def _send_with_auth(values, secret_key, url):
"""Send dictionary of JSON serializable `values` as a POST body to `url`
along with `auth_token` that's generated from `secret_key` and `values`
scheduler.auth.create_token expects a JSON serializable payload, so we send
a dictionary. On the receiving end of the POST request, the Flask view will
have access to a werkzeug.datastructures.ImmutableMultiDict. The easiest
and most surefire way to ensure that the payload sent to create_token will
be consistent on both ends is to generate an ImmutableMultiDict using the
werkzeug.Request.
"""
data = urllib.urlencode(values)
# Simulate a Flask request because that is what will be unpacked when the
# request is received on the other side
request = Request.from_values(
content_length=len(data),
input_stream=StringIO(data),
content_type='application/x-www-form-urlencoded',
method='POST')
# Add the auth_token, re-encode, and send
values['auth_token'] = create_token(secret_key, dict(request.form))
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
response = urllib2.urlopen(req)
return json.loads(response.read())
def _send_with_auth(values, secret_key, url):
"""Send dictionary of JSON serializable `values` as a POST body to `url`
along with `auth_token` that's generated from `secret_key` and `values`
scheduler.auth.create_token expects a JSON serializable payload, so we send
a dictionary. On the receiving end of the POST request, the Flask view will
have access to a werkzeug.datastructures.ImmutableMultiDict. The easiest
and most surefire way to ensure that the payload sent to create_token will
be consistent on both ends is to generate an ImmutableMultiDict using the
werkzeug.Request.
"""
data = urllib.urlencode(values)
# Simulate a Flask request because that is what will be unpacked when the
# request is received on the other side
request = Request.from_values(
content_length=len(data),
input_stream=StringIO(data),
content_type='application/x-www-form-urlencoded',
method='POST')
# Add the auth_token, re-encode, and send
values['auth_token'] = create_token(secret_key, dict(request.form))
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
response = urllib2.urlopen(req)
return json.loads(response.read())
def decorated(*args, **kwargs):
auth_token = request.form.get('auth_token')
if not auth_token:
return json.dumps({
'status': 'fail',
'reason': 'You must provide an auth_token',
})
data = dict(request.form)
del data['auth_token']
correct_token = create_token(current_app.config['SECRET_KEY'], data)
if _compare_digest(auth_token, correct_token):
return function(*args, **kwargs)
else:
return json.dumps({
'status': 'fail',
'reason': 'Incorrect auth_token',
})
def decorated(*args, **kwargs):
auth_token = request.form.get('auth_token')
if not auth_token:
return json.dumps({
'status': 'fail',
'reason': 'You must provide an auth_token',
})
data = dict(request.form)
del data['auth_token']
correct_token = create_token(app.config['SECRET_KEY'], data)
if _compare_digest(auth_token, correct_token):
return function(*args, **kwargs)
else:
return json.dumps({
'status': 'fail',
'reason': 'Incorrect auth_token',
})