def authorize(request): """ Displays a page for user to authorize """ if request.method == "POST": return authorize_finish(request) _ = pass_to_ugettext token = request.args.get("oauth_token", None) if token is None: # no token supplied, display a html 400 this time err_msg = _("Must provide an oauth_token.") return render_400(request, err_msg=err_msg) oauth_request = RequestToken.query.filter_by(token=token).first() if oauth_request is None: err_msg = _("No request token found.") return render_400(request, err_msg) if oauth_request.used: return authorize_finish(request) if oauth_request.verifier is None: orequest = GMGRequest(request) orequest.resource_owner_key = token request_validator = GMGRequestValidator() auth_endpoint = AuthorizationEndpoint(request_validator) verifier = auth_endpoint.create_verifier(orequest, {}) oauth_request.verifier = verifier["oauth_verifier"] oauth_request.user = request.user.id oauth_request.save() # find client & build context client = Client.query.filter_by(id=oauth_request.client).first() authorize_form = AuthorizeForm(WTFormData({ "oauth_token": oauth_request.token, "oauth_verifier": oauth_request.verifier })) context = { "user": request.user, "oauth_request": oauth_request, "client": client, "authorize_form": authorize_form, } # AuthorizationEndpoint return render_to_response( request, "mediagoblin/api/authorize.html", context )
def authorize(request): """ Displays a page for user to authorize """ if request.method == "POST": return authorize_finish(request) _ = pass_to_ugettext token = request.args.get("oauth_token", None) if token is None: # no token supplied, display a html 400 this time err_msg = _("Must provide an oauth_token.") return render_400(request, err_msg=err_msg) oauth_request = RequestToken.query.filter_by(token=token).first() if oauth_request is None: err_msg = _("No request token found.") return render_400(request, err_msg) if oauth_request.used: return authorize_finish(request) if oauth_request.verifier is None: orequest = GMGRequest(request) request_validator = GMGRequestValidator() auth_endpoint = AuthorizationEndpoint(request_validator) verifier = auth_endpoint.create_verifier(orequest, {}) oauth_request.verifier = verifier["oauth_verifier"] oauth_request.user = request.user.id oauth_request.save() # find client & build context client = Client.query.filter_by(id=oauth_request.client).first() authorize_form = AuthorizeForm(WTFormData({ "oauth_token": oauth_request.token, "oauth_verifier": oauth_request.verifier })) context = { "user": request.user, "oauth_request": oauth_request, "client": client, "authorize_form": authorize_form, } # AuthorizationEndpoint return render_to_response( request, "mediagoblin/api/authorize.html", context )
def authorize_finish(request): """ Finishes the authorize """ _ = pass_to_ugettext token = request.form["oauth_token"] verifier = request.form["oauth_verifier"] oauth_request = RequestToken.query.filter_by(token=token, verifier=verifier) oauth_request = oauth_request.first() if oauth_request is None: # invalid token or verifier err_msg = _("No request token found.") return render_400(request, err_msg) oauth_request.used = True oauth_request.updated = datetime.datetime.now() oauth_request.save() if oauth_request.callback == "oob": # out of bounds context = {"oauth_request": oauth_request} return render_to_response(request, "mediagoblin/api/oob.html", context) # okay we need to redirect them then! querystring = "?oauth_token={0}&oauth_verifier={1}".format( oauth_request.token, oauth_request.verifier) # It's come from the OAuth headers so it'll be encoded. redirect_url = urllib.unquote(oauth_request.callback) return redirect(request, querystring=querystring, location=redirect_url)
def authorize_finish(request): """ Finishes the authorize """ _ = pass_to_ugettext token = request.form["oauth_token"] verifier = request.form["oauth_verifier"] oauth_request = RequestToken.query.filter_by(token=token, verifier=verifier) oauth_request = oauth_request.first() if oauth_request is None: # invalid token or verifier err_msg = _("No request token found.") return render_400(request, err_msg) oauth_request.used = True oauth_request.updated = datetime.datetime.now() oauth_request.save() if oauth_request.callback == "oob": # out of bounds context = {"oauth_request": oauth_request} return render_to_response( request, "mediagoblin/api/oob.html", context ) # okay we need to redirect them then! querystring = "?oauth_token={0}&oauth_verifier={1}".format( oauth_request.token, oauth_request.verifier ) # It's come from the OAuth headers so it'll be encoded. redirect_url = urllib.unquote(oauth_request.callback) return redirect( request, querystring=querystring, location=redirect_url )