fnp
/
wolnelektury.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
media migrations fix
[wolnelektury.git]
/
apps
/
piston
/
authentication.py
diff --git
a/apps/piston/authentication.py
b/apps/piston/authentication.py
index
7d09707
..
19b8e82
100644
(file)
--- a/
apps/piston/authentication.py
+++ b/
apps/piston/authentication.py
@@
-26,7
+26,7
@@
class NoAuthentication(object):
class HttpBasicAuthentication(object):
"""
Basic HTTP authenticater. Synopsis:
class HttpBasicAuthentication(object):
"""
Basic HTTP authenticater. Synopsis:
-
+
Authentication handlers must implement two methods:
- `is_authenticated`: Will be called when checking for
authentication. Receives a `request` object, please
Authentication handlers must implement two methods:
- `is_authenticated`: Will be called when checking for
authentication. Receives a `request` object, please
@@
-46,7
+46,7
@@
class HttpBasicAuthentication(object):
if not auth_string:
return False
if not auth_string:
return False
-
+
try:
(authmeth, auth) = auth_string.split(" ", 1)
try:
(authmeth, auth) = auth_string.split(" ", 1)
@@
-57,12
+57,12
@@
class HttpBasicAuthentication(object):
(username, password) = auth.split(':', 1)
except (ValueError, binascii.Error):
return False
(username, password) = auth.split(':', 1)
except (ValueError, binascii.Error):
return False
-
+
request.user = self.auth_func(username=username, password=password) \
or AnonymousUser()
request.user = self.auth_func(username=username, password=password) \
or AnonymousUser()
-
+
return not request.user in (False, None, AnonymousUser())
return not request.user in (False, None, AnonymousUser())
-
+
def challenge(self):
resp = HttpResponse("Authorization Required")
resp['WWW-Authenticate'] = 'Basic realm="%s"' % self.realm
def challenge(self):
resp = HttpResponse("Authorization Required")
resp['WWW-Authenticate'] = 'Basic realm="%s"' % self.realm
@@
-78,7
+78,7
@@
class HttpBasicSimple(HttpBasicAuthentication):
self.password = password
super(HttpBasicSimple, self).__init__(auth_func=self.hash, realm=realm)
self.password = password
super(HttpBasicSimple, self).__init__(auth_func=self.hash, realm=realm)
-
+
def hash(self, username, password):
if username == self.user.username and password == self.password:
return self.user
def hash(self, username, password):
if username == self.user.username and password == self.password:
return self.user
@@
-122,17
+122,17
@@
def initialize_server_request(request):
request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '')
oauth_request = oauth.OAuthRequest.from_request(
request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '')
oauth_request = oauth.OAuthRequest.from_request(
- request.method, request.build_absolute_uri(),
+ request.method, request.build_absolute_uri(),
headers=request.META, parameters=params,
query_string=request.environ.get('QUERY_STRING', ''))
headers=request.META, parameters=params,
query_string=request.environ.get('QUERY_STRING', ''))
-
+
if oauth_request:
oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request))
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
if oauth_request:
oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request))
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
-
+
return oauth_server, oauth_request
def send_oauth_error(err=None):
return oauth_server, oauth_request
def send_oauth_error(err=None):
@@
-152,7
+152,7
@@
def send_oauth_error(err=None):
def oauth_request_token(request):
oauth_server, oauth_request = initialize_server_request(request)
def oauth_request_token(request):
oauth_server, oauth_request = initialize_server_request(request)
-
+
if oauth_server is None:
return INVALID_PARAMS_RESPONSE
try:
if oauth_server is None:
return INVALID_PARAMS_RESPONSE
try:
@@
-176,20
+176,20
@@
def oauth_auth_view(request, token, callback, params):
@login_required
def oauth_user_auth(request):
oauth_server, oauth_request = initialize_server_request(request)
@login_required
def oauth_user_auth(request):
oauth_server, oauth_request = initialize_server_request(request)
-
+
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
-
+
try:
token = oauth_server.fetch_request_token(oauth_request)
except oauth.OAuthError, err:
return send_oauth_error(err)
try:
token = oauth_server.fetch_request_token(oauth_request)
except oauth.OAuthError, err:
return send_oauth_error(err)
-
+
try:
callback = oauth_server.get_callback(oauth_request)
except:
callback = None
try:
callback = oauth_server.get_callback(oauth_request)
except:
callback = None
-
+
if request.method == "GET":
params = oauth_request.get_normalized_parameters()
if request.method == "GET":
params = oauth_request.get_normalized_parameters()
@@
-207,26
+207,26
@@
def oauth_user_auth(request):
else:
args = '?error=%s' % 'Access not granted by user.'
print "FORM ERROR", form.errors
else:
args = '?error=%s' % 'Access not granted by user.'
print "FORM ERROR", form.errors
-
+
if not callback:
callback = getattr(settings, 'OAUTH_CALLBACK_VIEW')
return get_callable(callback)(request, token)
if not callback:
callback = getattr(settings, 'OAUTH_CALLBACK_VIEW')
return get_callable(callback)(request, token)
-
+
response = HttpResponseRedirect(callback+args)
response = HttpResponseRedirect(callback+args)
-
+
except oauth.OAuthError, err:
response = send_oauth_error(err)
else:
response = HttpResponse('Action not allowed.')
except oauth.OAuthError, err:
response = send_oauth_error(err)
else:
response = HttpResponse('Action not allowed.')
-
+
return response
def oauth_access_token(request):
oauth_server, oauth_request = initialize_server_request(request)
return response
def oauth_access_token(request):
oauth_server, oauth_request = initialize_server_request(request)
-
+
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
-
+
try:
token = oauth_server.fetch_access_token(oauth_request)
return HttpResponse(token.to_string())
try:
token = oauth_server.fetch_access_token(oauth_request)
return HttpResponse(token.to_string())
@@
-234,7
+234,7
@@
def oauth_access_token(request):
return send_oauth_error(err)
INVALID_PARAMS_RESPONSE = send_oauth_error(oauth.OAuthError('Invalid request parameters.'))
return send_oauth_error(err)
INVALID_PARAMS_RESPONSE = send_oauth_error(oauth.OAuthError('Invalid request parameters.'))
-
+
class OAuthAuthentication(object):
"""
OAuth authentication. Based on work by Leah Culver.
class OAuthAuthentication(object):
"""
OAuth authentication. Based on work by Leah Culver.
@@
-242,12
+242,12
@@
class OAuthAuthentication(object):
def __init__(self, realm='API'):
self.realm = realm
self.builder = oauth.build_authenticate_header
def __init__(self, realm='API'):
self.realm = realm
self.builder = oauth.build_authenticate_header
-
+
def is_authenticated(self, request):
"""
Checks whether a means of specifying authentication
is provided, and if so, if it is a valid token.
def is_authenticated(self, request):
"""
Checks whether a means of specifying authentication
is provided, and if so, if it is a valid token.
-
+
Read the documentation on `HttpBasicAuthentication`
for more information about what goes on here.
"""
Read the documentation on `HttpBasicAuthentication`
for more information about what goes on here.
"""
@@
-263,14
+263,14
@@
class OAuthAuthentication(object):
request.consumer = consumer
request.throttle_extra = token.consumer.id
return True
request.consumer = consumer
request.throttle_extra = token.consumer.id
return True
-
+
return False
return False
-
+
def challenge(self):
"""
Returns a 401 response with a small bit on
what OAuth is, and where to learn more about it.
def challenge(self):
"""
Returns a 401 response with a small bit on
what OAuth is, and where to learn more about it.
-
+
When this was written, browsers did not understand
OAuth authentication on the browser side, and hence
the helpful template we render. Maybe some day in the
When this was written, browsers did not understand
OAuth authentication on the browser side, and hence
the helpful template we render. Maybe some day in the
@@
-290,7
+290,7
@@
class OAuthAuthentication(object):
response.content = tmpl
return response
response.content = tmpl
return response
-
+
@staticmethod
def is_valid_request(request):
"""
@staticmethod
def is_valid_request(request):
"""
@@
-302,14
+302,14
@@
class OAuthAuthentication(object):
must_have = [ 'oauth_'+s for s in [
'consumer_key', 'token', 'signature',
'signature_method', 'timestamp', 'nonce' ] ]
must_have = [ 'oauth_'+s for s in [
'consumer_key', 'token', 'signature',
'signature_method', 'timestamp', 'nonce' ] ]
-
+
is_in = lambda l: all([ (p in l) for p in must_have ])
auth_params = request.META.get("HTTP_AUTHORIZATION", "")
req_params = request.REQUEST
is_in = lambda l: all([ (p in l) for p in must_have ])
auth_params = request.META.get("HTTP_AUTHORIZATION", "")
req_params = request.REQUEST
-
+
return is_in(auth_params) or is_in(req_params)
return is_in(auth_params) or is_in(req_params)
-
+
@staticmethod
def validate_token(request, check_timestamp=True, check_nonce=True):
oauth_server, oauth_request = initialize_server_request(request)
@staticmethod
def validate_token(request, check_timestamp=True, check_nonce=True):
oauth_server, oauth_request = initialize_server_request(request)