def access_token(self, request, *args, **kwargs): token_type, request_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None)) if token_type != "request": return HttpResponseBadRequest() if request_token.key != request.GET.get("oauth_token"): return HttpResponseBadRequest() oauth_request = oauth.OAuthRequest.from_consumer_and_token( request.consumer, token=request_token, verifier=request.GET.get("oauth_verifier"), http_url=request.client.access_token_url, ) oauth_request.sign_request(self.signature_method, request.consumer, request_token) try: access_token = request.client.fetch_access_token(oauth_request) except urllib2.HTTPError, e: return self.handle_error(request, e, "request_token", *args, **kwargs)
def __call__(self, request, *args, **kwargs): token_type, access_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None)) self.add_consumer_to_request(request) if "oauth_token" in request.GET and token_type == "request": return self.access_token(request, *args, **kwargs) self.add_opener_to_request(request, access_token if token_type == "access" else None) # If we aren't authenticated but the view requires it then try # to obtain a valid oauth token immediately. if token_type != "access" and getattr(self, "force_auth", False): return self.authorize(request, *args, **kwargs) try: return super(OAuthView, self).__call__(request, *args, **kwargs) except OAuthHTTPError, e: if e.code in (401, 403) and not (token_type == "request" and "oauth_token" in request.GET): return self.authorize(request, *args, **kwargs) else: return self.handle_error(request, e.exception, *args, **kwargs)