def authorize(self): if request.method == u"POST" or 'done' in request.args: token = request.form.get("oauth_token") if not token: token = request.args.get("oauth_token") return self.authorized(token, request = request) else: # TODO: Authenticate client token_key = request.args.get(u"oauth_token") token = RequestToken.find_one({'token': token_key}) if token: realm = token.get('realm') # TODO: Make this more robust. session['realm'] = realm if realm and realm in APIS: #url = ("%s?first_oauth_token=%s" % # (url_for('%s.finished' % realm, _external = True), token_key)) session['original_token'] = token_key url = url_for('%s.finished' % realm, _external = True) resp = APIS[realm].authorize( callback = url, **APIS[realm].auth_params) return resp return render_template(u"authorize.html", token=token_key, realm = token['realm'].title()) # If we got here, it's because we don't recognize the client attempting # to connect. Send them an "unauthorized" error. abort(403)
def get_callback(self, request_token): token = RequestToken.find_one({'token': request_token}) if token: return token.get('callback') else: return None
def save_access_token(self, client_key, access_token, request_token, realm=None, secret=None): client = Client.find_one({'client_key': client_key}) if client: req_token = RequestToken.find_one({'token': request_token}, as_obj=True) if req_token: if not req_token['user_id']: req_token['user_id'] = current_user.get_id() req_token.save() token = AccessToken.find_or_create( client_id=client['_id'], user_id=req_token['user_id'], #current_user.get_id(), realm=realm if realm else req_token['realm']) token.secret = secret token.token = access_token token.save()
def validate_request_token(self, client_key, resource_owner_key): # TODO: make client_key optional token = None if client_key: client = Client.find_one({'client_key':client_key}) if client: token = RequestToken.find_one( {'token':access_token, 'client_id': client['_id']}) else: token = RequestToken.find_one( {'token':resource_owner_key}) return token != None
def validate_request_token(self, client_key, resource_owner_key): # TODO: make client_key optional token = None if client_key: client = Client.find_one({'client_key': client_key}) if client: token = RequestToken.find_one({ 'token': access_token, 'client_id': client['_id'] }) else: token = RequestToken.find_one({'token': resource_owner_key}) return token != None
def get_realm(self, client_key, request_token): client = Client.find_one({'client_key':client_key}) if client: return RequestToken.find_one( {'token':request_token, 'client_id': client['_id']})['realm'] else: return None
def get_callback(self, request_token): token = RequestToken.find_one( {'token':request_token}) if token: return token.get('callback') else: return None
def get_realm(self, client_key, request_token): client = Client.find_one({'client_key': client_key}) if client: return RequestToken.find_one({ 'token': request_token, 'client_id': client['_id'] })['realm'] else: return None
def get_realm(self, client_key, request_token): client = Client.find_one({'client_key':client_key}) if client: token = RequestToken.find_one( {'token':request_token, 'client_id': client['_id']}) if token: return token.get('realm') return None
def validate_verifier(self, client_key, resource_owner_key, verifier): token = None client = Client.find_one({'client_key':client_key}) if client: token = RequestToken.find_one( {'token':resource_owner_key, 'client_id': client['_id'], 'verifier':verifier}) return token != None
def validate_verifier(self, client_key, resource_owner_key, verifier): token = None client = Client.find_one({'client_key': client_key}) if client: token = RequestToken.find_one({ 'token': resource_owner_key, 'client_id': client['_id'], 'verifier': verifier }) return token != None
def get_request_token_secret(self, client_key, resource_owner_key): client = Client.find_one({'client_key':client_key}) if client: token = RequestToken.find_one( {'token':resource_owner_key, 'client_id': client['_id']}) if token: return token['secret'] return None
def validate_timestamp_and_nonce(self, client_key, timestamp, nonce, request_token=None, access_token=None): token = True req_token = True client = Client.find_one({'client_key':client_key}) if client: nonce = Nonce.find_one({'nonce':nonce, 'timestamp':timestamp, 'client_id':client['_id']}) if nonce: if request_token: req_token = RequestToken.find_one( {'_id':nonce['request_token_id'], 'token':request_token}) if access_token: token = RequestToken.find_one( {'_id':nonce['request_token_id'], 'token':access_token}) return token and req_token and nonce != None
def get_realm(self, client_key, request_token): client = Client.find_one({'client_key': client_key}) if client: token = RequestToken.find_one({ 'token': request_token, 'client_id': client['_id'] }) if token: return token.get('realm') return None
def get_request_token_secret(self, client_key, resource_owner_key): client = Client.find_one({'client_key': client_key}) if client: token = RequestToken.find_one({ 'token': resource_owner_key, 'client_id': client['_id'] }) if token: return token['secret'] return None
def validate_timestamp_and_nonce(self, client_key, timestamp, nonce, request_token=None, access_token=None): token = True req_token = True client = Client.find_one({'client_key': client_key}) if client: nonce = Nonce.find_one({ 'nonce': nonce, 'timestamp': timestamp, 'client_id': client['_id'] }) if nonce: if request_token: req_token = RequestToken.find_one({ '_id': nonce['request_token_id'], 'token': request_token }) if access_token: token = RequestToken.find_one({ '_id': nonce['request_token_id'], 'token': access_token }) return token and req_token and nonce != None
def save_access_token(self, client_key, access_token, request_token, realm=None, secret=None): client = Client.find_one({'client_key':client_key}) if client: token = AccessToken(access_token, secret=secret, realm=realm) token.client_id = client['_id'] req_token = RequestToken.find_one({'token':request_token}) if req_token: token['resource_owner_id'] = req_token['resource_owner_id'] token['realm'] = req_token['realm'] AccessToken.insert(token)
def save_timestamp_and_nonce(self, client_key, timestamp, nonce, request_token=None, access_token=None): client = Client.find_one({'client_key':client_key}) if client: nonce = Nonce(nonce, timestamp) nonce.client_id = client['_id'] if request_token: req_token = RequestToken.find_one({'token':request_token}) nonce.request_token_id = req_token['_id'] if access_token: token = AccessToken.find_one({'token':access_token}) nonce.access_token_id = token['_id'] nonce.insert()
def save_access_token(self, client_key, access_token, request_token, realm=None, secret=None): client = Client.find_one({'client_key': client_key}) if client: token = AccessToken(access_token, secret=secret, realm=realm) token.client_id = client['_id'] req_token = RequestToken.find_one({'token': request_token}) if req_token: token['resource_owner_id'] = req_token['resource_owner_id'] token['realm'] = req_token['realm'] AccessToken.insert(token)
def save_access_token(self, client_key, access_token, request_token, realm=None, secret=None): client = Client.find_one({'client_key':client_key}) if client: req_token = RequestToken.find_one( {'token':request_token}, as_obj = True) if req_token: if not req_token['user_id']: req_token['user_id'] = current_user.get_id() req_token.save() token = AccessToken.find_or_create( client_id = client['_id'], user_id = req_token['user_id'],#current_user.get_id(), realm = realm if realm else req_token['realm']) token.secret = secret token.token = access_token token.save()
def save_timestamp_and_nonce(self, client_key, timestamp, nonce, request_token=None, access_token=None): client = Client.find_one({'client_key': client_key}) if client: nonce = Nonce(nonce, timestamp) nonce.client_id = client['_id'] if request_token: req_token = RequestToken.find_one({'token': request_token}) nonce.request_token_id = req_token['_id'] if access_token: token = AccessToken.find_one({'token': access_token}) nonce.access_token_id = token['_id'] nonce.insert()
def authorize(self): if request.method == u"POST" or 'done' in request.args: token = request.form.get("oauth_token") if not token: token = request.args.get("oauth_token") return self.authorized(token, request=request) else: # TODO: Authenticate client token_key = request.args.get(u"oauth_token") token = RequestToken.find_one({'token': token_key}) if token: realm = token.get('realm') # TODO: Make this more robust. session['realm'] = realm if realm and realm in APIS: #url = ("%s?first_oauth_token=%s" % # (url_for('%s.finished' % realm, _external = True), token_key)) session['original_token'] = token_key url = url_for('%s.finished' % realm, _external=True) resp = APIS[realm].authorize(callback=url, **APIS[realm].auth_params) return resp return render_template(u"authorize.html", token=token_key, realm=token['realm'].title()) # If we got here, it's because we don't recognize the client attempting # to connect. Send them an "unauthorized" error. abort(403)
def save_verifier(self, request_token, verifier): token = RequestToken.find_one({'token':request_token}) token['verifier'] = verifier token['user_id'] = current_user.get_id() RequestToken.get_collection().save(token)
def get_callback(self, request_token): return RequestToken.find_one( {'token':request_token})['callback']
def save_verifier(self, request_token, verifier): token = RequestToken.find_one({'token': request_token}) token['verifier'] = verifier token['user_id'] = current_user.get_id() RequestToken.get_collection().save(token)
def get_callback(self, request_token): return RequestToken.find_one({'token': request_token})['callback']
def save_verifier(self, request_token, verifier): token = RequestToken.find_one({'token':request_token}) token['verifier'] = verifier token['resource_owner_id'] = g.user['_id'] RequestToken.get_collection().save(token)
def save_verifier(self, request_token, verifier): token = RequestToken.find_one({'token': request_token}) token['verifier'] = verifier token['resource_owner_id'] = g.user['_id'] RequestToken.get_collection().save(token)