fnp / wolnelektury.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove piston residue.
[wolnelektury.git] / src / api / views.py
diff --git a/src/api/views.py b/src/api/views.py
index 741e454..5df3d68 100644 (file)
--- a/src/api/views.py
+++ b/src/api/views.py
@@ -2,10 +2,15 @@
 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
+from django.contrib.auth.decorators import login_required
+from django import forms
+from django.http import HttpResponse
 from django.http import Http404
+from django.shortcuts import render
 from django.views.generic.base import View
 from oauthlib.common import urlencode
 from oauthlib.oauth1 import RequestTokenEndpoint, AccessTokenEndpoint
+from oauthlib.oauth1 import AuthorizationEndpoint, OAuth1Error
 from api.models import KEY_SIZE, SECRET_SIZE
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
@@ -48,6 +53,55 @@ class OAuth1RequestTokenView(View):
         )
 
 
+class OAuthAuthenticationForm(forms.Form):
+    oauth_token = forms.CharField(widget=forms.HiddenInput)
+    oauth_callback = forms.CharField(widget=forms.HiddenInput)  # changed from URLField - too strict
+    # removed authorize_access - redundant
+
+
+class OAuth1AuthorizationEndpoint(AuthorizationEndpoint):
+    def create_verifier(self, request, credentials):
+        verifier = super(OAuth1AuthorizationEndpoint, self).create_verifier(request, credentials)
+        return {
+            'oauth_token': verifier['oauth_token'],
+        }
+
+
+@login_required
+def oauth_user_auth(request):
+    endpoint = OAuth1AuthorizationEndpoint(PistonRequestValidator())
+
+    if request.method == "GET":
+        # Why not just get oauth_token here?
+        # This is fairly straightforward, in't?
+        try:
+            realms, credentials = endpoint.get_realms_and_credentials(
+                **oauthlib_request(request))
+        except OAuth1Error as e:
+            return HttpResponse(e.message, status=400)
+        callback = request.GET.get('oauth_callback')
+
+        form = OAuthAuthenticationForm(initial={
+            'oauth_token': credentials['resource_owner_key'],
+            'oauth_callback': callback,
+        })
+
+        return render(request, 'oauth/authorize_token.html', {'form': form})
+
+    elif request.method == "POST":
+        try:
+            response = oauthlib_response(
+                endpoint.create_authorization_response(
+                    credentials={"user": request.user},
+                    **oauthlib_request(request)
+                )
+            )
+        except OAuth1Error as e:
+            return HttpResponse(e.message, status=400)
+        else:
+            return response
+
+
 class OAuth1AccessTokenEndpoint(AccessTokenEndpoint):
     def _create_request(self, *args, **kwargs):
         r = super(OAuth1AccessTokenEndpoint, self)._create_request(*args, **kwargs)