def set_authorization(r_dict, request):
auth_params = r_dict['headers']['Authorization']
if auth_params[:6] == 'OAuth ':
# Make sure it has the required/valid oauth headers
if CheckOAuth.is_valid_request(request):
try:
consumer, token, parameters = CheckOAuth.validate_token(request)
except OAuthError, e:
raise OauthUnauthorized(send_oauth_error(e))
# Set consumer and token for authentication piece
r_dict['auth']['oauth_consumer'] = consumer
r_dict['auth']['oauth_token'] = token
r_dict['auth']['type'] = 'oauth'
else:
raise OauthUnauthorized(send_oauth_error(OAuthError(_('Invalid OAuth request parameters.'))))
# Used for OAuth scope
endpoint = request.path[5:]
# Since we accept with or without / on end
if endpoint.endswith("/"):
endpoint = endpoint[:-1]
r_dict['auth']['endpoint'] = endpoint
def oauth_helper(request):
consumer = request['auth']['oauth_consumer']
token = request['auth']['oauth_token']
# Make sure consumer has been accepted by system
if consumer.status != ACCEPTED:
raise OauthUnauthorized(send_oauth_error("%s has not been authorized" % str(consumer.name)))
# make sure the token is an approved access token
if token.token_type != Token.ACCESS or not token.is_approved:
raise OauthUnauthorized(send_oauth_error("The access token is not valid"))
user = token.user
user_name = user.username
if user.email.startswith('mailto:'):
user_email = user.email
else:
user_email = 'mailto:%s' % user.email
consumer = token.consumer
members = [
{
"account":{
"name":consumer.key,
"homePage":"lrs://XAPI/OAuth/token/"
},
"objectType": "Agent",
"oauth_identifier": "anonoauth:%s" % (consumer.key)
},
{
"name":user_name,
"mbox":user_email,
"objectType": "Agent"
}
]
kwargs = {"objectType":"Group", "member":members,"oauth_identifier": "anongroup:%s-%s" % (consumer.key, user_email)}
# create/get oauth group and set in dictionary
oauth_group, created = Agent.objects.oauth_group(**kwargs)
request['auth']['id'] = oauth_group
