def OAuthCheckAccessResource(cls):
from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer
oauth_request = oauth.Request.from_request(request.method, request.base_url, request.headers,
parameters=create_flat_args())
Logger.get('oauth.resource').info(oauth_request)
try:
now = nowutc()
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError('Invalid Consumer Key', 401)
consumer = ConsumerHolder().getById(consumer_key)
token = oauth_request.get_parameter('oauth_token')
if not token or not AccessTokenHolder().hasKey(token):
raise OAuthError('Invalid Token', 401)
access_token = AccessTokenHolder().getById(token)
oauth_consumer = oauth.Consumer(consumer.getId(), consumer.getSecret())
OAuthServer.getInstance().verify_request(oauth_request, oauth_consumer, access_token.getToken())
if access_token.getConsumer().getId() != oauth_consumer.key:
raise OAuthError('Invalid Consumer Key', 401)
elif (now - access_token.getTimestamp()) > timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL()):
raise OAuthError('Expired Token', 401)
return access_token
except oauth.Error, e:
if e.message.startswith("Invalid Signature"):
raise OAuthError("Invalid Signature", 401)
else:
raise OAuthError(e.message, 400)
def _do_process(self):
try:
args_result = self._process_args()
if isinstance(args_result, (current_app.response_class, Response)):
return args_result
except NoResultFound: # sqlalchemy .one() not finding anything
raise NotFound(_('The specified item could not be found.'))
rv = self.normalize_url()
if rv is not None:
return rv
self._check_access()
if self.CHECK_HTML:
Sanitization.sanitizationCheck(create_flat_args(),
self.NOT_SANITIZED_FIELDS)
if config.PROFILE:
result = [None]
profile_path = os.path.join(
config.TEMP_DIR,
'{}-{}.prof'.format(type(self).__name__, time.time()))
cProfile.runctx('result[0] = self._process()', globals(), locals(),
profile_path)
return result[0]
else:
return self._process()
def _do_process(self, profile):
profile_name = res = ''
try:
cp_result = self._process_args()
if isinstance(cp_result, (current_app.response_class, Response)):
return '', cp_result
except NoResultFound: # sqlalchemy .one() not finding anything
raise NotFoundError(_('The specified item could not be found.'),
title=_('Item not found'))
rv = self.normalize_url()
if rv is not None:
return '', rv
self._check_access()
Sanitization.sanitizationCheck(create_flat_args(),
self.NOT_SANITIZED_FIELDS)
if self._doProcess:
if profile:
profile_name = os.path.join(
config.TEMP_DIR, 'stone{}.prof'.format(random.random()))
result = [None]
cProfile.runctx('result[0] = self._process()', globals(),
locals(), profile_name)
res = result[0]
else:
res = self._process()
return profile_name, res
def OAuthCheckAccessResource(cls):
from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer
oauth_request = oauth.Request.from_request(
request.method,
request.base_url,
request.headers,
parameters=create_flat_args())
Logger.get('oauth.resource').info(oauth_request)
try:
now = nowutc()
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError('Invalid Consumer Key', 401)
consumer = ConsumerHolder().getById(consumer_key)
token = oauth_request.get_parameter('oauth_token')
if not token or not AccessTokenHolder().hasKey(token):
raise OAuthError('Invalid Token', 401)
access_token = AccessTokenHolder().getById(token)
oauth_consumer = oauth.Consumer(consumer.getId(),
consumer.getSecret())
OAuthServer.getInstance().verify_request(oauth_request,
oauth_consumer,
access_token.getToken())
if access_token.getConsumer().getId() != oauth_consumer.key:
raise OAuthError('Invalid Consumer Key', 401)
elif (now - access_token.getTimestamp()) > timedelta(
seconds=Config.getInstance().getOAuthAccessTokenTTL()):
raise OAuthError('Expired Token', 401)
return access_token
except oauth.Error, e:
if e.message.startswith("Invalid Signature"):
raise OAuthError("Invalid Signature", 401)
else:
raise OAuthError(e.message, 400)
def _do_process(self):
try:
args_result = self._process_args()
signals.rh.process_args.send(type(self), rh=self, result=args_result)
if isinstance(args_result, (current_app.response_class, Response)):
return args_result
except NoResultFound: # sqlalchemy .one() not finding anything
raise NotFound(_('The specified item could not be found.'))
rv = self.normalize_url()
if rv is not None:
return rv
self._check_access()
signals.rh.check_access.send(type(self), rh=self)
if self.CHECK_HTML:
Sanitization.sanitizationCheck(create_flat_args(), self.NOT_SANITIZED_FIELDS)
signal_rv = values_from_signal(signals.rh.before_process.send(type(self), rh=self),
single_value=True, as_list=True)
if signal_rv and len(signal_rv) != 1:
raise Exception('More than one signal handler returned custom RH result')
elif signal_rv:
return signal_rv[0]
if config.PROFILE:
result = [None]
profile_path = os.path.join(config.TEMP_DIR, '{}-{}.prof'.format(type(self).__name__, time.time()))
cProfile.runctx('result[0] = self._process()', globals(), locals(), profile_path)
rv = result[0]
else:
rv = self._process()
signal_rv = values_from_signal(signals.rh.process.send(type(self), rh=self, result=rv),
single_value=True, as_list=True)
if signal_rv and len(signal_rv) != 1:
raise Exception('More than one signal handler returned new RH result')
elif signal_rv:
return signal_rv[0]
else:
return rv
def _do_process(self):
try:
args_result = self._process_args()
if isinstance(args_result, (current_app.response_class, Response)):
return args_result
except NoResultFound: # sqlalchemy .one() not finding anything
raise NotFound(_('The specified item could not be found.'))
rv = self.normalize_url()
if rv is not None:
return rv
self._check_access()
if self.CHECK_HTML:
Sanitization.sanitizationCheck(create_flat_args(), self.NOT_SANITIZED_FIELDS)
if config.PROFILE:
result = [None]
profile_path = os.path.join(config.TEMP_DIR, '{}-{}.prof'.format(type(self).__name__, time.time()))
cProfile.runctx('result[0] = self._process()', globals(), locals(), profile_path)
return result[0]
else:
return self._process()