diff options
Diffstat (limited to 'mediagoblin/oauth')
| -rw-r--r-- | mediagoblin/oauth/oauth.py | 18 | ||||
| -rw-r--r-- | mediagoblin/oauth/routing.py | 8 | ||||
| -rw-r--r-- | mediagoblin/oauth/views.py | 3 |
3 files changed, 14 insertions, 15 deletions
diff --git a/mediagoblin/oauth/oauth.py b/mediagoblin/oauth/oauth.py index 8229c47d..8a60392c 100644 --- a/mediagoblin/oauth/oauth.py +++ b/mediagoblin/oauth/oauth.py @@ -15,12 +15,10 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. from oauthlib.common import Request -from oauthlib.oauth1 import RequestValidator +from oauthlib.oauth1 import RequestValidator from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken - - class GMGRequestValidator(RequestValidator): enforce_ssl = False @@ -63,14 +61,14 @@ class GMGRequestValidator(RequestValidator): """ Currently a stub - called when making AccessTokens """ return list() - def validate_timestamp_and_nonce(self, client_key, timestamp, - nonce, request, request_token=None, + def validate_timestamp_and_nonce(self, client_key, timestamp, + nonce, request, request_token=None, access_token=None): nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce) nc = nc.first() if nc is None: return True - + return False def validate_client_key(self, client_key, request): @@ -78,7 +76,7 @@ class GMGRequestValidator(RequestValidator): client = Client.query.filter_by(id=client_key).first() if client is None: return False - + return True def validate_access_token(self, client_key, token, request): @@ -119,14 +117,14 @@ class GMGRequest(Request): """ def __init__(self, request, *args, **kwargs): - """ + """ :param request: werkzeug request object - + any extra params are passed to oauthlib.common.Request object """ kwargs["uri"] = kwargs.get("uri", request.url) kwargs["http_method"] = kwargs.get("http_method", request.method) - kwargs["body"] = kwargs.get("body", request.get_data()) + kwargs["body"] = kwargs.get("body", request.data) kwargs["headers"] = kwargs.get("headers", dict(request.headers)) super(GMGRequest, self).__init__(*args, **kwargs) diff --git a/mediagoblin/oauth/routing.py b/mediagoblin/oauth/routing.py index e45077bb..7f2aa11d 100644 --- a/mediagoblin/oauth/routing.py +++ b/mediagoblin/oauth/routing.py @@ -18,25 +18,25 @@ from mediagoblin.tools.routing import add_route # client registration & oauth add_route( - "mediagoblin.oauth", + "mediagoblin.oauth.client_register", "/api/client/register", "mediagoblin.oauth.views:client_register" ) add_route( - "mediagoblin.oauth", + "mediagoblin.oauth.request_token", "/oauth/request_token", "mediagoblin.oauth.views:request_token" ) add_route( - "mediagoblin.oauth", + "mediagoblin.oauth.authorize", "/oauth/authorize", "mediagoblin.oauth.views:authorize", ) add_route( - "mediagoblin.oauth", + "mediagoblin.oauth.access_token", "/oauth/access_token", "mediagoblin.oauth.views:access_token" ) diff --git a/mediagoblin/oauth/views.py b/mediagoblin/oauth/views.py index f424576b..5ade7a8d 100644 --- a/mediagoblin/oauth/views.py +++ b/mediagoblin/oauth/views.py @@ -252,6 +252,7 @@ def authorize(request): if oauth_request.verifier is None: orequest = GMGRequest(request) + orequest.resource_owner_key = token request_validator = GMGRequestValidator() auth_endpoint = AuthorizationEndpoint(request_validator) verifier = auth_endpoint.create_verifier(orequest, {}) @@ -333,7 +334,7 @@ def access_token(request): error = "Missing required parameter." return json_response({"error": error}, status=400) - + request.resource_owner_key = parsed_tokens["oauth_consumer_key"] request.oauth_token = parsed_tokens["oauth_token"] request_validator = GMGRequestValidator(data) av = AccessTokenEndpoint(request_validator) |