diff options
| author | Jessica Tallon <jessica@megworld.co.uk> | 2014-08-05 21:41:31 +0100 |
|---|---|---|
| committer | Christopher Allan Webber <cwebber@dustycloud.org> | 2014-08-18 10:51:15 -0500 |
| commit | 32ff6f4dc06c91d452afa717eb3198cf746c2bf1 (patch) | |
| tree | 239a59188ae9aa1565372efeb2dcc1adc0d3403b /mediagoblin/oauth | |
| parent | a7800e6da89d9d193e21cd1e7a5351c4ab5a1450 (diff) | |
| download | mediagoblin-32ff6f4dc06c91d452afa717eb3198cf746c2bf1.tar.lz mediagoblin-32ff6f4dc06c91d452afa717eb3198cf746c2bf1.tar.xz mediagoblin-32ff6f4dc06c91d452afa717eb3198cf746c2bf1.zip | |
Use oauthlib's safe characters when generating client_key and client_secret
Diffstat (limited to 'mediagoblin/oauth')
| -rw-r--r-- | mediagoblin/oauth/views.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/mediagoblin/oauth/views.py b/mediagoblin/oauth/views.py index 5ade7a8d..641e300a 100644 --- a/mediagoblin/oauth/views.py +++ b/mediagoblin/oauth/views.py @@ -17,6 +17,7 @@ import datetime import string +from oauthlib.oauth1.rfc5849.utils import UNICODE_ASCII_CHARACTER_SET from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint, AccessTokenEndpoint) @@ -37,8 +38,6 @@ from mediagoblin.db.models import NonceTimestamp, Client, RequestToken # possible client types CLIENT_TYPES = ["web", "native"] # currently what pump supports -OAUTH_ALPHABET = (string.ascii_letters.decode('ascii') + - string.digits.decode('ascii')) @csrf_exempt def client_register(request): @@ -107,8 +106,8 @@ def client_register(request): return json_response({"error": error}, status=400) # generate the client_id and client_secret - client_id = random_string(22, OAUTH_ALPHABET) - client_secret = random_string(43, OAUTH_ALPHABET) + client_id = random_string(22, UNICODE_ASCII_CHARACTER_SET) + client_secret = random_string(43, UNICODE_ASCII_CHARACTER_SET) expirey = 0 # for now, lets not have it expire expirey_db = None if expirey == 0 else expirey application_type = data["application_type"] |