aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/decorators.py
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/decorators.py')
-rw-r--r--mediagoblin/decorators.py34
1 files changed, 33 insertions, 1 deletions
diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py
index ca7be53c..685d0d98 100644
--- a/mediagoblin/decorators.py
+++ b/mediagoblin/decorators.py
@@ -18,13 +18,16 @@ from functools import wraps
from urlparse import urljoin
from werkzeug.exceptions import Forbidden, NotFound
+from oauthlib.oauth1 import ResourceEndpoint
from mediagoblin import mg_globals as mgg
from mediagoblin import messages
from mediagoblin.db.models import MediaEntry, User
-from mediagoblin.tools.response import redirect, render_404
+from mediagoblin.tools.response import json_response, redirect, render_404
from mediagoblin.tools.translate import pass_to_ugettext as _
+from mediagoblin.oauth.tools.request import decode_authorization_header
+from mediagoblin.oauth.oauth import GMGRequestValidator
def require_active_login(controller):
"""
@@ -268,3 +271,32 @@ def auth_enabled(controller):
return controller(request, *args, **kwargs)
return wrapper
+
+def oauth_required(controller):
+ """ Used to wrap API endpoints where oauth is required """
+ @wraps(controller)
+ def wrapper(request, *args, **kwargs):
+ data = request.headers
+ authorization = decode_authorization_header(data)
+
+ if authorization == dict():
+ error = "Missing required parameter."
+ return json_response({"error": error}, status=400)
+
+
+ request_validator = GMGRequestValidator()
+ resource_endpoint = ResourceEndpoint(request_validator)
+ valid, request = resource_endpoint.validate_protected_resource_request(
+ uri=request.url,
+ http_method=request.method,
+ body=request.get_data(),
+ headers=dict(request.headers),
+ )
+
+ if not valid:
+ error = "Invalid oauth prarameter."
+ return json_response({"error": error}, status=400)
+
+ return controller(request, *args, **kwargs)
+
+ return wrapper