def api_authorize(request): """ checks on the request token provided or ask the user enter one allows the user to authorize this if consumer style is web and a callback is provided redirect to it otherwise suggest that the user notify their application that authorization has completed """ redirect = urllib.quote(request.get_full_path()) view = user.get_user_from_cookie_or_legacy_auth(request) if view is None: logging.info("Redirect: %s " % redirect) return http.HttpResponseRedirect("/login?redirect_to=%s" % redirect) oauth_token = request.REQUEST.get('oauth_token', None) if not oauth_token: # please enter token page pass oauth_token_ref = api.oauth_get_request_token(api.ROOT, oauth_token) if not oauth_token_ref: raise Exception("bad token") oauth_consumer_ref = api.oauth_get_consumer(api.ROOT, oauth_token_ref.consumer) if not oauth_consumer_ref: raise Exception("bad consumer") if "active" != oauth_consumer_ref.status: raise Exception("inactive consumer") perms = request.REQUEST.get('perms', 'read') if request.POST: # we posted to this page to authorize # TODO verify nonce validate.nonce(request, "authorize_token") api.oauth_authorize_request_token(api.ROOT, oauth_token_ref.key_, actor=request.user.nick, perms=perms) oauth_callback = request.POST.get("oauth_callback", None) if oauth_consumer_ref.type == "web": if oauth_callback: return http.HttpResponseRedirect(oauth_callback) elif oauth_consumer_ref.callback_url is not None: return http.HttpResponseRedirect(oauth_consumer_ref.callback_url) c = template.RequestContext(request, locals()) t = loader.get_template('api/templates/authorized.html') return http.HttpResponse(t.render(c)) perms_pretty = {'read': 'view', 'write': 'view and update', 'delete': 'view, update and delete'}[perms] c = template.RequestContext(request, locals()) t = loader.get_template('api/templates/authorize.html') return http.HttpResponse(t.render(c))
def api_authorize(request): """ checks on the request token provided or ask the user enter one allows the user to authorize this if consumer style is web and a callback is provided redirect to it otherwise suggest that the user notify their application that authorization has completed """ oauth_token = request.REQUEST.get('oauth_token', None) if not oauth_token: # please enter token page pass oauth_token_ref = api.oauth_get_request_token(api.ROOT, oauth_token) if not oauth_token_ref: raise Exception("bad token") oauth_consumer_ref = api.oauth_get_consumer(api.ROOT, oauth_token_ref.consumer) if not oauth_consumer_ref: raise Exception("bad consumer") if "active" != oauth_consumer_ref.status: raise Exception("inactive consumer") perms = request.REQUEST.get('perms', 'read') if request.POST: # we posted to this page to authorize # TODO verify nonce validate.nonce(request, "authorize_token") api.oauth_authorize_request_token(api.ROOT, oauth_token_ref.key_, actor=request.user.nick, perms=perms) oauth_callback = request.POST.get("oauth_callback", None) if oauth_callback and oauth_consumer_ref.type == "web": return http.HttpResponseRedirect(oauth_callback) c = template.RequestContext(request, locals()) t = loader.get_template('api/templates/authorized.html') return http.HttpResponse(t.render(c)) perms_pretty = { 'read': 'view', 'write': 'view and update', 'delete': 'view, update and delete' }[perms] c = template.RequestContext(request, locals()) t = loader.get_template('api/templates/authorize.html') return http.HttpResponse(t.render(c))
def api_authorize(request): """ checks on the request token provided or ask the user enter one allows the user to authorize this if consumer style is web and a callback is provided redirect to it otherwise suggest that the user notify their application that authorization has completed """ oauth_token = request.REQUEST.get("oauth_token", None) if not oauth_token: # please enter token page pass oauth_token_ref = api.oauth_get_request_token(api.ROOT, oauth_token) if not oauth_token_ref: raise Exception("bad token") oauth_consumer_ref = api.oauth_get_consumer(api.ROOT, oauth_token_ref.consumer) if not oauth_consumer_ref: raise Exception("bad consumer") if "active" != oauth_consumer_ref.status: raise Exception("inactive consumer") perms = request.REQUEST.get("perms", "read") if request.POST: # we posted to this page to authorize # TODO verify nonce validate.nonce(request, "authorize_token") api.oauth_authorize_request_token(api.ROOT, oauth_token_ref.key_, actor=request.user.nick, perms=perms) oauth_callback = request.POST.get("oauth_callback", None) if oauth_callback and oauth_consumer_ref.type == "web": return http.HttpResponseRedirect(oauth_callback) c = template.RequestContext(request, locals()) t = loader.get_template("api/templates/authorized.html") return http.HttpResponse(t.render(c)) perms_pretty = {"read": "view", "write": "view and update", "delete": "view, update and delete"}[perms] c = template.RequestContext(request, locals()) t = loader.get_template("api/templates/authorize.html") return http.HttpResponse(t.render(c))
def api_key(request, consumer_key): handled = common_views.handle_view_action( request, {"oauth_consumer_delete": "/api/keys", "oauth_consumer_update": request.path} ) if handled: return handled consumer_token_ref = api.oauth_get_consumer(request.user, consumer_key) # for templates full_page = "Keys / %s" % consumer_key page = "key" area = "api" OAUTH_WEB = "web" OAUTH_DESKTOP = "desktop" OAUTH_MOBILE = "mobile" c = template.RequestContext(request, locals()) t = loader.get_template("api/templates/key.html") return http.HttpResponse(t.render(c))
def api_key(request, consumer_key): handled = common_views.handle_view_action( request, { 'oauth_consumer_delete': '/api/keys', 'oauth_consumer_update': request.path, }) if handled: return handled consumer_token_ref = api.oauth_get_consumer(request.user, consumer_key) # for templates full_page = 'Keys / %s' % consumer_key page = 'key' area = 'api' OAUTH_WEB = 'web' OAUTH_DESKTOP = 'desktop' OAUTH_MOBILE = 'mobile' c = template.RequestContext(request, locals()) t = loader.get_template('api/templates/key.html') return http.HttpResponse(t.render(c))
def api_key(request, consumer_key): handled = common_views.handle_view_action( request, { 'oauth_consumer_delete': '/api/keys', 'oauth_consumer_update': request.path, } ) if handled: return handled consumer_token_ref = api.oauth_get_consumer(request.user, consumer_key) # for templates full_page = 'Keys / %s' % consumer_key page = 'key' area = 'api' OAUTH_WEB = 'web' OAUTH_DESKTOP = 'desktop' OAUTH_MOBILE = 'mobile' c = template.RequestContext(request, locals()) t = loader.get_template('api/templates/key.html') return http.HttpResponse(t.render(c))
def lookup_consumer(self, key): if key == ROOT_CONSUMER.key: return ROOT_CONSUMER return api.oauth_get_consumer(api.ROOT, key)