X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/1434b3dfc0495e885921acb726df6cc06e00c5ed..b0b9c1f0f9f4cc0f5c4d00d913735ab6a81bf214:/src/api/request_validator.py diff --git a/src/api/request_validator.py b/src/api/request_validator.py index 6e3c0c22b..55bd6fbdb 100644 --- a/src/api/request_validator.py +++ b/src/api/request_validator.py @@ -4,7 +4,7 @@ # import time from oauthlib.oauth1 import RequestValidator -from piston.models import Consumer, Nonce, Token +from api.piston.models import Consumer, Nonce, Token class PistonRequestValidator(RequestValidator): @@ -21,18 +21,37 @@ class PistonRequestValidator(RequestValidator): nonce_length = 8, 250 # Because piston.models.Token.key is char(18). + request_token_length = 18, 32 access_token_length = 18, 32 + # TODO: oauthlib request-access switch. def check_client_key(self, client_key): """We control the keys anyway.""" return True + def get_request_token_secret(self, client_key, token, request): + return request.token.secret + def get_access_token_secret(self, client_key, token, request): return request.token.secret def get_default_realms(self, client_key, request): return ['API'] + def validate_request_token(self, client_key, token, request): + try: + token = Token.objects.get( + token_type=Token.REQUEST, + consumer__key=client_key, + key=token, + is_approved=True, + ) + except Token.DoesNotExist: + return False + else: + request.token = token + return True + def validate_access_token(self, client_key, token, request): try: token = Token.objects.get( @@ -76,6 +95,9 @@ class PistonRequestValidator(RequestValidator): def validate_redirect_uri(self, *args, **kwargs): return True + def validate_verifier(self, client_key, token, verifier, request): + return True + def get_client_secret(self, client_key, request): return request.oauth_consumer.secret @@ -88,6 +110,16 @@ class PistonRequestValidator(RequestValidator): consumer=request.oauth_consumer, ) + def save_access_token(self, token, request): + Token.objects.create( + token_type=Token.ACCESS, + timestamp=request.timestamp, + key=token['oauth_token'], + secret=token['oauth_token_secret'], + consumer=request.oauth_consumer, + user=request.token.user, + ) + def verify_request_token(self, token, request): return Token.objects.filter( token_type=Token.REQUEST, key=token, is_approved=False @@ -108,3 +140,10 @@ class PistonRequestValidator(RequestValidator): def get_redirect_uri(self, token, request): return request.redirect_uri + + def invalidate_request_token(self, client_key, request_token, request): + Token.objects.filter( + token_type=Token.REQUEST, + key=request_token, + consumer__key=client_key, + )