Add 'secure' parameter to OAuthHandler constructor.

When 'secure' is True, HTTPS will be used for OAuth requests being sent to Twitter.
This only applies to the get token, authorize, and get access token requests. API
requests will not use HTTPS unless the API object also has 'secure' set to True in
its constructor.

Example:
auth = OAuthHandler(token,secret,secure=True)  # use HTTPS for OAuth setup

api = API(auth)  #  will NOT use HTTPS
api_https = API(auth, secure=True)  # will use HTTPS for API requests.

Signed-off-by: Joshua <jroesslein@gmail.com>

diff --git a/CHANGELOG b/CHANGELOG
index da2ccdc066df19606744b1c06b60a970927bd2a9..fff3fde618f311a02e9220718e921628ca40d261 100644 (file)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,10 @@ during upgrade will be listed here.
 + API
     - lists(), lists_memberships(), and lists_subscriptions() now
         take an "user" parameter for specifying which user to query.
++ OAuthHandler
+    - You may now pass in an optional 'secure' boolean to the
+        constructor which will use https for OAuth requests.
+        Ex: auth = OAuthHandler(token,secret,secure=True)
 
 1.3 -> 1.4 [current]
 ===========================

diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 0a7187433ab1aede3b745877acb3c126cd36a634..e1f0a7d9dbbcb9c5bd83aee86cd7146255ea89a4 100644 (file)
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -13,5 +13,6 @@ Kumar Appaiah
        - sphinx documentation
 Ferenc Szalai
        - Fix API.retweet()
+    - Add secure option to OAuthHandler
 Bas Westerbaan
     - Fixes to API and User model

diff --git a/tweepy/auth.py b/tweepy/auth.py
index ee82efab0f0bd594669dd1d2a2e045a5142b1684..6d1004c66da2db810ba6c548aca6a32b8c997c05 100644 (file)
--- a/tweepy/auth.py
+++ b/tweepy/auth.py
@@ -37,18 +37,25 @@ class BasicAuthHandler(AuthHandler):
 class OAuthHandler(AuthHandler):
     """OAuth authentication handler"""
 
-    REQUEST_TOKEN_URL = 'http://api.twitter.com/oauth/request_token'
-    AUTHORIZATION_URL = 'http://api.twitter.com/oauth/authorize'
-    AUTHENTICATE_URL = 'http://api.twitter.com/oauth/authenticate'
-    ACCESS_TOKEN_URL = 'http://api.twitter.com/oauth/access_token'
+    OAUTH_HOST = 'api.twitter.com'
+    OAUTH_ROOT = '/oauth/'
 
-    def __init__(self, consumer_key, consumer_secret, callback=None):
+    def __init__(self, consumer_key, consumer_secret, callback=None, secure=False):
         self._consumer = oauth.OAuthConsumer(consumer_key, consumer_secret)
         self._sigmethod = oauth.OAuthSignatureMethod_HMAC_SHA1()
         self.request_token = None
         self.access_token = None
         self.callback = callback
         self.username = None
+        self.secure = secure
+
+    def _get_oauth_url(self, endpoint):
+        if self.secure:
+            prefix = 'https://'
+        else:
+            prefix = 'http://'
+
+        return prefix + self.OAUTH_HOST + self.OAUTH_ROOT + endpoint
 
     def apply_auth(self, url, method, headers, parameters):
         request = oauth.OAuthRequest.from_consumer_and_token(
@@ -60,11 +67,12 @@ class OAuthHandler(AuthHandler):
 
     def _get_request_token(self):
         try:
+            url = self._get_oauth_url('request_token')
             request = oauth.OAuthRequest.from_consumer_and_token(
-                self._consumer, http_url=self.REQUEST_TOKEN_URL, callback=self.callback
+                self._consumer, http_url=url, callback=self.callback
             )
             request.sign_request(self._sigmethod, self._consumer, None)
-            resp = urlopen(Request(self.REQUEST_TOKEN_URL, headers=request.to_header()))
+            resp = urlopen(Request(url, headers=request.to_header()))
             return oauth.OAuthToken.from_string(resp.read())
         except Exception, e:
             raise TweepError(e)
@@ -83,11 +91,11 @@ class OAuthHandler(AuthHandler):
 
             # build auth request and return as url
             if signin_with_twitter:
-                auth_url = self.AUTHENTICATE_URL
+                url = self._get_oauth_url('authenticate')
             else:
-                auth_url = self.AUTHORIZATION_URL
+                url = self._get_oauth_url('authorize')
             request = oauth.OAuthRequest.from_token_and_callback(
-                token=self.request_token, http_url=auth_url
+                token=self.request_token, http_url=url
             )
 
             return request.to_url()
@@ -100,16 +108,18 @@ class OAuthHandler(AuthHandler):
         with user supplied verifier.
         """
         try:
+            url = self._get_oauth_url('access_token')
+
             # build request
             request = oauth.OAuthRequest.from_consumer_and_token(
                 self._consumer,
-                token=self.request_token, http_url=self.ACCESS_TOKEN_URL,
+                token=self.request_token, http_url=url,
                 verifier=str(verifier)
             )
             request.sign_request(self._sigmethod, self._consumer, self.request_token)
 
             # send request
-            resp = urlopen(Request(self.ACCESS_TOKEN_URL, headers=request.to_header()))
+            resp = urlopen(Request(url, headers=request.to_header()))
             self.access_token = oauth.OAuthToken.from_string(resp.read())
             return self.access_token
         except Exception, e: