Esempio n. 1
0
    def create(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)

        if serializer.is_valid():
            serializer.save()
            return responses.data_response(serializer.data, status.HTTP_201_CREATED)

        return responses.error_response(serializer.errors)
Esempio n. 2
0
 def retrieve(self, request, *args, **kwargs):
     token = self.get_object()
     try:
         self._replace_expired_token(token)
         serializer = self.get_serializer(token)
         return responses.data_response(serializer.data)
     except ValueError as e:
         token.delete()
         return responses.error_response(str(e))
Esempio n. 3
0
    def create(self, request, *args, **kwargs):
        """
        Create a token using the given code and associates it with the given oauth_client and user

        :param request:
        :param args:
        :param kwargs:
        :return:
        """
        user = request.user
        try:
            code = request.data.get('code')
            oauth_client = request.data.get('oauth_client')

            # actually get the oauth_client object
            # Can take either name or id
            try:
                oauth_client = OauthClient.objects.get(id=int(oauth_client))
            except ValueError:
                oauth_client = OauthClient.objects.get(name=oauth_client)

            if None in (code, oauth_client):
                raise ValueError(request.data)

            payload = {
                'grant_type': 'authorization_code',  # OAuth 2.0 specification
                'code': code,
                'redirect_uri': oauth_client.redirect_uri
            }

            auth = None

            if oauth_client.authorize_using_header:
                auth = (oauth_client.client_id, oauth_client.client_secret)

            else:
                payload['client_id'] = oauth_client.client_id
                payload['client_secret'] = oauth_client.client_secret

            r = requests.post(oauth_client.token_url, payload, auth=auth, headers=self.HEADERS)

            if r.status_code == 200:
                # Painful debugging note: Yea... it returns a tuple.
                token, created = Token.objects.update_or_create(user=user, oauth_client=oauth_client,
                                                                defaults=r.json())
                serializer = TokenSerializer(token)

                return responses.data_response(serializer.data)
            else:
                raise ValueError('failed get token request')

        except OauthClient.DoesNotExist:
            return responses.error_response('Invalid oauth_client_id.')
        except ValueError:
            return responses.INVALID_DATA_RESPONSE
Esempio n. 4
0
    def post(request, *args, **kwargs):
        username = request.data.get('username')
        password = request.data.get('password')
        user = authenticate(username=username, password=password)

        if user is not None:
            login(request, user)
            serializer = UserSerializer(user)
            return responses.data_response(serializer.data)
        else:
            return responses.error_response('Invalid credentials.')
Esempio n. 5
0
    def destroy(self, request, *args, **kwargs):
        token = self.get_object()
        oauth_client = token.oauth_client
        access_token = token.access_token
        token.delete()

        # Process is not uniform across different companies
        if oauth_client.name == 'reddit':
            auth = (oauth_client.client_id, oauth_client.client_secret)
            data = {'token': access_token}

            r = requests.post(oauth_client.revoke_url, data, auth=auth, headers=self.HEADERS)
            if r.status_code < 300:
                return responses.success_response('Token deleted.')
            else:
                return responses.error_response('Revoke token error.')