def _process(self):
try:
user = self._request_token.getUser()
access_tokens = Catalog.getIdx('user_oauth_access_token').get(user.getId())
timestamp = nowutc()
if access_tokens is not None:
for access_token in list(access_tokens):
if access_token.getConsumer().getName() == self._request_token.getConsumer().getName():
access_token.setTimestamp(timestamp)
response = {'oauth_token': access_token.getId(),
'oauth_token_secret': access_token.getToken().secret,
'user_id': user.getId(),
'oauth_token_ttl': Config.getInstance().getOAuthAccessTokenTTL(),
'oauth_token_expiration_timestamp': access_token.getTimestamp() +
timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL())}
return urlencode(response)
access_token_key = OAuthUtils.gen_random_string()
access_token_secret = OAuthUtils.gen_random_string()
access_token = Token(access_token_key, oauth.Token(access_token_key, access_token_secret),
timestamp, self._request_token.getConsumer(), user)
AccessTokenHolder().add(access_token)
response = {'oauth_token': access_token_key,
'oauth_token_secret': access_token_secret,
'user_id': user.getId(),
'oauth_token_ttl': Config.getInstance().getOAuthAccessTokenTTL(),
'oauth_token_expiration_timestamp': access_token.getTimestamp() +
timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL())}
return urlencode(response)
except oauth.Error, err:
raise OAuthError(err.message, 401)
def _process(self):
# TODO: Token should have flag authorized=False
token = oauth.Token(OAuthUtils.gen_random_string(), OAuthUtils.gen_random_string())
token.set_callback(self._oauth_request.get_parameter('oauth_callback'))
timestamp = nowutc()
TempRequestTokenHolder().add(Token(token.key, token, timestamp, self._consumer, None))
Logger.get('oauth.request_token').info(token.to_string())
return token.to_string()
def _process(self):
user = self.getAW().getUser()
old_request_token = self._checkThirdPartyAuthPermissible(
self._request_token.getConsumer().getName(), user.getId()
)
TempRequestTokenHolder().remove(self._request_token)
self._request_token.setUser(user)
if old_request_token is not None:
self._request_token.setAuthorized(old_request_token.isAuthorized())
RequestTokenHolder().update(old_request_token, self._request_token)
else:
RequestTokenHolder().add(self._request_token)
if not self._request_token.getConsumer().isTrusted() and not self._request_token.isAuthorized():
redirectURL = UHOAuthThirdPartyAuth.getURL()
redirectURL.addParams(
{
"callback": self._request_token.getToken().get_callback_url(),
#'returnURL': str(urlHandlers.UHOAuthAuthorizeConsumer.getURL()),
"third_party_app": self._request_token.getConsumer().getName(),
}
)
self._redirect(redirectURL)
return
verifier = OAuthUtils.gen_random_string()
self._request_token.getToken().set_verifier(verifier)
self._request_token._p_changed = 1
self._redirect(self._request_token.getToken().get_callback_url())
def _process(self):
user = self.getAW().getUser()
old_request_token = self._checkThirdPartyAuthPermissible(
self._request_token.getConsumer().getName(), user.getId())
TempRequestTokenHolder().remove(self._request_token)
self._request_token.setUser(user)
if old_request_token is not None:
self._request_token.setAuthorized(old_request_token.isAuthorized())
RequestTokenHolder().update(old_request_token, self._request_token)
else:
RequestTokenHolder().add(self._request_token)
if not self._request_token.getConsumer().isTrusted(
) and not self._request_token.isAuthorized():
redirectURL = UHOAuthThirdPartyAuth.getURL()
redirectURL.addParams({
'callback':
self._request_token.getToken().get_callback_url(),
#'returnURL': str(urlHandlers.UHOAuthAuthorizeConsumer.getURL()),
'third_party_app':
self._request_token.getConsumer().getName()
})
self._redirect(redirectURL)
return
verifier = OAuthUtils.gen_random_string()
self._request_token.getToken().set_verifier(verifier)
self._request_token._p_changed = 1
self._redirect(self._request_token.getToken().get_callback_url())
def _process(self):
request_tokens = Catalog.getIdx('user_oauth_request_token').get(self.user_id)
if request_tokens:
for request_token in request_tokens:
if self.response == 'accept':
verifier = OAuthUtils.gen_random_string()
request_token.getToken().set_verifier(verifier)
request_token.setAuthorized(True)
request_token._p_changed = 1
else:
RequestTokenHolder().remove(request_token)
self._redirect(request_token.getToken().get_callback_url())
else:
raise MaKaCError(_("There was a problem while authenticating. Please, start again the login process from the beginning"))
def _process(self):
request_tokens = Catalog.getIdx('user_oauth_request_token').get(self.user_id)
if request_tokens:
for request_token in request_tokens:
if self.response == 'accept':
verifier = OAuthUtils.gen_random_string()
request_token.getToken().set_verifier(verifier)
request_token.setAuthorized(True)
request_token._p_changed = 1
else:
RequestTokenHolder().remove(request_token)
self._redirect(request_token.getToken().get_callback_url())
else:
raise MaKaCError(_("""There was a problem while authenticating.
Please, start again the login process from the beginning"""))
def handler(prefix, path):
path = posixpath.join('/', prefix, path)
ContextManager.destroy()
clearCache() # init fossil cache
logger = Logger.get('httpapi')
if request.method == 'POST':
# Convert POST data to a query string
queryParams = dict((key, value.encode('utf-8'))
for key, value in request.form.iteritems())
query = urllib.urlencode(queryParams)
else:
# Parse the actual query string
queryParams = dict((key, value.encode('utf-8'))
for key, value in request.args.iteritems())
query = request.query_string
dbi = DBMgr.getInstance()
dbi.startRequest()
apiKey = get_query_parameter(queryParams, ['ak', 'apikey'], None)
cookieAuth = get_query_parameter(queryParams, ['ca', 'cookieauth'],
'no') == 'yes'
signature = get_query_parameter(queryParams, ['signature'])
timestamp = get_query_parameter(queryParams, ['timestamp'],
0,
integer=True)
noCache = get_query_parameter(queryParams, ['nc', 'nocache'],
'no') == 'yes'
pretty = get_query_parameter(queryParams, ['p', 'pretty'], 'no') == 'yes'
onlyPublic = get_query_parameter(queryParams, ['op', 'onlypublic'],
'no') == 'yes'
onlyAuthed = get_query_parameter(queryParams, ['oa', 'onlyauthed'],
'no') == 'yes'
oauthToken = 'oauth_token' in queryParams
# Check if OAuth data is supplied in the Authorization header
if not oauthToken and request.headers.get('Authorization') is not None:
oauthToken = 'oauth_token' in request.headers.get('Authorization')
# Get our handler function and its argument and response type
hook, dformat = HTTPAPIHook.parseRequest(path, queryParams)
if hook is None or dformat is None:
raise NotFound
# Disable caching if we are not just retrieving data (or the hook requires it)
if request.method == 'POST' or hook.NO_CACHE:
noCache = True
ak = error = result = None
ts = int(time.time())
typeMap = {}
responseUtil = ResponseUtil()
try:
used_session = None
if cookieAuth:
used_session = session
if not used_session.avatar: # ignore guest sessions
used_session = None
if apiKey or oauthToken or not used_session:
if not oauthToken:
# Validate the API key (and its signature)
ak, enforceOnlyPublic = checkAK(apiKey, signature, timestamp,
path, query)
if enforceOnlyPublic:
onlyPublic = True
# Create an access wrapper for the API key's user
aw = buildAW(ak, onlyPublic)
else: # Access Token (OAuth)
at = OAuthUtils.OAuthCheckAccessResource()
aw = buildAW(at, onlyPublic)
# Get rid of API key in cache key if we did not impersonate a user
if ak and aw.getUser() is None:
cacheKey = normalizeQuery(
path,
query,
remove=('_', 'ak', 'apiKey', 'signature', 'timestamp',
'nc', 'nocache', 'oa', 'onlyauthed'))
else:
cacheKey = normalizeQuery(path,
query,
remove=('_', 'signature',
'timestamp', 'nc', 'nocache',
'oa', 'onlyauthed'))
if signature:
# in case the request was signed, store the result under a different key
cacheKey = 'signed_' + cacheKey
else:
# We authenticated using a session cookie.
if Config.getInstance().getCSRFLevel() >= 2:
token = request.headers.get(
'X-CSRF-Token',
get_query_parameter(queryParams, ['csrftoken']))
if used_session.csrf_protected and used_session.csrf_token != token:
raise HTTPAPIError('Invalid CSRF token', 403)
aw = AccessWrapper()
if not onlyPublic:
aw.setUser(used_session.avatar)
userPrefix = 'user-' + used_session.avatar.getId() + '_'
cacheKey = userPrefix + normalizeQuery(
path,
query,
remove=('_', 'nc', 'nocache', 'ca', 'cookieauth', 'oa',
'onlyauthed', 'csrftoken'))
# Bail out if the user requires authentication but is not authenticated
if onlyAuthed and not aw.getUser():
raise HTTPAPIError('Not authenticated', 403)
addToCache = not hook.NO_CACHE
cache = GenericCache('HTTPAPI')
cacheKey = RE_REMOVE_EXTENSION.sub('', cacheKey)
if not noCache:
obj = cache.get(cacheKey)
if obj is not None:
result, extra, ts, complete, typeMap = obj
addToCache = False
if result is None:
ContextManager.set("currentAW", aw)
# Perform the actual exporting
res = hook(aw)
if isinstance(res, tuple) and len(res) == 4:
result, extra, complete, typeMap = res
else:
result, extra, complete, typeMap = res, {}, True, {}
if result is not None and addToCache:
ttl = api_settings.get('cache_ttl')
cache.set(cacheKey, (result, extra, ts, complete, typeMap), ttl)
except HTTPAPIError, e:
error = e
if e.getCode():
responseUtil.status = e.getCode()
if responseUtil.status == 405:
responseUtil.headers[
'Allow'] = 'GET' if request.method == 'POST' else 'POST'
def _getAnswer(self):
consumer = Consumer(OAuthUtils.gen_random_string(),OAuthUtils.gen_random_string(), self._consumerName)
ConsumerHolder().add(consumer)
return fossilize(consumer)
def _getAnswer(self):
consumer = Consumer(OAuthUtils.gen_random_string(),
OAuthUtils.gen_random_string(), self._consumerName)
ConsumerHolder().add(consumer)
return fossilize(consumer)
