+ data = request.headers
+ authorization = decode_authorization_header(data)
+
+ if authorization == dict():
+ error = "Missing required parameter."
+ return json_response({"error": error}, status=400)
+
+
+ request_validator = GMGRequestValidator()
+ resource_endpoint = ResourceEndpoint(request_validator)
+ valid, r = resource_endpoint.validate_protected_resource_request(
+ uri=request.url,
+ http_method=request.method,
+ body=request.data,
+ headers=dict(request.headers),
+ )
+
+ if not valid:
+ error = "Invalid oauth parameter."
+ return json_response({"error": error}, status=400)
+
+ # Fill user if not already
+ token = authorization[u"oauth_token"]
+ request.access_token = AccessToken.query.filter_by(token=token).first()
+ if request.access_token is not None and request.user is None:
+ user_id = request.access_token.actor
+ request.user = LocalUser.query.filter_by(id=user_id).first()
+