From 2b60a56cbec44f789ee2efe71294979d7784515c Mon Sep 17 00:00:00 2001 From: xray7224 Date: Thu, 11 Jul 2013 17:58:58 +0100 Subject: Finishes most of oauth, just decorator to complete --- mediagoblin/decorators.py | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'mediagoblin/decorators.py') diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index ece222f5..ce26e46c 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -22,7 +22,8 @@ from werkzeug.exceptions import Forbidden, NotFound from mediagoblin import mg_globals as mgg from mediagoblin import messages from mediagoblin.db.models import MediaEntry, User -from mediagoblin.tools.response import redirect, render_404 +from mediagoblin.tools.request import decode_authorization_header +from mediagoblin.tools.response import json_response, redirect, render_404 from mediagoblin.tools.translate import pass_to_ugettext as _ @@ -268,3 +269,16 @@ def auth_enabled(controller): return controller(request, *args, **kwargs) return wrapper + +def oauth_requeired(controller): + """ Used to wrap API endpoints where oauth is required """ + @wraps(controller) + def wrapper(request, *args, **kwargs): + data = request.headers + authorization = decode_authorization_header(data) + + if authorization == dict(): + error = "Missing required parameter." + return json_response({"error": error}, status=400) + + -- cgit v1.2.3 From 786bbd79e8d77c06a9d86aee00edc4dd3e89d651 Mon Sep 17 00:00:00 2001 From: xray7224 Date: Thu, 11 Jul 2013 19:43:00 +0100 Subject: Cleans up some of the OAuth code --- mediagoblin/decorators.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'mediagoblin/decorators.py') diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index ce26e46c..1fdb78d7 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -22,10 +22,11 @@ from werkzeug.exceptions import Forbidden, NotFound from mediagoblin import mg_globals as mgg from mediagoblin import messages from mediagoblin.db.models import MediaEntry, User -from mediagoblin.tools.request import decode_authorization_header from mediagoblin.tools.response import json_response, redirect, render_404 from mediagoblin.tools.translate import pass_to_ugettext as _ +from mediagoblin.federation.tools.request import decode_authorization_header +from mediagoblin.federation.oauth import GMGRequestValidator def require_active_login(controller): """ @@ -282,3 +283,4 @@ def oauth_requeired(controller): return json_response({"error": error}, status=400) + -- cgit v1.2.3 From 1e2675b0c0ee2bf35705b538ec94978fe4f005d4 Mon Sep 17 00:00:00 2001 From: xray7224 Date: Thu, 11 Jul 2013 20:24:20 +0100 Subject: Adds the decorator --- mediagoblin/decorators.py | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'mediagoblin/decorators.py') diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index 1fdb78d7..ad36f376 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -18,6 +18,7 @@ from functools import wraps from urlparse import urljoin from werkzeug.exceptions import Forbidden, NotFound +from oauthlib.oauth1 import ResourceEndpoint from mediagoblin import mg_globals as mgg from mediagoblin import messages @@ -271,7 +272,7 @@ def auth_enabled(controller): return wrapper -def oauth_requeired(controller): +def oauth_required(controller): """ Used to wrap API endpoints where oauth is required """ @wraps(controller) def wrapper(request, *args, **kwargs): @@ -282,5 +283,18 @@ def oauth_requeired(controller): error = "Missing required parameter." return json_response({"error": error}, status=400) - - + + request_validator = GMGRequestValidator() + resource_endpoint = ResourceEndpoint(request_validator) + valid, request = resource_endpoint.validate_protected_resource_request( + uri=request.url, + http_method=request.method, + body=request.get_data(), + headers=dict(request.headers), + ) + #print "[VALID] %s" % valid + #print "[REQUEST] %s" % request + + return controller(request, *args, **kwargs) + + return wrapper -- cgit v1.2.3 From 49a47ec991152a5dd25a7460e1d3d11afb73d32d Mon Sep 17 00:00:00 2001 From: xray7224 Date: Thu, 11 Jul 2013 20:55:08 +0100 Subject: Ensures endpoint queries with @oauth_required are validated --- mediagoblin/decorators.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'mediagoblin/decorators.py') diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index ad36f376..bb2ba7a5 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -292,8 +292,10 @@ def oauth_required(controller): body=request.get_data(), headers=dict(request.headers), ) - #print "[VALID] %s" % valid - #print "[REQUEST] %s" % request + + if not valid: + error = "Invalid oauth prarameter." + return json_response({"error": error}, status=400) return controller(request, *args, **kwargs) -- cgit v1.2.3 From 0ec89cb29fbd4b1b31534e5bc66c914c381837c5 Mon Sep 17 00:00:00 2001 From: xray7224 Date: Mon, 29 Jul 2013 17:25:10 +0100 Subject: Fixes problem with headers pointing to old federation dir --- mediagoblin/decorators.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mediagoblin/decorators.py') diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index 302ab247..685d0d98 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -26,8 +26,8 @@ from mediagoblin.db.models import MediaEntry, User from mediagoblin.tools.response import json_response, redirect, render_404 from mediagoblin.tools.translate import pass_to_ugettext as _ -from mediagoblin.federation.tools.request import decode_authorization_header -from mediagoblin.federation.oauth import GMGRequestValidator +from mediagoblin.oauth.tools.request import decode_authorization_header +from mediagoblin.oauth.oauth import GMGRequestValidator def require_active_login(controller): """ -- cgit v1.2.3