X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/1434b3dfc0495e885921acb726df6cc06e00c5ed..86530a9e72f32d28ef1971ac9fa705c85b1bd3b6:/src/api/request_validator.py?ds=inline diff --git a/src/api/request_validator.py b/src/api/request_validator.py index 6e3c0c22b..78834ffa2 100644 --- a/src/api/request_validator.py +++ b/src/api/request_validator.py @@ -1,10 +1,9 @@ -# -*- coding: utf-8 -*- -# This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later. -# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information. +# This file is part of Wolne Lektury, licensed under GNU Affero GPLv3 or later. +# Copyright © Fundacja Wolne Lektury. See NOTICE for more information. # import time from oauthlib.oauth1 import RequestValidator -from piston.models import Consumer, Nonce, Token +from api.models import Consumer, Nonce, Token class PistonRequestValidator(RequestValidator): @@ -20,19 +19,48 @@ class PistonRequestValidator(RequestValidator): # iOS app generates 8-char nonces. nonce_length = 8, 250 - # Because piston.models.Token.key is char(18). + # Because Token.key is char(18). + request_token_length = 18, 32 access_token_length = 18, 32 + # TODO: oauthlib request-access switch. def check_client_key(self, client_key): """We control the keys anyway.""" return True - def get_access_token_secret(self, client_key, token, request): + def get_request_token_secret(self, client_key, token, request): return request.token.secret + def get_access_token_secret(self, client_key, token, request): + if request.token: + return request.token.secret + else: + try: + token = Token.objects.get( + token_type=Token.ACCESS, + consumer__key=client_key, + key=token + ) + except: return None + return token.secret + def get_default_realms(self, client_key, request): return ['API'] + def validate_request_token(self, client_key, token, request): + try: + token = Token.objects.get( + token_type=Token.REQUEST, + consumer__key=client_key, + key=token, + is_approved=True, + ) + except Token.DoesNotExist: + return False + else: + request.token = token + return True + def validate_access_token(self, client_key, token, request): try: token = Token.objects.get( @@ -76,6 +104,9 @@ class PistonRequestValidator(RequestValidator): def validate_redirect_uri(self, *args, **kwargs): return True + def validate_verifier(self, client_key, token, verifier, request): + return True + def get_client_secret(self, client_key, request): return request.oauth_consumer.secret @@ -88,6 +119,16 @@ class PistonRequestValidator(RequestValidator): consumer=request.oauth_consumer, ) + def save_access_token(self, token, request): + Token.objects.create( + token_type=Token.ACCESS, + timestamp=request.timestamp, + key=token['oauth_token'], + secret=token['oauth_token_secret'], + consumer=request.oauth_consumer, + user=request.token.user, + ) + def verify_request_token(self, token, request): return Token.objects.filter( token_type=Token.REQUEST, key=token, is_approved=False @@ -108,3 +149,10 @@ class PistonRequestValidator(RequestValidator): def get_redirect_uri(self, token, request): return request.redirect_uri + + def invalidate_request_token(self, client_key, request_token, request): + Token.objects.filter( + token_type=Token.REQUEST, + key=request_token, + consumer__key=client_key, + )