diff options
| author | Jessica Tallon <jessica@megworld.co.uk> | 2014-11-04 09:54:04 +0000 |
|---|---|---|
| committer | Jessica Tallon <jessica@megworld.co.uk> | 2014-11-04 10:42:31 +0000 |
| commit | 4fc1671d84d834fefb616e8cbe72c8c2b64095b3 (patch) | |
| tree | a80cc50ce20912597ae4d5c3a190dc36364cf2d5 | |
| parent | aa68730237700a812e4d3aa5cd94458282e205de (diff) | |
| download | mediagoblin-4fc1671d84d834fefb616e8cbe72c8c2b64095b3.tar.lz mediagoblin-4fc1671d84d834fefb616e8cbe72c8c2b64095b3.tar.xz mediagoblin-4fc1671d84d834fefb616e8cbe72c8c2b64095b3.zip | |
Fix #1016 - Covert the timestamp from seconds to datetime object
| -rw-r--r-- | mediagoblin/oauth/oauth.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/mediagoblin/oauth/oauth.py b/mediagoblin/oauth/oauth.py index 8a60392c..7dc5aa5b 100644 --- a/mediagoblin/oauth/oauth.py +++ b/mediagoblin/oauth/oauth.py @@ -13,6 +13,7 @@ # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +import datetime from oauthlib.common import Request from oauthlib.oauth1 import RequestValidator @@ -64,6 +65,14 @@ class GMGRequestValidator(RequestValidator): def validate_timestamp_and_nonce(self, client_key, timestamp, nonce, request, request_token=None, access_token=None): + # RFC5849 (OAuth 1.0) section 3.3 says the timestamp is going + # to be seconds after the epoch, we need to convert for postgres + try: + timestamp = datetime.datetime.fromtimestamp(float(timestamp)) + except ValueError: + # Well, the client must have passed up something ridiculous + return False + nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce) nc = nc.first() if nc is None: |