def set_authorization(r_dict, request): auth_params = r_dict['headers']['Authorization'] if auth_params[:6] == 'OAuth ': # Make sure it has the required/valid oauth headers if CheckOAuth.is_valid_request(request): try: consumer, token, parameters = CheckOAuth.validate_token(request) except OAuthError, e: raise OauthUnauthorized(send_oauth_error(e)) # Set consumer and token for authentication piece r_dict['auth']['oauth_consumer'] = consumer r_dict['auth']['oauth_token'] = token r_dict['auth']['type'] = 'oauth' else: raise OauthUnauthorized(send_oauth_error(OAuthError(_('Invalid OAuth request parameters.')))) # Used for OAuth scope endpoint = request.path[5:] # Since we accept with or without / on end if endpoint.endswith("/"): endpoint = endpoint[:-1] r_dict['auth']['endpoint'] = endpoint
def oauth_helper(request): consumer = request['auth']['oauth_consumer'] token = request['auth']['oauth_token'] # Make sure consumer has been accepted by system if consumer.status != ACCEPTED: raise OauthUnauthorized(send_oauth_error("%s has not been authorized" % str(consumer.name))) # make sure the token is an approved access token if token.token_type != Token.ACCESS or not token.is_approved: raise OauthUnauthorized(send_oauth_error("The access token is not valid")) user = token.user user_name = user.username if user.email.startswith('mailto:'): user_email = user.email else: user_email = 'mailto:%s' % user.email consumer = token.consumer members = [ { "account":{ "name":consumer.key, "homePage":"lrs://XAPI/OAuth/token/" }, "objectType": "Agent", "oauth_identifier": "anonoauth:%s" % (consumer.key) }, { "name":user_name, "mbox":user_email, "objectType": "Agent" } ] kwargs = {"objectType":"Group", "member":members,"oauth_identifier": "anongroup:%s-%s" % (consumer.key, user_email)} # create/get oauth group and set in dictionary oauth_group, created = Agent.objects.oauth_group(**kwargs) request['auth']['id'] = oauth_group