Merge branch 'master' into merge-python3-port

Has some issues, will iteratively fix! Conflicts: mediagoblin/gmg_commands/__init__.py mediagoblin/gmg_commands/deletemedia.py mediagoblin/gmg_commands/users.py mediagoblin/oauth/views.py mediagoblin/plugins/api/views.py mediagoblin/tests/test_api.py mediagoblin/tests/test_edit.py mediagoblin/tests/test_oauth1.py mediagoblin/tests/test_util.py mediagoblin/tools/mail.py mediagoblin/webfinger/views.py setup.py
author: Christopher Allan Webber <cwebber@dustycloud.org> 2014-09-16 14:01:43 -0500
committer: Christopher Allan Webber <cwebber@dustycloud.org> 2014-09-16 14:01:43 -0500
commit: f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d (patch)
tree: 0ca05e7a95cfb30d8b286f3ec72e8c95e212511b /mediagoblin/oauth
parent: 5b64c92e0816e733c2f88b88ddc0aec070cdc0d3 (diff)
parent: 1b4e199668ada5c2ec47df7432ab69e315dc0601 (diff)
download: mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.tar.lz
mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.tar.xz
mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.zip
3 files changed, 20 insertions, 21 deletions
diff --git a/mediagoblin/oauth/oauth.py b/mediagoblin/oauth/oauth.py
index 8229c47d..8a60392c 100644
--- a/mediagoblin/oauth/oauth.py
+++ b/mediagoblin/oauth/oauth.py
@@ -15,12 +15,10 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from oauthlib.common import Request
-from oauthlib.oauth1 import RequestValidator 
+from oauthlib.oauth1 import RequestValidator
 
 from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken
 
-
-
 class GMGRequestValidator(RequestValidator):
 
     enforce_ssl = False
@@ -63,14 +61,14 @@ class GMGRequestValidator(RequestValidator):
         """ Currently a stub - called when making AccessTokens """
         return list()
 
-    def validate_timestamp_and_nonce(self, client_key, timestamp, 
-                                     nonce, request, request_token=None, 
+    def validate_timestamp_and_nonce(self, client_key, timestamp,
+                                     nonce, request, request_token=None,
                                      access_token=None):
         nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce)
         nc = nc.first()
         if nc is None:
             return True
-        
+
         return False
 
     def validate_client_key(self, client_key, request):
@@ -78,7 +76,7 @@ class GMGRequestValidator(RequestValidator):
         client = Client.query.filter_by(id=client_key).first()
         if client is None:
             return False
-        
+
         return True
 
     def validate_access_token(self, client_key, token, request):
@@ -119,14 +117,14 @@ class GMGRequest(Request):
     """
 
     def __init__(self, request, *args, **kwargs):
-        """ 
+        """
             :param request: werkzeug request object
-            
+
             any extra params are passed to oauthlib.common.Request object
         """
         kwargs["uri"] = kwargs.get("uri", request.url)
         kwargs["http_method"] = kwargs.get("http_method", request.method)
-        kwargs["body"] = kwargs.get("body", request.get_data())
+        kwargs["body"] = kwargs.get("body", request.data)
         kwargs["headers"] = kwargs.get("headers", dict(request.headers))
 
         super(GMGRequest, self).__init__(*args, **kwargs)
diff --git a/mediagoblin/oauth/routing.py b/mediagoblin/oauth/routing.py
index e45077bb..7f2aa11d 100644
--- a/mediagoblin/oauth/routing.py
+++ b/mediagoblin/oauth/routing.py
@@ -18,25 +18,25 @@ from mediagoblin.tools.routing import add_route
 
 # client registration & oauth
 add_route(
-        "mediagoblin.oauth",
+        "mediagoblin.oauth.client_register",
         "/api/client/register",
         "mediagoblin.oauth.views:client_register"
         )
 
 add_route(
-        "mediagoblin.oauth",
+        "mediagoblin.oauth.request_token",
         "/oauth/request_token",
         "mediagoblin.oauth.views:request_token"
         )
 
 add_route(
-        "mediagoblin.oauth",
+        "mediagoblin.oauth.authorize",
         "/oauth/authorize",
         "mediagoblin.oauth.views:authorize",
         )
 
 add_route(
-        "mediagoblin.oauth",
+        "mediagoblin.oauth.access_token",
         "/oauth/access_token",
         "mediagoblin.oauth.views:access_token"
         )
diff --git a/mediagoblin/oauth/views.py b/mediagoblin/oauth/views.py
index fd848467..ce12fbe0 100644
--- a/mediagoblin/oauth/views.py
+++ b/mediagoblin/oauth/views.py
@@ -18,6 +18,7 @@ import datetime
 
 import six
 
+from oauthlib.oauth1.rfc5849.utils import UNICODE_ASCII_CHARACTER_SET
 from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint,
                              AccessTokenEndpoint)
 
@@ -37,7 +38,7 @@ from mediagoblin.oauth.tools.forms import WTFormData
 from mediagoblin.db.models import NonceTimestamp, Client, RequestToken
 
 # possible client types
-client_types = ["web", "native"] # currently what pump supports
+CLIENT_TYPES = ["web", "native"] # currently what pump supports
 
 @csrf_exempt
 def client_register(request):
@@ -55,7 +56,7 @@ def client_register(request):
     if "type" not in data:
         error = "No registration type provided."
         return json_response({"error": error}, status=400)
-    if data.get("application_type", None) not in client_types:
+    if data.get("application_type", None) not in CLIENT_TYPES:
         error = "Unknown application_type."
         return json_response({"error": error}, status=400)
 
@@ -90,7 +91,7 @@ def client_register(request):
                 )
 
         app_name = ("application_type", client.application_name)
-        if app_name in client_types:
+        if app_name in CLIENT_TYPES:
             client.application_name = app_name
 
     elif client_type == "client_associate":
@@ -106,8 +107,8 @@ def client_register(request):
             return json_response({"error": error}, status=400)
 
         # generate the client_id and client_secret
-        client_id = random_string(22) # seems to be what pump uses
-        client_secret = random_string(43) # again, seems to be what pump uses
+        client_id = random_string(22, UNICODE_ASCII_CHARACTER_SET)
+        client_secret = random_string(43, UNICODE_ASCII_CHARACTER_SET)
         expirey = 0 # for now, lets not have it expire
         expirey_db = None if expirey == 0 else expirey
         application_type = data["application_type"]
@@ -251,6 +252,7 @@ def authorize(request):
 
     if oauth_request.verifier is None:
         orequest = GMGRequest(request)
+        orequest.resource_owner_key = token
         request_validator = GMGRequestValidator()
         auth_endpoint = AuthorizationEndpoint(request_validator)
         verifier = auth_endpoint.create_verifier(orequest, {})
@@ -332,10 +334,9 @@ def access_token(request):
         error = "Missing required parameter."
         return json_response({"error": error}, status=400)
 
-
+    request.resource_owner_key = parsed_tokens["oauth_consumer_key"]
     request.oauth_token = parsed_tokens["oauth_token"]
     request_validator = GMGRequestValidator(data)
     av = AccessTokenEndpoint(request_validator)
     tokens = av.create_access_token(request, {})
     return form_response(tokens)
-
author	Christopher Allan Webber <cwebber@dustycloud.org>	2014-09-16 14:01:43 -0500
committer	Christopher Allan Webber <cwebber@dustycloud.org>	2014-09-16 14:01:43 -0500
commit	f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d (patch)
tree	0ca05e7a95cfb30d8b286f3ec72e8c95e212511b /mediagoblin/oauth
parent	5b64c92e0816e733c2f88b88ddc0aec070cdc0d3 (diff)
parent	1b4e199668ada5c2ec47df7432ab69e315dc0601 (diff)
download	mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.tar.lz mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.tar.xz mediagoblin-f6bad0eb26fa7e092570afe1fb7f38b3d1a1941d.zip