def from_consumer_and_token(cls, oauth_consumer, token=None, callback=None, verifier=None, http_method=oauth.HTTP_METHOD, http_url=None, parameters=None): """ Overridden to allow optional oauth_callback and oauth_verifier """ if not parameters: parameters = {} defaults = { 'oauth_consumer_key': oauth_consumer.key, 'oauth_timestamp': oauth.generate_timestamp(), 'oauth_nonce': oauth.generate_nonce(), 'oauth_version': oauth.OAuthRequest.version, } defaults.update(parameters) parameters = defaults if token: parameters['oauth_token'] = token.key if getattr(token, 'callback', None): parameters['oauth_callback'] = token.callback elif callback: parameters['oauth_callback'] = callback; if verifier: # 1.0a support for verifier. parameters['oauth_verifier'] = verifier elif callback: # 1.0a support for callback in the request token request. parameters['oauth_callback'] = callback return cls(http_method, http_url, parameters)
def fetch_oauth_access_token(self, verifier=None, token=None): """Obtains an OAuth access token from Google's Accounts API.""" if not self.oauth_access_token: if not token: token = self.oauth_request_token if not token: raise ValueError("A request token must be supplied.") # Build and sign an OAuth request parameters = { 'oauth_consumer_key': self.oauth_consumer.key, 'oauth_timestamp': oauth.generate_timestamp(), 'oauth_nonce': oauth.generate_nonce(), 'oauth_version': oauth.OAuthRequest.version, 'oauth_token': token.key, 'oauth_verifier': verifier } oauth_request = oauth.OAuthRequest( 'POST', OAUTH_ACCESS_TOKEN_URI, parameters ) oauth_request.sign_request( self._oauth_signature_method_hmac_sha1, self.oauth_consumer, token=token ) response = self.fetch_oauth_response(oauth_request) if response.status == 200: # Create the token from the response self.oauth_access_token = oauth.OAuthToken.from_string( response.read() ) else: raise Exception('Failed to obtain access token:\n' + response.read()) return self.oauth_access_token
def set_verifier(self, oauth_verifier): if self.request_token is None: raise AuthHandlerError( ("Request token is not defined. " "This ususally means that the access token has been loaded " "from a file.") ) self.request_token.set_verifier(oauth_verifier) access_token_parms = { 'oauth_consumer_key': self.key, 'oauth_nonce': oauth.generate_nonce(), 'oauth_signature_method': "HMAC-SHA1", 'oauth_timestamp': str(int(time.time())), 'oauth_token': self.request_token.key, 'oauth_verifier': self.request_token.verifier } req = oauth.OAuthRequest(http_method="GET", http_url=ACCESS_TOKEN_URL, parameters=access_token_parms) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(), self.consumer, self.request_token) resp = urllib2.urlopen(req.to_url()) access_token_resp = dict(urlparse.parse_qsl(resp.read())) self.access_token = oauth.OAuthToken( access_token_resp["oauth_token"], access_token_resp["oauth_token_secret"] )
def complete_parameters(self, url, params=None, exclude_signature=None ): if exclude_signature is None: exclude_signature = [] if params is None: params = {} defaults = { 'oauth_timestamp': str(int(time.time())), 'oauth_nonce': oauth.generate_nonce(), 'signature_method': "HMAC-SHA1", 'oauth_token': self.access_token.key, 'oauth_consumer_key': self.consumer.key, } excluded = {} for e in exclude_signature: excluded[e] = params.pop(e) defaults.update(params) req = oauth.OAuthRequest(http_method="POST", http_url=url, parameters=defaults) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(), self.consumer, self.access_token) req.parameters.update(excluded) return req
def request(url, params=None, consumer=None, token=None): oauth_params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), 'oauth_consumer_key': consumer.key, } if token: oauth_params['oauth_token'] = token.key if params: oauth_params.update(params) request = oauth.OAuthRequest(http_method="GET", http_url=url,parameters=oauth_params) request.sign_request(SIGNATURE_METHOD, consumer, token) url = request.to_url() encoded_post_data = "" http = httplib2.Http() if encoded_post_data: response, content = http.request(url,http_method, body=encoded_post_data) else: response, content = http.request(url, "GET") return response, content
def fetch_oauth_request_token(self, callback_uri): """Obtains an OAuth request token from Google's Accounts API.""" if not self.oauth_request_token: # Build and sign an OAuth request parameters = { 'oauth_consumer_key': self.oauth_consumer.key, 'oauth_timestamp': oauth.generate_timestamp(), 'oauth_nonce': oauth.generate_nonce(), 'oauth_version': oauth.OAuthRequest.version, 'oauth_callback': callback_uri, 'scope': ' '.join(self.oauth_scopes) } if self.oauth_display_name: parameters['xoauth_displayname'] = self.oauth_display_name oauth_request = oauth.OAuthRequest( 'POST', OAUTH_REQUEST_TOKEN_URI, parameters ) oauth_request.sign_request( self._oauth_signature_method_hmac_sha1, self.oauth_consumer, token=None ) response = self.fetch_oauth_response(oauth_request) if response.status == 200: # Create the token from the response self.oauth_request_token = oauth.OAuthToken.from_string( response.read() ) else: raise Exception('Failed to obtain request token:\n' + response.read()) return self.oauth_request_token
def _call_oauth_ws(self, url, params=None, http_method="GET"): oauth_base_params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), 'oauth_consumer_key': self._consumer_key, 'oauth_token': self._oauth_token } if params: params.update(oauth_base_params) else: params = oauth_base_params request = oauth.OAuthRequest(http_method=http_method, http_url=url,parameters=params) request.sign_request(self._signature_method, self._consumer, self._access_token) if http_method == "POST" or http_method == "PUT": encoded_post_data = request.to_postdata() else: url = request.to_url() encoded_post_data = "" http = httplib2.Http() if encoded_post_data: response, content = http.request(url,http_method, body=encoded_post_data) else: response, content = http.request(url, http_method) if response["status"] != '200': raise Exception(response.reason) return content
def __init__(self,key = API_KEY, secret = API_SECRET, callback = None, access_token_key = None, access_token_secret = None): if callback is None : callback = "http://api.flickr.com/services/rest/?method=flickr.test.echo&api_key=%s"%key self.key = key self.secret = secret params = { 'oauth_timestamp': str(int(time.time())), 'oauth_signature_method':"HMAC-SHA1", 'oauth_version': "1.0", 'oauth_callback': callback, 'oauth_nonce': oauth.generate_nonce(), 'oauth_consumer_key': self.key } self.consumer = oauth.OAuthConsumer(key=self.key, secret=self.secret) if access_token_key is None : req = oauth.OAuthRequest(http_method="GET", http_url=TOKEN_REQUEST_URL, parameters=params) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(),self.consumer,None) resp = urllib2.urlopen(req.to_url()) request_token = dict(urlparse.parse_qsl(resp.read())) self.request_token = oauth.OAuthToken(request_token['oauth_token'],request_token['oauth_token_secret']) self.access_token = None else : self.request_token = None self.access_token = oauth.OAuthToken(access_token_key,access_token_secret)
def oauth_headers(url, consumer_key, token_key, token_secret, consumer_secret): consumer = oauth.OAuthConsumer(consumer_key, consumer_secret) token = oauth.OAuthToken(token_key, token_secret) params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), 'oauth_token': token.key, 'oauth_consumer_key': consumer.key, } req = oauth.OAuthRequest(http_url=url, parameters=params) req.sign_request(oauth.OAuthSignatureMethod_PLAINTEXT(), consumer, token) return(req.to_header())
def __init__(self, key=None, secret=None, callback=None, access_token_key=None, access_token_secret=None, request_token_key=None, request_token_secret=None): self.key = key or keys.API_KEY self.secret = secret or keys.API_SECRET if self.key is None or self.secret is None: raise ValueError("API keys have not been set.") if callback is None: callback = ("https://api.flickr.com/services/rest/" "?method=flickr.test.echo&api_key=%s" % self.key) params = { 'oauth_timestamp': str(int(time.time())), 'oauth_signature_method': "HMAC-SHA1", 'oauth_version': "1.0", 'oauth_callback': callback, 'oauth_nonce': oauth.generate_nonce(), 'oauth_consumer_key': self.key } self.consumer = oauth.OAuthConsumer(key=self.key, secret=self.secret) if (access_token_key is None) and (request_token_key is None): req = oauth.OAuthRequest(http_method="GET", http_url=TOKEN_REQUEST_URL, parameters=params) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(), self.consumer, None) resp = urllib2.urlopen(req.to_url()) request_token = dict(urlparse.parse_qsl(resp.read())) self.request_token = oauth.OAuthToken( request_token['oauth_token'], request_token['oauth_token_secret'] ) self.access_token = None elif request_token_key is not None: self.access_token = None self.request_token = oauth.OAuthToken( request_token_key, request_token_secret ) else: self.request_token = None self.access_token = oauth.OAuthToken( access_token_key, access_token_secret )
def _compose_auth_header(self, url): """Return additional header entries for request to `url`.""" params = { 'oauth_version': "1.0", 'oauth_nonce': generate_nonce(), 'oauth_timestamp': int(time()), 'oauth_token': self.token.key, 'oauth_consumer_key': self.consumer.key, } req = OAuthRequest(http_url=url, parameters=params) req.sign_request( OAuthSignatureMethod_PLAINTEXT(), self.consumer, self.token) header = req.to_header() # Django uses the 'HTTP_AUTHORIZATION' to look up Authorization # credentials. header['HTTP_AUTHORIZATION'] = header['Authorization'] return header
def build_access_headers(self, method, resource_url, params=None, request_token=None): """Build OAuth access headers for a future request. Args: method: The HTTP method being used (e.g. 'GET' or 'POST'). resource_url: The full url the request will be made to. params: A dictionary of parameters to add to what's already on the url. Typically, this would consist of POST parameters. Returns: A tuple of (header_dict, params) where header_dict is a dictionary of header names and values appropriate for passing into dropbox.rest.RESTClient and params is a dictionary like the one that was passed in, but augmented with oauth-related parameters as appropriate. """ if params is None: params = {} else: params = params.copy() oauth_params = { 'oauth_consumer_key': self.consumer.key, 'oauth_timestamp': oauth.generate_timestamp(), 'oauth_nonce': oauth.generate_nonce(), 'oauth_version': oauth.OAuthRequest.version, } token = request_token if request_token else self.token if token: oauth_params['oauth_token'] = token.key params.update(oauth_params) oauth_request = oauth.OAuthRequest.from_request(method, resource_url, parameters=params) oauth_request.sign_request(self.signature_method, self.consumer, token) return oauth_request.to_header(), params
def oauth_headers(url, consumer_key, token_key, token_secret, consumer_secret, clockskew=0): """Build OAuth headers using given credentials.""" consumer = oauth.OAuthConsumer(consumer_key, consumer_secret) token = oauth.OAuthToken(token_key, token_secret) timestamp = int(time.time()) + clockskew params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': timestamp, 'oauth_token': token.key, 'oauth_consumer_key': consumer.key, } req = oauth.OAuthRequest(http_url=url, parameters=params) req.sign_request( oauth.OAuthSignatureMethod_PLAINTEXT(), consumer, token) return(req.to_header())
def _get_oauth_headers(self, url): consumer = oauth.OAuthConsumer(CONF.maas_oauth_consumer_key, CONF.maas_oauth_consumer_secret) token = oauth.OAuthToken(CONF.maas_oauth_token_key, CONF.maas_oauth_token_secret) parameters = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), 'oauth_token': token.key, 'oauth_consumer_key': consumer.key } req = oauth.OAuthRequest(http_url=url, parameters=parameters) req.sign_request(oauth.OAuthSignatureMethod_PLAINTEXT(), consumer, token) return req.to_header()
def complete_parameters(self, url, params={}, exclude_signature=[]): defaults = { "oauth_timestamp": str(int(time.time())), "oauth_nonce": oauth.generate_nonce(), "signature_method": "HMAC-SHA1", "oauth_token": self.access_token.key, "oauth_consumer_key": self.consumer.key, } excluded = {} for e in exclude_signature: excluded[e] = params.pop(e) defaults.update(params) req = oauth.OAuthRequest(http_method="POST", http_url=url, parameters=defaults) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(), self.consumer, self.access_token) req.parameters.update(excluded) return req
def get_oauth_header(url, oauth_data=None): if oauth_data: oauth_consumer_secret = "" oauth_consumer_key = oauth_data[2] oauth_token_key = oauth_data[0] oauth_token_secret = oauth_data[1] consumer = oauth.OAuthConsumer(oauth_consumer_key, oauth_consumer_secret) token = oauth.OAuthToken(oauth_token_key, oauth_token_secret) p = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), 'oauth_token': token.key, 'oauth_consumer_key': consumer.key, } req = oauth.OAuthRequest(http_url=url, parameters=p) req.sign_request(oauth.OAuthSignatureMethod_PLAINTEXT(), consumer, token) return req.to_header()
def oauth_headers(url, consumer_key, token_key, token_secret, consumer_secret, timestamp=None): consumer = oauth.OAuthConsumer(consumer_key, consumer_secret) token = oauth.OAuthToken(token_key, token_secret) if timestamp is None: ts = int(time.time()) else: ts = timestamp params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': ts, 'oauth_token': token.key, 'oauth_consumer_key': consumer.key, } req = oauth.OAuthRequest(http_url=url, parameters=params) req.sign_request(oauth.OAuthSignatureMethod_PLAINTEXT(), consumer, token) return req.to_header()
def sign_request(self, consumer, signature_method): """Add oauth parameters and sign the request with the given method. Args: consumer: The OAuthConsumer set with a key and secret. signature_method: A supported method for signing the built request. """ params = { 'oauth_consumer_key': consumer.key, 'oauth_timestamp': oauth.generate_timestamp(), 'oauth_nonce': oauth.generate_nonce(), 'oauth_version': oauth.OAuthRequest.version, } # PHP OAuth library contains a bug which interferes with signing. Since # some containers use this library, we will implement a workaround here. if self.use_body_as_signing_parameter: params[self.get_post_body()] = "" else: # Otherwise, use the oauth_body_hash extension to sign the request body. if self.post_body: if VERBOSE > 0: logging.info("post_body => %s" % str(self.post_body)) body_hash = b64encode(hashlib.sha1(self.get_post_body()).digest()) params['oauth_body_hash'] = body_hash if self.get_security_token(): self.set_parameter("xoauth_requestor_id", None) self.set_parameters(params) if VERBOSE > 0: key, raw = signature_method.build_signature_base_string( self.oauth_request, consumer, None) logging.info("build_signature key => %s" % key) logging.info("build_signature raw => %s" % raw) self.oauth_request.sign_request(signature_method, consumer, None)
def oauth_headers(url, consumer_key, token_key, token_secret, consumer_secret, clockskew=0): """Build OAuth headers using given credentials.""" consumer = oauth.OAuthConsumer(consumer_key, consumer_secret) token = oauth.OAuthToken(token_key, token_secret) timestamp = int(time.time()) + clockskew params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': timestamp, 'oauth_token': token.key, 'oauth_consumer_key': consumer.key, } req = oauth.OAuthRequest(http_url=url, parameters=params) req.sign_request(oauth.OAuthSignatureMethod_PLAINTEXT(), consumer, token) return (req.to_header())
def complete_parameters(self, url, params={}, exclude_signature=[]): defaults = { 'oauth_timestamp': str(int(time.time())), 'oauth_nonce': oauth.generate_nonce(), 'signature_method': "HMAC-SHA1", 'oauth_token': self.access_token.key, 'oauth_consumer_key': self.consumer.key, } excluded = {} for e in exclude_signature: excluded[e] = params.pop(e) defaults.update(params) req = oauth.OAuthRequest(http_method="POST", http_url=url, parameters=defaults) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(), self.consumer, self.access_token) req.parameters.update(excluded) return req
def on_buzz_auth_clicked(self, widget, data=None): self.winsize = self.window.get_size() web = webkit.WebView() web.get_settings().set_property("enable-plugins", False) web.load_html_string(_("<p>Please wait...</p>"), "file:///") self.consumer = oauth.OAuthConsumer("anonymous", "anonymous") params = { "oauth_consumer_key": self.consumer.key, "oauth_timestamp": oauth.generate_timestamp(), "oauth_nonce": oauth.generate_nonce(), "oauth_version": oauth.OAuthRequest.version, "oauth_callback": "http://gwibber.com/0/auth.html", "scope": "https://www.googleapis.com/auth/buzz", } request = oauth.OAuthRequest("POST", "https://www.google.com/accounts/OAuthGetRequestToken", params) request.sign_request(sigmeth, self.consumer, token=None) tokendata = urllib2.urlopen(request.http_url, request.to_postdata()).read() self.token = oauth.OAuthToken.from_string(tokendata) url = "https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=" + self.token.key web.open(url) web.set_size_request(450, 340) web.connect("title-changed", self.on_buzz_auth_title_change) scroll = gtk.ScrolledWindow() scroll.add(web) self.pack_start(scroll, True, True, 0) self.show_all() self.ui.get_object("vbox1").hide() self.ui.get_object("expander1").hide()
def _call_oauth_ws(self, url, params=None, http_method="GET"): oauth_base_params = { 'oauth_version': "1.0", 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), 'oauth_consumer_key': self._consumer_key, 'oauth_token': self._oauth_token } if params: params.update(oauth_base_params) else: params = oauth_base_params request = oauth.OAuthRequest(http_method=http_method, http_url=url, parameters=params) request.sign_request(self._signature_method, self._consumer, self._access_token) if http_method == "POST" or http_method == "PUT": encoded_post_data = request.to_postdata() else: url = request.to_url() encoded_post_data = "" http = httplib2.Http() if encoded_post_data: response, content = http.request(url, http_method, body=encoded_post_data) else: response, content = http.request(url, "GET") if response["status"] != '200': raise Exception(response.reason) return content
def from_consumer_and_token(cls, oauth_consumer, token=None, callback=None, verifier=None, http_method=oauth.HTTP_METHOD, http_url=None, parameters=None): """ Overridden to allow optional oauth_callback and oauth_verifier """ if not parameters: parameters = {} defaults = { 'oauth_consumer_key': oauth_consumer.key, 'oauth_timestamp': oauth.generate_timestamp(), 'oauth_nonce': oauth.generate_nonce(), 'oauth_version': oauth.OAuthRequest.version, } defaults.update(parameters) parameters = defaults if token: parameters['oauth_token'] = token.key if getattr(token, 'callback', None): parameters['oauth_callback'] = token.callback elif callback: parameters['oauth_callback'] = callback if verifier: # 1.0a support for verifier. parameters['oauth_verifier'] = verifier elif callback: # 1.0a support for callback in the request token request. parameters['oauth_callback'] = callback return cls(http_method, http_url, parameters)
def __init__(self, key=API_KEY, secret=API_SECRET, callback=None, access_token_key=None, access_token_secret=None): if callback is None: callback = "http://api.flickr.com/services/rest/?method=flickr.test.echo&api_key=%s" % key self.key = key self.secret = secret params = { 'oauth_timestamp': str(int(time.time())), 'oauth_signature_method': "HMAC-SHA1", 'oauth_version': "1.0", 'oauth_callback': callback, 'oauth_nonce': oauth.generate_nonce(), 'oauth_consumer_key': self.key } self.consumer = oauth.OAuthConsumer(key=self.key, secret=self.secret) if access_token_key is None: req = oauth.OAuthRequest(http_method="GET", http_url=TOKEN_REQUEST_URL, parameters=params) req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(), self.consumer, None) resp = urllib2.urlopen(req.to_url()) request_token = dict(urlparse.parse_qsl(resp.read())) self.request_token = oauth.OAuthToken( request_token['oauth_token'], request_token['oauth_token_secret']) self.access_token = None else: self.request_token = None self.access_token = oauth.OAuthToken(access_token_key, access_token_secret)
from acj.general import commit from werkzeug import urls import oauth.oauth as oauth import hmac import base64 import hashlib import requests import xml.etree.ElementTree as ET from acj.users import import_users from acj.course import enrol_users #get all courses to update courses = LTIInfo.query.all() for course in courses: #iterate through courses and get their membership info via LTI timestamp = oauth.generate_timestamp() nonce = oauth.generate_nonce(16) postParams = {} postParams['lti_message_type'] = 'basic-lis-readmembershipsforcontext' postParams['id'] = course.LTIid postParams['lti_version'] = 'LTI-1p0' postParams['oauth_consumer_key'] = 'LTI_ACJ' postParams['oauth_callback'] = 'about:blank' postParams['oauth_version'] = '1.0' postParams['oauth_signature_method'] = 'HMAC-SHA1' postParams['oauth_timestamp'] = timestamp postParams['oauth_nonce'] = nonce req = oauth.OAuthRequest(http_url=course.LTIURL, http_method='POST', parameters=postParams) hmacAlg = hmac.HMAC('acjsecret&', urls.url_quote_plus(req.get_normalized_http_method()) + '&' + urls.url_quote_plus(course.LTIURL) + '&' + urls.url_quote_plus(req.get_normalized_parameters()), hashlib.sha1) postParams['oauth_signature'] = base64.b64encode(hmacAlg.digest())
from acj.general import commit from werkzeug import urls import oauth.oauth as oauth import hmac import base64 import hashlib import requests import xml.etree.ElementTree as ET from acj.users import import_users from acj.course import enrol_users #get all courses to update courses = LTIInfo.query.all() for course in courses: #iterate through courses and get their membership info via LTI timestamp = oauth.generate_timestamp() nonce = oauth.generate_nonce(16) postParams = {} postParams['lti_message_type'] = 'basic-lis-readmembershipsforcontext' postParams['id'] = course.LTIid postParams['lti_version'] = 'LTI-1p0' postParams['oauth_consumer_key'] = 'LTI_ACJ' postParams['oauth_callback'] = 'about:blank' postParams['oauth_version'] = '1.0' postParams['oauth_signature_method'] = 'HMAC-SHA1' postParams['oauth_timestamp'] = timestamp postParams['oauth_nonce'] = nonce req = oauth.OAuthRequest(http_url=course.LTIURL, http_method='POST', parameters=postParams) hmacAlg = hmac.HMAC(