def test_build_auth_header(self):
header = oauth.build_authenticate_header()
self.assertEqual(header["WWW-Authenticate"], 'OAuth realm=""')
self.assertEqual(len(header), 1)
realm = "http://example.myrealm.com/"
header = oauth.build_authenticate_header(realm)
self.assertEqual(header["WWW-Authenticate"], 'OAuth realm="%s"' % realm)
self.assertEqual(len(header), 1)
def test_build_auth_header(self):
header = oauth.build_authenticate_header()
self.assertEqual(header['WWW-Authenticate'], 'OAuth realm=""')
self.assertEqual(len(header), 1)
realm = 'http://example.myrealm.com/'
header = oauth.build_authenticate_header(realm)
self.assertEqual(header['WWW-Authenticate'],
'OAuth realm="%s"' % realm)
self.assertEqual(len(header), 1)
def send_error(self, err=None):
# send a 401 error
self.send_error(401, str(err.message))
# return the authenticate header
header = oauth2.build_authenticate_header(realm=REALM)
for k, v in header.iteritems():
self.send_header(k, v)
def send_error(self, err=None):
# send a 401 error
self.send_error(401, str(err.message))
# return the authenticate header
header = oauth2.build_authenticate_header(realm=REALM)
for k, v in header.iteritems():
self.send_header(k, v)
def _processOAuthError(self, e):
res = json.dumps(e.fossilize())
header = oauth.build_authenticate_header(realm=Config.getInstance().getBaseSecureURL())
self._responseUtil.headers.extend(header)
self._responseUtil.content_type = 'application/json'
self._responseUtil.status = e.code
return res
def _processOAuthError(self, e):
res = json.dumps(e.fossilize())
header = oauth.build_authenticate_header(
realm=Config.getInstance().getBaseSecureURL())
self._responseUtil.headers.extend(header)
self._responseUtil.content_type = 'application/json'
self._responseUtil.status = e.code
return res
def send_oauth_error(err=None):
"""Shortcut for sending an error."""
# send a 401 error
response = HttpResponse(err.message.encode('utf-8'), status=401, content_type="text/plain")
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in six.iteritems(header):
response[k] = v
return response
def send_oauth_error(err=None):
"""Shortcut for sending an error."""
# send a 401 error
response = HttpResponse(err.message.encode('utf-8'))
response.status_code = 401
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in header.iteritems():
response[k] = v
return response
def send_oauth_error(err=None):
"""Shortcut for sending an error."""
# send a 401 error
response = HttpResponse(err.message.encode('utf-8'), mimetype="text/plain")
response.status_code = 401
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in header.iteritems():
response[k] = v
return response
def send_oauth_error(err=None):
"""Shortcut for sending an error."""
# send a 401 error
# LRS CHANGE - BE ABLE TO SEND PLAIN TEXT ERROR MESSAGES
# LRS CHANGE - DECIDE IF 400 OR 401 ERROR
if isinstance(err, basestring):
response = HttpResponse(err, content_type="text/plain")
else:
response = HttpResponse(err.message.encode('utf-8'), content_type="text/plain")
response.status_code = 401
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in header.iteritems():
response[k] = v
return response
def oauth_error_response(err=None, status_code=401):
"""Shortcut for sending an error."""
# send a 401 error
if isinstance(err, oauth.Error):
message = err.message.encode("utf-8")
else:
message = str(err).encode("utf-8")
response = HttpResponse(message, mimetype="text/plain")
response.status_code = status_code
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in header.iteritems():
response[k] = v
return response
def oauth_error_response(err=None, status_code=401):
"""Shortcut for sending an error."""
# send a 401 error
if isinstance(err, oauth.Error):
message = err.message.encode('utf-8')
else:
message = str(err).encode('utf-8')
response = HttpResponse(message, mimetype="text/plain")
response.status_code = status_code
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in header.iteritems():
response[k] = v
return response
def send_oauth_error(err=None):
"""Shortcut for sending an error."""
# send a 401 error
# LRS CHANGE - BE ABLE TO SEND PLAIN TEXT ERROR MESSAGES
# LRS CHANGE - DECIDE IF 400 OR 401 ERROR
if isinstance(err, basestring):
response = HttpResponse(err, content_type="text/plain")
else:
response = HttpResponse(err.message.encode('utf-8'),
content_type="text/plain")
response.status_code = 401
# return the authenticate header
header = oauth.build_authenticate_header(realm=OAUTH_REALM_KEY_NAME)
for k, v in header.iteritems():
response[k] = v
return response
def prepare(self):
realm = SGSettings.get('web', 'realm')
header, value = oauth.build_authenticate_header(realm).items()[0]
self.set_header(header, value)
try:
uri = '%s://%s%s' % (self.request.protocol, self.request.host,
self.request.path)
# Builder our request object.
request = oauth.Request.from_request(
self.request.method, uri, self.request.headers, None,
self.request.query)
except Exception, e:
_logger.info("Could not parse request from method = %s,"
"uri = %s, headers = %s, query = %s, exception = %s" % (
self.request.method, uri, self.request.headers,
self.request.query, e))
raise NotAuthorized()
def challenge(self):
"""
Returns a 401 response with a small bit on
what OAuth is, and where to learn more about it.
When this was written, browsers did not understand
OAuth authentication on the browser side, and hence
the helpful template we render. Maybe some day in the
future, browsers will take care of this stuff for us
and understand the 401 with the realm we give it.
"""
response = HttpResponse()
response.status_code = 401
for k, v in oauth.build_authenticate_header(realm=self.realm).iteritems():
response[k] = v
response.content = """
Unable to authenticate.
Make sure you use oAuth 1.0 authentication and a valid consumer key.
"""
return response
def challenge(self):
"""
Returns a 401 response with a small bit on
what OAuth is, and where to learn more about it.
When this was written, browsers did not understand
OAuth authentication on the browser side, and hence
the helpful template we render. Maybe some day in the
future, browsers will take care of this stuff for us
and understand the 401 with the realm we give it.
"""
response = HttpResponse()
response.status_code = 401
for k, v in oauth.build_authenticate_header(realm=self.realm).iteritems():
response[k] = v
tmpl = loader.render_to_string('piston/oauth/challenge.html',
{ 'MEDIA_URL': settings.MEDIA_URL })
response.content = tmpl
return response
def challenge(self):
"""
Returns a 401 response with a small bit on
what OAuth is, and where to learn more about it.
When this was written, browsers did not understand
OAuth authentication on the browser side, and hence
the helpful template we render. Maybe some day in the
future, browsers will take care of this stuff for us
and understand the 401 with the realm we give it.
"""
response = HttpResponse()
response.status_code = 401
for k, v in oauth.build_authenticate_header(realm=self.realm).iteritems():
response[k] = v
response.content = """
Unable to authenticate.
Make sure you use oAuth 1.0 authentication and a valid consumer key.
"""
return response
res = self._processRestrictedHTML(e)
DBMgr.getInstance().endRequest(False)
except MaKaCError, e:
res = self._processGeneralError( e )
DBMgr.getInstance().endRequest(False)
if Config.getInstance().getPropagateAllExceptions():
raise
except ValueError, e:
res = self._processGeneralError( e )
DBMgr.getInstance().endRequest(False)
if Config.getInstance().getPropagateAllExceptions():
raise
except OAuthError, e:
from indico.util import json
res = json.dumps(e.fossilize())
header = oauth.build_authenticate_header(realm=Config.getInstance().getBaseSecureURL())
self._responseUtil.headers.extend(header)
self._responseUtil.content_type = 'application/json'
self._responseUtil.status = e.code
DBMgr.getInstance().endRequest(False)
except Exception, e:
res = self._processUnexpectedError(e)
self._endRequestSpecific2RH(False)
DBMgr.getInstance().endRequest(False)
if Config.getInstance().getEmbeddedWebserver() or Config.getInstance().getPropagateAllExceptions():
# Re-raise to get the nice werkzeug exception view
raise
#cancels any redirection
self._responseUtil.redirect = None
