def authorize(user, auth_request, redirect_uri): """ handler with validation for the request providing a code that the client can use to authorize user param supplied by login_required auth_request and redirect_uri wrapper objects supplied by validate_auth_request NOTE: upon login the user has implicitly given permission for the neuaer client to obtain an authorization token with the code provided here """ # store the authorization associated with this user # for reconciliation upon token request auth = Authorization(authorizer=user, # generate a code for the client to submit when # requesting an authorization token code=str(uuid1()), # an absence of the client_id should be caught in # the validations above client_id=auth_request.raw_args.get("client_id"), # per the oauth 2 standard the redirect uri must # be matched on the later request for a token redirect_uri=redirect_uri.get_url()) # gae db save auth.put() # add the unique code to the query params, and redirect to the redirect_uri return redirect_with_params(redirect_uri, code=auth.code)
def decorated_view(*args, **kwargs): auth_request = AuthRequest(request, settings.OAUTH) redirect_uri = auth_request.redirect_uri # if the redirect uri is invalid display the error message immediately if not redirect_uri.is_valid(): return redirect_uri.error_message['error_description'] # if any other part of the auth request is invalid, redirect with # the error information appended to the redirect uri as params if not auth_request.is_valid(): return redirect_with_params(redirect_uri, **auth_request.error_message) return route(auth_request, redirect_uri, *args, **kwargs)