diff options
| author | Christopher Allan Webber <cwebber@dustycloud.org> | 2014-09-16 14:01:43 -0500 |
|---|---|---|
| committer | Christopher Allan Webber <cwebber@dustycloud.org> | 2014-09-16 14:01:43 -0500 |
| commit | f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d (patch) | |
| tree | 0ca05e7a95cfb30d8b286f3ec72e8c95e212511b /mediagoblin/oauth/views.py | |
| parent | 5b64c92e0816e733c2f88b88ddc0aec070cdc0d3 (diff) | |
| parent | 1b4e199668ada5c2ec47df7432ab69e315dc0601 (diff) | |
| download | mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.tar.lz mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.tar.xz mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.zip | |
Merge branch 'master' into merge-python3-port
Has some issues, will iteratively fix!
Conflicts:
mediagoblin/gmg_commands/__init__.py
mediagoblin/gmg_commands/deletemedia.py
mediagoblin/gmg_commands/users.py
mediagoblin/oauth/views.py
mediagoblin/plugins/api/views.py
mediagoblin/tests/test_api.py
mediagoblin/tests/test_edit.py
mediagoblin/tests/test_oauth1.py
mediagoblin/tests/test_util.py
mediagoblin/tools/mail.py
mediagoblin/webfinger/views.py
setup.py
Diffstat (limited to 'mediagoblin/oauth/views.py')
| -rw-r--r-- | mediagoblin/oauth/views.py | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/mediagoblin/oauth/views.py b/mediagoblin/oauth/views.py index fd848467..ce12fbe0 100644 --- a/mediagoblin/oauth/views.py +++ b/mediagoblin/oauth/views.py @@ -18,6 +18,7 @@ import datetime import six +from oauthlib.oauth1.rfc5849.utils import UNICODE_ASCII_CHARACTER_SET from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint, AccessTokenEndpoint) @@ -37,7 +38,7 @@ from mediagoblin.oauth.tools.forms import WTFormData from mediagoblin.db.models import NonceTimestamp, Client, RequestToken # possible client types -client_types = ["web", "native"] # currently what pump supports +CLIENT_TYPES = ["web", "native"] # currently what pump supports @csrf_exempt def client_register(request): @@ -55,7 +56,7 @@ def client_register(request): if "type" not in data: error = "No registration type provided." return json_response({"error": error}, status=400) - if data.get("application_type", None) not in client_types: + if data.get("application_type", None) not in CLIENT_TYPES: error = "Unknown application_type." return json_response({"error": error}, status=400) @@ -90,7 +91,7 @@ def client_register(request): ) app_name = ("application_type", client.application_name) - if app_name in client_types: + if app_name in CLIENT_TYPES: client.application_name = app_name elif client_type == "client_associate": @@ -106,8 +107,8 @@ def client_register(request): return json_response({"error": error}, status=400) # generate the client_id and client_secret - client_id = random_string(22) # seems to be what pump uses - client_secret = random_string(43) # again, seems to be what pump uses + client_id = random_string(22, UNICODE_ASCII_CHARACTER_SET) + client_secret = random_string(43, UNICODE_ASCII_CHARACTER_SET) expirey = 0 # for now, lets not have it expire expirey_db = None if expirey == 0 else expirey application_type = data["application_type"] @@ -251,6 +252,7 @@ def authorize(request): if oauth_request.verifier is None: orequest = GMGRequest(request) + orequest.resource_owner_key = token request_validator = GMGRequestValidator() auth_endpoint = AuthorizationEndpoint(request_validator) verifier = auth_endpoint.create_verifier(orequest, {}) @@ -332,10 +334,9 @@ def access_token(request): error = "Missing required parameter." return json_response({"error": error}, status=400) - + request.resource_owner_key = parsed_tokens["oauth_consumer_key"] request.oauth_token = parsed_tokens["oauth_token"] request_validator = GMGRequestValidator(data) av = AccessTokenEndpoint(request_validator) tokens = av.create_access_token(request, {}) return form_response(tokens) - |