X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/1434b3dfc0495e885921acb726df6cc06e00c5ed..b0b9c1f0f9f4cc0f5c4d00d913735ab6a81bf214:/src/api/views.py?ds=sidebyside diff --git a/src/api/views.py b/src/api/views.py index 3cf957ed9..66c9258e8 100644 --- a/src/api/views.py +++ b/src/api/views.py @@ -3,9 +3,10 @@ # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information. # from django.http import Http404 +from django.views.generic.base import View from oauthlib.common import urlencode -from oauthlib.oauth1 import RequestTokenEndpoint -from piston.models import KEY_SIZE, SECRET_SIZE +from oauthlib.oauth1 import RequestTokenEndpoint, AccessTokenEndpoint +from api.piston.models import KEY_SIZE, SECRET_SIZE from rest_framework.permissions import IsAuthenticated from rest_framework.response import Response from rest_framework.views import APIView @@ -34,7 +35,7 @@ class OAuth1RequestTokenEndpoint(RequestTokenEndpoint): return urlencode(token.items()) -class OAuth1RequestTokenView(APIView): +class OAuth1RequestTokenView(View): def __init__(self): self.endpoint = OAuth1RequestTokenEndpoint(PistonRequestValidator()) @@ -46,6 +47,37 @@ class OAuth1RequestTokenView(APIView): ) +class OAuth1AccessTokenEndpoint(AccessTokenEndpoint): + def _create_request(self, *args, **kwargs): + r = super(OAuth1AccessTokenEndpoint, self)._create_request(*args, **kwargs) + r.verifier = 'x' * 20 + return r + + def create_access_token(self, request, credentials): + request.realms = self.request_validator.get_realms( + request.resource_owner_key, request) + token = { + 'oauth_token': self.token_generator()[:KEY_SIZE], + 'oauth_token_secret': self.token_generator()[:SECRET_SIZE], + 'oauth_authorized_realms': ' '.join(request.realms) + } + token.update(credentials) + self.request_validator.save_access_token(token, request) + return urlencode(token.items()) + + +class OAuth1AccessTokenView(View): + def __init__(self): + self.endpoint = OAuth1AccessTokenEndpoint(PistonRequestValidator()) + + def dispatch(self, request): + return oauthlib_response( + self.endpoint.create_access_token_response( + **oauthlib_request(request) + ) + ) + + class UserView(RetrieveAPIView): permission_classes = [IsAuthenticated] serializer_class = serializers.UserSerializer