def dropbox_client(): access_token_file = os.path.join(os.environ["HOME"], ".dropbox-tools-access-token") sess = session.DropboxSession(APP_KEY, APP_SECRET, ACCESS_TYPE) try: with open(access_token_file) as f: access_token = OAuthToken.from_string(f.read()) sess.set_token(access_token.key, access_token.secret) except (IOError, EOFError, KeyError): request_token = sess.obtain_request_token() url = sess.build_authorize_url(request_token) print "Please visit\n\n %s\n\nand press the 'Allow' button, then hit 'Enter' here." % url raw_input() # This will fail if the user didn't visit the above URL and hit 'Allow' access_token = sess.obtain_access_token(request_token) # dropbox access tokens don't have serialisation methods on them, my_token = OAuthToken(access_token.key, access_token.secret) with open(access_token_file, "w") as f: f.write(my_token.to_string()) conn = client.DropboxClient(sess) print "linked account:", conn.account_info()["display_name"] return conn
def dropbox_client(): access_token_file = os.path.join(os.environ["HOME"], ".dropbox-tools-access-token") sess = session.DropboxSession(APP_KEY, APP_SECRET, ACCESS_TYPE) try: with open(access_token_file) as f: access_token = OAuthToken.from_string(f.read()) sess.set_token(access_token.key, access_token.secret) except (IOError, EOFError, KeyError): request_token = sess.obtain_request_token() url = sess.build_authorize_url(request_token) print "Please visit\n\n %s\n\nand press the 'Allow' button, then hit 'Enter' here."%url raw_input() # This will fail if the user didn't visit the above URL and hit 'Allow' access_token = sess.obtain_access_token(request_token) # dropbox access tokens don't have serialisation methods on them, my_token = OAuthToken(access_token.key, access_token.secret) with open(access_token_file, "w") as f: f.write(my_token.to_string()) conn = client.DropboxClient(sess) print "linked account:", conn.account_info()["display_name"] return conn
def process_request(self, request): """Import the Twitter token from the Session into the Request.""" request.twitter_access_token = None request.twitter_request_token = None request.twitter_userinfo = None if ACCESS_KEY in request.session: token_str = request.session[ACCESS_KEY] token = OAuthToken.from_string(token_str) request.twitter_access_token = token userinfo = SimpleLazyObject(curry(cached_user_info, request, token)) request.twitter_userinfo = userinfo if REQUEST_KEY in request.session: token_str = request.session[REQUEST_KEY] request.twitter_request_token = OAuthToken.from_string(token_str)
def test_adjust_scheme(self): c = typepad.tpclient.TypePadClient() c.endpoint = 'http://api.typepad.com' c.clear_credentials() self.assertScheme(c.endpoint, 'http') c.clear_credentials() c.add_credentials('a', 'b') self.assertScheme(c.endpoint, 'http') c.clear_credentials() c.add_credentials('a', 'b', domain='api.typepad.com') self.assertScheme(c.endpoint, 'http') c.clear_credentials() c.add_credentials(OAuthConsumer('a', 'b'), OAuthToken('c', 'd')) self.assertScheme(c.endpoint, 'https') c.clear_credentials() c.add_credentials(OAuthConsumer('a', 'b'), OAuthToken('c', 'd'), domain='api.example.com') self.assertScheme(c.endpoint, 'http') c.clear_credentials() c.add_credentials(OAuthConsumer('a', 'b'), OAuthToken('c', 'd'), domain='typepad.com') self.assertScheme(c.endpoint, 'http') # This time for sure!! c.clear_credentials() c.add_credentials(OAuthConsumer('a', 'b'), OAuthToken('c', 'd'), domain='api.typepad.com') self.assertScheme(c.endpoint, 'https') # Try it again. c.clear_credentials() c.add_credentials(OAuthConsumer('a', 'b'), OAuthToken('c', 'd'), domain='api.typepad.com') self.assertScheme(c.endpoint, 'https') # Check that clearing works. c.clear_credentials() self.assertScheme(c.endpoint, 'http')
def get_dropbox(request, sess = None): if not sess: _keys = settings.DROPBOX_SETTINGS sess = session.DropboxSession(_keys['app_key'], _keys['app_secret'],_keys['type']) token = request.user.django_dropbox.dropbox_token sess.token = OAuthToken.from_string(token) return client.DropboxClient(sess)
def fetch_url(self, url, token, **kwargs): from StringIO import StringIO token = OAuthToken.from_string(str(token)) consumer = self.get_consumer() connection = self.get_connection(False) request = OAuthRequest.from_consumer_and_token( consumer, token = token, http_method = 'GET', http_url = url, parameters = kwargs ) request.sign_request(self.signature_method, consumer, token) url = request.to_url() start = 'http://%s' % self.server if url.startswith(start): url = url[len(start):] start = 'https://%s' % self.server if url.startswith(start): url = url[len(start):] connection.request(request.http_method, url, '', request.to_header()) resp = connection.getresponse().read() return StringIO(resp)
def exchange_request_token(request_token): consumer = OAuthConsumer(settings.ORCHARD_KEY, settings.ORCHAR_SECRET) oauth_request = OAuthRequest.from_consumer_and_token( consumer, request_token, http_url=ACCESS_TOKEN_URL) return OAuthToken.from_string( _make_request(consumer, oauth_request, request_token))
def dropbox_auth_callback(self, site): """ Handle the server callback after user has granted access. This callback contains oauth_token and oauth_verifier. The oauth verifier is currently not used by dropbox? """ # First get the token we stored with the user cookie = self.request.cookies["token"] assert cookie, "No cookie!" token = OAuthToken.from_string(cookie) self.response.headers["Set-Cookie"] = "token=" # erase the auth token # Then, get the verifier from the get parameters request_token = self.request.get("oauth_token") request_verifier = self.request.get("oauth_verifier") # Something is wrong if the tokens don't match if not request_token == token.key: logging.error( "AuthHandler.dropbox_oauth_callback: request (%s) and cookie (%s) tokens do not match" % (request_token, token.key) ) # Now, get an access token to store for future use logging.debug("AuthHandler.dropbox_oauth_callback. oauth_verifier: %s" % request_verifier) access_token = models.Site.dropbox_auth.obtain_access_token(token, "") logging.debug("AuthHandler.dropbox_oauth_callback. Obtained access_token: %s" % access_token.to_string()) # Save the access token for later use site = models.Site.get_or_insert_current_site() site.dropbox_access_token = access_token.to_string() site.put() self.redirect(self.returnurl)
def fetch_access_token(self, unauth_request_token_key, unauth_request_token_secret, oauth_verifier): """ After the user has authorizated API access via the authorization URL, get the (semi-)permanent access key using the user-authorized request token. Keyword arguments: unauth_request_token -- the user-authorized OAuth request token oauth_verifier -- per OAuth 1.0 Revision A """ url = "%s?oauth_verifier=%s" % (YAMMER_ACCESS_TOKEN_URL, oauth_verifier) try: unauth_request_token = OAuthToken(unauth_request_token_key, unauth_request_token_secret) oauth_request = OAuthRequest.from_consumer_and_token( self._consumer, token=unauth_request_token, http_method='POST', http_url=url) oauth_request.sign_request(self._signature, self._consumer, unauth_request_token) headers = oauth_request.to_header() except OAuthError, m: raise YammerError(m.message)
def test_consumer_property(self): c = typepad.tpclient.TypePadClient() c.endpoint = 'http://api.typepad.com' # make sure initial credentials are clear self.assert_(len(c.authorizations) == 0) self.assert_(len(c.credentials.credentials) == 0) # we can specify consumer and token as OAuth objects c.consumer = OAuthConsumer('x', 'y') c.token = OAuthToken('z', 'q') self.assert_(len(c.credentials.credentials) == 1) self.assertScheme(c.endpoint, 'https') # we can specify consumer and token as tuples of key/secrets c.consumer = ('a', 'b') c.token = ('a', 'b') self.assert_(len(c.credentials.credentials) == 1) self.assertScheme(c.endpoint, 'https') # assigning "None" to either token or consumer will # effectively clear credentials also c.token = None self.assert_(len(c.credentials.credentials) == 0) self.assertScheme(c.endpoint, 'http') c.clear_credentials() self.assertScheme(c.endpoint, 'http')
def get_client(user, sess=None): if not sess: _keys = settings.DROPBOX_SETTINGS sess = session.DropboxSession(_keys['app_key'], _keys['app_secret'], _keys['type']) token = user.django_dropbox.dropbox_token sess.token = OAuthToken.from_string(token) return client.DropboxClient(sess)
def _makeURL(result): token = OAuthToken.from_string(result) # Store the token by key so we can find it when the callback comes. oauthTokenDict[token.key] = token request = OAuthRequest.from_token_and_callback( token=token, http_url=conf.authorization_url) url = request.to_url() log.msg('Browser OAuth redirect URL = %r' % url) return url
def test_responseful(self): request = { 'uri': mox.Func(self.saver('uri')), 'method': 'POST', 'headers': mox.Func(self.saver('headers')), 'body': mox.Func(self.saver('body')), } response = { 'status': 200, 'content-type': 'application/json', } response_content = '{"blahdeblah": true, "anotherthing": "2010-07-06T16:17:05Z"}' http = typepad.TypePadClient() typepad.client = http http.add_credentials( OAuthConsumer('consumertoken', 'consumersecret'), OAuthToken('tokentoken', 'tokensecret'), domain='api.typepad.com', ) mock = mox.Mox() mock.StubOutWithMock(http, 'request') http.request(**request).AndReturn((httplib2.Response(response), response_content)) mock.ReplayAll() class Moose(typepad.TypePadObject): class Snert(typepad.TypePadObject): volume = typepad.fields.Field() target = typepad.fields.Object('User') class SnertResponse(typepad.TypePadObject): blahdeblah = typepad.fields.Field() anotherthing = typepad.fields.Datetime() snert = typepad.fields.ActionEndpoint(api_name='snert', post_type=Snert, response_type=SnertResponse) moose = Moose() moose._location = 'https://api.typepad.com/meese/7.json' ret = moose.snert(volume=10, target=typepad.User(display_name='fred')) self.assert_(ret is not None) self.assert_(isinstance(ret, Moose.SnertResponse)) mock.VerifyAll() self.assert_(self.uri) self.assertEquals(self.uri, 'https://api.typepad.com/meese/7/snert.json') self.assert_(self.headers) self.assert_(self.body) self.assert_(utils.json_equals({ 'volume': 10, 'target': { 'displayName': 'fred', 'objectType': 'User', }, }, self.body))
def get_request_token(self): oa_req = OAuthRequest.from_consumer_and_token( self.consumer, http_url=self.request_token_url) oa_req.sign_request(self.signature_method, self.consumer, None) req = self.http.get_url(self.request_token_url, headers=oa_req.to_header()) if not str(req.status).startswith('2'): self.analyze_error(req) return OAuthToken.from_string(req.data)
def __init__(self, domain_name=None): BaseSpider.__init__(self, domain_name) consumer_key = config.get('yammer', 'consumer_key') consumer_secret = config.get('yammer', 'consumer_secret') app_token = config.get('yammer', 'app_token') self.consumer = OAuthConsumer(consumer_key, consumer_secret) self.signature = OAuthSignatureMethod_PLAINTEXT() self.token = OAuthToken.from_string(app_token)
def test_real_file(self): request = { 'uri': mox.Func(self.saver('uri')), 'method': 'POST', 'headers': mox.Func(self.saver('headers')), 'body': mox.Func(self.saver('body')), } response = { 'status': 201, } http = typepad.TypePadClient() typepad.client = http http.add_credentials( OAuthConsumer('consumertoken', 'consumersecret'), OAuthToken('tokentoken', 'tokensecret'), domain='api.typepad.com', ) mock = mox.Mox() mock.StubOutWithMock(http, 'request') http.request(**request).AndReturn((response, '')) mock.ReplayAll() asset = typepad.Photo() asset.title = "One-by-one png" asset.content = "This is a 1×1 transparent PNG." fileobj = file(os.path.join(os.path.dirname(__file__), 'onebyone.png')) brupload = typepad.BrowserUploadEndpoint() brupload.upload(asset, fileobj, "image/png", post_type='photo') mock.VerifyAll() response = self.message_from_response(self.headers, self.body) (filepart,) = [part for part in response.get_payload() if part.get_param('name', header='content-disposition') == 'file'] self.assertEquals(filepart.get_content_type(), 'image/png') # If there's a transfer encoding, it has to be the identity encoding. transenc = filepart.get('content-transfer-encoding') self.assert_(transenc is None or transenc == 'identity') # Check that the file content is equivalent without decoding. fileobj.seek(0) filecontent = fileobj.read() fileobj.close() self.assertEquals(filepart.get_payload(decode=False), filecontent) filelength = filepart.get('content-length') self.assertEquals(int(filelength), len(filecontent))
def get_request_token(self): oa_req = OAuthRequest.from_consumer_and_token( self.consumer, http_url=self.request_token_url) oa_req.sign_request(self.signature_method, self.consumer, None) req = self.http.get_url(self.request_token_url, headers = oa_req.to_header()) if not str(req.status).startswith('2'): self.analyze_error(req) return OAuthToken.from_string(req.data)
def auth(request, site): creds = OAUTH_CREDENTIALS.get(site.upper()) if not creds: raise Http404('Site %s not found' % site) urls = creds.get('URLS', {}) if 'DIALOG' in urls: request.session['preauth_url'] = request.META.get('HTTP_REFERER') return HttpResponseRedirect(urls['DIALOG']) ssl = creds.get('SSL', False) server = creds.get('SERVER', '%s.com' % site.lower()) klass = ssl and HTTPSConnection or HTTPConnection request.session['preauth_url'] = request.META.get('HTTP_REFERER') consumer = OAuthConsumer( str(creds['CONSUMER_KEY']), str(creds['CONSUMER_SECRET']) ) oauth_request = OAuthRequest.from_consumer_and_token( consumer, http_url = urls.get('REQUEST_TOKEN') ) oauth_request.sign_request(SIGNATURE_METHOD(), consumer, None) url = oauth_request.to_url() connection = klass(server) connection.request(oauth_request.http_method, url) response = connection.getresponse() resp = response.read() token = OAuthToken.from_string(resp) request.session['unauth_token'] = token auth_url = urls.get('AUTHORISATION') if isinstance(auth_url, (list, tuple)): params = auth_url[1] auth_url = auth_url[0] else: params = {} oauth_request = OAuthRequest.from_consumer_and_token( consumer, token = token, http_url = auth_url, parameters = params ) oauth_request.sign_request(SIGNATURE_METHOD(), consumer, token) return HttpResponseRedirect( oauth_request.to_url() )
def callback_view(request): if request.GET.has_key('bounceback'): request.session['bounceback'] = request.GET['bounceback'] if request.GET.has_key("oauth_token_secret"): oauth_token = OAuthToken.from_string("oauth_token_secret=%s&oauth_token=%s" % (request.GET['oauth_token_secret'], request.GET['oauth_token'])) api = TroveAPI(TROVE['KEY'], TROVE['SECRET'], TROVE['CONTENT_REQUESTED'], oauth_token) elif request.session.has_key('request_token'): api = TroveAPI(TROVE['KEY'], TROVE['SECRET'], TROVE['CONTENT_REQUESTED']) oauth_token = api.get_access_token(request.session['request_token']) del request.session['request_token'] else: return redirect('trove-login') try: at = TroveAccessToken.objects.get(oauth_token_as_string=oauth_token.__str__()) except TroveAccessToken.DoesNotExist: # we have to create one! -- although this does run into issues with users having different access tokens user_info = api.get_user_info() try: u = User.objects.get(username=user_info['trove_internal_id']) except User.DoesNotExist: u = User() u.username = user_info['trove_internal_id'] try: u.first_name = user_info['first_name'] except: pass try: u.last_name = user_info['last_name'] except: pass u.set_unusable_password() u.email = "" u.is_active = True u.save() at = TroveAccessToken() at.user = u at.oauth_token_as_string = oauth_token.__str__() at.save() user = authenticate(access_token=oauth_token.__str__()) if user is not None: if user.is_active: login(request, user) return __bounceback__(request) else: return redirect('trove-login') else: return redirect('trove-login')
def get_request_token(): oauth_request = OAuthRequest.from_consumer_and_token( consumer, http_method="POST", http_url=REQUEST_TOKEN_URL, callback="oob") oauth_request.sign_request(HMAC(), consumer, "") headers = oauth_request.to_header() client = Http() response, body = client.request(REQUEST_TOKEN_URL, "POST", headers=headers) token = OAuthToken.from_string(body) return token
def exchange_pin_for_access_token(pin, request_token): parameters=dict(oauth_verifier=pin) oauth_request = OAuthRequest.from_consumer_and_token( consumer, request_token, http_method="POST", http_url=ACCESS_TOKEN_URL, parameters=parameters) oauth_request.sign_request(HMAC(), consumer, request_token) headers = oauth_request.to_header() client = Http() response, body = client.request(ACCESS_TOKEN_URL, "POST", headers=headers) token = OAuthToken.from_string(body) return token, body
def __init__(self, token): GObject.GObject.__init__(self) self._whoami = None self._error = None self.service = UBUNTU_SSO_SERVICE self.token = token token = OAuthToken(self.token["token"], self.token["token_secret"]) authorizer = OAuthAuthorizer(self.token["consumer_key"], self.token["consumer_secret"], access_token=token) self.worker_thread = RestfulClientWorker(authorizer, self.service) self.worker_thread.start() GObject.timeout_add(200, self._monitor_thread)
def lookup_token(self, token_type, token_field): """ :param token_type: type of token to lookup :param token_field: token to look up :note: token_type should always be 'access' as only such tokens are stored in database :returns: OAuthToken object """ assert token_type == 'access' try: token = Token.objects.get(token=token_field) # Piston expects OAuth tokens to have 'consumer' and 'user' atts. # (see piston.authentication.OAuthAuthentication.is_authenticated) oauthtoken = OAuthToken(token.token, token.token_secret) oauthtoken.consumer = token.consumer oauthtoken.user = token.consumer.user return oauthtoken except Token.DoesNotExist: return None
def test_redirect(self): request = { 'uri': mox.Func(self.saver('uri')), 'method': 'POST', 'headers': mox.Func(self.saver('headers')), 'body': mox.Func(self.saver('body')), } response = { 'status': 302, 'location': 'http://client.example.com/hi', } http = typepad.TypePadClient() typepad.client = http http.add_credentials( OAuthConsumer('consumertoken', 'consumersecret'), OAuthToken('tokentoken', 'tokensecret'), domain='api.typepad.com', ) mock = mox.Mox() mock.StubOutWithMock(http, 'request') http.request(**request).AndReturn((response, '')) mock.ReplayAll() asset = typepad.Photo() asset.title = "Fake photo" asset.content = "This is a made-up photo for testing automated browser style upload." fileobj = StringIO('hi hello pretend file') brupload = typepad.BrowserUploadEndpoint() brupload.upload(asset, fileobj, "image/png", redirect_to='http://client.example.com/hi', post_type='photo') mock.VerifyAll() # Verify the headers and body. self.assert_(self.headers) self.assert_(self.body) response = self.message_from_response(self.headers, self.body) bodyparts = response.get_payload() self.assertEquals(len(bodyparts), 4) bodyparts = dict((part.get_param('name', header='content-disposition'), part) for part in bodyparts) # Confirm that the redirect_to was sent. self.assert_('redirect_to' in bodyparts) self.assertEquals(bodyparts['redirect_to'].get_payload(), 'http://client.example.com/hi')
def _storeAccessToken(self, result, request): accessToken = OAuthToken.from_string(result) log.msg('Got access token: %s' % accessToken) conf = self._conf consumer = OAuthConsumer(conf.consumer_key, conf.consumer_secret) oaRequest = OAuthRequest.from_consumer_and_token( consumer, token=accessToken, http_url=conf.verify_credentials_url) oaRequest.sign_request( OAuthSignatureMethod_HMAC_SHA1(), consumer, accessToken) log.msg('Verifying credentials.') d = client.getPage(oaRequest.to_url()) d.addCallback(self._storeUser, accessToken, request) d.addErrback(log.err) return d
def callback(request): sess = get_session() dropbox_uid = request.GET.get('uid', None) oauth_token = request.GET.get('oauth_token', None) request_token = REDIS.get('rt:%s' % oauth_token) request_token = OAuthToken.from_string(request_token) access_token = sess.obtain_access_token(request_token) REDIS.set('ac:%s' % dropbox_uid, access_token.to_string()) request.session['uid'] = dropbox_uid return redirect('home')
def swap_tokens(self, *args, **kwargs): if self.token_required: consumer, token = args token = OAuthToken.from_string(token) request = OAuthRequest.from_consumer_and_token( consumer, token = token, http_url = self.access_token_url, parameters = kwargs ) request.sign_request(self.signature_method, consumer, token) url = request.to_url() if url.startswith('http://'): url = url[7:] elif url.startswith('https://'): url = url[8:] if url.startswith(self.server): url = url[len(self.server):] q = url.find('?') if q > 01: qs = url[q + 1:] url = url[:q] else: qs = '' connection = self.get_connection(False) connection.request(request.http_method, url, qs, request.to_header()) resp = connection.getresponse().read() return OAuthToken.from_string(resp) else: raise NotImplementedError('Method not implemented for non-standard OAuth provider.')
def twitter_done(request): request_token = request.session.get('request_token', None) verifier = request.GET.get('oauth_verifier', None) denied = request.GET.get('denied', None) # If we've been denied, put them back to the signin page # They probably meant to sign in with facebook >:D if denied: return HttpResponseRedirect(reverse("auth_login")) # If there is no request_token for session, # Means we didn't redirect user to twitter if not request_token: # Redirect the user to the login page, return HttpResponseRedirect(reverse("auth_login")) token = OAuthToken.from_string(request_token) # If the token from session and token from twitter does not match # means something bad happened to tokens if token.key != request.GET.get('oauth_token', 'no-token'): del request.session['request_token'] # Redirect the user to the login page return HttpResponseRedirect(reverse("auth_login")) twitter = oauthtwitter.OAuthApi(settings.TWITTER_CONSUMER_KEY, settings.TWITTER_CONSUMER_SECRET, token) access_token = twitter.getAccessToken() request.session['access_token'] = access_token.to_string() user = authenticate(request=request, twitter_access_token=access_token) # if user is authenticated then login user if user: login(request, user) else: # We were not able to authenticate user # Redirect to login page del request.session['access_token'] del request.session['request_token'] return HttpResponseRedirect(reverse('auth_login')) # authentication was successful, use is now logged in referer = request.session.get('request_referer') next_url = str(getattr(settings, "LOGIN_REDIRECT_URL", "/")) if referer: next_url = urlparse.urljoin(referer, next_url) del request.session['request_referer'] return HttpResponseRedirect(next_url)
def requestToken(omb): current_site = Site.objects.get_current() url = urlparse.urlparse(omb[OAUTH_REQUEST].uris[0].uri) params = {} if url[4] != '': # We need to copy over the query string params for sites like laconica params.update(dict([part.split('=') for part in url[4].split('&')])) params['omb_version'] = OMB_VERSION_01 params['omb_listener'] = omb[OAUTH_REQUEST].localid.text consumer = OAuthConsumer(current_site.domain, "") req = OAuthRequest().from_consumer_and_token(consumer, http_url=url.geturl(), parameters=params, http_method="POST") req.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, None) f = urllib.urlopen(url.geturl(), req.to_postdata()) data = f.read() requestToken = OAuthToken.from_string(data) return requestToken
def requestAccessToken(omb_session, oauth_request): current_site = Site.objects.get_current() token = OAuthToken(omb_session["token"], omb_session["secret"]) url = urlparse.urlparse(omb_session["access_token_url"]) params = {} if url[4] != '': # We need to copy over the query string params for sites like laconica params.update(dict([part.split('=') for part in url[4].split('&')])) params['omb_version'] = OMB_VERSION_01 consumer = OAuthConsumer(current_site.domain, "") req = OAuthRequest().from_consumer_and_token(consumer, token=token, http_url=url.geturl(), parameters=params, http_method="POST") req.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, token) f = urllib.urlopen(url.geturl(), req.to_postdata()) data = f.read() accessToken = OAuthToken.from_string(data) return accessToken
def exchange_pin_for_access_token(pin, request_token): parameters = dict(oauth_verifier=pin) oauth_request = OAuthRequest.from_consumer_and_token( consumer, request_token, http_method="POST", http_url=ACCESS_TOKEN_URL, parameters=parameters) oauth_request.sign_request(HMAC(), consumer, request_token) headers = oauth_request.to_header() client = Http() response, body = client.request(ACCESS_TOKEN_URL, "POST", headers=headers) token = OAuthToken.from_string(body) return token, body
def twitter_notify_now_playing(track, next_track): if TWITTER_CONSUMER_KEY and TWITTER_CONSUMER_SECRET: import oauthtwitter from oauth.oauth import OAuthToken api = oauthtwitter.OAuthApi(TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET,\ OAuthToken.from_string(TWITTER_TOKEN)) status = 'Now playing "%s" (%d:%02d)' % (track.name[:30], track.length/60, track.length % 60) if track.uploader and track.uploader.twitter: status += ' by @%s' % track.uploader.twitter if next_track: status += ', next one "%s" (%d:%02d)'\ % (next_track.name[:30], next_track.length/60, next_track.length % 60) if next_track.uploader and next_track.uploader.twitter: status += ' by @%s' % next_track.uploader.twitter api.PostUpdate(status)
def get_unauthorised_request_token(self, consumer, connection): from django.contrib.sites.models import Site from django.core.urlresolvers import reverse request = OAuthRequest.from_consumer_and_token( consumer, http_url = self.request_token_url, parameters = { 'oauth_callback': 'http://%s%s' % ( Site.objects.get_current().domain, reverse('megaphone_callback') ) } ) request.sign_request(self.signature_method, consumer, None) resp = self.fetch_response(request, connection) token = OAuthToken.from_string(resp) return token
def begin(self, request, data): """ Try to get Request Token from OAuth Provider and redirect user to provider's site for approval. """ consumer = OAuthConsumer(self.CONSUMER_KEY, self.CONSUMER_SECRET) signature_method = OAuthSignatureMethod_HMAC_SHA1() callback = request.build_absolute_uri(reverse('publicauth-complete', args=[self.provider])) oauth_req = OAuthRequest.from_consumer_and_token(consumer, callback=callback, http_url=self.REQUEST_TOKEN_URL) oauth_req.sign_request(signature_method, consumer, None) response = urllib.urlopen(oauth_req.to_url()).read() token = OAuthToken.from_string(response) # instatiate token oauth_req = OAuthRequest.from_consumer_and_token(consumer, token, http_url=self.AUTHORIZE_URL) oauth_req.sign_request(signature_method, consumer, token) raise Redirect(oauth_req.to_url())
def _fetch_token(oauth_request): url = oauth_request.to_url() logging.info('REQUEST url=%s' % url) response = urlfetch.fetch(url) logging.info('RESPONSE => %s' % response.content) # TODO can't do this one until the oauth library gets patched #token = OAuthToken.from_string(response.content) params = cgi.parse_qs(response.content.strip(), keep_blank_values=True) if 'oauth_token' not in params or 'oauth_token_secret' not in params: return None key = params['oauth_token'][0] secret = params['oauth_token_secret'][0] token = OAuthToken(key, secret) logging.info('TOKEN: %s' % token) return token
def test_responseless(self): request = { 'uri': mox.Func(self.saver('uri')), 'method': 'POST', 'headers': mox.Func(self.saver('headers')), 'body': mox.Func(self.saver('body')), } response = { 'status': 204, # no content } http = typepad.TypePadClient() typepad.client = http http.add_credentials( OAuthConsumer('consumertoken', 'consumersecret'), OAuthToken('tokentoken', 'tokensecret'), domain='api.typepad.com', ) mock = mox.Mox() mock.StubOutWithMock(http, 'request') http.request(**request).AndReturn((httplib2.Response(response), '')) mock.ReplayAll() class Moose(typepad.TypePadObject): class Snert(typepad.TypePadObject): volume = typepad.fields.Field() snert = typepad.fields.ActionEndpoint(api_name='snert', post_type=Snert) moose = Moose() moose._location = 'https://api.typepad.com/meese/7.json' ret = moose.snert(volume=10) self.assert_(ret is None) mock.VerifyAll() self.assert_(self.uri) self.assertEquals(self.uri, 'https://api.typepad.com/meese/7/snert.json') self.assert_(self.headers) self.assert_(self.body) self.assert_(utils.json_equals({ 'volume': 10 }, self.body))
def lookup_token(self, token_type, token_field): """ :param token_type: type of token to lookup :param token_field: token to look up :note: token_type should always be 'access' as only such tokens are stored in database :returns: OAuthToken object """ assert token_type == 'access' try: token = Token.objects.get(token=token_field) return OAuthToken(token.token, token.token_secret) except Token.DoesNotExist: return None
def auth_complete(self, *args, **kwargs): """Returns user, might be logged in""" name = self.AUTH_BACKEND.name + 'unauthorized_token_name' unauthed_token = self.request.session.get(name) if not unauthed_token: raise ValueError('Missing unauthorized token') token = OAuthToken.from_string(unauthed_token) if token.key != self.request.GET.get('oauth_token', 'no-token'): raise ValueError('Incorrect tokens') access_token = self.access_token(token) data = self.user_data(access_token) if data is not None: data['access_token'] = access_token.to_string() kwargs.update({'response': data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs)
def dropbox_auth_callback(self): # now use the authorized token to grab an access token token = OAuthToken.from_string(self.request.cookies['token']) access_token = dropbox_auth.obtain_access_token(token, "") self.response.headers['Set-Cookie'] = 'token=' # erase the auth token # lookup your account info client = dropbox_client(access_token) account_info = client.account_info().data template_params = { 'access_token':access_token.to_string(), 'email':account_info['email'], } # prompt you to fill in the account credentials for our system path = os.path.join(os.path.dirname(__file__), 'password.html') self.response.out.write(template.render(path, template_params))
def auth_complete(self, *args, **kwargs): """Returns user, might be logged in""" name = self.AUTH_BACKEND.name + "unauthorized_token_name" unauthed_token = self.request.session.get(name) if not unauthed_token: raise ValueError("Missing unauthorized token") token = OAuthToken.from_string(unauthed_token) if token.key != self.data.get("oauth_token", "no-token"): raise ValueError("Incorrect tokens") access_token = self.access_token(token) data = self.user_data(access_token) if data is not None: data["access_token"] = access_token.to_string() kwargs.update({"response": data, self.AUTH_BACKEND.name: True}) return authenticate(*args, **kwargs)
def get(self): user = DropboxUser.get_current(self) if user: token = OAuthToken(user.oauth_token, user.oauth_token_secret) dba = auth.Authenticator(config) db_client = client.DropboxClient(config['server'], config['content_server'], config['port'], dba, token) dirinfo = json.loads(db_client.metadata('dropbox', '').body) if 'contents' in dirinfo: self.response.out.write(dirinfo['contents']) else: self.response.out.write('no contents, bro') else: print "There was no user, bro."
def start_auth(request, fail_redirect='/account/other_services/'): consumer = OAuthConsumer(settings.TWITTER_CONSUMER_KEY, settings.TWITTER_CONSUMER_SECRET) # Request the OAuth Token req = OAuthRequest().from_consumer_and_token(consumer, http_url=TWITTER_REQUEST_TOKEN_URL, parameters={}, http_method="POST") req.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, None) try: res = urllib.urlopen(TWITTER_REQUEST_TOKEN_URL, req.to_postdata()) requestToken = OAuthToken.from_string(res.read()) # Authorise the OAuth Token oauth_request = OAuthRequest().from_consumer_and_token(consumer, http_url=TWITTER_AUTHORIZE_URL, parameters={}, http_method="GET", token=requestToken) oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, requestToken) return HttpResponseRedirect(oauth_request.to_url()) except IOError: request.user.message_set.create( message=ugettext(u"Twitter authorization failed.") ) return HttpResponseRedirect(fail_redirect)
def handle_request(self, environ, request, response): method = environ['REQUEST_METHOD'] if (method == 'GET' or method == 'POST') and request.path == '/': return self.handle_main(environ, request, response) # Check authentication (email, password) = self.get_credentials(request) if email: user = DropboxUser.find_by_email(email) if user and user.is_password_valid(password): self._handler.client = dropbox_client(OAuthToken.from_string(user.access_token)) return super(DropboxWebDAVApplication,self).handle_request(environ,request,response) else: return self.request_authentication(response) else: return self.request_authentication(response)
def handle_request(self, environ, request, response): method = environ['REQUEST_METHOD'] if True:# or (method == 'GET' or method == 'POST') and request.path == '/': return self.handle_main(environ, request, response) # Check authentication (email, password) = self.get_credentials(request) if email: user = DropboxUser.find_by_email(email) if user and user.is_password_valid(password): self._handler.client = dropbox_client(OAuthToken.from_string(user.access_token)) return super(DropboxWebDAVApplication,self).handle_request(environ,request,response) else: return self.request_authentication(response) else: return self.request_authentication(response)
def authorize(self, token): """Authorize a user with netflix and return a user id and an access token.""" oa_req = OAuthRequest.from_consumer_and_token( self.consumer, token=token, parameters={'application_name': self.application_name} if self.application_name else None, http_url=self.access_token_url) oa_req.sign_request(self.signature_method, self.consumer, token) req = self.http.get_url(oa_req.to_url()) if not str(req.status).startswith('2'): self.analyze_error(req) res = req.data logging.debug(res) id = cgi.parse_qs(res)['user_id'][0] return id, OAuthToken.from_string(res)
def __init__(self, user, token=None): """Initialize an oauth-authenticated test client. :param user: The user to authenticate. :type user: django.contrib.auth.models.User :param token: Optional token to authenticate `user` with. If no `token` is given, the user's first token will be used. :type token: oauth.oauth.OAuthToken """ super(OAuthAuthenticatedClient, self).__init__() if token is None: # Get the user's first token. token = get_auth_tokens(user)[0] assert token.user == user, "Token does not match User." consumer = token.consumer self.consumer = OAuthConsumer(consumer.key.encode("ascii"), consumer.secret.encode("ascii")) self.token = OAuthToken(token.key.encode("ascii"), token.secret.encode("ascii"))
def begin(self, request, data): """ Try to get Request Token from OAuth Provider and redirect user to provider's site for approval. """ consumer = OAuthConsumer(self.CONSUMER_KEY, self.CONSUMER_SECRET) signature_method = OAuthSignatureMethod_HMAC_SHA1() callback = request.build_absolute_uri( reverse('publicauth-complete', args=[self.provider])) oauth_req = OAuthRequest.from_consumer_and_token( consumer, callback=callback, http_url=self.REQUEST_TOKEN_URL) oauth_req.sign_request(signature_method, consumer, None) response = urllib.urlopen(oauth_req.to_url()).read() token = OAuthToken.from_string(response) # instatiate token oauth_req = OAuthRequest.from_consumer_and_token( consumer, token, http_url=self.AUTHORIZE_URL) oauth_req.sign_request(signature_method, consumer, token) raise Redirect(oauth_req.to_url())
def get(self, token): dba = auth.Authenticator(config) req_token = OAuthToken.from_string(base64.b64decode(urllib.unquote(token))) uid = self.request.get('uid') self.response.headers.add_header('Set-Cookie', 'uid=%s; path=/' % uid) token = dba.obtain_access_token(req_token, '') db_client = client.DropboxClient(config['server'], config['content_server'], config['port'], dba, token) account = json.loads(db_client.account_info().body) user = DropboxUser.get_by_uid(uid) user.oauth_token = token.key user.oauth_token_secret = token.secret user.email = account['email'] user.put() taskqueue.add(url='/tasks/poll', params={'uid': uid}) self.redirect('/')
def post_url(self, url, token, *args, **kwargs): from StringIO import StringIO token = OAuthToken.from_string(str(token)) consumer = self.get_consumer() connection = self.get_connection(False) request = OAuthRequest.from_consumer_and_token( consumer, token = token, http_method = 'POST', http_url = url, parameters = kwargs ) request.sign_request(self.signature_method, consumer, token) connection.request( request.http_method, request.to_url(), ''.join(args) ) resp = connection.getresponse().read() return StringIO(resp)
def set_dropdav_password(self): access_token = OAuthToken.from_string(self.request.POST.get('access_token')) password = self.request.POST.get('password') # lookup your account info again to confirm client = dropbox_client(access_token) account_info = client.account_info().data email = account_info['email'] user = DropboxUser.find_by_email(email) if not user: user = DropboxUser(email=email) # create or update your user entry in our system user.access_token = access_token.to_string() user.set_password(password) user.put() # prompt you to fill in the account credentials for our system path = os.path.join(os.path.dirname(__file__), 'success.html') self.response.out.write(template.render(path, {'email':email,'server':site_root()}))
def messages(request): """docstring for messages""" if request.user.is_authenticated(): user_meta=UserMeta.objects.filter(user=request.user) usermeta={} for u in user_meta: usermeta[u.key]=u.value twitter_access_token_string=UserMeta.objects.get(user=request.user,key="twitter_access_token_string").value access_token=OAuthToken.from_string(twitter_access_token_string) twitter=OAuthApi(CONSUMER_KEY,CONSUMER_SECRET,access_token) statuses=twitter.GetDirectMessages() i=0 for status in statuses: # statuses[i].source=statuses[i].source.replace('<a', '<a class="dark"') statuses[i].datetime = datetime.datetime.fromtimestamp(time.mktime(time.strptime(status.created_at, '%a %b %d %H:%M:%S +0000 %Y'))) statuses[i].text = twitter.ConvertMentions(status.text) i=i+1 return render_to_response('desktop/twitter_messages.html',{'statuses':statuses,'usermeta':usermeta}) else: return HttpResponseRedirect("/login")
def newtweet(request): if request.user.is_authenticated(): user_meta=UserMeta.objects.filter(user=request.user) usermeta={} for u in user_meta: usermeta[u.key]=u.value status=self.request.get('status') if len(status) > 140: status=status[0:140] twitter_access_token_string=UserMeta.objects.get(user=request.user,key="twitter_access_token_string").value access_token=OAuthToken.from_string(twitter_access_token_string) twitter=OAuthApi(CONSUMER_KEY,CONSUMER_SECRET,access_token) try: twitter.PostUpdate(status.encode('utf-8')) except: logging.error('Failed to tweet: '+status) return HttpResponseRedirect("/home") else: return HttpResponseRedirect("/login")
def post(self): uid = self.request.get('uid') if uid is not None: taskqueue.add(url='/tasks/poll', params={'uid': uid}, countdown=POLL_INTERVAL) user = DropboxUser.get_by_uid(uid) token = OAuthToken(user.oauth_token, user.oauth_token_secret) dba = auth.Authenticator(config) db_client = client.DropboxClient(config['server'], config['content_server'], config['port'], dba, token) account_info = json.loads(db_client.account_info().body) size = str(account_info['quota_info']['normal']) if user.size != size: params = {'changed': 'yeah'} urlfetch.fetch(url=user.callback_url, payload=urllib.urlencode(params), method='POST') user.size = size user.put()
def callback(key, secret, request): token = request.session.get('unauth_token') if not token: raise Exception('No unauthorised token') if token.key != request.GET.get('oauth_token', None): raise Exception('Token does not match') verifier = request.GET.get('oauth_verifier') consumer = OAuthConsumer(str(key), str(secret)) oauth_request = OAuthRequest.from_consumer_and_token( consumer, token=token, http_url='https://twitter.com/oauth/access_token', parameters={'oauth_verifier': verifier}) oauth_request.sign_request(SIGNATURE_METHOD(), consumer, token) url = oauth_request.to_url() access_token = OAuthToken.from_string(urlopen(url).read()) return access_token