def get_request_token(self):
"""
Uses the request authentication link to get an oauth_token for
requesting an access token
"""
assert self.consumer_key, "need a valid consumer_key for this step"
params = self.get_params()
params += [('oauth_callback', self.callback)]
request_token_url = self.authentication['oauth1']['request']
request_token_url = self.add_params_sign("GET", request_token_url,
params)
response = self.requester.get(request_token_url)
self.logger.debug('get_request_token response: %s' % response.text)
resp_content = parse_qs(response.text)
try:
self._request_token = resp_content['oauth_token'][0]
except:
raise UserWarning("Could not parse request_token in response from %s : %s" \
% (repr(response.request.url), UrlUtils.beautify_response(response)))
try:
self.request_token_secret = resp_content['oauth_token_secret'][0]
except:
raise UserWarning("Could not parse request_token_secret in response from %s : %s" \
% (repr(response.request.url), UrlUtils.beautify_response(response)))
return self._request_token, self.request_token_secret
def get_access_token(self, oauth_verifier=None):
""" Uses the access authentication link to get an access token """
if oauth_verifier is None:
oauth_verifier = self.oauth_verifier
assert oauth_verifier, "Need an oauth verifier to perform this step"
assert self.request_token, "Need a valid request_token to perform this step"
params = self.get_params()
params += [('oauth_token', self.request_token),
('oauth_verifier', self.oauth_verifier)]
# params = OrderedDict()
# params["oauth_consumer_key"] = self.consumer_key
# params['oauth_token'] = self.request_token
# params["oauth_timestamp"] = self.generate_timestamp()
# params["oauth_nonce"] = self.generate_nonce()
# params["oauth_signature_method"] = self.signature_method
# params['oauth_verifier'] = oauth_verifier
# params["oauth_callback"] = self.callback
sign_key = self.get_sign_key(self.consumer_secret,
self.request_token_secret)
# sign_key = self.get_sign_key(None, self.request_token_secret)
# print "request_token_secret:", self.request_token_secret
# print "SIGNING WITH KEY:", repr(sign_key)
access_token_url = self.authentication['oauth1']['access']
access_token_url = self.add_params_sign("POST", access_token_url,
params, sign_key)
access_response = self.requester.post(access_token_url)
assert \
access_response.status_code == 200, \
"Access request did not return 200, returned %s. HTML: %s" % (
access_response.status_code,
UrlUtils.beautify_response(access_response)
)
#
access_response_queries = parse_qs(access_response.text)
try:
self._access_token = access_response_queries['oauth_token'][0]
self.access_token_secret = access_response_queries[
'oauth_token_secret'][0]
except:
raise UserWarning("Could not parse access_token or access_token_secret in response from %s : %s" \
% (repr(access_response.request.url), UrlUtils.beautify_response(access_response)))
return self._access_token, self.access_token_secret
def get_request_token(self):
""" Uses the request authentication link to get an oauth_token for requesting an access token """
assert self.consumer_key, "need a valid consumer_key for this step"
params = self.get_params()
params += [('oauth_callback', self.callback)]
# params = OrderedDict()
# params["oauth_consumer_key"] = self.consumer_key
# params["oauth_timestamp"] = self.generate_timestamp()
# params["oauth_nonce"] = self.generate_nonce()
# params["oauth_signature_method"] = self.signature_method
# params["oauth_callback"] = self.callback
# params["oauth_version"] = self.oauth_version
request_token_url = self.authentication['oauth1']['request']
request_token_url = self.add_params_sign("GET", request_token_url,
params)
response = self.requester.get(request_token_url)
resp_content = parse_qs(response.text)
try:
self._request_token = resp_content['oauth_token'][0]
self.request_token_secret = resp_content['oauth_token_secret'][0]
except:
raise UserWarning("Could not parse request_token or request_token_secret in response from %s : %s" \
% (repr(response.request.url), UrlUtils.beautify_response(response)))
return self._request_token, self.request_token_secret
def get_access_token(self, oauth_verifier=None):
""" Uses the access authentication link to get an access token """
if oauth_verifier is None:
oauth_verifier = self.oauth_verifier
assert oauth_verifier, "Need an oauth verifier to perform this step"
assert self.request_token, "Need a valid request_token to perform this step"
params = self.get_params()
params += [('oauth_token', self.request_token),
('oauth_verifier', self.oauth_verifier)]
sign_key = self.get_sign_key(self.consumer_secret,
self.request_token_secret)
access_token_url = self.authentication['oauth1']['access']
access_token_url = self.add_params_sign("POST", access_token_url,
params, sign_key)
access_response = self.requester.post(access_token_url)
self.logger.debug('access_token response: %s' % access_response.text)
assert \
access_response.status_code == 200, \
"Access request did not return 200, returned %s. HTML: %s" % (
access_response.status_code,
UrlUtils.beautify_response(access_response)
)
#
access_response_queries = parse_qs(access_response.text)
try:
self._access_token = access_response_queries['oauth_token'][0]
self.access_token_secret = access_response_queries[
'oauth_token_secret'][0]
except:
raise UserWarning("Could not parse access_token or access_token_secret in response from %s : %s" \
% (repr(access_response.request.url), UrlUtils.beautify_response(access_response)))
self.store_access_creds()
return self._access_token, self.access_token_secret
def discover_auth(self):
""" Discovers the location of authentication resourcers from the API"""
discovery_url = self.requester.api_url
response = self.requester.request('GET', discovery_url)
response_json = response.json()
assert \
response_json['authentication'], \
"resopnse should include location of authentication resources, resopnse: %s" \
% UrlUtils.beautify_response(response)
self._authentication = response_json['authentication']
return self._authentication
def request_post_mortem(self, response=None):
"""
Attempt to diagnose what went wrong in a request
"""
reason = None
remedy = None
response_json = {}
try:
response_json = response.json()
except ValueError:
pass
# import pudb; pudb.set_trace()
request_body = {}
request_url = ""
if hasattr(response, 'request'):
if hasattr(response.request, 'url'):
request_url = response.request.url
if hasattr(response.request, 'body'):
request_body = response.request.body
if isinstance(response_json, dict) and ('code' in response_json
or 'message' in response_json):
reason = u" - ".join([
str(response_json.get(key)) for key in ['code', 'message', 'data'] \
if key in response_json
])
if 'code' == 'rest_user_invalid_email':
remedy = "Try checking the email %s doesn't already exist" % \
request_body.get('email')
elif 'code' == 'json_oauth1_consumer_mismatch':
remedy = "Try deleting the cached credentials at %s" % \
self.auth.creds_store
elif 'code' == 'woocommerce_rest_cannot_view':
if not self.auth.query_string_auth:
remedy = "Try enabling query_string_auth"
else:
remedy = (
"This error is super generic and can be caused by just "
"about anything. Here are some things to try: \n"
" - Check that the account which as assigned to your "
"oAuth creds has the correct access level\n"
" - Enable logging and check for error messages in "
"wp-content and wp-content/uploads/wc-logs\n"
" - Check that your query string parameters are valid\n"
" - Make sure your server is not messing with authentication headers\n"
" - Try a different endpoint\n"
" - Try enabling HTTPS and using basic authentication\n"
)
response_headers = {}
if hasattr(response, 'headers'):
response_headers = response.headers
if not reason:
requester_api_url = self.requester.api_url
if hasattr(response, 'links') and response.links:
links = response.links
first_link_key = list(links)[0]
header_api_url = links[first_link_key].get('url', '')
if header_api_url:
header_api_url = StrUtils.eviscerate(header_api_url, '/')
if header_api_url and requester_api_url\
and header_api_url != requester_api_url:
reason = "hostname mismatch. %s != %s" % (
header_api_url, requester_api_url)
header_url = StrUtils.eviscerate(header_api_url, '/')
header_url = StrUtils.eviscerate(header_url,
self.requester.api)
header_url = StrUtils.eviscerate(header_url, '/')
remedy = "try changing url to %s" % header_url
msg = "API call to %s returned \nCODE: %s\nRESPONSE:%s \nHEADERS: %s\nREQ_BODY:%s" % (
request_url, str(
response.status_code), UrlUtils.beautify_response(response),
str(response_headers), str(request_body)[:1000])
if reason:
msg += "\nBecause of %s" % reason
if remedy:
msg += "\n%s" % remedy
raise UserWarning(msg)
