From 88a9662be4f97da5b04a3842c8d0caa2652be355 Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Fri, 21 Sep 2012 13:02:35 +0200 Subject: Added client registration caps to OAuth plugin THE MIGRATIONS SUPPLIED WITH THIS COMMIT WILL DROP AND RE-CREATE YOUR oauth__tokens AND oauth__codes TABLES. ALL YOUR OAUTH CODES AND TOKENS WILL BE LOST. - Fixed pylint issues in db/sql/migrations. - Added __repr__ to the User model. - Added _disable_cors option to json_response. - Added crude error handling to the api.tools.api_auth decorator - Updated the OAuth README. - Added client registration, client overview, connection overview, client authorization views and templates. - Added error handling to the OAuthAuth Auth object. - Added AuthorizationForm, ClientRegistrationForm in oauth/forms. - Added migrations for OAuth, added client registration migration. - Added OAuthClient, OAuthUserClient models. - Added oauth/tools with require_client_auth decorator method. --- mediagoblin/plugins/oauth/forms.py | 70 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 mediagoblin/plugins/oauth/forms.py (limited to 'mediagoblin/plugins/oauth/forms.py') diff --git a/mediagoblin/plugins/oauth/forms.py b/mediagoblin/plugins/oauth/forms.py new file mode 100644 index 00000000..35995373 --- /dev/null +++ b/mediagoblin/plugins/oauth/forms.py @@ -0,0 +1,70 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +import wtforms + +from urlparse import urlparse + +from mediagoblin.tools.extlib.wtf_html5 import URLField +from mediagoblin.tools.translate import fake_ugettext_passthrough as _ + + +class AuthorizationForm(wtforms.Form): + client_id = wtforms.HiddenField(_(u'Client ID'), + [wtforms.validators.Required()]) + next = wtforms.HiddenField(_(u'Next URL'), + [wtforms.validators.Required()]) + allow = wtforms.SubmitField(_(u'Allow')) + deny = wtforms.SubmitField(_(u'Deny')) + + +class ClientRegistrationForm(wtforms.Form): + name = wtforms.TextField(_('Name'), [wtforms.validators.Required()], + description=_('The name of the OAuth client')) + description = wtforms.TextAreaField(_('Description'), + [wtforms.validators.Length(min=0, max=500)], + description=_('''This will be visisble to users allowing your + appplication to authenticate as them.''')) + type = wtforms.SelectField(_('Type'), + [wtforms.validators.Required()], + choices=[ + ('confidential', 'Confidential'), + ('public', 'Public')], + description=_('''Confidential - The client can + make requests to the GNU MediaGoblin instance that can not be + intercepted by the user agent (e.g. server-side client).
+ Public - The client can't make confidential + requests to the GNU MediaGoblin instance (e.g. client-side + JavaScript client).''')) + + redirect_uri = URLField(_('Redirect URI'), + [wtforms.validators.Optional(), wtforms.validators.URL()], + description=_('''The redirect URI for the applications, this field + is required for public clients.''')) + + def __init__(self, *args, **kw): + wtforms.Form.__init__(self, *args, **kw) + + def validate(self): + if not wtforms.Form.validate(self): + return False + + if self.type.data == 'public' and not self.redirect_uri.data: + self.redirect_uri.errors.append( + _('This field is required for public clients')) + return False + + return True -- cgit v1.2.3 From 5ee1ab2abb9d4ab0945930a6d79750bdd02ba8a3 Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Sat, 22 Sep 2012 12:03:32 +0200 Subject: Fixed typos visisble, appplication --- mediagoblin/plugins/oauth/forms.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mediagoblin/plugins/oauth/forms.py') diff --git a/mediagoblin/plugins/oauth/forms.py b/mediagoblin/plugins/oauth/forms.py index 35995373..7a2b9fa0 100644 --- a/mediagoblin/plugins/oauth/forms.py +++ b/mediagoblin/plugins/oauth/forms.py @@ -36,8 +36,8 @@ class ClientRegistrationForm(wtforms.Form): description=_('The name of the OAuth client')) description = wtforms.TextAreaField(_('Description'), [wtforms.validators.Length(min=0, max=500)], - description=_('''This will be visisble to users allowing your - appplication to authenticate as them.''')) + description=_('''This will be visble to users allowing your + application to authenticate as them.''')) type = wtforms.SelectField(_('Type'), [wtforms.validators.Required()], choices=[ -- cgit v1.2.3 From 315ac0a2d3fe570cb23a01ce7f094389e1e207d2 Mon Sep 17 00:00:00 2001 From: Christopher Allan Webber Date: Mon, 24 Sep 2012 11:38:55 -0500 Subject: Correcting a couple of spelling errors. Thanks elesa, for finding them! --- mediagoblin/plugins/oauth/forms.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mediagoblin/plugins/oauth/forms.py') diff --git a/mediagoblin/plugins/oauth/forms.py b/mediagoblin/plugins/oauth/forms.py index 7a2b9fa0..2a956dad 100644 --- a/mediagoblin/plugins/oauth/forms.py +++ b/mediagoblin/plugins/oauth/forms.py @@ -36,7 +36,7 @@ class ClientRegistrationForm(wtforms.Form): description=_('The name of the OAuth client')) description = wtforms.TextAreaField(_('Description'), [wtforms.validators.Length(min=0, max=500)], - description=_('''This will be visble to users allowing your + description=_('''This will be visible to users allowing your application to authenticate as them.''')) type = wtforms.SelectField(_('Type'), [wtforms.validators.Required()], -- cgit v1.2.3 From 77c85224b139a123e7895588af51b6cd4ecaa2b9 Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Sat, 2 Mar 2013 23:40:24 +0100 Subject: Fixed hidden fields in oauth client authorization Removed the translation marking and passed in empty strings to avoid WTForms automagically creating the labels from the field names (i.e. client_id => 'Client Id'). --- mediagoblin/plugins/oauth/forms.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'mediagoblin/plugins/oauth/forms.py') diff --git a/mediagoblin/plugins/oauth/forms.py b/mediagoblin/plugins/oauth/forms.py index 2a956dad..d0a4e9b8 100644 --- a/mediagoblin/plugins/oauth/forms.py +++ b/mediagoblin/plugins/oauth/forms.py @@ -23,10 +23,9 @@ from mediagoblin.tools.translate import fake_ugettext_passthrough as _ class AuthorizationForm(wtforms.Form): - client_id = wtforms.HiddenField(_(u'Client ID'), - [wtforms.validators.Required()]) - next = wtforms.HiddenField(_(u'Next URL'), - [wtforms.validators.Required()]) + client_id = wtforms.HiddenField(u'', + validators=[wtforms.validators.Required()]) + next = wtforms.HiddenField(u'', validators=[wtforms.validators.Required()]) allow = wtforms.SubmitField(_(u'Allow')) deny = wtforms.SubmitField(_(u'Deny')) -- cgit v1.2.3 From 665b9c420aa1a7c768e44a8639b6fc185823e202 Mon Sep 17 00:00:00 2001 From: Aditi Mittal Date: Mon, 22 Apr 2013 19:18:45 +0530 Subject: Fix-bug-667-Use-lazy_pass_to_ugettext-for-forms. --- mediagoblin/plugins/oauth/forms.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mediagoblin/plugins/oauth/forms.py') diff --git a/mediagoblin/plugins/oauth/forms.py b/mediagoblin/plugins/oauth/forms.py index d0a4e9b8..5edd992a 100644 --- a/mediagoblin/plugins/oauth/forms.py +++ b/mediagoblin/plugins/oauth/forms.py @@ -19,7 +19,7 @@ import wtforms from urlparse import urlparse from mediagoblin.tools.extlib.wtf_html5 import URLField -from mediagoblin.tools.translate import fake_ugettext_passthrough as _ +from mediagoblin.tools.translate import lazy_pass_to_ugettext as _ class AuthorizationForm(wtforms.Form): -- cgit v1.2.3