Exemple #1
0
    def OAuthCheckAccessResource(cls):
        from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer

        oauth_request = oauth.Request.from_request(request.method, request.base_url, request.headers,
                                                   parameters=create_flat_args())
        Logger.get('oauth.resource').info(oauth_request)
        try:
            now = nowutc()
            consumer_key = oauth_request.get_parameter('oauth_consumer_key')
            if not ConsumerHolder().hasKey(consumer_key):
                raise OAuthError('Invalid Consumer Key', 401)
            consumer = ConsumerHolder().getById(consumer_key)
            token = oauth_request.get_parameter('oauth_token')
            if not token or not AccessTokenHolder().hasKey(token):
                raise OAuthError('Invalid Token', 401)
            access_token = AccessTokenHolder().getById(token)
            oauth_consumer = oauth.Consumer(consumer.getId(), consumer.getSecret())
            OAuthServer.getInstance().verify_request(oauth_request, oauth_consumer, access_token.getToken())
            if access_token.getConsumer().getId() != oauth_consumer.key:
                raise OAuthError('Invalid Consumer Key', 401)
            elif (now - access_token.getTimestamp()) > timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL()):
                raise OAuthError('Expired Token', 401)
            return access_token
        except oauth.Error, e:
            if e.message.startswith("Invalid Signature"):
                raise OAuthError("Invalid Signature", 401)
            else:
                raise OAuthError(e.message, 400)
Exemple #2
0
    def OAuthCheckAccessResource(cls, req, query_string):
        from indico.modules.oauth.db import  ConsumerHolder, AccessTokenHolder, OAuthServer

        oauth_request = oauth.Request.from_request(req.get_method(),req.construct_url(req.get_uri()), headers=req.headers_in, query_string=urlencode(query_string))
        Logger.get('oauth.resource').info(oauth_request)
        try:
            now = time.time()
            consumer_key = oauth_request.get_parameter('oauth_consumer_key')
            if not ConsumerHolder().hasKey(consumer_key):
                raise OAuthError('Invalid Consumer Key' , apache.HTTP_UNAUTHORIZED)
            consumer = ConsumerHolder().getById(consumer_key)
            token = oauth_request.get_parameter('oauth_token')
            if not token or not AccessTokenHolder().hasKey(token):
                raise OAuthError('Invalid Token', apache.HTTP_UNAUTHORIZED)
            access_token = AccessTokenHolder().getById(token)
            oauth_consumer = oauth.Consumer(consumer.getId(), consumer.getSecret())
            OAuthServer.getInstance().verify_request(oauth_request, oauth_consumer, access_token.getToken())
            if access_token.getConsumer().getId() != oauth_consumer.key:
                raise OAuthError('Invalid Consumer Key' , apache.HTTP_UNAUTHORIZED)
            elif (now - access_token.getTimestamp()) > Config.getInstance().getOAuthAccessTokenTTL():
                raise OAuthError('Expired Token', apache.HTTP_UNAUTHORIZED)
            return access_token
        except oauth.Error, e:
            if e.message.startswith("Invalid Signature"):
                raise OAuthError("Invalid Signature", apache.HTTP_UNAUTHORIZED)
            else:
                raise OAuthError(e.message, apache.HTTP_BAD_REQUEST)
Exemple #3
0
 def getVars(self):
     wvars = WTemplated.getVars(self)
     ath = AccessTokenHolder()
     wvars["formatTimestamp"] = lambda ts: format_datetime(
         ts, format='d/M/yyyy H:mm')
     wvars['tokens'] = sorted(ath.getList(),
                              key=lambda t: t.getUser().getId())
     return wvars
Exemple #4
0
 def _process(self):
     try:
         user = self._request_token.getUser()
         access_tokens = Catalog.getIdx('user_oauth_access_token').get(user.getId())
         timestamp = nowutc()
         if access_tokens is not None:
             for access_token in list(access_tokens):
                 if access_token.getConsumer().getName() == self._request_token.getConsumer().getName():
                     access_token.setTimestamp(timestamp)
                     response = {'oauth_token': access_token.getId(),
                                 'oauth_token_secret': access_token.getToken().secret,
                                 'user_id': user.getId(),
                                 'oauth_token_ttl': Config.getInstance().getOAuthAccessTokenTTL(),
                                 'oauth_token_expiration_timestamp': access_token.getTimestamp() +
                                 timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL())}
                     return urlencode(response)
         access_token_key = OAuthUtils.gen_random_string()
         access_token_secret = OAuthUtils.gen_random_string()
         access_token = Token(access_token_key, oauth.Token(access_token_key, access_token_secret),
                              timestamp, self._request_token.getConsumer(), user)
         AccessTokenHolder().add(access_token)
         response = {'oauth_token': access_token_key,
                     'oauth_token_secret': access_token_secret,
                     'user_id': user.getId(),
                     'oauth_token_ttl': Config.getInstance().getOAuthAccessTokenTTL(),
                     'oauth_token_expiration_timestamp': access_token.getTimestamp() +
                     timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL())}
         return urlencode(response)
     except oauth.Error, err:
         raise OAuthError(err.message, 401)
Exemple #5
0
    def OAuthCheckAccessResource(cls):
        from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer

        oauth_request = oauth.Request.from_request(
            request.method,
            request.base_url,
            request.headers,
            parameters=create_flat_args())
        Logger.get('oauth.resource').info(oauth_request)
        try:
            now = nowutc()
            consumer_key = oauth_request.get_parameter('oauth_consumer_key')
            if not ConsumerHolder().hasKey(consumer_key):
                raise OAuthError('Invalid Consumer Key', 401)
            consumer = ConsumerHolder().getById(consumer_key)
            token = oauth_request.get_parameter('oauth_token')
            if not token or not AccessTokenHolder().hasKey(token):
                raise OAuthError('Invalid Token', 401)
            access_token = AccessTokenHolder().getById(token)
            oauth_consumer = oauth.Consumer(consumer.getId(),
                                            consumer.getSecret())
            OAuthServer.getInstance().verify_request(oauth_request,
                                                     oauth_consumer,
                                                     access_token.getToken())
            if access_token.getConsumer().getId() != oauth_consumer.key:
                raise OAuthError('Invalid Consumer Key', 401)
            elif (now - access_token.getTimestamp()) > timedelta(
                    seconds=Config.getInstance().getOAuthAccessTokenTTL()):
                raise OAuthError('Expired Token', 401)
            return access_token
        except oauth.Error, e:
            if e.message.startswith("Invalid Signature"):
                raise OAuthError("Invalid Signature", 401)
            else:
                raise OAuthError(e.message, 400)
Exemple #6
0
 def _getAnswer(self):
     request_tokens = Catalog.getIdx('user_oauth_request_token').get(
         self._target.getId())
     access_tokens = Catalog.getIdx('user_oauth_access_token').get(
         self._target.getId())
     if request_tokens:
         for token in list(request_tokens):
             if token.getConsumer().getName() == self._third_party_app:
                 RequestTokenHolder().remove(token)
     if access_tokens:
         for token in list(access_tokens):
             if token.getConsumer().getName() == self._third_party_app:
                 AccessTokenHolder().remove(token)
     return True
Exemple #7
0
 def getVars(self):
     wvars = WTemplated.getVars(self)
     ath = AccessTokenHolder()
     wvars["formatTimestamp"] = lambda ts: format_datetime(ts, format='d/M/yyyy H:mm')
     wvars['tokens'] = sorted(ath.getList(), key=lambda t: t.getUser().getId())
     return wvars