def authenticate(self, request):
if not self.auth_detected(request):
return None
user = request.resolver_match.kwargs.get('project') or request.query_params['user']
project_credentials = OAuthCredentials.get_credentials(user)
if not project_credentials:
raise exceptions.ValidationError(
'project {0} has no OAuth credentials'.format(user)
)
parameters = OAuthCredentials.get_parameters(request.query_params)
oauth_consumer_key = parameters['oauth_consumer_key']
if oauth_consumer_key != project_credentials['consumer_key']:
raise exceptions.AuthenticationFailed(
'oauth_consumer_key does not match credentials for project {0}'.format(user)
)
uri = '{0}://{1}{2}'.format(
settings.TREEHERDER_REQUEST_PROTOCOL,
request.get_host(),
request.path
)
# Construct the OAuth request based on the django request object
json_renderer = JSONRenderer()
req_obj = oauth.Request(
method=request.method,
url=uri,
parameters=parameters,
body=json_renderer.render(request.data),
)
server = oauth.Server()
token = oauth.Token(key='', secret='')
# Get the consumer object
cons_obj = oauth.Consumer(
oauth_consumer_key,
project_credentials['consumer_secret']
)
# Set the signature method
server.add_signature_method(oauth.SignatureMethod_HMAC_SHA1())
try:
# verify oauth django request and consumer object match
server.verify_request(req_obj, cons_obj, token)
except oauth.Error:
raise exceptions.AuthenticationFailed(
'Client authentication failed for project {0}'.format(user)
)
request.legacy_oauth_authenticated = True
return (DummyUser(), None)
def authenticate(self, request):
if not self.auth_detected(request):
return None
user = request.resolver_match.kwargs.get(
'project') or request.query_params['user']
project_credentials = OAuthCredentials.get_credentials(user)
if not project_credentials:
raise exceptions.ValidationError(
'project {0} has no OAuth credentials'.format(user))
parameters = OAuthCredentials.get_parameters(request.query_params)
oauth_consumer_key = parameters['oauth_consumer_key']
if oauth_consumer_key != project_credentials['consumer_key']:
raise exceptions.AuthenticationFailed(
'oauth_consumer_key does not match credentials for project {0}'
.format(user))
uri = '{0}://{1}{2}'.format(settings.TREEHERDER_REQUEST_PROTOCOL,
request.get_host(), request.path)
# Construct the OAuth request based on the django request object
json_renderer = JSONRenderer()
req_obj = oauth.Request(
method=request.method,
url=uri,
parameters=parameters,
body=json_renderer.render(request.DATA),
)
server = oauth.Server()
token = oauth.Token(key='', secret='')
# Get the consumer object
cons_obj = oauth.Consumer(oauth_consumer_key,
project_credentials['consumer_secret'])
# Set the signature method
server.add_signature_method(oauth.SignatureMethod_HMAC_SHA1())
try:
# verify oauth django request and consumer object match
server.verify_request(req_obj, cons_obj, token)
except oauth.Error:
raise exceptions.AuthenticationFailed(
'Client authentication failed for project {0}'.format(user))
request.legacy_oauth_authenticated = True
return (DummyUser(), None)
def wrap_oauth(cls, *args, **kwargs):
# First argument must be request object
request = args[0]
# Get the project keyword argumet
project = kwargs.get('project', None)
# Get the project credentials
project_credentials = OAuthCredentials.get_credentials(project)
if not project_credentials:
msg = {
'response': "invalid_request",
'detail': "project, {0}, has no OAuth credentials".format(project)
}
return Response(msg, 500)
parameters = OAuthCredentials.get_parameters(request.QUERY_PARAMS)
oauth_body_hash = parameters.get('oauth_body_hash', None)
oauth_signature = parameters.get('oauth_signature', None)
oauth_consumer_key = parameters.get('oauth_consumer_key', None)
oauth_token = parameters.get('oauth_token', None)
if not oauth_body_hash or not oauth_signature or not oauth_consumer_key:
msg = {
'response':"invalid_request",
'detail':"Required oauth parameters not provided in the uri"
}
return Response(msg, 500)
if oauth_consumer_key != project_credentials['consumer_key']:
msg = {
'response':"access_denied",
'detail':"oauth_consumer_key does not match project, {0}, credentials".format(project)
}
return Response(msg, 403)
uri = '{0}://{1}{2}'.format(
settings.TREEHERDER_REQUEST_PROTOCOL, request.get_host(),
request.path
)
#Construct the OAuth request based on the django request object
req_obj = oauth.Request(
method=request.method,
url=uri,
parameters=parameters,
body=json.dumps(request.DATA),
)
server = oauth.Server()
token = oauth.Token(key='', secret='')
#Get the consumer object
cons_obj = oauth.Consumer(
oauth_consumer_key,
project_credentials['consumer_secret']
)
#Set the signature method
server.add_signature_method(oauth.SignatureMethod_HMAC_SHA1())
try:
#verify oauth django request and consumer object match
server.verify_request(req_obj, cons_obj, token)
except oauth.Error:
msg = {
'response':"invalid_client",
'detail':"Client authentication failed for project, {0}".format(project)
}
return Response(msg, 403)
return func(request, *args, **kwargs)
def wrap_oauth(cls, *args, **kwargs):
# First argument must be request object
request = args[0]
# Get the project keyword argumet
project = kwargs.get('project', None)
# Get the project credentials
project_credentials = OAuthCredentials.get_credentials(project)
if not project_credentials:
msg = {
'response': "invalid_request",
'detail':
"project, {0}, has no OAuth credentials".format(project)
}
return Response(msg, 500)
parameters = OAuthCredentials.get_parameters(request.QUERY_PARAMS)
oauth_body_hash = parameters.get('oauth_body_hash', None)
oauth_signature = parameters.get('oauth_signature', None)
oauth_consumer_key = parameters.get('oauth_consumer_key', None)
oauth_token = parameters.get('oauth_token', None)
if not oauth_body_hash or not oauth_signature or not oauth_consumer_key:
msg = {
'response': "invalid_request",
'detail': "Required oauth parameters not provided in the uri"
}
return Response(msg, 500)
if oauth_consumer_key != project_credentials['consumer_key']:
msg = {
'response':
"access_denied",
'detail':
"oauth_consumer_key does not match project, {0}, credentials".
format(project)
}
return Response(msg, 403)
uri = '{0}://{1}{2}'.format(settings.TREEHERDER_REQUEST_PROTOCOL,
request.get_host(), request.path)
#Construct the OAuth request based on the django request object
req_obj = oauth.Request(
method=request.method,
url=uri,
parameters=parameters,
body=json.dumps(request.DATA),
)
server = oauth.Server()
token = oauth.Token(key='', secret='')
#Get the consumer object
cons_obj = oauth.Consumer(oauth_consumer_key,
project_credentials['consumer_secret'])
#Set the signature method
server.add_signature_method(oauth.SignatureMethod_HMAC_SHA1())
try:
#verify oauth django request and consumer object match
server.verify_request(req_obj, cons_obj, token)
except oauth.Error:
msg = {
'response':
"invalid_client",
'detail':
"Client authentication failed for project, {0}".format(project)
}
return Response(msg, 403)
return func(request, *args, **kwargs)
