X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/24f677a3979ba3f1bdfe420c03ad5e3f8b0398c2..18aa8ca52202003e5628a882f3469a04d905cc05:/src/api/drf_auth.py

diff --git a/src/api/drf_auth.py b/src/api/drf_auth.py
index 26018c61e..adee780d3 100644
--- a/src/api/drf_auth.py
+++ b/src/api/drf_auth.py
@@ -1,20 +1,23 @@
-"""
-Transitional code: bridge between Piston's OAuth implementation
-and DRF views.
-"""
-from piston.authentication import OAuthAuthentication
+# This file is part of Wolne Lektury, licensed under GNU Affero GPLv3 or later.
+# Copyright © Fundacja Wolne Lektury. See NOTICE for more information.
+#
+from oauthlib.oauth1 import ResourceEndpoint
 from rest_framework.authentication import BaseAuthentication
+from .request_validator import PistonRequestValidator
+from .utils import oauthlib_request
 
 
 class PistonOAuthAuthentication(BaseAuthentication):
     def __init__(self):
-        self.piston_auth = OAuthAuthentication()
+        validator = PistonRequestValidator()
+        self.provider = ResourceEndpoint(validator)
 
     def authenticate_header(self, request):
         return 'OAuth realm="API"'
 
     def authenticate(self, request):
-        if self.piston_auth.is_valid_request(request):
-            consumer, token, parameters = self.piston_auth.validate_token(request)
-            if consumer and token:
-                return token.user, token
+        v, r = self.provider.validate_protected_resource_request(
+            **oauthlib_request(request)
+        )
+        if v:
+            return r.token.user, r.token