def authenticate_user(*args, **kwargs):
request = args[1]
try:
oauth_request = get_oauth_request(request)
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
verify_oauth_request(request, oauth_request, consumer)
# Allow a trusted client to either give us a user via header, or do the
# 3-legged oauth
user = None
try:
trusted_client = TrustedOAuthClient.objects.get(consumer=consumer)
if trusted_client and trusted_client.is_trusted:
user = request.META["HTTP_X_OAUTH_USER"]
except Exception as e:
pass
if not user:
access_token = store.get_access_token(
request, oauth_request, consumer,
oauth_request[u'oauth_token'])
user = store.get_user_for_access_token(request, oauth_request,
access_token).username
request.META['SS_OAUTH_CONSUMER_NAME'] = consumer.name
request.META['SS_OAUTH_CONSUMER_PK'] = consumer.pk
request.META['SS_OAUTH_USER'] = user
return
except Exception as e:
response = HttpResponse("Error authorizing user: %s" % e)
response.status_code = 401
return response
def is_authenticated(self, request, **kwargs):
from oauth_provider.store import store, InvalidTokenError
if self.is_valid_request(request):
oauth_request = oauth_provider.utils.get_oauth_request(request)
consumer = store.get_consumer(request, oauth_request, oauth_request.get_parameter('oauth_consumer_key'))
try:
token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token'))
except oauth_provider.store.InvalidTokenError:
return oauth_provider.utils.send_oauth_error(oauth2.Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token')))
try:
self.validate_token(request, consumer, token)
except oauth2.Error, e:
return oauth_provider.utils.send_oauth_error(e)
if consumer and token:
user = store.get_user_for_access_token(request, oauth_request, token)
if not self.check_active(user):
return False
request.user = user
return True
return oauth_provider.utils.send_oauth_error(oauth2.Error(_('You are not allowed to access this resource.')))
def authenticate_user(*args, **kwargs):
request = args[1]
try:
oauth_request = get_oauth_request(request)
consumer = store.get_consumer(request, oauth_request,
oauth_request['oauth_consumer_key'])
verify_oauth_request(request, oauth_request, consumer)
# Allow a trusted client to either give us a user via header, or do the
# 3-legged oauth
user = None
try:
trusted_client = TrustedOAuthClient.objects.get(consumer=consumer)
if trusted_client and trusted_client.is_trusted:
user = request.META["HTTP_XOAUTH_USER"]
except Exception as e:
pass
if not user:
access_token = store.get_access_token(request, oauth_request, consumer, oauth_request[u'oauth_token'])
user = store.get_user_for_access_token(request, oauth_request, access_token).username
request.META['SS_OAUTH_CONSUMER_NAME'] = consumer.name
request.META['SS_OAUTH_CONSUMER_PK'] = consumer.pk
request.META['SS_OAUTH_USER'] = user
return
except Exception as e:
response = HttpResponse("Error authorizing application")
response.status_code = 401
return response
