def handle_error(self, request, exception, token_type="access", *args, **kwargs):
body = exception.read()
try:
d = urlparse.parse_qs(body)
except ValueError:
error = "unexpected_response"
oauth_problem = None
else:
error = "oauth_problem"
oauth_problem = d.get("oauth_problem", [None])[0]
ExternalServiceToken.remove(request.user, self.conf.local_name)
try:
breadcrumbs = self.breadcrumb(request, {"oauth_problem": True}, *args, **kwargs)
except Exception, e:
breadcrumbs = (
self.conf.local_name,
(reverse("%s:index" % self.conf.local_name), self.conf.title),
(reverse("%s:index" % self.conf.local_name), self.conf.title),
True,
"Authentication error",
)
def access_token(self, request, *args, **kwargs):
token_type, request_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None))
if token_type != "request":
return HttpResponseBadRequest()
if request_token.key != request.GET.get("oauth_token"):
return HttpResponseBadRequest()
oauth_request = oauth.OAuthRequest.from_consumer_and_token(
request.consumer,
token=request_token,
verifier=request.GET.get("oauth_verifier"),
http_url=request.client.access_token_url,
)
oauth_request.sign_request(self.signature_method, request.consumer, request_token)
try:
access_token = request.client.fetch_access_token(oauth_request)
except urllib2.HTTPError, e:
return self.handle_error(request, e, "request_token", *args, **kwargs)
def __call__(self, request, *args, **kwargs):
token_type, access_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None))
self.add_consumer_to_request(request)
if "oauth_token" in request.GET and token_type == "request":
return self.access_token(request, *args, **kwargs)
self.add_opener_to_request(request, access_token if token_type == "access" else None)
# If we aren't authenticated but the view requires it then try
# to obtain a valid oauth token immediately.
if token_type != "access" and getattr(self, "force_auth", False):
return self.authorize(request, *args, **kwargs)
try:
return super(OAuthView, self).__call__(request, *args, **kwargs)
except OAuthHTTPError, e:
if e.code in (401, 403) and not (token_type == "request" and "oauth_token" in request.GET):
return self.authorize(request, *args, **kwargs)
else:
return self.handle_error(request, e.exception, *args, **kwargs)
"No OAuth shared secret has been set for app %r. Check that the server is configured with the right credentials."
% self.conf.local_name
)
try:
token = request.client.fetch_request_token(oauth_request)
except urllib2.HTTPError, e:
if e.code == 401:
raise ImproperlyConfigured(
"OAuth shared secret not accepted by service %r. Check that the server is configured with the right credentials."
% self.conf.service_name
)
else:
return self.handle_error(request, e)
ExternalServiceToken.set(request.user, self.conf.local_name, ("request", token), authorized=False)
oauth_request = oauth.OAuthRequest.from_token_and_callback(
token=token, http_url=request.client.authorization_url
)
if (
getattr(self.conf, "oauth_authorize_interstitial", True)
and not request.GET.get("skip_interstitial") == "true"
):
index_url = reverse("%s:index" % self.conf.local_name)
context = {
"return_url": request.META.get("HTTP_REFERER", index_url),
"authorize_url": oauth_request.to_url(),
"service_name": self.conf.service_name,
"breadcrumbs": (
