == ApiKey.STATUS_BLOCKED:
raise InvalidRequest(err.apikey_blocked, ext=client_id)
if apikey.status != ApiKey.STATUS_DEV:
if apikey.redirect_uri != redirect_uri:
raise InvalidRequest(err.redirect_uri_mismatch, ext=redirect_uri)
user_id = request.user.username
if request.method == 'POST' and OAuthConfirm.confirm(user_id, cid):
code = OAuthCode(apikey.client_id, user_id).code
params = dict(code=code, state=state)
return request.redirect(
"%s%s%s" % (redirect_uri, connector, urllib.urlencode(params)))
cid = OAuthConfirm(user_id).cid
return st('/oauth_confirm.html',
**dict(request=request, cid=cid, apikey=apikey))
def test_get_by_client_id(self):
apikey = self._add_api_key()
target_apikey = ApiKey.get_by_client_id(apikey.client_id)
eq_(apikey, target_apikey)
def test_get_api_key(self):
apikey = self._add_api_key()
target_apikey = ApiKey.get(apikey.id)
eq_(apikey, target_apikey)
def key(self):
return ApiKey.get_by_client_id(self.client_id)
def test_get_by_client_id(self):
apikey = self._add_api_key()
target_apikey = ApiKey.get_by_client_id(apikey.client_id)
eq_(apikey, target_apikey)
def test_get_api_key(self):
apikey = self._add_api_key()
target_apikey = ApiKey.get(apikey.id)
eq_(apikey, target_apikey)
def key(self):
return ApiKey.get_by_client_id(self.client_id)
