Пример #1
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback', ))
    if missing_params is not None:
        return missing_params

    if is_xauth_request(oauth_request):
        return HttpResponseBadRequest('xAuth not allowed for this method.')

    try:
        consumer = store.get_consumer(request, oauth_request,
                                      oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return INVALID_CONSUMER_RESPONSE

    if not verify_oauth_request(request, oauth_request, consumer):
        return COULD_NOT_VERIFY_OAUTH_REQUEST_RESPONSE

    try:
        request_token = store.create_request_token(
            request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error, err:
        return send_oauth_error(err)
Пример #2
0
def access_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
    if missing_params is not None:
        return missing_params

    try:
        request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
    except InvalidTokenError:
        return HttpResponseBadRequest('Invalid request token.')
    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponseBadRequest('Invalid consumer.')

    if not verify_oauth_request(request, oauth_request, consumer, request_token):
        return HttpResponseBadRequest('Could not verify OAuth request.')

    if oauth_request.get('oauth_verifier', None) != request_token.verifier:
        return HttpResponseBadRequest('Invalid OAuth verifier.')

    if not request_token.is_approved:
        return HttpResponseBadRequest('Request Token not approved by the user.')

    access_token = store.create_access_token(request, oauth_request, consumer, request_token)

    ret = urlencode({
        'oauth_token': access_token.key,
        'oauth_token_secret': access_token.secret
    })
    return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
Пример #3
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return HttpResponseBadRequest('Invalid request parameters.')

    missing_params = require_params(oauth_request, ('oauth_callback', ))
    if missing_params is not None:
        return missing_params

    if is_xauth_request(oauth_request):
        return HttpResponseBadRequest('xAuth not allowed for this method.')

    try:
        consumer = store.get_consumer(request, oauth_request,
                                      oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponse('Invalid consumer.', status=401)

    if not verify_oauth_request(request, oauth_request, consumer):
        return HttpResponseBadRequest('Could not verify OAuth request.')

    try:
        request_token = store.create_request_token(
            request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error:
        return HttpResponse('Invalid request token: %s' %
                            oauth_request.get_parameter('oauth_token'),
                            status=401)

    ret = urlencode({
        'oauth_token': request_token.key,
        'oauth_token_secret': request_token.secret,
        'oauth_callback_confirmed': 'true'
    })
    return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
Пример #4
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return HttpResponseBadRequest("Invalid request parameters.")

    missing_params = require_params(oauth_request, ("oauth_callback",))
    if missing_params is not None:
        return missing_params

    if is_xauth_request(oauth_request):
        return HttpResponseBadRequest("xAuth not allowed for this method.")

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
    except InvalidConsumerError:
        return HttpResponse("Invalid consumer.", status=401)

    if not verify_oauth_request(request, oauth_request, consumer):
        return HttpResponseBadRequest("Could not verify OAuth request.")

    try:
        request_token = store.create_request_token(request, oauth_request, consumer, oauth_request["oauth_callback"])
    except oauth.Error:
        return HttpResponse("Invalid request token: %s" % oauth_request.get_parameter("oauth_token"), status=401)

    ret = urlencode(
        {
            "oauth_token": request_token.key,
            "oauth_token_secret": request_token.secret,
            "oauth_callback_confirmed": "true",
        }
    )
    return HttpResponse(ret, content_type="application/x-www-form-urlencoded")
Пример #5
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback', ))
    if missing_params is not None:
        return missing_params

    try:
        consumer = store.get_consumer(request, oauth_request,
                                      oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return oauth_error_response('Invalid Consumer.',
                                    status_code=httplib.BAD_REQUEST)

    if not verify_oauth_request(request, oauth_request, consumer):
        return oauth_error_response('Could not verify OAuth request.',
                                    status_code=httplib.BAD_REQUEST)

    try:
        request_token = store.create_request_token(
            request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error, err:
        return oauth_error_response(err)
Пример #6
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback', ))
    if missing_params is not None:
        return missing_params

    try:
        consumer = store.get_consumer(request, oauth_request,
                                      oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        logging.info('Oauth error: invalid consumer: %d' %
                     oauth_request['oauth_consumer_key'])
        return HttpResponseBadRequest('Invalid Consumer.')

    if not verify_oauth_request(request, oauth_request, consumer):
        logging.info('Oauth error: could not verify request')
        return HttpResponseBadRequest('Could not verify OAuth request.')

    try:
        request_token = store.create_request_token(
            request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error, err:
        return send_oauth_error(err)
Пример #7
0
def access_token(request):
    oauth_request = get_oauth_request(request)

    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ("oauth_token", "oauth_verifier"))
    if missing_params is not None:
        return missing_params

    try:
        request_token = store.get_request_token(request, oauth_request, oauth_request["oauth_token"])
    except InvalidTokenError:
        return HttpResponseBadRequest("Invalid request token.")
    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
    except InvalidConsumerError:
        return HttpResponseBadRequest("Invalid consumer.")

    if not verify_oauth_request(request, oauth_request, consumer, request_token):
        return HttpResponseBadRequest("Could not verify OAuth request.")

    if oauth_request.get("oauth_verifier", None) != request_token.verifier:
        return HttpResponseBadRequest("Invalid OAuth verifier.")

    if not request_token.is_approved:
        return HttpResponseBadRequest("Request Token not approved by the user.")

    access_token = store.create_access_token(request, oauth_request, consumer, request_token)

    ret = urlencode({"oauth_token": access_token.key, "oauth_token_secret": access_token.secret})
    return HttpResponse(ret, content_type="application/x-www-form-urlencoded")
Пример #8
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return HttpResponseBadRequest('Invalid request parameters.')

    missing_params = require_params(oauth_request, ('oauth_callback',))
    if missing_params is not None:
        return missing_params

    if is_xauth_request(oauth_request):
        return HttpResponseBadRequest('xAuth not allowed for this method.')

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponse('Invalid consumer.', status=401)

    if not verify_oauth_request(request, oauth_request, consumer):
        return HttpResponseBadRequest('Could not verify OAuth request.')

    try:
        request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error:
        return HttpResponse('Invalid request token: %s' % oauth_request.get_parameter('oauth_token'), status=401)

    ret = urlencode({
        'oauth_token': request_token.key,
        'oauth_token_secret': request_token.secret,
        'oauth_callback_confirmed': 'true'
    })
    return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
Пример #9
0
def access_token(request):
    oauth_request = get_oauth_request(request)

    missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
    if missing_params is not None:
        return missing_params

    try:
        request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
    except InvalidTokenError:
        return HttpResponseBadRequest('Invalid request token.')
    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponseBadRequest('Invalid consumer.')

    if not verify_oauth_request(request, oauth_request, consumer, request_token):
        return HttpResponseBadRequest('Could not verify OAuth request.')

    if oauth_request.get('oauth_verifier', None) != request_token.verifier:
        return HttpResponseBadRequest('Invalid OAuth verifier.')

    if not request_token.is_approved:
        return HttpResponseBadRequest('Request Token not approved by the user.')

    access_token = store.create_access_token(request, oauth_request, consumer, request_token)

    ret = urlencode({
        'oauth_token': access_token.key,
        'oauth_token_secret': access_token.secret
    })
    return HttpResponse(ret, content_type='application/x-www-form-urlencoded')
Пример #10
0
    def is_authenticated(self, request):
        oauth_request = get_oauth_request(request)
        missing_params = require_params(oauth_request)
        if missing_params is not None:
            return False

        if self.two_legged:
            return self._authenticate_two_legged(request, oauth_request)
        else:
            return self._authenticate_three_legged(request, oauth_request)
Пример #11
0
    def is_authenticated(self, request):
        oauth_request = get_oauth_request(request)
        missing_params = require_params(oauth_request)
        if missing_params is not None:
            return False

        if self.two_legged:
            return self._authenticate_two_legged(request, oauth_request)
        else:
            return self._authenticate_three_legged(request, oauth_request)
Пример #12
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ("oauth_callback",))
    if missing_params is not None:
        return missing_params

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
    except InvalidConsumerError:
        return HttpResponseBadRequest("Invalid Consumer.")

    if not verify_oauth_request(request, oauth_request, consumer):
        return HttpResponseBadRequest("Could not verify OAuth request.")

    try:
        request_token = store.create_request_token(request, oauth_request, consumer, oauth_request["oauth_callback"])
    except oauth.Error, err:
        return send_oauth_error(err)
Пример #13
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback',))
    if missing_params is not None:
        return missing_params

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return oauth_error_response('Invalid Consumer.', status_code=httplib.BAD_REQUEST)

    if not verify_oauth_request(request, oauth_request, consumer):
        return oauth_error_response('Could not verify OAuth request.', status_code=httplib.BAD_REQUEST)

    try:
        request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error, err:
        return oauth_error_response(err)
Пример #14
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback',))
    if missing_params is not None:
        return missing_params

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        logging.info('Oauth error: invalid consumer: %d' % oauth_request['oauth_consumer_key'])
        return HttpResponseBadRequest('Invalid Consumer.')

    if not verify_oauth_request(request, oauth_request, consumer):
        logging.info('Oauth error: could not verify request')
        return HttpResponseBadRequest('Could not verify OAuth request.')

    try:
        request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error, err:
        return send_oauth_error(err)
Пример #15
0
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback',))
    if missing_params is not None:
        return missing_params

    if is_xauth_request(oauth_request):
        return HttpResponseBadRequest('xAuth not allowed for this method.')

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponseBadRequest('Invalid Consumer.')

    if not verify_oauth_request(request, oauth_request, consumer):
        return HttpResponseBadRequest('Could not verify OAuth request.')

    try:
        request_token = store.create_request_token(request, oauth_request, consumer, oauth_request['oauth_callback'])
    except oauth.Error, err:
        return send_oauth_error(err)
Пример #16
0
def access_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    # Consumer
    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponseBadRequest('Invalid consumer.')

    is_xauth = is_xauth_request(oauth_request)

    if not is_xauth:

        # Check Parameters
        missing_params = require_params(oauth_request, ('oauth_token', 'oauth_verifier'))
        if missing_params is not None:
            return missing_params

        # Check Request Token
        try:
            request_token = store.get_request_token(request, oauth_request, oauth_request['oauth_token'])
        except InvalidTokenError:
            return HttpResponseBadRequest('Invalid request token.')
        if not request_token.is_approved:
            return HttpResponseBadRequest('Request Token not approved by the user.')

        # Verify Signature
        if not verify_oauth_request(request, oauth_request, consumer, request_token):
            return HttpResponseBadRequest('Could not verify OAuth request.')
       
        # Check Verifier
        if oauth_request.get('oauth_verifier', None) != request_token.verifier:
            return HttpResponseBadRequest('Invalid OAuth verifier.')

    else: # xAuth

        # Check Parameters
        missing_params = require_params(oauth_request, ('x_auth_username', 'x_auth_password', 'x_auth_mode'))
        if missing_params is not None:
            return missing_params

        # Check if Consumer allows xAuth
        if not consumer.xauth_allowed:
            return HttpResponseBadRequest('xAuth not allowed for this method')

        # Check Signature
        if not verify_oauth_request(request, oauth_request, consumer):
            return HttpResponseBadRequest('Could not verify xAuth request.')
        
        # Check Username/Password 
        if is_xauth and not verify_xauth_request(request, oauth_request):
            return HttpResponseBadRequest('xAuth username or password is not valid')
        
        # Handle Request Token
        try:
            #request_token = store.create_request_token(request, oauth_request, consumer, oauth_request.get('oauth_callback'))
            request_token = store.create_request_token(request, oauth_request, consumer, OUT_OF_BAND)
            request_token = store.authorize_request_token(request, oauth_request, request_token)
        except oauth.Error, err:
            return send_oauth_error(err)
Пример #17
0
def access_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return HttpResponseBadRequest("Invalid request parameters.")

    # Consumer
    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request["oauth_consumer_key"])
    except InvalidConsumerError:
        return HttpResponseBadRequest("Invalid consumer.")

    is_xauth = is_xauth_request(oauth_request)

    if not is_xauth:

        # Check Parameters
        missing_params = require_params(oauth_request, ("oauth_token", "oauth_verifier"))
        if missing_params is not None:
            return missing_params

        # Check Request Token
        try:
            request_token = store.get_request_token(request, oauth_request, oauth_request["oauth_token"])
        except InvalidTokenError:
            return HttpResponse("Invalid request token: %s" % oauth_request["oauth_token"], status=401)
        if not request_token.is_approved:
            return HttpResponse("Request Token not approved by the user.", status=401)

        # Verify Signature
        if not verify_oauth_request(request, oauth_request, consumer, request_token):
            return HttpResponseBadRequest("Could not verify OAuth request.")

        # Check Verifier
        if oauth_request.get("oauth_verifier", None) != request_token.verifier:
            return HttpResponseBadRequest("Invalid OAuth verifier.")

    else:  # xAuth

        # Check Parameters
        missing_params = require_params(oauth_request, ("x_auth_username", "x_auth_password", "x_auth_mode"))
        if missing_params is not None:
            return missing_params

        # Check if Consumer allows xAuth
        if not consumer.xauth_allowed:
            return HttpResponseBadRequest("xAuth not allowed for this method")

        # Check Signature
        if not verify_oauth_request(request, oauth_request, consumer):
            return HttpResponseBadRequest("Could not verify xAuth request.")

        user = authenticate(
            x_auth_username=oauth_request.get_parameter("x_auth_username"),
            x_auth_password=oauth_request.get_parameter("x_auth_password"),
            x_auth_mode=oauth_request.get_parameter("x_auth_mode"),
        )

        if not user:
            return HttpResponseBadRequest("xAuth username or password is not valid")
        else:
            request.user = user

        # Handle Request Token
        try:
            # request_token = store.create_request_token(request, oauth_request, consumer, oauth_request.get('oauth_callback'))
            request_token = store.create_request_token(request, oauth_request, consumer, OUT_OF_BAND)
            request_token = store.authorize_request_token(request, oauth_request, request_token)
        except oauth.Error as err:
            return send_oauth_error("https" if request.is_secure() else "http", get_current_site(request).domain, err)

    access_token = store.create_access_token(request, oauth_request, consumer, request_token)

    ret = urlencode({"oauth_token": access_token.key, "oauth_token_secret": access_token.secret})
    return HttpResponse(ret, content_type="application/x-www-form-urlencoded")
Пример #18
0
def access_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return HttpResponseBadRequest('Invalid request parameters.')

    # Consumer
    try:
        consumer = store.get_consumer(request, oauth_request,
                                      oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponseBadRequest('Invalid consumer.')

    is_xauth = is_xauth_request(oauth_request)

    if not is_xauth:

        # Check Parameters
        missing_params = require_params(oauth_request,
                                        ('oauth_token', 'oauth_verifier'))
        if missing_params is not None:
            return missing_params

        # Check Request Token
        try:
            request_token = store.get_request_token(
                request, oauth_request, oauth_request['oauth_token'])
        except InvalidTokenError:
            return HttpResponse('Invalid request token: %s' %
                                oauth_request['oauth_token'],
                                status=401)
        if not request_token.is_approved:
            return HttpResponse('Request Token not approved by the user.',
                                status=401)

        # Verify Signature
        if not verify_oauth_request(request, oauth_request, consumer,
                                    request_token):
            return HttpResponseBadRequest('Could not verify OAuth request.')

        # Check Verifier
        if oauth_request.get('oauth_verifier', None) != request_token.verifier:
            return HttpResponseBadRequest('Invalid OAuth verifier.')

    else:  # xAuth

        # Check Parameters
        missing_params = require_params(
            oauth_request,
            ('x_auth_username', 'x_auth_password', 'x_auth_mode'))
        if missing_params is not None:
            return missing_params

        # Check if Consumer allows xAuth
        if not consumer.xauth_allowed:
            return HttpResponseBadRequest('xAuth not allowed for this method')

        # Check Signature
        if not verify_oauth_request(request, oauth_request, consumer):
            return HttpResponseBadRequest('Could not verify xAuth request.')

        user = authenticate(
            x_auth_username=oauth_request.get_parameter('x_auth_username'),
            x_auth_password=oauth_request.get_parameter('x_auth_password'),
            x_auth_mode=oauth_request.get_parameter('x_auth_mode'))

        if not user:
            return HttpResponseBadRequest(
                'xAuth username or password is not valid')
        else:
            request.user = user

        # Handle Request Token
        try:
            #request_token = store.create_request_token(request, oauth_request, consumer, oauth_request.get('oauth_callback'))
            request_token = store.create_request_token(request, oauth_request,
                                                       consumer, OUT_OF_BAND)
            request_token = store.authorize_request_token(
                request, oauth_request, request_token)
        except oauth.Error, err:
            return send_oauth_error(err)