Use oauthlib's safe characters when generating client_key and client_secret

diff --git a/mediagoblin/oauth/views.py b/mediagoblin/oauth/views.py
index 5ade7a8da84f2d3a2fb90b9018d0e78488d9a934..641e300a81187757dcd074e72b1535e2f04a8408 100644 (file)
--- a/mediagoblin/oauth/views.py
+++ b/mediagoblin/oauth/views.py
@@ -17,6 +17,7 @@
 import datetime
 import string
 
+from oauthlib.oauth1.rfc5849.utils import UNICODE_ASCII_CHARACTER_SET
 from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint,
                              AccessTokenEndpoint)
 
@@ -37,8 +38,6 @@ from mediagoblin.db.models import NonceTimestamp, Client, RequestToken
 
 # possible client types
 CLIENT_TYPES = ["web", "native"] # currently what pump supports
-OAUTH_ALPHABET = (string.ascii_letters.decode('ascii') +
-    string.digits.decode('ascii'))
 
 @csrf_exempt
 def client_register(request):
@@ -107,8 +106,8 @@ def client_register(request):
             return json_response({"error": error}, status=400)
 
         # generate the client_id and client_secret
-        client_id = random_string(22, OAUTH_ALPHABET)
-        client_secret = random_string(43, OAUTH_ALPHABET)
+        client_id = random_string(22, UNICODE_ASCII_CHARACTER_SET)
+        client_secret = random_string(43, UNICODE_ASCII_CHARACTER_SET)
         expirey = 0 # for now, lets not have it expire
         expirey_db = None if expirey == 0 else expirey
         application_type = data["application_type"]