786bbd79 |
1 | # GNU MediaGoblin -- federated, autonomous media hosting |
2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
3 | # |
4 | # This program is free software: you can redistribute it and/or modify |
5 | # it under the terms of the GNU Affero General Public License as published by |
6 | # the Free Software Foundation, either version 3 of the License, or |
7 | # (at your option) any later version. |
8 | # |
9 | # This program is distributed in the hope that it will be useful, |
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | # GNU Affero General Public License for more details. |
13 | # |
14 | # You should have received a copy of the GNU Affero General Public License |
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | |
17 | from oauthlib.common import Request |
8e3bf978 |
18 | from oauthlib.oauth1 import RequestValidator |
786bbd79 |
19 | |
cfe7054c |
20 | from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken |
786bbd79 |
21 | |
22 | |
23 | |
24 | class GMGRequestValidator(RequestValidator): |
25 | |
1e2675b0 |
26 | enforce_ssl = False |
27 | |
89d5b44e |
28 | def __init__(self, data=None, *args, **kwargs): |
786bbd79 |
29 | self.POST = data |
89d5b44e |
30 | super(GMGRequestValidator, self).__init__(*args, **kwargs) |
786bbd79 |
31 | |
32 | def save_request_token(self, token, request): |
33 | """ Saves request token in db """ |
34 | client_id = self.POST[u"oauth_consumer_key"] |
35 | |
36 | request_token = RequestToken( |
37 | token=token["oauth_token"], |
38 | secret=token["oauth_token_secret"], |
39 | ) |
40 | request_token.client = client_id |
89d5b44e |
41 | if u"oauth_callback" in self.POST: |
42 | request_token.callback = self.POST[u"oauth_callback"] |
786bbd79 |
43 | request_token.save() |
44 | |
45 | def save_verifier(self, token, verifier, request): |
46 | """ Saves the oauth request verifier """ |
47 | request_token = RequestToken.query.filter_by(token=token).first() |
48 | request_token.verifier = verifier["oauth_verifier"] |
49 | request_token.save() |
50 | |
51 | def save_access_token(self, token, request): |
52 | """ Saves access token in db """ |
53 | access_token = AccessToken( |
54 | token=token["oauth_token"], |
55 | secret=token["oauth_token_secret"], |
56 | ) |
57 | access_token.request_token = request.oauth_token |
58 | request_token = RequestToken.query.filter_by(token=request.oauth_token).first() |
59 | access_token.user = request_token.user |
60 | access_token.save() |
61 | |
62 | def get_realms(*args, **kwargs): |
63 | """ Currently a stub - called when making AccessTokens """ |
64 | return list() |
65 | |
49a47ec9 |
66 | def validate_timestamp_and_nonce(self, client_key, timestamp, |
67 | nonce, request, request_token=None, |
68 | access_token=None): |
cfe7054c |
69 | nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce) |
70 | nc = nc.first() |
71 | if nc is None: |
72 | return True |
73 | |
74 | return False |
49a47ec9 |
75 | |
76 | def validate_client_key(self, client_key, request): |
77 | """ Verifies client exists with id of client_key """ |
78 | client = Client.query.filter_by(id=client_key).first() |
79 | if client is None: |
80 | return False |
81 | |
82 | return True |
83 | |
84 | def validate_access_token(self, client_key, token, request): |
85 | """ Verifies token exists for client with id of client_key """ |
86 | client = Client.query.filter_by(id=client_key).first() |
87 | token = AccessToken.query.filter_by(token=token) |
88 | token = token.first() |
89 | |
90 | if token is None: |
91 | return False |
92 | |
93 | request_token = RequestToken.query.filter_by(token=token.request_token) |
94 | request_token = request_token.first() |
95 | |
96 | if client.id != request_token.client: |
97 | return False |
98 | |
99 | return True |
100 | |
101 | def validate_realms(self, *args, **kwargs): |
102 | """ Would validate reals however not using these yet. """ |
103 | return True # implement when realms are implemented |
104 | |
105 | |
106 | def get_client_secret(self, client_key, request): |
107 | """ Retrives a client secret with from a client with an id of client_key """ |
108 | client = Client.query.filter_by(id=client_key).first() |
109 | return client.secret |
110 | |
111 | def get_access_token_secret(self, client_key, token, request): |
49a47ec9 |
112 | access_token = AccessToken.query.filter_by(token=token).first() |
113 | return access_token.secret |
114 | |
786bbd79 |
115 | class GMGRequest(Request): |
116 | """ |
117 | Fills in data to produce a oauth.common.Request object from a |
118 | werkzeug Request object |
119 | """ |
120 | |
121 | def __init__(self, request, *args, **kwargs): |
122 | """ |
123 | :param request: werkzeug request object |
124 | |
125 | any extra params are passed to oauthlib.common.Request object |
126 | """ |
127 | kwargs["uri"] = kwargs.get("uri", request.url) |
128 | kwargs["http_method"] = kwargs.get("http_method", request.method) |
129 | kwargs["body"] = kwargs.get("body", request.get_data()) |
130 | kwargs["headers"] = kwargs.get("headers", dict(request.headers)) |
131 | |
132 | super(GMGRequest, self).__init__(*args, **kwargs) |