[mediagoblin.git] / mediagoblin / oauth / oauth.py

# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from oauthlib.common import Request
from oauthlib.oauth1 import RequestValidator 

from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken


class GMGRequestValidator(RequestValidator):

    enforce_ssl = False

    def __init__(self, data=None, *args, **kwargs):
        self.POST = data
        super(GMGRequestValidator, self).__init__(*args, **kwargs)

    def save_request_token(self, token, request):
        """ Saves request token in db """
        client_id = self.POST[u"oauth_consumer_key"]

        request_token = RequestToken(
                token=token["oauth_token"],
                secret=token["oauth_token_secret"],
                )
        request_token.client = client_id
        if u"oauth_callback" in self.POST:
            request_token.callback = self.POST[u"oauth_callback"]
        request_token.save()

    def save_verifier(self, token, verifier, request):
        """ Saves the oauth request verifier """
        request_token = RequestToken.query.filter_by(token=token).first()
        request_token.verifier = verifier["oauth_verifier"]
        request_token.save()

    def save_access_token(self, token, request):
        """ Saves access token in db """
        access_token = AccessToken(
                token=token["oauth_token"],
                secret=token["oauth_token_secret"],
        )
        access_token.request_token = request.oauth_token
        request_token = RequestToken.query.filter_by(token=request.oauth_token).first()
        access_token.user = request_token.user
        access_token.save()

    def get_realms(*args, **kwargs):
        """ Currently a stub - called when making AccessTokens """
        return list()

    def validate_timestamp_and_nonce(self, client_key, timestamp, 
                                     nonce, request, request_token=None, 
                                     access_token=None):
        nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce)
        nc = nc.first()
        if nc is None:
            return True
        
        return False

    def validate_client_key(self, client_key, request):
        """ Verifies client exists with id of client_key """
        client = Client.query.filter_by(id=client_key).first()
        if client is None:
            return False
        
        return True

    def validate_access_token(self, client_key, token, request):
        """ Verifies token exists for client with id of client_key """
        client = Client.query.filter_by(id=client_key).first()
        token = AccessToken.query.filter_by(token=token)
        token = token.first()

        if token is None:
            return False

        request_token = RequestToken.query.filter_by(token=token.request_token)
        request_token = request_token.first()

        if client.id != request_token.client:
            return False

        return True

    def validate_realms(self, *args, **kwargs):
        """ Would validate reals however not using these yet. """
        return True # implement when realms are implemented


    def get_client_secret(self, client_key, request):
        """ Retrives a client secret with from a client with an id of client_key """
        client = Client.query.filter_by(id=client_key).first()
        return client.secret

    def get_access_token_secret(self, client_key, token, request):
        access_token = AccessToken.query.filter_by(token=token).first()
        return access_token.secret

class GMGRequest(Request):
    """
        Fills in data to produce a oauth.common.Request object from a
        werkzeug Request object
    """

    def __init__(self, request, *args, **kwargs):
        """ 
            :param request: werkzeug request object
            
            any extra params are passed to oauthlib.common.Request object
        """
        kwargs["uri"] = kwargs.get("uri", request.url)
        kwargs["http_method"] = kwargs.get("http_method", request.method)
        kwargs["body"] = kwargs.get("body", request.get_data())
        kwargs["headers"] = kwargs.get("headers", dict(request.headers))

        super(GMGRequest, self).__init__(*args, **kwargs)
Commit	Line	Data
786bbd79	1	# GNU MediaGoblin -- federated, autonomous media hosting
	2	# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
	3	#
	4	# This program is free software: you can redistribute it and/or modify
	5	# it under the terms of the GNU Affero General Public License as published by
	6	# the Free Software Foundation, either version 3 of the License, or
	7	# (at your option) any later version.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU Affero General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16
	17	from oauthlib.common import Request
8e3bf978	18	from oauthlib.oauth1 import RequestValidator
786bbd79	19
cfe7054c	20	from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken
786bbd79	21
	22
	23
	24	class GMGRequestValidator(RequestValidator):
	25
1e2675b0	26	enforce_ssl = False
1e2675b0	27
89d5b44e	28	def __init__(self, data=None, args, *kwargs):
786bbd79	29	self.POST = data
89d5b44e	30	super(GMGRequestValidator, self).__init__(args, *kwargs)
786bbd79	31
	32	def save_request_token(self, token, request):
	33	""" Saves request token in db """
	34	client_id = self.POST[u"oauth_consumer_key"]
	35
	36	request_token = RequestToken(
	37	token=token["oauth_token"],
	38	secret=token["oauth_token_secret"],
	39	)
	40	request_token.client = client_id
89d5b44e	41	if u"oauth_callback" in self.POST:
89d5b44e	42	request_token.callback = self.POST[u"oauth_callback"]
786bbd79	43	request_token.save()
	44
	45	def save_verifier(self, token, verifier, request):
	46	""" Saves the oauth request verifier """
	47	request_token = RequestToken.query.filter_by(token=token).first()
	48	request_token.verifier = verifier["oauth_verifier"]
	49	request_token.save()
	50
	51	def save_access_token(self, token, request):
	52	""" Saves access token in db """
	53	access_token = AccessToken(
	54	token=token["oauth_token"],
	55	secret=token["oauth_token_secret"],
	56	)
	57	access_token.request_token = request.oauth_token
	58	request_token = RequestToken.query.filter_by(token=request.oauth_token).first()
	59	access_token.user = request_token.user
	60	access_token.save()
	61
	62	def get_realms(args, *kwargs):
	63	""" Currently a stub - called when making AccessTokens """
	64	return list()
	65
49a47ec9	66	def validate_timestamp_and_nonce(self, client_key, timestamp,
	67	nonce, request, request_token=None,
	68	access_token=None):
cfe7054c	69	nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce)
	70	nc = nc.first()
	71	if nc is None:
	72	return True
	73
	74	return False
49a47ec9	75
	76	def validate_client_key(self, client_key, request):
	77	""" Verifies client exists with id of client_key """
	78	client = Client.query.filter_by(id=client_key).first()
	79	if client is None:
	80	return False
	81
	82	return True
	83
	84	def validate_access_token(self, client_key, token, request):
	85	""" Verifies token exists for client with id of client_key """
	86	client = Client.query.filter_by(id=client_key).first()
	87	token = AccessToken.query.filter_by(token=token)
	88	token = token.first()
	89
	90	if token is None:
	91	return False
	92
	93	request_token = RequestToken.query.filter_by(token=token.request_token)
	94	request_token = request_token.first()
	95
	96	if client.id != request_token.client:
	97	return False
	98
	99	return True
	100
	101	def validate_realms(self, args, *kwargs):
	102	""" Would validate reals however not using these yet. """
	103	return True # implement when realms are implemented
	104
	105
	106	def get_client_secret(self, client_key, request):
	107	""" Retrives a client secret with from a client with an id of client_key """
	108	client = Client.query.filter_by(id=client_key).first()
	109	return client.secret
	110
	111	def get_access_token_secret(self, client_key, token, request):
49a47ec9	112	access_token = AccessToken.query.filter_by(token=token).first()
	113	return access_token.secret
	114
786bbd79	115	class GMGRequest(Request):
	116	"""
	117	Fills in data to produce a oauth.common.Request object from a
	118	werkzeug Request object
	119	"""
	120
	121	def __init__(self, request, args, *kwargs):
	122	"""
	123	:param request: werkzeug request object
	124
	125	any extra params are passed to oauthlib.common.Request object
	126	"""
	127	kwargs["uri"] = kwargs.get("uri", request.url)
	128	kwargs["http_method"] = kwargs.get("http_method", request.method)
	129	kwargs["body"] = kwargs.get("body", request.get_data())
	130	kwargs["headers"] = kwargs.get("headers", dict(request.headers))
	131
	132	super(GMGRequest, self).__init__(args, *kwargs)