コード例 #1
0
ファイル: oauth2_backends.py プロジェクト: lzy-hn/arkid-core
    def additional_authorization_for_oidc(self, option, **kwargs):
        if option == 'uri':
            path = urlparse(kwargs['uri']).path
            queryset = parse_qs(urlparse(kwargs['uri']).query,
                                keep_blank_values=True,
                                strict_parsing=True)

            if 'openid' not in queryset['scope'][0]:
                return kwargs['uri']

            queryset[
                'response_type'] = oauth2_settings.UP_COMPATIBLE_OIDC_RESPONSE_TYPE.get(
                    queryset['response_type'][0], None).split()

            uri = ''
            for key, value in queryset.items():
                uri += key + '=' + value[0] + '&'
            uri = quote(uri[:-1], safe='=&')
            return "{0}?{1}".format(path, uri), queryset.get('nonce', ''),\
                   queryset.get('code_challenge', ''), queryset.get('code_challenge_method', '')

        if option == 'credentials' and 'openid' in kwargs['scopes']:
            kwargs['credentials'].update(nonce=kwargs['nonce'])
            kwargs['credentials'].update(
                code_challenge=kwargs['code_challenge'])
            kwargs['credentials'].update(
                code_challenge_method=kwargs['code_challenge_method'])
            return kwargs['credentials']
コード例 #2
0
    def _get_escaped_full_path(self, request):
        """
        Django considers "safe" some characters that aren't so for oauthlib.
        We have to search for them and properly escape.
        """
        parsed = list(urlparse(request.get_full_path()))
        unsafe = set(c for c in parsed[4]).difference(urlencoded)
        for c in unsafe:
            parsed[4] = parsed[4].replace(c, quote(c, safe=b""))

        return urlunparse(parsed)
コード例 #3
0
    def _get_escaped_full_path(self, request):
        """
        Django considers "safe" some characters that aren't so for oauthlib. We have to search for
        them and properly escape.
        """
        parsed = list(urlparse(request.get_full_path()))
        unsafe = set(c for c in parsed[4]).difference(urlencoded)
        for c in unsafe:
            parsed[4] = parsed[4].replace(c, quote(c, safe=b''))

        return urlunparse(parsed)
コード例 #4
0
def escape(u):
    """Escape a unicode string in an OAuth-compatible fashion.

    Per `section 3.6`_ of the spec.

    .. _`section 3.6`: http://tools.ietf.org/html/rfc5849#section-3.6

    """
    if not isinstance(u, unicode):
        raise ValueError('Only unicode objects are escapable.')
    # Letters, digits, and the characters '_.-' are already treated as safe
    # by urllib.quote(). We need to add '~' to fully support rfc5849.
    return quote(u, safe='~')
コード例 #5
0
ファイル: utils.py プロジェクト: mrblabs/oauthlib
def escape(u):
    """Escape a unicode string in an OAuth-compatible fashion.

    Per `section 3.6`_ of the spec.

    .. _`section 3.6`: http://tools.ietf.org/html/rfc5849#section-3.6

    """
    #    if not isinstance(u, unicode_type):
    #        raise ValueError('Only unicode objects are escapable.')
    # Letters, digits, and the characters '_.-' are already treated as safe
    # by urllib.quote(). We need to add '~' to fully support rfc5849.
    return quote(u, safe=b"~")
コード例 #6
0
ファイル: oauth2_backends.py プロジェクト: LookPen/Pen_Auth
    def _get_escaped_full_path(self, request):
        """
        获取安全的url
        :param request:
        :return:
        """
        parsed = list(urlparse(request.get_full_path()))

        unsafe = set(c for c in parsed[4]).difference(urlencoded)

        for c in unsafe:
            parsed[4] = parsed[4].replace(c, quote(c, safe=b''))

        return urlunparse(parsed)
コード例 #7
0
    def _get_escaped_full_path(self, request):
        """
        Django considers "safe" some characters that aren't so for oauthlib.
        We have to search for them and properly escape.
        """
        parsed = list(urlparse(request.get_full_path()))
        unsafe = set(c for c in parsed[4]).difference(urlencoded)
        for c in unsafe:
            parsed[4] = parsed[4].replace(c, quote(c, safe=b""))
        uri = urlsplit(urlunparse(parsed))
        query = uri.query
        params = parse_qsl(query)
        encoded_params = urllib_urlencode(params, doseq=False)

        parsed_url = SplitResult(uri.scheme, uri.netloc, uri.path,
                                 encoded_params, uri.fragment)

        return parsed_url.geturl()