예제 #1
0
    def validate_temporary_credentials_request(self, request):
        """Validate HTTP request for temporary credentials."""

        # The client obtains a set of temporary credentials from the server by
        # making an authenticated (Section 3) HTTP "POST" request to the
        # Temporary Credential Request endpoint (unless the server advertises
        # another HTTP request method for the client to use).
        if request.method.upper() != self.TEMPORARY_CREDENTIALS_METHOD:
            raise MethodNotAllowedError()

        # REQUIRED parameter
        if not request.client_id:
            raise MissingRequiredParameterError('oauth_consumer_key')

        # REQUIRED parameter
        oauth_callback = request.redirect_uri
        if not request.redirect_uri:
            raise MissingRequiredParameterError('oauth_callback')

        # An absolute URI or
        # other means (the parameter value MUST be set to "oob"
        if oauth_callback != 'oob' and not is_valid_url(oauth_callback):
            raise InvalidRequestError('Invalid "oauth_callback" value')

        client = self._get_client(request)
        if not client:
            raise InvalidClientError()

        self.validate_timestamp_and_nonce(request)
        self.validate_oauth_signature(request)
        return request
예제 #2
0
 def validate_service_documentation(self):
     """OPTIONAL. URL of a page containing human-readable information
     that developers might want or need to know when using the
     authorization server.  In particular, if the authorization server
     does not support Dynamic Client Registration, then information on
     how to register clients needs to be provided in this
     documentation.
     """
     value = self.get('service_documentation')
     if value and not is_valid_url(value):
         raise ValueError('"service_documentation" MUST be a URL')
예제 #3
0
 def validate_op_tos_uri(self):
     """OPTIONAL.  URL that the authorization server provides to the
     person registering the client to read about the authorization
     server's terms of service.  The registration process SHOULD
     display this URL to the person registering the client if it is
     given.  As described in Section 5, despite the identifier
     "op_tos_uri", appearing to be OpenID-specific, its usage in this
     specification is actually referring to a general OAuth 2.0 feature
     that is not specific to OpenID Connect.
     """
     value = self.get('op_tos_uri')
     if value and not is_valid_url(value):
         raise ValueError('"op_tos_uri" MUST be a URL')
예제 #4
0
 def _validate_uri(self, key, uri=None):
     if uri is None:
         uri = self.get(key)
     if uri and not is_valid_url(uri):
         raise InvalidClaimError(key)