def authenticate_user(*args, **kwargs): request = args[1] try: oauth_request = get_oauth_request(request) consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) verify_oauth_request(request, oauth_request, consumer) # Allow a trusted client to either give us a user via header, or do the # 3-legged oauth user = None try: trusted_client = TrustedOAuthClient.objects.get(consumer=consumer) if trusted_client and trusted_client.is_trusted: user = request.META["HTTP_X_OAUTH_USER"] except Exception as e: pass if not user: access_token = store.get_access_token( request, oauth_request, consumer, oauth_request[u'oauth_token']) user = store.get_user_for_access_token(request, oauth_request, access_token).username request.META['SS_OAUTH_CONSUMER_NAME'] = consumer.name request.META['SS_OAUTH_CONSUMER_PK'] = consumer.pk request.META['SS_OAUTH_USER'] = user return except Exception as e: response = HttpResponse("Error authorizing user: %s" % e) response.status_code = 401 return response
def is_authenticated(self, request, **kwargs): from oauth_provider.store import store, InvalidTokenError if self.is_valid_request(request): oauth_request = oauth_provider.utils.get_oauth_request(request) consumer = store.get_consumer(request, oauth_request, oauth_request.get_parameter('oauth_consumer_key')) try: token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except oauth_provider.store.InvalidTokenError: return oauth_provider.utils.send_oauth_error(oauth2.Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) try: self.validate_token(request, consumer, token) except oauth2.Error, e: return oauth_provider.utils.send_oauth_error(e) if consumer and token: user = store.get_user_for_access_token(request, oauth_request, token) if not self.check_active(user): return False request.user = user return True return oauth_provider.utils.send_oauth_error(oauth2.Error(_('You are not allowed to access this resource.')))
def authenticate_user(*args, **kwargs): request = args[1] try: oauth_request = get_oauth_request(request) consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) verify_oauth_request(request, oauth_request, consumer) # Allow a trusted client to either give us a user via header, or do the # 3-legged oauth user = None try: trusted_client = TrustedOAuthClient.objects.get(consumer=consumer) if trusted_client and trusted_client.is_trusted: user = request.META["HTTP_XOAUTH_USER"] except Exception as e: pass if not user: access_token = store.get_access_token(request, oauth_request, consumer, oauth_request[u'oauth_token']) user = store.get_user_for_access_token(request, oauth_request, access_token).username request.META['SS_OAUTH_CONSUMER_NAME'] = consumer.name request.META['SS_OAUTH_CONSUMER_PK'] = consumer.pk request.META['SS_OAUTH_USER'] = user return except Exception as e: response = HttpResponse("Error authorizing application") response.status_code = 401 return response