Exemple #1
0
def checkClient(request, required=True):
    ### Parse Request for Client Credentials
    try:
        if request.method == 'GET':
            clientId        = request.GET['client_id']
            clientSecret    = request.GET['client_secret']
        elif request.method == 'POST':
            clientId        = request.POST['client_id']
            clientSecret    = request.POST['client_secret']
    except Exception:
        if not required:
            return None 
        raise StampedHTTPError(400, "invalid_request")
    
    ### Validate Client Credentials
    try:
        logs.client(clientId)
        stampedAuth.verifyClientCredentials(clientId, clientSecret)

        client = stampedAuth.getClientDetails(clientId)
        stampedAPI.setVersion(client.api_version)
        
        return clientId
    except StampedInvalidClientError:
        raise StampedHTTPError(400, "invalid_client")
Exemple #2
0
def checkOAuth(oauth_token):
    logs.token(oauth_token)

    ### Validate OAuth Access Token
    try:
        authenticated_user_id, client_id = stampedAuth.verifyAccessToken(oauth_token)
        if authenticated_user_id is None:
            raise StampedAuthUserNotFoundError("User not found")
        
        logs.user(authenticated_user_id)
        logs.client(client_id)
        
        client = stampedAuth.getClientDetails(client_id)
        stampedAPI.setVersion(client.api_version)
        
        return authenticated_user_id, client_id

    except StampedAuthUserNotFoundError:
        raise StampedHTTPError(401, "access_denied", "User not found")
    except StampedInvalidAuthTokenError:
        raise StampedHTTPError(401, "invalid_token")
    except Exception, e:
        logs.warning("Error: %s" % e)
        raise StampedHTTPError(401, "invalid_token")