def access_token(self, request, *args, **kwargs):
token_type, request_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None))
if token_type != "request":
return HttpResponseBadRequest()
if request_token.key != request.GET.get("oauth_token"):
return HttpResponseBadRequest()
oauth_request = oauth.OAuthRequest.from_consumer_and_token(
request.consumer,
token=request_token,
verifier=request.GET.get("oauth_verifier"),
http_url=request.client.access_token_url,
)
oauth_request.sign_request(self.signature_method, request.consumer, request_token)
try:
access_token = request.client.fetch_access_token(oauth_request)
except urllib2.HTTPError, e:
return self.handle_error(request, e, "request_token", *args, **kwargs)
def __call__(self, request, *args, **kwargs):
token_type, access_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None))
self.add_consumer_to_request(request)
if "oauth_token" in request.GET and token_type == "request":
return self.access_token(request, *args, **kwargs)
self.add_opener_to_request(request, access_token if token_type == "access" else None)
# If we aren't authenticated but the view requires it then try
# to obtain a valid oauth token immediately.
if token_type != "access" and getattr(self, "force_auth", False):
return self.authorize(request, *args, **kwargs)
try:
return super(OAuthView, self).__call__(request, *args, **kwargs)
except OAuthHTTPError, e:
if e.code in (401, 403) and not (token_type == "request" and "oauth_token" in request.GET):
return self.authorize(request, *args, **kwargs)
else:
return self.handle_error(request, e.exception, *args, **kwargs)
