def _process(self): try: user = self._request_token.getUser() access_tokens = Catalog.getIdx('user_oauth_access_token').get(user.getId()) timestamp = nowutc() if access_tokens is not None: for access_token in list(access_tokens): if access_token.getConsumer().getName() == self._request_token.getConsumer().getName(): access_token.setTimestamp(timestamp) response = {'oauth_token': access_token.getId(), 'oauth_token_secret': access_token.getToken().secret, 'user_id': user.getId(), 'oauth_token_ttl': Config.getInstance().getOAuthAccessTokenTTL(), 'oauth_token_expiration_timestamp': access_token.getTimestamp() + timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL())} return urlencode(response) access_token_key = OAuthUtils.gen_random_string() access_token_secret = OAuthUtils.gen_random_string() access_token = Token(access_token_key, oauth.Token(access_token_key, access_token_secret), timestamp, self._request_token.getConsumer(), user) AccessTokenHolder().add(access_token) response = {'oauth_token': access_token_key, 'oauth_token_secret': access_token_secret, 'user_id': user.getId(), 'oauth_token_ttl': Config.getInstance().getOAuthAccessTokenTTL(), 'oauth_token_expiration_timestamp': access_token.getTimestamp() + timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL())} return urlencode(response) except oauth.Error, err: raise OAuthError(err.message, 401)
def _process(self): # TODO: Token should have flag authorized=False token = oauth.Token(OAuthUtils.gen_random_string(), OAuthUtils.gen_random_string()) token.set_callback(self._oauth_request.get_parameter('oauth_callback')) timestamp = nowutc() TempRequestTokenHolder().add(Token(token.key, token, timestamp, self._consumer, None)) Logger.get('oauth.request_token').info(token.to_string()) return token.to_string()
def _process(self): user = self.getAW().getUser() old_request_token = self._checkThirdPartyAuthPermissible( self._request_token.getConsumer().getName(), user.getId() ) TempRequestTokenHolder().remove(self._request_token) self._request_token.setUser(user) if old_request_token is not None: self._request_token.setAuthorized(old_request_token.isAuthorized()) RequestTokenHolder().update(old_request_token, self._request_token) else: RequestTokenHolder().add(self._request_token) if not self._request_token.getConsumer().isTrusted() and not self._request_token.isAuthorized(): redirectURL = UHOAuthThirdPartyAuth.getURL() redirectURL.addParams( { "callback": self._request_token.getToken().get_callback_url(), #'returnURL': str(urlHandlers.UHOAuthAuthorizeConsumer.getURL()), "third_party_app": self._request_token.getConsumer().getName(), } ) self._redirect(redirectURL) return verifier = OAuthUtils.gen_random_string() self._request_token.getToken().set_verifier(verifier) self._request_token._p_changed = 1 self._redirect(self._request_token.getToken().get_callback_url())
def _process(self): user = self.getAW().getUser() old_request_token = self._checkThirdPartyAuthPermissible( self._request_token.getConsumer().getName(), user.getId()) TempRequestTokenHolder().remove(self._request_token) self._request_token.setUser(user) if old_request_token is not None: self._request_token.setAuthorized(old_request_token.isAuthorized()) RequestTokenHolder().update(old_request_token, self._request_token) else: RequestTokenHolder().add(self._request_token) if not self._request_token.getConsumer().isTrusted( ) and not self._request_token.isAuthorized(): redirectURL = UHOAuthThirdPartyAuth.getURL() redirectURL.addParams({ 'callback': self._request_token.getToken().get_callback_url(), #'returnURL': str(urlHandlers.UHOAuthAuthorizeConsumer.getURL()), 'third_party_app': self._request_token.getConsumer().getName() }) self._redirect(redirectURL) return verifier = OAuthUtils.gen_random_string() self._request_token.getToken().set_verifier(verifier) self._request_token._p_changed = 1 self._redirect(self._request_token.getToken().get_callback_url())
def _process(self): request_tokens = Catalog.getIdx('user_oauth_request_token').get(self.user_id) if request_tokens: for request_token in request_tokens: if self.response == 'accept': verifier = OAuthUtils.gen_random_string() request_token.getToken().set_verifier(verifier) request_token.setAuthorized(True) request_token._p_changed = 1 else: RequestTokenHolder().remove(request_token) self._redirect(request_token.getToken().get_callback_url()) else: raise MaKaCError(_("There was a problem while authenticating. Please, start again the login process from the beginning"))
def _process(self): request_tokens = Catalog.getIdx('user_oauth_request_token').get(self.user_id) if request_tokens: for request_token in request_tokens: if self.response == 'accept': verifier = OAuthUtils.gen_random_string() request_token.getToken().set_verifier(verifier) request_token.setAuthorized(True) request_token._p_changed = 1 else: RequestTokenHolder().remove(request_token) self._redirect(request_token.getToken().get_callback_url()) else: raise MaKaCError(_("""There was a problem while authenticating. Please, start again the login process from the beginning"""))
def handler(prefix, path): path = posixpath.join('/', prefix, path) ContextManager.destroy() clearCache() # init fossil cache logger = Logger.get('httpapi') if request.method == 'POST': # Convert POST data to a query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.form.iteritems()) query = urllib.urlencode(queryParams) else: # Parse the actual query string queryParams = dict((key, value.encode('utf-8')) for key, value in request.args.iteritems()) query = request.query_string dbi = DBMgr.getInstance() dbi.startRequest() apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None) cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'], 'no') == 'yes' signature = get_query_parameter(queryParams, ['signature']) timestamp = get_query_parameter(queryParams, ['timestamp'], 0, integer=True) noCache = get_query_parameter(queryParams, ['nc', 'nocache'], 'no') == 'yes' pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes' onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'], 'no') == 'yes' onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'], 'no') == 'yes' oauthToken = 'oauth_token' in queryParams # Check if OAuth data is supplied in the Authorization header if not oauthToken and request.headers.get('Authorization') is not None: oauthToken = 'oauth_token' in request.headers.get('Authorization') # Get our handler function and its argument and response type hook, dformat = HTTPAPIHook.parseRequest(path, queryParams) if hook is None or dformat is None: raise NotFound # Disable caching if we are not just retrieving data (or the hook requires it) if request.method == 'POST' or hook.NO_CACHE: noCache = True ak = error = result = None ts = int(time.time()) typeMap = {} responseUtil = ResponseUtil() try: used_session = None if cookieAuth: used_session = session if not used_session.avatar: # ignore guest sessions used_session = None if apiKey or oauthToken or not used_session: if not oauthToken: # Validate the API key (and its signature) ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp, path, query) if enforceOnlyPublic: onlyPublic = True # Create an access wrapper for the API key's user aw = buildAW(ak, onlyPublic) else: # Access Token (OAuth) at = OAuthUtils.OAuthCheckAccessResource() aw = buildAW(at, onlyPublic) # Get rid of API key in cache key if we did not impersonate a user if ak and aw.getUser() is None: cacheKey = normalizeQuery( path, query, remove=('_', 'ak', 'apiKey', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) else: cacheKey = normalizeQuery(path, query, remove=('_', 'signature', 'timestamp', 'nc', 'nocache', 'oa', 'onlyauthed')) if signature: # in case the request was signed, store the result under a different key cacheKey = 'signed_' + cacheKey else: # We authenticated using a session cookie. if Config.getInstance().getCSRFLevel() >= 2: token = request.headers.get( 'X-CSRF-Token', get_query_parameter(queryParams, ['csrftoken'])) if used_session.csrf_protected and used_session.csrf_token != token: raise HTTPAPIError('Invalid CSRF token', 403) aw = AccessWrapper() if not onlyPublic: aw.setUser(used_session.avatar) userPrefix = 'user-' + used_session.avatar.getId() + '_' cacheKey = userPrefix + normalizeQuery( path, query, remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa', 'onlyauthed', 'csrftoken')) # Bail out if the user requires authentication but is not authenticated if onlyAuthed and not aw.getUser(): raise HTTPAPIError('Not authenticated', 403) addToCache = not hook.NO_CACHE cache = GenericCache('HTTPAPI') cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey) if not noCache: obj = cache.get(cacheKey) if obj is not None: result, extra, ts, complete, typeMap = obj addToCache = False if result is None: ContextManager.set("currentAW", aw) # Perform the actual exporting res = hook(aw) if isinstance(res, tuple) and len(res) == 4: result, extra, complete, typeMap = res else: result, extra, complete, typeMap = res, {}, True, {} if result is not None and addToCache: ttl = api_settings.get('cache_ttl') cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl) except HTTPAPIError, e: error = e if e.getCode(): responseUtil.status = e.getCode() if responseUtil.status == 405: responseUtil.headers[ 'Allow'] = 'GET' if request.method == 'POST' else 'POST'
def _getAnswer(self): consumer = Consumer(OAuthUtils.gen_random_string(),OAuthUtils.gen_random_string(), self._consumerName) ConsumerHolder().add(consumer) return fossilize(consumer)
def _getAnswer(self): consumer = Consumer(OAuthUtils.gen_random_string(), OAuthUtils.gen_random_string(), self._consumerName) ConsumerHolder().add(consumer) return fossilize(consumer)