def access_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ("oauth_token", "oauth_verifier"))
if missing_params is not None:
return missing_params
try:
request_token = store.get_request_token(request, oauth_request, oauth_request["oauth_token"])
except InvalidTokenError:
return HttpResponseBadRequest("Invalid request token.")
try:
consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
except InvalidConsumerError:
return HttpResponseBadRequest("Invalid consumer.")
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest("Could not verify OAuth request.")
if oauth_request.get("oauth_verifier", None) != request_token.verifier:
return HttpResponseBadRequest("Invalid OAuth verifier.")
if not request_token.is_approved:
return HttpResponseBadRequest("Request Token not approved by the user.")
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
ret = urlencode({"oauth_token": access_token.key, "oauth_token_secret": access_token.secret})
return HttpResponse(ret, content_type="application/x-www-form-urlencoded")
def wrapped_view(request, *args, **kwargs):
oauth_request = get_oauth_request(request)
scheme = 'https' if request.is_secure() else 'http'
domain = get_current_site(request).domain
if oauth_request is None:
return invalid_params_response(scheme, domain)
try:
consumer = store.get_consumer(
request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return INVALID_CONSUMER_RESPONSE
try:
token = store.get_access_token(
request, oauth_request, consumer, oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return send_oauth_error('https' if request.is_secure() else 'http',
get_current_site(request).domain,
oauth.Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token')))
if not verify_oauth_request(request, oauth_request, consumer, token):
return could_not_verify_oauth_request_response(scheme, domain)
if self.scope_name and (not token.scope or
token.scope.name != self.scope_name):
return invalid_scope_response(scheme, domain)
if token.user:
request.user = token.user
return view_func(request, *args, **kwargs)
def wrapped_view(request, *args, **kwargs):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
try:
consumer = store.get_consumer(
request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return INVALID_CONSUMER_RESPONSE
try:
token = store.get_access_token(
request, oauth_request, consumer,
oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return send_oauth_error(
oauth.Error(
_('Invalid access token: %s') %
oauth_request.get_parameter('oauth_token')))
if not verify_oauth_request(request, oauth_request, consumer,
token):
return COULD_NOT_VERIFY_OAUTH_REQUEST_RESPONSE
if self.scope_name and (not token.scope
or token.scope.name != self.scope_name):
return INVALID_SCOPE_RESPONSE
if token.user:
request.user = token.user
return view_func(request, *args, **kwargs)
def __call__(self, request, *args, **kwargs):
if self.is_valid_request(request):
oauth_request = get_oauth_request(request)
consumer = store.get_consumer(
request, oauth_request,
oauth_request.get_parameter('oauth_consumer_key'))
consumer.key = str(consumer.key)
consumer.secret = str(consumer.secret)
try:
token = store.get_access_token(
request, oauth_request, consumer,
oauth_request.get_parameter('oauth_token'))
token.key = str(token.key)
token.secret = str(token.secret)
except InvalidTokenError:
return send_oauth_error(
Error(
_('Invalid access token: %s') %
oauth_request.get_parameter('oauth_token')))
try:
parameters = self.validate_token(request, consumer, token)
except Error, e:
return send_oauth_error(e)
if consumer and token:
request.user = token.user
return self.view_func(request, *args, **kwargs)
def access_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid consumer.')
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
if not request_token.is_approved:
return HttpResponseBadRequest('Request Token not approved by the user.')
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def __call__(self, request, *args, **kwargs):
if self.is_valid_request(request):
oauth_request = get_oauth_request(request)
consumer = store.get_consumer(
request, oauth_request,
oauth_request.get_parameter('oauth_consumer_key'))
try:
token = store.get_access_token(
request, oauth_request, consumer,
oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return send_oauth_error(
Error(
_('Invalid access token: %s') %
oauth_request.get_parameter('oauth_token')))
try:
parameters = self.validate_token(request, consumer, token)
except Error, e:
return send_oauth_error(e)
if self.resource_name and token.resource.name != self.resource_name:
return send_oauth_error(
Error(_('You are not allowed to access this resource.')))
elif consumer and token:
# Hack
request.user = token.user
return self.view_func(request, *args, **kwargs)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return HttpResponseBadRequest("Invalid request parameters.")
missing_params = require_params(oauth_request, ("oauth_callback",))
if missing_params is not None:
return missing_params
if is_xauth_request(oauth_request):
return HttpResponseBadRequest("xAuth not allowed for this method.")
try:
consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
except InvalidConsumerError:
return HttpResponse("Invalid consumer.", status=401)
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest("Could not verify OAuth request.")
try:
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request["oauth_callback"])
except oauth.Error:
return HttpResponse("Invalid request token: %s" % oauth_request.get_parameter("oauth_token"), status=401)
ret = urlencode(
{
"oauth_token": request_token.key,
"oauth_token_secret": request_token.secret,
"oauth_callback_confirmed": "true",
}
)
return HttpResponse(ret, content_type="application/x-www-form-urlencoded")
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback', ))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return oauth_error_response('Invalid Consumer.',
status_code=httplib.BAD_REQUEST)
if not verify_oauth_request(request, oauth_request, consumer):
return oauth_error_response('Could not verify OAuth request.',
status_code=httplib.BAD_REQUEST)
try:
request_token = store.create_request_token(
request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error, err:
return oauth_error_response(err)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback', ))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
logging.info('Oauth error: invalid consumer: %d' %
oauth_request['oauth_consumer_key'])
return HttpResponseBadRequest('Invalid Consumer.')
if not verify_oauth_request(request, oauth_request, consumer):
logging.info('Oauth error: could not verify request')
return HttpResponseBadRequest('Could not verify OAuth request.')
try:
request_token = store.create_request_token(
request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error, err:
return send_oauth_error(err)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return HttpResponseBadRequest('Invalid request parameters.')
missing_params = require_params(oauth_request, ('oauth_callback', ))
if missing_params is not None:
return missing_params
if is_xauth_request(oauth_request):
return HttpResponseBadRequest('xAuth not allowed for this method.')
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponse('Invalid consumer.', status=401)
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify OAuth request.')
try:
request_token = store.create_request_token(
request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error:
return HttpResponse('Invalid request token: %s' %
oauth_request.get_parameter('oauth_token'),
status=401)
ret = urlencode({
'oauth_token': request_token.key,
'oauth_token_secret': request_token.secret,
'oauth_callback_confirmed': 'true'
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def check_access_token(self, request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return ('params', 'Invalid request parameters.')
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return ('auth', 'Invalid Consumer.')
try:
token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return ('auth', 'Invalid access token: %s' % oauth_request.get_parameter('oauth_token'))
# LRS CHANGE - RETURN BETTER ERROR MESSAGE
if not verify_oauth_request(request, oauth_request, consumer, token):
return ('params', 'Could not verify OAuth request.')
# LRS CHANGE - SCOPE IS JUST A CHARFIELD NOW - JUST COMPARE THE VALUES
if self.scope_name and (not token.scope
or token.scope != self.scope_name):
return ('params', 'You are not allowed to access this resource.')
if token.user:
request.user = token.user
return (None, None)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return HttpResponseBadRequest('Invalid request parameters.')
missing_params = require_params(oauth_request, ('oauth_callback',))
if missing_params is not None:
return missing_params
if is_xauth_request(oauth_request):
return HttpResponseBadRequest('xAuth not allowed for this method.')
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponse('Invalid consumer.', status=401)
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify OAuth request.')
try:
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error:
return HttpResponse('Invalid request token: %s' % oauth_request.get_parameter('oauth_token'), status=401)
ret = urlencode({
'oauth_token': request_token.key,
'oauth_token_secret': request_token.secret,
'oauth_callback_confirmed': 'true'
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def check_access_token(self, request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return ('params', 'Invalid request parameters.')
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return ('auth', 'Invalid Consumer.')
try:
token = store.get_access_token(
request, oauth_request, consumer,
oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return ('auth', 'Invalid access token: %s' %
oauth_request.get_parameter('oauth_token'))
# LRS CHANGE - RETURN BETTER ERROR MESSAGE
if not verify_oauth_request(request, oauth_request, consumer, token):
return ('params', 'Could not verify OAuth request.')
# LRS CHANGE - SCOPE IS JUST A CHARFIELD NOW - JUST COMPARE THE VALUES
if self.scope_name and (not token.scope
or token.scope != self.scope_name):
return ('params', 'You are not allowed to access this resource.')
if token.user:
request.user = token.user
return (None, None)
def wrapped_view(request, *args, **kwargs):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return INVALID_CONSUMER_RESPONSE
try:
token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return send_oauth_error(oauth.Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token')))
if not verify_oauth_request(request, oauth_request, consumer, token):
return COULD_NOT_VERIFY_OAUTH_REQUEST_RESPONSE
if self.scope_name and (not token.scope
or token.scope.name != self.scope_name):
return INVALID_SCOPE_RESPONSE
if token.user:
request.user = token.user
return view_func(request, *args, **kwargs)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback', ))
if missing_params is not None:
return missing_params
if is_xauth_request(oauth_request):
return HttpResponseBadRequest('xAuth not allowed for this method.')
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return INVALID_CONSUMER_RESPONSE
if not verify_oauth_request(request, oauth_request, consumer):
return COULD_NOT_VERIFY_OAUTH_REQUEST_RESPONSE
try:
request_token = store.create_request_token(
request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error, err:
return send_oauth_error(err)
def access_token(request):
oauth_request = get_oauth_request(request)
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
try:
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid consumer.')
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
if not request_token.is_approved:
return HttpResponseBadRequest('Request Token not approved by the user.')
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
ret = urlencode({
'oauth_token': access_token.key,
'oauth_token_secret': access_token.secret
})
return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
def process_oauth_checking(self, request, *args, **kwargs):
if self.is_valid_request(request):
oauth_request = get_oauth_request(request)
from store import store, InvalidConsumerError, InvalidTokenError
# Retrieve consumer
try:
consumer = store.get_consumer(request, oauth_request, oauth_request.get_parameter("oauth_consumer_key"))
consumer.key = str(consumer.key)
consumer.secret = str(consumer.secret)
except InvalidConsumerError:
return oauth.Error(_("Invalid consumer: %s") % oauth_request.get_parameter("oauth_consumer_key"))
# Retrieve access token
try:
token = store.get_access_token(
request, oauth_request, consumer, oauth_request.get_parameter("oauth_token")
)
token.key = str(token.key)
token.secret = str(token.secret)
except InvalidTokenError:
return oauth.Error(_("Invalid access token: %s") % oauth_request.get_parameter("oauth_token"))
try:
parameters = self.validate_token(request, consumer, token)
except oauth.Error, e:
return e
if consumer and token:
request.user = token.user
request.consumer = consumer
request.token = token
return None
def _authenticate_three_legged(self, request, oauth_request):
# missing_params = require_params(oauth_request, ('oauth_token',))
# if missing_params is not None:
# return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
access_token = store.get_access_token(request, oauth_request,
consumer,
oauth_request['oauth_token'])
except (InvalidConsumerError, InvalidTokenError):
return False
if not verify_oauth_request(request, oauth_request, consumer,
access_token):
return False
request.user = store.get_user_for_access_token(request, oauth_request,
access_token)
request.consumer = store.get_consumer_for_access_token(
request, oauth_request, access_token)
request.throttle_extra = request.consumer.key
return True
def __call__(self, request, *args, **kwargs):
if self.is_valid_request(request):
oauth_request = get_oauth_request(request)
consumer = store.get_consumer(request, oauth_request,
oauth_request.get_parameter('oauth_consumer_key'))
try:
token = store.get_access_token(request, oauth_request,
consumer, oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return send_oauth_error(Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token')))
try:
parameters = self.validate_token(request, consumer, token)
except Error, e:
return send_oauth_error(e)
if self.resource_name and token.resource.name != self.resource_name:
return send_oauth_error(Error(_('You are not allowed to access this resource.')))
elif consumer and token:
return self.view_func(request, *args, **kwargs)
def _authenticate_two_legged(self, request, oauth_request):
# missing_params = require_params(oauth_request)
# if missing_params is not None:
# return missing_params
try:
consumer = store.get_consumer(
request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return False
if not verify_oauth_request(request, oauth_request, consumer):
return False
request.user = store.get_user_for_consumer(
request, oauth_request, consumer)
request.consumer = consumer
request.throttle_extra = consumer.key
return True
def _authenticate_two_legged(self, request, oauth_request):
# missing_params = require_params(oauth_request)
# if missing_params is not None:
# return missing_params
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return False
if not verify_oauth_request(request, oauth_request, consumer):
return False
request.user = store.get_user_for_consumer(request, oauth_request,
consumer)
request.consumer = consumer
request.throttle_extra = consumer.key
return True
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback',))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return oauth_error_response('Invalid Consumer.', status_code=httplib.BAD_REQUEST)
if not verify_oauth_request(request, oauth_request, consumer):
return oauth_error_response('Could not verify OAuth request.', status_code=httplib.BAD_REQUEST)
try:
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error, err:
return oauth_error_response(err)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ("oauth_callback",))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
except InvalidConsumerError:
return HttpResponseBadRequest("Invalid Consumer.")
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest("Could not verify OAuth request.")
try:
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request["oauth_callback"])
except oauth.Error, err:
return send_oauth_error(err)
def __call__(self, request, *args, **kwargs):
if self.is_valid_request(request):
oauth_request = get_oauth_request(request)
consumer = store.get_consumer(request, oauth_request,
oauth_request.get_parameter('oauth_consumer_key'))
consumer.key = str(consumer.key)
consumer.secret = str(consumer.secret)
try:
token = store.get_access_token(request, oauth_request,
consumer, oauth_request.get_parameter('oauth_token'))
token.key = str(token.key)
token.secret = str(token.secret)
except InvalidTokenError:
return send_oauth_error(Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token')))
try:
parameters = self.validate_token(request, consumer, token)
except Error, e:
return send_oauth_error(e)
if consumer and token:
request.user = token.user
return self.view_func(request, *args, **kwargs)
def process_oauth_checking(self, request, *args, **kwargs):
if self.is_valid_request(request):
oauth_request = get_oauth_request(request)
from store import store, InvalidConsumerError, InvalidTokenError
# Retrieve consumer
try:
consumer = store.get_consumer(
request, oauth_request,
oauth_request.get_parameter('oauth_consumer_key'))
consumer.key = str(consumer.key)
consumer.secret = str(consumer.secret)
except InvalidConsumerError:
return oauth.Error(
_('Invalid consumer: %s') %
oauth_request.get_parameter('oauth_consumer_key'))
# Retrieve access token
try:
token = store.get_access_token(
request, oauth_request, consumer,
oauth_request.get_parameter('oauth_token'))
token.key = str(token.key)
token.secret = str(token.secret)
except InvalidTokenError:
return oauth.Error(
_('Invalid access token: %s') %
oauth_request.get_parameter('oauth_token'))
try:
parameters = self.validate_token(request, consumer, token)
except oauth.Error, e:
return e
if consumer and token:
request.user = token.user
request.consumer = consumer
request.token = token
return None
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback',))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
logging.info('Oauth error: invalid consumer: %d' % oauth_request['oauth_consumer_key'])
return HttpResponseBadRequest('Invalid Consumer.')
if not verify_oauth_request(request, oauth_request, consumer):
logging.info('Oauth error: could not verify request')
return HttpResponseBadRequest('Could not verify OAuth request.')
try:
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error, err:
return send_oauth_error(err)
def _authenticate_three_legged(self, request, oauth_request):
# missing_params = require_params(oauth_request, ('oauth_token',))
# if missing_params is not None:
# return missing_params
try:
consumer = store.get_consumer(
request, oauth_request, oauth_request['oauth_consumer_key'])
access_token = store.get_access_token(
request, oauth_request, consumer, oauth_request['oauth_token'])
except (InvalidConsumerError, InvalidTokenError):
return False
if not verify_oauth_request(request, oauth_request, consumer, access_token):
return False
request.user = store.get_user_for_access_token(
request, oauth_request, access_token)
request.consumer = store.get_consumer_for_access_token(
request, oauth_request, access_token)
request.throttle_extra = request.consumer.key
return True
def wrapped_view(request, *args, **kwargs):
oauth_request = get_oauth_request(request)
scheme = 'https' if request.is_secure() else 'http'
domain = get_current_site(request).domain
if oauth_request is None:
return invalid_params_response(scheme, domain)
try:
consumer = store.get_consumer(
request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return INVALID_CONSUMER_RESPONSE
try:
token = store.get_access_token(
request, oauth_request, consumer,
oauth_request.get_parameter('oauth_token'))
except InvalidTokenError:
return send_oauth_error(
'https' if request.is_secure() else 'http',
get_current_site(request).domain,
oauth.Error(
_('Invalid access token: %s') %
oauth_request.get_parameter('oauth_token')))
if not verify_oauth_request(request, oauth_request, consumer,
token):
return could_not_verify_oauth_request_response(scheme, domain)
if self.scope_name and (not token.scope
or token.scope.name != self.scope_name):
return invalid_scope_response(scheme, domain)
if token.user:
request.user = token.user
return view_func(request, *args, **kwargs)
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback',))
if missing_params is not None:
return missing_params
if is_xauth_request(oauth_request):
return HttpResponseBadRequest('xAuth not allowed for this method.')
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid Consumer.')
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify OAuth request.')
try:
request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
except oauth.Error, err:
return send_oauth_error(err)
def access_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return HttpResponseBadRequest("Invalid request parameters.")
# Consumer
try:
consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
except InvalidConsumerError:
return HttpResponseBadRequest("Invalid consumer.")
is_xauth = is_xauth_request(oauth_request)
if not is_xauth:
# Check Parameters
missing_params = require_params(oauth_request, ("oauth_token", "oauth_verifier"))
if missing_params is not None:
return missing_params
# Check Request Token
try:
request_token = store.get_request_token(request, oauth_request, oauth_request["oauth_token"])
except InvalidTokenError:
return HttpResponse("Invalid request token: %s" % oauth_request["oauth_token"], status=401)
if not request_token.is_approved:
return HttpResponse("Request Token not approved by the user.", status=401)
# Verify Signature
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest("Could not verify OAuth request.")
# Check Verifier
if oauth_request.get("oauth_verifier", None) != request_token.verifier:
return HttpResponseBadRequest("Invalid OAuth verifier.")
else: # xAuth
# Check Parameters
missing_params = require_params(oauth_request, ("x_auth_username", "x_auth_password", "x_auth_mode"))
if missing_params is not None:
return missing_params
# Check if Consumer allows xAuth
if not consumer.xauth_allowed:
return HttpResponseBadRequest("xAuth not allowed for this method")
# Check Signature
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest("Could not verify xAuth request.")
user = authenticate(
x_auth_username=oauth_request.get_parameter("x_auth_username"),
x_auth_password=oauth_request.get_parameter("x_auth_password"),
x_auth_mode=oauth_request.get_parameter("x_auth_mode"),
)
if not user:
return HttpResponseBadRequest("xAuth username or password is not valid")
else:
request.user = user
# Handle Request Token
try:
# request_token = store.create_request_token(request, oauth_request, consumer, oauth_request.get('oauth_callback'))
request_token = store.create_request_token(request, oauth_request, consumer, OUT_OF_BAND)
request_token = store.authorize_request_token(request, oauth_request, request_token)
except oauth.Error as err:
return send_oauth_error("https" if request.is_secure() else "http", get_current_site(request).domain, err)
access_token = store.create_access_token(request, oauth_request, consumer, request_token)
ret = urlencode({"oauth_token": access_token.key, "oauth_token_secret": access_token.secret})
return HttpResponse(ret, content_type="application/x-www-form-urlencoded")
def access_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return HttpResponseBadRequest('Invalid request parameters.')
# Consumer
try:
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid consumer.')
is_xauth = is_xauth_request(oauth_request)
if not is_xauth:
# Check Parameters
missing_params = require_params(oauth_request,
('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
# Check Request Token
try:
request_token = store.get_request_token(
request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponse('Invalid request token: %s' %
oauth_request['oauth_token'],
status=401)
if not request_token.is_approved:
return HttpResponse('Request Token not approved by the user.',
status=401)
# Verify Signature
if not verify_oauth_request(request, oauth_request, consumer,
request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
# Check Verifier
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
else: # xAuth
# Check Parameters
missing_params = require_params(
oauth_request,
('x_auth_username', 'x_auth_password', 'x_auth_mode'))
if missing_params is not None:
return missing_params
# Check if Consumer allows xAuth
if not consumer.xauth_allowed:
return HttpResponseBadRequest('xAuth not allowed for this method')
# Check Signature
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify xAuth request.')
user = authenticate(
x_auth_username=oauth_request.get_parameter('x_auth_username'),
x_auth_password=oauth_request.get_parameter('x_auth_password'),
x_auth_mode=oauth_request.get_parameter('x_auth_mode'))
if not user:
return HttpResponseBadRequest(
'xAuth username or password is not valid')
else:
request.user = user
# Handle Request Token
try:
#request_token = store.create_request_token(request, oauth_request, consumer, oauth_request.get('oauth_callback'))
request_token = store.create_request_token(request, oauth_request,
consumer, OUT_OF_BAND)
request_token = store.authorize_request_token(
request, oauth_request, request_token)
except oauth.Error, err:
return send_oauth_error(err)
def access_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
# Consumer
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid consumer.')
is_xauth = is_xauth_request(oauth_request)
if not is_xauth:
# Check Parameters
missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
if missing_params is not None:
return missing_params
# Check Request Token
try:
request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
except InvalidTokenError:
return HttpResponseBadRequest('Invalid request token.')
if not request_token.is_approved:
return HttpResponseBadRequest('Request Token not approved by the user.')
# Verify Signature
if not verify_oauth_request(request, oauth_request, consumer, request_token):
return HttpResponseBadRequest('Could not verify OAuth request.')
# Check Verifier
if oauth_request.get('oauth_verifier', None) != request_token.verifier:
return HttpResponseBadRequest('Invalid OAuth verifier.')
else: # xAuth
# Check Parameters
missing_params = require_params(oauth_request, ('x_auth_username', 'x_auth_password', 'x_auth_mode'))
if missing_params is not None:
return missing_params
# Check if Consumer allows xAuth
if not consumer.xauth_allowed:
return HttpResponseBadRequest('xAuth not allowed for this method')
# Check Signature
if not verify_oauth_request(request, oauth_request, consumer):
return HttpResponseBadRequest('Could not verify xAuth request.')
# Check Username/Password
if is_xauth and not verify_xauth_request(request, oauth_request):
return HttpResponseBadRequest('xAuth username or password is not valid')
# Handle Request Token
try:
#request_token = store.create_request_token(request, oauth_request, consumer, oauth_request.get('oauth_callback'))
request_token = store.create_request_token(request, oauth_request, consumer, OUT_OF_BAND)
request_token = store.authorize_request_token(request, oauth_request, request_token)
except oauth.Error, err:
return send_oauth_error(err)
