def __call__(self, request, *args, **kwargs): if self.is_valid_request(request): oauth_request = get_oauth_request(request) consumer = store.get_consumer( request, oauth_request, oauth_request.get_parameter('oauth_consumer_key')) try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return send_oauth_error( Error( _('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) try: parameters = self.validate_token(request, consumer, token) except Error, e: return send_oauth_error(e) if self.resource_name and token.resource.name != self.resource_name: return send_oauth_error( Error(_('You are not allowed to access this resource.'))) elif consumer and token: # Hack request.user = token.user return self.view_func(request, *args, **kwargs)
def check_access_token(self, request): oauth_request = get_oauth_request(request) if oauth_request is None: return ('params', 'Invalid request parameters.') try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return ('auth', 'Invalid Consumer.') try: token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return ('auth', 'Invalid access token: %s' % oauth_request.get_parameter('oauth_token')) # LRS CHANGE - RETURN BETTER ERROR MESSAGE if not verify_oauth_request(request, oauth_request, consumer, token): return ('params', 'Could not verify OAuth request.') # LRS CHANGE - SCOPE IS JUST A CHARFIELD NOW - JUST COMPARE THE VALUES if self.scope_name and (not token.scope or token.scope != self.scope_name): return ('params', 'You are not allowed to access this resource.') if token.user: request.user = token.user return (None, None)
def check_access_token(self, request): oauth_request = get_oauth_request(request) if oauth_request is None: return ('params', 'Invalid request parameters.') try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return ('auth', 'Invalid Consumer.') try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return ('auth', 'Invalid access token: %s' % oauth_request.get_parameter('oauth_token')) # LRS CHANGE - RETURN BETTER ERROR MESSAGE if not verify_oauth_request(request, oauth_request, consumer, token): return ('params', 'Could not verify OAuth request.') # LRS CHANGE - SCOPE IS JUST A CHARFIELD NOW - JUST COMPARE THE VALUES if self.scope_name and (not token.scope or token.scope != self.scope_name): return ('params', 'You are not allowed to access this resource.') if token.user: request.user = token.user return (None, None)
def wrapped_view(request, *args, **kwargs): oauth_request = get_oauth_request(request) if oauth_request is None: return INVALID_PARAMS_RESPONSE try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return INVALID_CONSUMER_RESPONSE try: token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return send_oauth_error(oauth.Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) if not verify_oauth_request(request, oauth_request, consumer, token): return COULD_NOT_VERIFY_OAUTH_REQUEST_RESPONSE if self.scope_name and (not token.scope or token.scope.name != self.scope_name): return INVALID_SCOPE_RESPONSE if token.user: request.user = token.user return view_func(request, *args, **kwargs)
def process_oauth_checking(self, request, *args, **kwargs): if self.is_valid_request(request): oauth_request = get_oauth_request(request) from store import store, InvalidConsumerError, InvalidTokenError # Retrieve consumer try: consumer = store.get_consumer(request, oauth_request, oauth_request.get_parameter("oauth_consumer_key")) consumer.key = str(consumer.key) consumer.secret = str(consumer.secret) except InvalidConsumerError: return oauth.Error(_("Invalid consumer: %s") % oauth_request.get_parameter("oauth_consumer_key")) # Retrieve access token try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter("oauth_token") ) token.key = str(token.key) token.secret = str(token.secret) except InvalidTokenError: return oauth.Error(_("Invalid access token: %s") % oauth_request.get_parameter("oauth_token")) try: parameters = self.validate_token(request, consumer, token) except oauth.Error, e: return e if consumer and token: request.user = token.user request.consumer = consumer request.token = token return None
def _authenticate_three_legged(self, request, oauth_request): # missing_params = require_params(oauth_request, ('oauth_token',)) # if missing_params is not None: # return missing_params try: consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key']) access_token = store.get_access_token(request, oauth_request, consumer, oauth_request['oauth_token']) except (InvalidConsumerError, InvalidTokenError): return False if not verify_oauth_request(request, oauth_request, consumer, access_token): return False request.user = store.get_user_for_access_token(request, oauth_request, access_token) request.consumer = store.get_consumer_for_access_token( request, oauth_request, access_token) request.throttle_extra = request.consumer.key return True
def wrapped_view(request, *args, **kwargs): oauth_request = get_oauth_request(request) if oauth_request is None: return INVALID_PARAMS_RESPONSE try: consumer = store.get_consumer( request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return INVALID_CONSUMER_RESPONSE try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return send_oauth_error( oauth.Error( _('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) if not verify_oauth_request(request, oauth_request, consumer, token): return COULD_NOT_VERIFY_OAUTH_REQUEST_RESPONSE if self.scope_name and (not token.scope or token.scope.name != self.scope_name): return INVALID_SCOPE_RESPONSE if token.user: request.user = token.user return view_func(request, *args, **kwargs)
def wrapped_view(request, *args, **kwargs): oauth_request = get_oauth_request(request) scheme = 'https' if request.is_secure() else 'http' domain = get_current_site(request).domain if oauth_request is None: return invalid_params_response(scheme, domain) try: consumer = store.get_consumer( request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return INVALID_CONSUMER_RESPONSE try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return send_oauth_error('https' if request.is_secure() else 'http', get_current_site(request).domain, oauth.Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) if not verify_oauth_request(request, oauth_request, consumer, token): return could_not_verify_oauth_request_response(scheme, domain) if self.scope_name and (not token.scope or token.scope.name != self.scope_name): return invalid_scope_response(scheme, domain) if token.user: request.user = token.user return view_func(request, *args, **kwargs)
def __call__(self, request, *args, **kwargs): if self.is_valid_request(request): oauth_request = get_oauth_request(request) consumer = store.get_consumer( request, oauth_request, oauth_request.get_parameter('oauth_consumer_key')) consumer.key = str(consumer.key) consumer.secret = str(consumer.secret) try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) token.key = str(token.key) token.secret = str(token.secret) except InvalidTokenError: return send_oauth_error( Error( _('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) try: parameters = self.validate_token(request, consumer, token) except Error, e: return send_oauth_error(e) if consumer and token: request.user = token.user return self.view_func(request, *args, **kwargs)
def __call__(self, request, *args, **kwargs): if self.is_valid_request(request): oauth_request = get_oauth_request(request) consumer = store.get_consumer(request, oauth_request, oauth_request.get_parameter('oauth_consumer_key')) try: token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return send_oauth_error(Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) try: parameters = self.validate_token(request, consumer, token) except Error, e: return send_oauth_error(e) if self.resource_name and token.resource.name != self.resource_name: return send_oauth_error(Error(_('You are not allowed to access this resource.'))) elif consumer and token: return self.view_func(request, *args, **kwargs)
def __call__(self, request, *args, **kwargs): if self.is_valid_request(request): oauth_request = get_oauth_request(request) consumer = store.get_consumer(request, oauth_request, oauth_request.get_parameter('oauth_consumer_key')) consumer.key = str(consumer.key) consumer.secret = str(consumer.secret) try: token = store.get_access_token(request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) token.key = str(token.key) token.secret = str(token.secret) except InvalidTokenError: return send_oauth_error(Error(_('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) try: parameters = self.validate_token(request, consumer, token) except Error, e: return send_oauth_error(e) if consumer and token: request.user = token.user return self.view_func(request, *args, **kwargs)
def process_oauth_checking(self, request, *args, **kwargs): if self.is_valid_request(request): oauth_request = get_oauth_request(request) from store import store, InvalidConsumerError, InvalidTokenError # Retrieve consumer try: consumer = store.get_consumer( request, oauth_request, oauth_request.get_parameter('oauth_consumer_key')) consumer.key = str(consumer.key) consumer.secret = str(consumer.secret) except InvalidConsumerError: return oauth.Error( _('Invalid consumer: %s') % oauth_request.get_parameter('oauth_consumer_key')) # Retrieve access token try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) token.key = str(token.key) token.secret = str(token.secret) except InvalidTokenError: return oauth.Error( _('Invalid access token: %s') % oauth_request.get_parameter('oauth_token')) try: parameters = self.validate_token(request, consumer, token) except oauth.Error, e: return e if consumer and token: request.user = token.user request.consumer = consumer request.token = token return None
def _authenticate_three_legged(self, request, oauth_request): # missing_params = require_params(oauth_request, ('oauth_token',)) # if missing_params is not None: # return missing_params try: consumer = store.get_consumer( request, oauth_request, oauth_request['oauth_consumer_key']) access_token = store.get_access_token( request, oauth_request, consumer, oauth_request['oauth_token']) except (InvalidConsumerError, InvalidTokenError): return False if not verify_oauth_request(request, oauth_request, consumer, access_token): return False request.user = store.get_user_for_access_token( request, oauth_request, access_token) request.consumer = store.get_consumer_for_access_token( request, oauth_request, access_token) request.throttle_extra = request.consumer.key return True
def wrapped_view(request, *args, **kwargs): oauth_request = get_oauth_request(request) scheme = 'https' if request.is_secure() else 'http' domain = get_current_site(request).domain if oauth_request is None: return invalid_params_response(scheme, domain) try: consumer = store.get_consumer( request, oauth_request, oauth_request['oauth_consumer_key']) except InvalidConsumerError: return INVALID_CONSUMER_RESPONSE try: token = store.get_access_token( request, oauth_request, consumer, oauth_request.get_parameter('oauth_token')) except InvalidTokenError: return send_oauth_error( 'https' if request.is_secure() else 'http', get_current_site(request).domain, oauth.Error( _('Invalid access token: %s') % oauth_request.get_parameter('oauth_token'))) if not verify_oauth_request(request, oauth_request, consumer, token): return could_not_verify_oauth_request_response(scheme, domain) if self.scope_name and (not token.scope or token.scope.name != self.scope_name): return invalid_scope_response(scheme, domain) if token.user: request.user = token.user return view_func(request, *args, **kwargs)