Fix #1016 - Covert the timestamp from seconds to datetime object

author Jessica Tallon <jessica@megworld.co.uk>

Tue, 4 Nov 2014 09:54:04 +0000 (09:54 +0000)

committer Jessica Tallon <jessica@megworld.co.uk>

Tue, 4 Nov 2014 10:42:31 +0000 (10:42 +0000)
author Jessica Tallon <jessica@megworld.co.uk>
Tue, 4 Nov 2014 09:54:04 +0000 (09:54 +0000)
committer Jessica Tallon <jessica@megworld.co.uk>
Tue, 4 Nov 2014 10:42:31 +0000 (10:42 +0000)
diff --git a/mediagoblin/oauth/oauth.py b/mediagoblin/oauth/oauth.py

index 8a60392c4739117682297ffbf36802c5a4e3b663..7dc5aa5b9803acc101e784e07de11b3257b7757e 100644 (file)
--- a/mediagoblin/oauth/oauth.py
+++ b/mediagoblin/oauth/oauth.py
@@ -13,6 +13,7 @@
  #
  # You should have received a copy of the GNU Affero General Public License
  # along with this program.  If not, see <http://www.gnu.org/licenses/>.
+import datetime
  
  from oauthlib.common import Request
  from oauthlib.oauth1 import RequestValidator
@@ -64,6 +65,14 @@ class GMGRequestValidator(RequestValidator):
      def validate_timestamp_and_nonce(self, client_key, timestamp,
                                       nonce, request, request_token=None,
                                       access_token=None):
+        # RFC5849 (OAuth 1.0) section 3.3 says the timestamp is going
+        # to be seconds after the epoch, we need to convert for postgres
+        try:
+            timestamp = datetime.datetime.fromtimestamp(float(timestamp))
+        except ValueError:
+            # Well, the client must have passed up something ridiculous
+            return False
+
          nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce)
          nc = nc.first()
          if nc is None:
author	Jessica Tallon <jessica@megworld.co.uk>
	Tue, 4 Nov 2014 09:54:04 +0000 (09:54 +0000)
committer	Jessica Tallon <jessica@megworld.co.uk>
	Tue, 4 Nov 2014 10:42:31 +0000 (10:42 +0000)