Adds the decorator

diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py
index 1fdb78d7de3325cb4ae2bfee0ae5870747df1041..ad36f37628f9840f4e12316a340a85f6ee0e5eef 100644 (file)
--- a/mediagoblin/decorators.py
+++ b/mediagoblin/decorators.py
@@ -18,6 +18,7 @@ from functools import wraps
 
 from urlparse import urljoin
 from werkzeug.exceptions import Forbidden, NotFound
+from oauthlib.oauth1 import ResourceEndpoint
 
 from mediagoblin import mg_globals as mgg
 from mediagoblin import messages
@@ -271,7 +272,7 @@ def auth_enabled(controller):
 
     return wrapper
 
-def oauth_requeired(controller):
+def oauth_required(controller):
     """ Used to wrap API endpoints where oauth is required """
     @wraps(controller)
     def wrapper(request, *args, **kwargs):
@@ -282,5 +283,18 @@ def oauth_requeired(controller):
             error = "Missing required parameter."
             return json_response({"error": error}, status=400)
 
-        
-        
+         
+        request_validator = GMGRequestValidator()
+        resource_endpoint = ResourceEndpoint(request_validator)
+        valid, request = resource_endpoint.validate_protected_resource_request(
+                uri=request.url,
+                http_method=request.method,
+                body=request.get_data(),
+                headers=dict(request.headers),
+                )
+        #print "[VALID] %s" % valid
+        #print "[REQUEST] %s" % request
+
+        return controller(request, *args, **kwargs)
+
+    return wrapper

diff --git a/mediagoblin/federation/oauth.py b/mediagoblin/federation/oauth.py
index c94b0a9dde787311f8f4a7f154b3a901742dbeb8..ff45882dfcadb7397073433ca2c265e78653a525 100644 (file)
--- a/mediagoblin/federation/oauth.py
+++ b/mediagoblin/federation/oauth.py
@@ -24,6 +24,8 @@ from mediagoblin.db.models import Client, RequestToken, AccessToken
 
 class GMGRequestValidator(RequestValidator):
 
+    enforce_ssl = False
+
     def __init__(self, data=None):
         self.POST = data
 

diff --git a/mediagoblin/federation/routing.py b/mediagoblin/federation/routing.py
index f7e6f72c13ee3d6912d6fafb8f7d1d0a06a6c233..5dc71456cb48af2ee13471bda0113e4b4db4ffc9 100644 (file)
--- a/mediagoblin/federation/routing.py
+++ b/mediagoblin/federation/routing.py
@@ -41,3 +41,9 @@ add_route(
         "/oauth/access_token",
         "mediagoblin.federation.views:access_token"
         )
+
+add_route(
+        "mediagoblin.federation",
+        "/api/test",
+        "mediagoblin.federation.views:test"
+        )

diff --git a/mediagoblin/federation/views.py b/mediagoblin/federation/views.py
index 29b5647ef531aefc58d40f87e5e56e293dd5e476..c538f4cb721c50d87e6ed34a9ece6421a7169ad3 100644 (file)
--- a/mediagoblin/federation/views.py
+++ b/mediagoblin/federation/views.py
@@ -19,7 +19,7 @@ import datetime
 from oauthlib.oauth1 import (AuthorizationEndpoint, RequestValidator, 
                              RequestTokenEndpoint, AccessTokenEndpoint)
 
-from mediagoblin.decorators import require_active_login
+from mediagoblin.decorators import require_active_login, oauth_required
 from mediagoblin.tools.translate import pass_to_ugettext
 from mediagoblin.meddleware.csrf import csrf_exempt
 from mediagoblin.tools.request import decode_request
@@ -337,4 +337,8 @@ def access_token(request):
     av = AccessTokenEndpoint(request_validator)
     tokens = av.create_access_token(request, {})
     return form_response(tokens)
- 
+
+@csrf_exempt
+@oauth_required 
+def test(request):
+    return json_response({"check":"OK"})