def OAuthCheckAccessResource(cls):
from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer
oauth_request = oauth.Request.from_request(request.method, request.base_url, request.headers,
parameters=create_flat_args())
Logger.get('oauth.resource').info(oauth_request)
try:
now = nowutc()
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError('Invalid Consumer Key', 401)
consumer = ConsumerHolder().getById(consumer_key)
token = oauth_request.get_parameter('oauth_token')
if not token or not AccessTokenHolder().hasKey(token):
raise OAuthError('Invalid Token', 401)
access_token = AccessTokenHolder().getById(token)
oauth_consumer = oauth.Consumer(consumer.getId(), consumer.getSecret())
OAuthServer.getInstance().verify_request(oauth_request, oauth_consumer, access_token.getToken())
if access_token.getConsumer().getId() != oauth_consumer.key:
raise OAuthError('Invalid Consumer Key', 401)
elif (now - access_token.getTimestamp()) > timedelta(seconds=Config.getInstance().getOAuthAccessTokenTTL()):
raise OAuthError('Expired Token', 401)
return access_token
except oauth.Error, e:
if e.message.startswith("Invalid Signature"):
raise OAuthError("Invalid Signature", 401)
else:
raise OAuthError(e.message, 400)
def OAuthCheckAccessResource(cls, req, query_string):
from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer
oauth_request = oauth.Request.from_request(req.get_method(),req.construct_url(req.get_uri()), headers=req.headers_in, query_string=urlencode(query_string))
Logger.get('oauth.resource').info(oauth_request)
try:
now = time.time()
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError('Invalid Consumer Key' , apache.HTTP_UNAUTHORIZED)
consumer = ConsumerHolder().getById(consumer_key)
token = oauth_request.get_parameter('oauth_token')
if not token or not AccessTokenHolder().hasKey(token):
raise OAuthError('Invalid Token', apache.HTTP_UNAUTHORIZED)
access_token = AccessTokenHolder().getById(token)
oauth_consumer = oauth.Consumer(consumer.getId(), consumer.getSecret())
OAuthServer.getInstance().verify_request(oauth_request, oauth_consumer, access_token.getToken())
if access_token.getConsumer().getId() != oauth_consumer.key:
raise OAuthError('Invalid Consumer Key' , apache.HTTP_UNAUTHORIZED)
elif (now - access_token.getTimestamp()) > Config.getInstance().getOAuthAccessTokenTTL():
raise OAuthError('Expired Token', apache.HTTP_UNAUTHORIZED)
return access_token
except oauth.Error, e:
if e.message.startswith("Invalid Signature"):
raise OAuthError("Invalid Signature", apache.HTTP_UNAUTHORIZED)
else:
raise OAuthError(e.message, apache.HTTP_BAD_REQUEST)
def OAuthCheckAccessResource(cls):
from indico.modules.oauth.db import ConsumerHolder, AccessTokenHolder, OAuthServer
oauth_request = oauth.Request.from_request(
request.method,
request.base_url,
request.headers,
parameters=create_flat_args())
Logger.get('oauth.resource').info(oauth_request)
try:
now = nowutc()
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError('Invalid Consumer Key', 401)
consumer = ConsumerHolder().getById(consumer_key)
token = oauth_request.get_parameter('oauth_token')
if not token or not AccessTokenHolder().hasKey(token):
raise OAuthError('Invalid Token', 401)
access_token = AccessTokenHolder().getById(token)
oauth_consumer = oauth.Consumer(consumer.getId(),
consumer.getSecret())
OAuthServer.getInstance().verify_request(oauth_request,
oauth_consumer,
access_token.getToken())
if access_token.getConsumer().getId() != oauth_consumer.key:
raise OAuthError('Invalid Consumer Key', 401)
elif (now - access_token.getTimestamp()) > timedelta(
seconds=Config.getInstance().getOAuthAccessTokenTTL()):
raise OAuthError('Expired Token', 401)
return access_token
except oauth.Error, e:
if e.message.startswith("Invalid Signature"):
raise OAuthError("Invalid Signature", 401)
else:
raise OAuthError(e.message, 400)
def _checkParams(self):
AdminService._checkParams(self)
self._pm = ParameterManager(self._params)
consumerKey = self._pm.extract("consumer_key",
pType=str,
allowEmpty=False)
if not ConsumerHolder().hasKey(consumerKey):
raise ServiceError("", _("Consumer key not found"))
self._consumer = ConsumerHolder().getById(consumerKey)
def _checkParams(self, params):
try:
RHOAuth._checkParams(self, params)
consumer_key = self._oauth_request.get_parameter('oauth_consumer_key')
Logger.get('oauth.request_token').info(consumer_key)
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError("Invalid Consumer Key", 401)
self._consumer = ConsumerHolder().getById(consumer_key)
#Logger.get('oauth.request_token').info(consumer.getSecret())
oauth_consumer = oauth.Consumer(self._consumer.getId(), self._consumer.getSecret())
OAuthServer.getInstance().verify_request(self._oauth_request, oauth_consumer, None)
except oauth.Error, err:
raise OAuthError(err.message, 401)
class RHOAuthRequestToken(RHOAuth):
def _checkParams(self, params):
try:
RHOAuth._checkParams(self, params)
consumer_key = self._oauth_request.get_parameter("oauth_consumer_key")
Logger.get("oauth.request_token").info(consumer_key)
if not ConsumerHolder().hasKey(consumer_key):
raise OAuthError("Invalid Consumer Key", 401)
self._consumer = ConsumerHolder().getById(consumer_key)
# Logger.get('oauth.request_token').info(consumer.getSecret())
oauth_consumer = oauth.Consumer(self._consumer.getId(), self._consumer.getSecret())
OAuthServer.getInstance().verify_request(self._oauth_request, oauth_consumer, None)
except oauth.Error, err:
raise OAuthError(err.message, 401)
def _checkParams(self, params):
try:
RHOAuth._checkParams(self, params)
base.RHProtected._checkParams(self, params)
request_token_key = self._oauth_request.get_parameter('oauth_token')
if not TempRequestTokenHolder().hasKey(request_token_key):
raise OAuthError("Invalid Token", 401)
self._request_token = TempRequestTokenHolder().getById(request_token_key)
if not ConsumerHolder().getById(self._request_token.getConsumer().getId()):
raise OAuthError("Invalid Consumer Key", 401)
except oauth.Error, err:
raise OAuthError(err.message, 401)
def _checkParams(self, params):
RHOAuth._checkParams(self, params)
try:
request_token_key = self._oauth_request.get_parameter('oauth_token')
self.verifier = self._oauth_request.get_parameter('oauth_verifier')
if not RequestTokenHolder().hasKey(request_token_key):
raise OAuthError("Invalid Token", 401)
self._request_token = RequestTokenHolder().getById(request_token_key)
if self._request_token.getToken().verifier != self.verifier:
raise OAuthError("Invalid Token", 401)
if not ConsumerHolder().hasKey(self._request_token.getConsumer().getId()):
raise OAuthError("Invalid Consumer Key", 401)
consumer = oauth.Consumer(self._request_token.getConsumer().getId(), self._request_token.getConsumer().getSecret())
OAuthServer.getInstance().verify_request(self._oauth_request, consumer, self._request_token.getToken())
except oauth.Error, err:
raise OAuthError(err.message, 401)
def _getAnswer(self):
consumers = dict((consumer.getName(), consumer)
for consumer in ConsumerHolder().getList())
if "indico-checkin" not in consumers:
raise NoReportError(
_("There is no indico-checkin consumer key for OAuth"))
# QRCode (Version 6 with error correction L can contain up to 106 bytes)
qr = QRCode(version=6,
error_correction=constants.ERROR_CORRECT_M,
box_size=4,
border=1)
oauth_checkin = consumers["indico-checkin"]
config = Config.getInstance()
baseURL = config.getBaseSecureURL() if config.getBaseSecureURL(
) else config.getBaseURL()
qr_data = {
"event_id": self._conf.getId(),
"title": self._conf.getTitle(),
"date": format_date(self._conf.getAdjustedStartDate()),
"server": {
"baseUrl": baseURL,
"consumerKey": oauth_checkin.getId(),
"consumerSecret": oauth_checkin.getSecret(),
}
}
json_qr_data = json.dumps(qr_data)
qr.add_data(json_qr_data)
qr.make(fit=True)
qr_img = qr.make_image()
output = StringIO()
qr_img._img.save(output, format="png")
im_data = output.getvalue()
return 'data:image/png;base64,{0}'.format(base64.b64encode(im_data))
def getVars(self):
wvars = WTemplated.getVars(self)
ch = ConsumerHolder()
wvars['consumers'] = sorted(ch.getList(), key=lambda c: c.getName())
return wvars
def _getAnswer(self):
ConsumerHolder().remove(self._consumer)
return True
def _getAnswer(self):
consumer = Consumer(OAuthUtils.gen_random_string(),
OAuthUtils.gen_random_string(), self._consumerName)
ConsumerHolder().add(consumer)
return fossilize(consumer)
def getVars(self):
wvars = WTemplated.getVars(self)
ch = ConsumerHolder()
wvars['consumers'] = sorted(ch.getList(), key=lambda c: c.getName())
return wvars
