def validate_oauth(): from frappe.oauth import get_url_delimiter form_dict = frappe.local.form_dict authorization_header = frappe.get_request_header("Authorization").split( " ") if frappe.get_request_header("Authorization") else None if authorization_header and authorization_header[0].lower() == "bearer": from frappe.integrations.oauth2 import get_oauth_server token = authorization_header[1] r = frappe.request parsed_url = urlparse(r.url) access_token = {"access_token": token} uri = parsed_url.scheme + "://" + parsed_url.netloc + parsed_url.path + "?" + urlencode( access_token) http_method = r.method body = r.get_data() headers = r.headers required_scopes = frappe.db.get_value( "OAuth Bearer Token", token, "scopes").split(get_url_delimiter()) valid, oauthlib_request = get_oauth_server().verify_request( uri, http_method, body, headers, required_scopes) if valid: frappe.set_user( frappe.db.get_value("OAuth Bearer Token", token, "user")) frappe.local.form_dict = form_dict
def validate_oauth(authorization_header): """ Authenticate request using OAuth and set session user Args: authorization_header (list of str): The 'Authorization' header containing the prefix and token """ from frappe.oauth import get_url_delimiter from frappe.integrations.oauth2 import get_oauth_server form_dict = frappe.local.form_dict token = authorization_header[1] req = frappe.request parsed_url = urlparse(req.url) access_token = {"access_token": token} uri = parsed_url.scheme + "://" + parsed_url.netloc + parsed_url.path + "?" + urlencode(access_token) http_method = req.method body = req.get_data() headers = req.headers try: required_scopes = frappe.db.get_value("OAuth Bearer Token", token, "scopes").split(get_url_delimiter()) except AttributeError: frappe.throw(_("Invalid Bearer token, please provide a valid access token with prefix 'Bearer'."), frappe.InvalidAuthorizationToken) valid, oauthlib_request = get_oauth_server().verify_request(uri, http_method, body, headers, required_scopes) if valid: frappe.set_user(frappe.db.get_value("OAuth Bearer Token", token, "user")) frappe.local.form_dict = form_dict
def validate_oauth(authorization_header): """ Authenticate request using OAuth and set session user Args: authorization_header (list of str): The 'Authorization' header containing the prefix and token """ from frappe.integrations.oauth2 import get_oauth_server from frappe.oauth import get_url_delimiter form_dict = frappe.local.form_dict token = authorization_header[1] req = frappe.request parsed_url = urlparse(req.url) access_token = {"access_token": token} uri = (parsed_url.scheme + "://" + parsed_url.netloc + parsed_url.path + "?" + urlencode(access_token)) http_method = req.method headers = req.headers body = req.get_data() if req.content_type and "multipart/form-data" in req.content_type: body = None try: required_scopes = frappe.db.get_value( "OAuth Bearer Token", token, "scopes").split(get_url_delimiter()) valid, oauthlib_request = get_oauth_server().verify_request( uri, http_method, body, headers, required_scopes) if valid: frappe.set_user( frappe.db.get_value("OAuth Bearer Token", token, "user")) frappe.local.form_dict = form_dict except AttributeError: pass
def validate_oauth(): from frappe.oauth import get_url_delimiter form_dict = frappe.local.form_dict authorization_header = frappe.get_request_header("Authorization").split(" ") if frappe.get_request_header("Authorization") else None if authorization_header and authorization_header[0].lower() == "bearer": from frappe.integrations.oauth2 import get_oauth_server token = authorization_header[1] r = frappe.request parsed_url = urlparse(r.url) access_token = { "access_token": token} uri = parsed_url.scheme + "://" + parsed_url.netloc + parsed_url.path + "?" + urlencode(access_token) http_method = r.method body = r.get_data() headers = r.headers required_scopes = frappe.db.get_value("OAuth Bearer Token", token, "scopes").split(get_url_delimiter()) valid, oauthlib_request = get_oauth_server().verify_request(uri, http_method, body, headers, required_scopes) if valid: frappe.set_user(frappe.db.get_value("OAuth Bearer Token", token, "user")) frappe.local.form_dict = form_dict