def access_token(self, request):
oauth_token = request.session.get('flickr_token_session')
if not oauth_token:
raise FlickrError, 'No saved oauth_token from previous request, are sessions enabled?'
token = Token.from_string(oauth_token)
if token.key != request.GET.get('oauth_token', 'no-no-no'):
raise FlickrError, 'oauth_token mismatch!'
""" Access token """
params = {'oauth_verifier': request.GET.get('oauth_verifier') }
rq = self.get_oauth_request(url=self.ACCESS_TOKEN_URL, token=token, **params)
response = self.get_response(rq)
self.token = Token.from_string(response).to_string()
""" Check token """
data = self.get('flickr.auth.oauth.checkToken')
data['token'] = self.token
return data
def access_token(self, token):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
try:
return Token.from_string(self.fetch_response(request))
except TypeError:
raise AuthException(self, 'Couldn\'t get a token')
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND.name + 'unauthorized_token_name'
try:
unauthed_token, access_type = self.request.session.get(name)
except ValueError:
unauthed_token = self.request.session.get(name)
access_type = 'read'
if not unauthed_token:
raise ValueError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != self.data.get('oauth_token', 'no-token'):
raise ValueError(
'Incorrect tokens, %s != %s (%s, %s)',
(token.key, self.data.get('oauth_token', 'no-token'), self.request.GET.get('oauth_token'), self.request.POST.get('oauth_token'))
)
access_token = self.access_token(token)
data = self.user_data(access_token)
if data is not None:
data['access_token'] = access_token.to_string()
data['access_type'] = access_type
kwargs.update({'response': data, self.AUTH_BACKEND.name: True})
return authenticate(*args, **kwargs)
class EvernoteAuth(ConsumerBasedOAuth):
"""Evernote OAuth authentication mechanism"""
AUTHORIZATION_URL = EVERNOTE_AUTHORIZATION_URL
REQUEST_TOKEN_URL = EVERNOTE_REQUEST_TOKEN_URL
ACCESS_TOKEN_URL = EVERNOTE_ACCESS_TOKEN_URL
SERVER_URL = '%s' % EVERNOTE_SERVER
AUTH_BACKEND = EvernoteBackend
SETTINGS_KEY_NAME = 'EVERNOTE_CONSUMER_KEY'
SETTINGS_SECRET_NAME = 'EVERNOTE_CONSUMER_SECRET'
def access_token(self, token):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
try:
response = self.fetch_response(request)
except HTTPError, e:
# Evernote returns a 401 error when AuthCanceled
if e.code == 401:
raise exceptions.AuthCanceled(self)
else:
raise
params = parse_qs(response)
# evernote sents a empty secret token, this way it doesn't fires up the
# exception
response = response.replace('oauth_token_secret=',
'oauth_token_secret=None')
token = Token.from_string(response)
token.user_info = params
return token
def unauthorized_token(self):
"""Return request for unauthorized token (first stage)"""
request = self.oauth_request(
token=None, url=self.REQUEST_TOKEN_URL, extra_params=self.request_token_extra_arguments()
)
response = self.fetch_response(request)
return Token.from_string(response)
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
# Multiple unauthorized tokens are supported (see #521)
name = self.AUTH_BACKEND.name + 'unauthorized_token_name'
token = None
unauthed_tokens = self.request.session.get(name) or []
if not unauthed_tokens:
raise AuthTokenError(self, 'Missing unauthorized token')
for unauthed_token in unauthed_tokens:
token = Token.from_string(unauthed_token)
if token.key == self.data.get('oauth_token', 'no-token'):
unauthed_tokens = list(
set(unauthed_tokens) - set([unauthed_token]))
self.request.session[name] = unauthed_tokens
self.request.session.modified = True
break
else:
raise AuthTokenError(self, 'Incorrect tokens')
try:
access_token = self.access_token(token)
except HTTPError, e:
if e.code == 400:
raise AuthCanceled(self)
else:
raise
def unauthorized_token(self):
"""Return request for unauthorized token (first stage)"""
request = self.oauth_request(
token=None,
url=self.REQUEST_TOKEN_URL,
extra_params=self.request_token_extra_arguments())
return Token.from_string(self.fetch_response(request))
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
# Multiple unauthorized tokens are supported (see #521)
name = self.AUTH_BACKEND.name + 'unauthorized_token_name'
token = None
unauthed_tokens = self.request.session.get(name) or []
if not unauthed_tokens:
raise AuthTokenError(self, 'Missing unauthorized token')
for unauthed_token in unauthed_tokens:
token = Token.from_string(unauthed_token)
if token.key == self.data.get('oauth_token', 'no-token'):
unauthed_tokens = list(set(unauthed_tokens) -
set([unauthed_token]))
self.request.session[name] = unauthed_tokens
self.request.session.modified = True
break
else:
raise AuthTokenError(self, 'Incorrect tokens')
try:
access_token = self.access_token(token)
except HTTPError, e:
if e.code == 400:
raise AuthCanceled(self)
else:
raise
def get_token(self):
try:
return Token.from_string(self.token)
except ValueError, e:
if self.token:
raise FlickrInvalidTokenAuth(e)
else:
raise FlickrError, 'Error when calling flickr API: trying to build a token from an empty string'
def fetch(self, oauth_request, url):
# via headers
# -> Token
self.connection.request(oauth_request.method,
url, headers=oauth_request.to_header())
response = self.connection.getresponse()
res = response.read()
return Token.from_string(res)
def get_token(self):
try:
return Token.from_string(self.token)
except ValueError, e:
if self.token:
raise FlickrInvalidTokenAuth(e)
else:
raise FlickrError, 'Error when calling flickr API: trying to build a token from an empty string'
def access_token(self, request):
oauth_token = request.session.get('flickr_token_session')
if not oauth_token:
raise FlickrError, 'No saved oauth_token from previous request, are sessions enabled?'
token = Token.from_string(oauth_token)
if token.key != request.GET.get('oauth_token', 'no-no-no'):
raise FlickrError, 'oauth_token mismatch!'
""" Access token """
params = {'oauth_verifier': request.GET.get('oauth_verifier')}
rq = self.get_oauth_request(url=self.ACCESS_TOKEN_URL,
token=token,
**params)
response = self.get_response(rq)
self.token = Token.from_string(response).to_string()
""" Check token """
data = self.get('flickr.auth.oauth.checkToken')
data['token'] = self.token
return data
def fetch(self, oauth_request, url):
# via headers
# -> Token
self.connection.request(oauth_request.method,
url,
headers=oauth_request.to_header())
response = self.connection.getresponse()
res = response.read()
return Token.from_string(res)
def make_api_call(self, kind, url, token, method="GET", **kwargs):
if isinstance(token, basestring):
token = Token.from_string(token)
client = Client(self.consumer, token=token)
request_kwargs = dict(method=method)
if method == "POST":
request_kwargs["body"] = urlencode(kwargs["params"])
response, content = client.request(url, **request_kwargs)
return self._process_response(kind, response, content)
def begin(self, request, data):
""" Try to get Request Token from OAuth Provider and
redirect user to provider's site for approval.
"""
request = self.get_request(
http_url = self.REQUEST_TOKEN_URL,
parameters = dict(oauth_callback = self.get_callback(request)))
content = self.load_request(request)
request = self.get_request(token = Token.from_string(content), http_url=self.AUTHORIZE_URL)
raise RedirectException(request.to_url())
def fetch_token(self, request):
resp, content = self.request(request.url, headers=request.to_header())
if 200 == int(resp['status']):
token = Token.from_string(content)
params = cgi.parse_qs(content, keep_blank_values=False)
user_id = params.get('douban_user_id',[None])[0]
return token.key,token.secret, user_id
else:
raise Exception('{}: {}'.format(resp['status'], content))
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri="/", json=True):
"""Builds and retrieves an OAuth signed response."""
user = UserSocialAuth.resolve_user_or_id(user_or_id)
oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0]
token = Token.from_string(oauth_info.tokens["access_token"])
request = build_consumer_oauth_request(backend, token, url, redirect_uri)
response = "\n".join(dsa_urlopen(request.to_url()).readlines())
if json:
response = simplejson.loads(response)
return response
def begin(self, request, data):
""" Try to get Request Token from OAuth Provider and
redirect user to provider's site for approval.
"""
request = self.get_request(
http_url=self.REQUEST_TOKEN_URL,
parameters=dict(oauth_callback=self.get_callback(request)))
content = self.load_request(request)
request = self.get_request(token=Token.from_string(content),
http_url=self.AUTHORIZE_URL)
raise RedirectException(request.to_url())
def do_auth(self, access_token, *args, **kwargs):
"""Finish the auth process once the access_token was retrieved"""
if isinstance(access_token, six.string_types):
access_token = Token.from_string(access_token)
data = self.user_data(access_token)
if data is not None:
data["access_token"] = access_token.to_string()
kwargs.update({"auth": self, "response": data, self.AUTH_BACKEND.name: True})
return authenticate(*args, **kwargs)
def fetch(self, oauth_request, url):
"""
via headers
:returns: Token (by oauth2) instance
:rtype: Token
"""
self.connection.request(oauth_request.method,
url, headers=oauth_request.to_header())
response = self.connection.getresponse()
res = response.read()
return Token.from_string(res)
def do_auth(self, access_token, *args, **kwargs):
"""Finish the auth process once the access_token was retrieved"""
if isinstance(access_token, basestring):
access_token = Token.from_string(access_token)
data = self.user_data(access_token)
if data is not None:
data["access_token"] = access_token.to_string()
kwargs.update({"auth": self, "response": data, self.AUTH_BACKEND.name: True})
return authenticate(*args, **kwargs)
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri='/',
json=True):
"""Builds and retrieves an OAuth signed response."""
user = UserSocialAuth.resolve_user_or_id(user_or_id)
oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0]
token = Token.from_string(oauth_info.tokens['access_token'])
request = build_consumer_oauth_request(backend, token, url, redirect_uri)
response = '\n'.join(dsa_urlopen(request.to_url()).readlines())
if json:
response = simplejson.loads(response)
return response
def auth_url(self, request, perms='read', callback=None):
""" Request token """
params = {'oauth_callback': callback}
rq = self.get_oauth_request(url=self.REQUEST_TOKEN_URL, token=None, **params)
response = self.get_response(rq)
token = Token.from_string(response)
request.session['flickr_token_session'] = token.to_string()
""" User auth """
params = {'perms': perms, }
rq = self.get_oauth_request(url=self.AUTHORIZATION_URL, token=token, **params)
return rq.to_url()
def access_token(self, token):
"""Return request for access token value"""
# Fitbit is a bit different - it passes user information along with
# the access token, so temporarily store it to vie the user_data
# method easy access later in the flow!
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
response = self.fetch_response(request)
token = Token.from_string(response)
params = parse_qs(response)
token.encoded_user_id = params.get("encoded_user_id", [None])[0]
token.fullname = params.get("fullname", [None])[0]
token.username = params.get("username", [None])[0]
return token
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
unauthed_token = self.request.session.get(self.unauthorized_token_name)
if not unauthed_token:
raise ValueError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != self.data.get('oauth_token', 'no-token'):
raise ValueError('Incorrect tokens')
access_token = self.access_token(token)
return access_token.to_string()
def unauthorized_token(self):
"""Makes first request to oauth. Returns an unauthorized Token."""
request_token_url = self.REQUEST_TOKEN_URL
scope = self.get_scope()
if scope:
qs = "scope=" + self.SCOPE_SEPARATOR.join(scope)
request_token_url = request_token_url + "?" + qs
request = self.oauth_request(
token=None, url=request_token_url, extra_params=self.request_token_extra_arguments()
)
response = self.fetch_response(request)
return Token.from_string(response)
def unauthorized_token(self):
"""Makes first request to oauth. Returns an unauthorized Token."""
request_token_url = self.REQUEST_TOKEN_URL
scope = self.get_scope_argument()
if scope:
request_token_url = request_token_url + '?' + urlencode(scope)
request = self.oauth_request(
token=None,
url=request_token_url,
extra_params=self.request_token_extra_arguments())
response = self.fetch_response(request)
return Token.from_string(response)
def unauthorized_token(self):
"""Makes first request to oauth. Returns an unauthorized Token."""
request_token_url = self.REQUEST_TOKEN_URL
scope = self.get_scope_argument()
if scope:
request_token_url = request_token_url + '?' + urlencode(scope)
request = self.oauth_request(
token=None,
url=request_token_url,
extra_params=self.request_token_extra_arguments()
)
response = self.fetch_response(request)
return Token.from_string(response)
def unauthorized_token(self):
"""Makes first request to oauth. Returns an unauthorized Token."""
request_token_url = self.REQUEST_TOKEN_URL
scope = self.get_scope()
if scope:
qs = 'scope=' + self.SCOPE_SEPARATOR.join(scope)
request_token_url = request_token_url + '?' + qs
request = self.oauth_request(
token=None,
url=request_token_url,
extra_params=self.request_token_extra_arguments())
response = self.fetch_response(request)
return Token.from_string(response)
def auth_complete(self, oauth_token, oauth_verifier):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND_NAME + 'unauthorized_token_name'
unauthed_token = self.request.session[name]
del self.request.session[name]
if not unauthed_token:
raise ValueError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != oauth_token:
raise ValueError('Incorrect tokens')
access_token, user_data = self.access_token(token, oauth_verifier)
return user_data
def access_token(self, token, oauth_verifier):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL, oauth_verifier)
response = self.fetch_response(request)
params = parse_qs(response, keep_blank_values=False)
user_data = dict()
for key in 'user_id', 'screen_name':
try:
user_data[key] = params[key][0]
except Exception:
raise ValueError("'%s' not found in OAuth response." % key)
return Token.from_string(response), user_data
def oauth_req(backend, token, url, http_method="GET", post_body=None,
http_headers=None):
consumer = OAuthConsumer(*backend.get_key_and_secret())
token = Token.from_string(token)
client = Client(consumer, token)
resp, content = client.request(
url,
method=http_method,
body=post_body,
headers=http_headers,
force_auth_header=True
)
return content
def access_token(self, token):
"""Return request for access token value"""
# Flickr is a bit different - it passes user information along with
# the access token, so temporarily store it to view the user_data
# method easy access later in the flow!
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
response = self.fetch_response(request)
token = Token.from_string(response)
params = parse_qs(response)
token.user_nsid = params["user_nsid"][0] if "user_nsid" in params else None
token.fullname = params["fullname"][0] if "fullname" in params else None
token.username = params["username"][0] if "username" in params else None
return token
def auth_complete(self, oauth_token, oauth_verifier):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND_NAME + 'unauthorized_token_name'
unauthed_token = self.request.session[name]
del self.request.session[name]
if not unauthed_token:
raise ValueError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != oauth_token:
raise ValueError('Incorrect tokens')
access_token, user_data = self.access_token(token, oauth_verifier)
return user_data
def access_token(self, token):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
response = self.fetch_response(request)
params = parse_qs(response)
# evernote sents a empty secret token, this way it doesn't fires up the
# exception
response = response.replace('oauth_token_secret=',
'oauth_token_secret=None')
token = Token.from_string(response)
token.user_info = params
return token
def access_token(self, token):
"""Return request for access token value"""
# Fitbit is a bit different - it passes user information along with
# the access token, so temporarily store it to vie the user_data
# method easy access later in the flow!
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
response = self.fetch_response(request)
token = Token.from_string(response)
params = parse_qs(response)
token.encoded_user_id = params.get('encoded_user_id', [None])[0]
token.fullname = params.get('fullname', [None])[0]
token.username = params.get('username', [None])[0]
return token
def do_auth(self, access_token, *args, **kwargs):
"""Finish the auth process once the access_token was retrieved"""
if isinstance(access_token, basestring):
access_token = Token.from_string(access_token)
data = self.user_data(access_token)
if data is not None:
data['access_token'] = access_token.to_string()
kwargs.update({
'auth': self,
'response': data,
self.AUTH_BACKEND.name: True
})
return authenticate(*args, **kwargs)
def access_token(self, token, oauth_verifier):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL,
oauth_verifier)
response = self.fetch_response(request)
params = parse_qs(response, keep_blank_values=False)
user_data = dict()
for key in 'user_id', 'screen_name':
try:
user_data[key] = params[key][0]
except Exception:
raise ValueError("'%s' not found in OAuth response." % key)
return Token.from_string(response), user_data
def do_auth(self, access_token, *args, **kwargs):
"""Finish the auth process once the access_token was retrieved"""
if isinstance(access_token, six.string_types):
access_token = Token.from_string(access_token)
data = self.user_data(access_token)
if data is not None:
data['access_token'] = access_token.to_string()
kwargs.update({
'auth': self,
'response': data,
self.AUTH_BACKEND.name: True
})
return authenticate(*args, **kwargs)
def consumer_oauth_url_request(backend, url, user_or_id, redirect_uri='/',
json=True):
"""Builds and retrieves an OAuth signed response."""
if isinstance(user_or_id, User):
user = user_or_id
else:
user = User.objects.get(pk=user_or_id)
oauth_info = user.social_auth.filter(provider=backend.AUTH_BACKEND.name)[0]
token = Token.from_string(oauth_info.tokens['access_token'])
request = build_consumer_oauth_request(backend, token, url, redirect_uri)
response = '\n'.join(urlopen(request.to_url()).readlines())
if json:
response = simplejson.loads(response)
return response
def fetch_access_token(self):
"""
Fetch an access token.
Note that you should have already fetched and verified a request token
before calling this method.
Returns a :class:`oauth2.Token` instance.
"""
response, content = self._request(self.ACCESS_TOKEN_URL)
try:
token = Token.from_string(content)
except ValueError:
raise errors.ApiServerError(response, content)
else:
self.set_access_token(token)
return token
def on_response(response):
"""Response callback handler"""
if hasattr(response, "error") and response.error:
# We may had non HTTPErrors generated by tornado. (For
# example, when a host can't be resolved. For that
# cases, we create a wrapper arount response exception
# and throw that new Exception
if not isinstance(response.error, HTTPError):
errcode = response.code
message = repr(response.error)
response.error = HTTPError(errcode, message, response)
# Now rethrow it
response.rethrow()
# No error case
callback = http_request["callback"]
return callback(Token.from_string(response.buffer.read()))
def _get(self, service_uri, params={} ):
token = Token.from_string(self._access_token)
consumer = OAuthConsumer(self._key, self._secret)
client = oauth.Client(consumer, token)
client.set_signature_method(oauth.SignatureMethod_PLAINTEXT())
url = self._api_host + service_uri + "?api_key=%s" % (self._key)
# and launch the request
resp, content = client.request(url, "GET", headers=self._headers)
if resp['status'] != '200':
print content
raise Exception("Invalid response from BodyMedia.")
# return the interpreted data
return simplejson.loads(content)
def auth_url(self, request, perms='read', callback=None):
""" Request token """
params = {'oauth_callback': callback}
rq = self.get_oauth_request(url=self.REQUEST_TOKEN_URL,
token=None,
**params)
response = self.get_response(rq)
token = Token.from_string(response)
request.session['flickr_token_session'] = token.to_string()
""" User auth """
params = {
'perms': perms,
}
rq = self.get_oauth_request(url=self.AUTHORIZATION_URL,
token=token,
**params)
return rq.to_url()
def access_token(self, token):
"""Return request for access token value"""
# Flickr is a bit different - it passes user information along with
# the access token, so temporarily store it to view the user_data
# method easy access later in the flow!
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
response = self.fetch_response(request)
token = Token.from_string(response)
params = parse_qs(response)
token.user_nsid = params['user_nsid'][0] if 'user_nsid' in params \
else None
token.fullname = params['fullname'][0] if 'fullname' in params \
else None
token.username = params['username'][0] if 'username' in params \
else None
return token
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND.name + 'unauthorized_token_name'
unauthed_token = self.request.session.get(name)
if not unauthed_token:
raise ValueError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != self.data.get('oauth_token', 'no-token'):
raise ValueError('Incorrect tokens')
access_token = self.access_token(token)
data = self.user_data(access_token)
if data is not None:
data['access_token'] = access_token.to_string()
kwargs.update({'response': data, self.AUTH_BACKEND.name: True})
return authenticate(*args, **kwargs)
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND.name + 'unauthorized_token_name'
unauthed_token = self.request.session.get(name)
if not unauthed_token:
raise AuthTokenError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != self.data.get('oauth_token', 'no-token'):
raise AuthTokenError('Incorrect tokens')
try:
access_token = self.access_token(token)
except HTTPError, e:
if e.code == 400:
raise AuthCanceled(self)
else:
raise
def auth_callback():
"""
Flickr auth callback view
"""
token = session.get('token')
oauth_verifier = request.args.get('oauth_verifier')
if not oauth_verifier:
return redirect(url_for('home'))
token = Token.from_string(token)
token.set_verifier(oauth_verifier)
flickr = FlickrAuth()
flickr.exchange_token(token, oauth_verifier)
return redirect(url_for('home'))
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND.name + "unauthorized_token_name"
unauthed_token = self.request.session.get(name)
if not unauthed_token:
raise ValueError("Missing unauthorized token")
token = Token.from_string(unauthed_token)
if token.key != self.data.get("oauth_token", "no-token"):
raise ValueError("Incorrect tokens")
try:
access_token = self.access_token(token)
except HTTPError, e:
if e.code == 400:
raise ValueError("User denied access")
else:
raise
def auth_complete(self, *args, **kwargs):
"""Return user, might be logged in"""
name = self.AUTH_BACKEND.name + 'unauthorized_token_name'
unauthed_token = self.request.session.get(name)
if not unauthed_token:
raise AuthTokenError('Missing unauthorized token')
token = Token.from_string(unauthed_token)
if token.key != self.data.get('oauth_token', 'no-token'):
raise AuthTokenError('Incorrect tokens')
try:
access_token = self.access_token(token)
except HTTPError, e:
if e.code == 400:
raise AuthCanceled(self)
else:
raise
def access_token(self, token):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
try:
response = self.fetch_response(request)
except HTTPError as e:
# Evernote returns a 401 error when AuthCanceled
if e.code == 401:
raise AuthCanceled(self)
else:
raise
params = parse_qs(response)
# evernote sents a empty secret token, this way it doesn't fires up the
# exception
response = response.replace('oauth_token_secret=',
'oauth_token_secret=None')
token = Token.from_string(response)
token.user_info = params
return token
def access_token(self, token):
"""Return request for access token value"""
request = self.oauth_request(token, self.ACCESS_TOKEN_URL)
return Token.from_string(self.fetch_response(request))
def unauthorized_token(self):
"""Return request for unauthorized token (first stage)"""
request = self.oauth_request(token=None, url=self.REQUEST_TOKEN_URL)
response = self.fetch_response(request)
return Token.from_string(response)
def unauthorized_token(self):
request = self.oauth_request(token=None, url=self.REQUEST_TOKEN_URL)
response = self.fetch_response(request)
return OAuthToken.from_string(response)
