-"""
-Transitional code: bridge between Piston's OAuth implementation
-and DRF views.
-"""
-from piston.authentication import OAuthAuthentication
+# This file is part of Wolne Lektury, licensed under GNU Affero GPLv3 or later.
+# Copyright © Fundacja Wolne Lektury. See NOTICE for more information.
+#
+from oauthlib.oauth1 import ResourceEndpoint
from rest_framework.authentication import BaseAuthentication
+from .request_validator import PistonRequestValidator
+from .utils import oauthlib_request
class PistonOAuthAuthentication(BaseAuthentication):
def __init__(self):
- self.piston_auth = OAuthAuthentication()
+ validator = PistonRequestValidator()
+ self.provider = ResourceEndpoint(validator)
def authenticate_header(self, request):
return 'OAuth realm="API"'
def authenticate(self, request):
- if self.piston_auth.is_valid_request(request):
- consumer, token, parameters = self.piston_auth.validate_token(request)
- if consumer and token:
- return token.user, token
+ v, r = self.provider.validate_protected_resource_request(
+ **oauthlib_request(request)
+ )
+ if v:
+ return r.token.user, r.token