class HttpBasicAuthentication(object):
"""
Basic HTTP authenticater. Synopsis:
-
+
Authentication handlers must implement two methods:
- `is_authenticated`: Will be called when checking for
authentication. Receives a `request` object, please
if not auth_string:
return False
-
+
try:
(authmeth, auth) = auth_string.split(" ", 1)
(username, password) = auth.split(':', 1)
except (ValueError, binascii.Error):
return False
-
+
request.user = self.auth_func(username=username, password=password) \
or AnonymousUser()
-
+
return not request.user in (False, None, AnonymousUser())
-
+
def challenge(self):
resp = HttpResponse("Authorization Required")
resp['WWW-Authenticate'] = 'Basic realm="%s"' % self.realm
self.password = password
super(HttpBasicSimple, self).__init__(auth_func=self.hash, realm=realm)
-
+
def hash(self, username, password):
if username == self.user.username and password == self.password:
return self.user
request.META['Authorization'] = request.META.get('HTTP_AUTHORIZATION', '')
oauth_request = oauth.OAuthRequest.from_request(
- request.method, request.build_absolute_uri(),
+ request.method, request.build_absolute_uri(),
headers=request.META, parameters=params,
query_string=request.environ.get('QUERY_STRING', ''))
-
+
if oauth_request:
oauth_server = oauth.OAuthServer(oauth_datastore(oauth_request))
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT())
oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1())
else:
oauth_server = None
-
+
return oauth_server, oauth_request
def send_oauth_error(err=None):
def oauth_request_token(request):
oauth_server, oauth_request = initialize_server_request(request)
-
+
if oauth_server is None:
return INVALID_PARAMS_RESPONSE
try:
@login_required
def oauth_user_auth(request):
oauth_server, oauth_request = initialize_server_request(request)
-
+
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
-
+
try:
token = oauth_server.fetch_request_token(oauth_request)
except oauth.OAuthError, err:
return send_oauth_error(err)
-
+
try:
callback = oauth_server.get_callback(oauth_request)
except:
callback = None
-
+
if request.method == "GET":
params = oauth_request.get_normalized_parameters()
else:
args = '?error=%s' % 'Access not granted by user.'
print "FORM ERROR", form.errors
-
+
if not callback:
callback = getattr(settings, 'OAUTH_CALLBACK_VIEW')
return get_callable(callback)(request, token)
-
+
response = HttpResponseRedirect(callback+args)
-
+
except oauth.OAuthError, err:
response = send_oauth_error(err)
else:
response = HttpResponse('Action not allowed.')
-
+
return response
def oauth_access_token(request):
oauth_server, oauth_request = initialize_server_request(request)
-
+
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
-
+
try:
token = oauth_server.fetch_access_token(oauth_request)
return HttpResponse(token.to_string())
return send_oauth_error(err)
INVALID_PARAMS_RESPONSE = send_oauth_error(oauth.OAuthError('Invalid request parameters.'))
-
+
class OAuthAuthentication(object):
"""
OAuth authentication. Based on work by Leah Culver.
def __init__(self, realm='API'):
self.realm = realm
self.builder = oauth.build_authenticate_header
-
+
def is_authenticated(self, request):
"""
Checks whether a means of specifying authentication
is provided, and if so, if it is a valid token.
-
+
Read the documentation on `HttpBasicAuthentication`
for more information about what goes on here.
"""
request.consumer = consumer
request.throttle_extra = token.consumer.id
return True
-
+
return False
-
+
def challenge(self):
"""
Returns a 401 response with a small bit on
what OAuth is, and where to learn more about it.
-
+
When this was written, browsers did not understand
OAuth authentication on the browser side, and hence
the helpful template we render. Maybe some day in the
response.content = tmpl
return response
-
+
@staticmethod
def is_valid_request(request):
"""
must_have = [ 'oauth_'+s for s in [
'consumer_key', 'token', 'signature',
'signature_method', 'timestamp', 'nonce' ] ]
-
+
is_in = lambda l: all([ (p in l) for p in must_have ])
auth_params = request.META.get("HTTP_AUTHORIZATION", "")
req_params = request.REQUEST
-
+
return is_in(auth_params) or is_in(req_params)
-
+
@staticmethod
def validate_token(request, check_timestamp=True, check_nonce=True):
oauth_server, oauth_request = initialize_server_request(request)
fnp / wolnelektury.git / blobdiff