mediagoblin/oauth/oauth.py

   1 # GNU MediaGoblin -- federated, autonomous media hosting
   2 # Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
   3 #
   4 # This program is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU Affero General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 from oauthlib.common import Request
  18 from oauthlib.oauth1 import RequestValidator
  19
  20 from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken
  21
  22
  23
  24 class GMGRequestValidator(RequestValidator):
  25
  26     enforce_ssl = False
  27
  28     def __init__(self, data=None, *args, **kwargs):
  29         self.POST = data
  30         super(GMGRequestValidator, self).__init__(*args, **kwargs)
  31
  32     def save_request_token(self, token, request):
  33         """ Saves request token in db """
  34         client_id = self.POST[u"oauth_consumer_key"]
  35
  36         request_token = RequestToken(
  37                 token=token["oauth_token"],
  38                 secret=token["oauth_token_secret"],
  39                 )
  40         request_token.client = client_id
  41         if u"oauth_callback" in self.POST:
  42             request_token.callback = self.POST[u"oauth_callback"]
  43         request_token.save()
  44
  45     def save_verifier(self, token, verifier, request):
  46         """ Saves the oauth request verifier """
  47         request_token = RequestToken.query.filter_by(token=token).first()
  48         request_token.verifier = verifier["oauth_verifier"]
  49         request_token.save()
  50
  51     def save_access_token(self, token, request):
  52         """ Saves access token in db """
  53         access_token = AccessToken(
  54                 token=token["oauth_token"],
  55                 secret=token["oauth_token_secret"],
  56         )
  57         access_token.request_token = request.oauth_token
  58         request_token = RequestToken.query.filter_by(token=request.oauth_token).first()
  59         access_token.user = request_token.user
  60         access_token.save()
  61
  62     def get_realms(*args, **kwargs):
  63         """ Currently a stub - called when making AccessTokens """
  64         return list()
  65
  66     def validate_timestamp_and_nonce(self, client_key, timestamp,
  67                                      nonce, request, request_token=None,
  68                                      access_token=None):
  69         nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce)
  70         nc = nc.first()
  71         if nc is None:
  72             return True
  73
  74         return False
  75
  76     def validate_client_key(self, client_key, request):
  77         """ Verifies client exists with id of client_key """
  78         client = Client.query.filter_by(id=client_key).first()
  79         if client is None:
  80             return False
  81
  82         return True
  83
  84     def validate_access_token(self, client_key, token, request):
  85         """ Verifies token exists for client with id of client_key """
  86         client = Client.query.filter_by(id=client_key).first()
  87         token = AccessToken.query.filter_by(token=token)
  88         token = token.first()
  89
  90         if token is None:
  91             return False
  92
  93         request_token = RequestToken.query.filter_by(token=token.request_token)
  94         request_token = request_token.first()
  95
  96         if client.id != request_token.client:
  97             return False
  98
  99         return True
 100
 101     def validate_realms(self, *args, **kwargs):
 102         """ Would validate reals however not using these yet. """
 103         return True # implement when realms are implemented
 104
 105
 106     def get_client_secret(self, client_key, request):
 107         """ Retrives a client secret with from a client with an id of client_key """
 108         client = Client.query.filter_by(id=client_key).first()
 109         return client.secret
 110
 111     def get_access_token_secret(self, client_key, token, request):
 112         access_token = AccessToken.query.filter_by(token=token).first()
 113         return access_token.secret
 114
 115 class GMGRequest(Request):
 116     """
 117         Fills in data to produce a oauth.common.Request object from a
 118         werkzeug Request object
 119     """
 120
 121     def __init__(self, request, *args, **kwargs):
 122         """
 123             :param request: werkzeug request object
 124
 125             any extra params are passed to oauthlib.common.Request object
 126         """
 127         kwargs["uri"] = kwargs.get("uri", request.url)
 128         kwargs["http_method"] = kwargs.get("http_method", request.method)
 129         kwargs["body"] = kwargs.get("body", request.get_data())
 130         kwargs["headers"] = kwargs.get("headers", dict(request.headers))
 131
 132         super(GMGRequest, self).__init__(*args, **kwargs)