mirror of
https://github.com/encode/django-rest-framework.git
synced 2024-11-26 19:43:59 +03:00
Clean ups.
This commit is contained in:
parent
44930f3091
commit
1d62594fa9
|
@ -157,6 +157,7 @@ class OAuthAuthentication(BaseAuthentication):
|
||||||
OAuth 1.0a authentication backend using `django-oauth-plus` and `oauth2`.
|
OAuth 1.0a authentication backend using `django-oauth-plus` and `oauth2`.
|
||||||
|
|
||||||
Note: The `oauth2` package actually provides oauth1.0a support. Urg.
|
Note: The `oauth2` package actually provides oauth1.0a support. Urg.
|
||||||
|
We import it from the `compat` module as `oauth`.
|
||||||
"""
|
"""
|
||||||
www_authenticate_realm = 'api'
|
www_authenticate_realm = 'api'
|
||||||
|
|
||||||
|
@ -164,23 +165,42 @@ class OAuthAuthentication(BaseAuthentication):
|
||||||
super(OAuthAuthentication, self).__init__(**kwargs)
|
super(OAuthAuthentication, self).__init__(**kwargs)
|
||||||
|
|
||||||
if oauth is None:
|
if oauth is None:
|
||||||
raise ImproperlyConfigured("The 'oauth2' package could not be imported. It is required for use with the 'OAuthAuthentication' class.")
|
raise ImproperlyConfigured(
|
||||||
|
"The 'oauth2' package could not be imported."
|
||||||
|
"It is required for use with the 'OAuthAuthentication' class.")
|
||||||
|
|
||||||
if oauth_provider is None:
|
if oauth_provider is None:
|
||||||
raise ImproperlyConfigured("The 'django-oauth-plus' package could not be imported. It is required for use with the 'OAuthAuthentication' class.")
|
raise ImproperlyConfigured(
|
||||||
|
"The 'django-oauth-plus' package could not be imported."
|
||||||
|
"It is required for use with the 'OAuthAuthentication' class.")
|
||||||
|
|
||||||
def authenticate(self, request):
|
def authenticate(self, request):
|
||||||
"""
|
"""
|
||||||
Returns two-tuple of (user, token) if authentication succeeds,
|
Returns two-tuple of (user, token) if authentication succeeds,
|
||||||
or None otherwise.
|
or None otherwise.
|
||||||
"""
|
"""
|
||||||
if not self.is_valid_request(request):
|
try:
|
||||||
|
oauth_request = oauth_provider.utils.get_oauth_request(request)
|
||||||
|
except oauth.Error as err:
|
||||||
|
raise exceptions.AuthenticationFailed(err.message)
|
||||||
|
|
||||||
|
oauth_params = oauth_provider.consts.OAUTH_PARAMETERS_NAMES
|
||||||
|
|
||||||
|
found = any(param for param in oauth_params if param in oauth_request)
|
||||||
|
missing = list(param for param in oauth_params if param not in oauth_request)
|
||||||
|
|
||||||
|
if not found:
|
||||||
|
# OAuth authentication was not attempted.
|
||||||
return None
|
return None
|
||||||
|
|
||||||
oauth_request = oauth_provider.utils.get_oauth_request(request)
|
if missing:
|
||||||
|
# OAuth was attempted but missing parameters.
|
||||||
|
msg = 'Missing parameters: %s' % (', '.join(missing))
|
||||||
|
raise exceptions.AuthenticationFailed(msg)
|
||||||
|
|
||||||
if not self.check_nonce(request, oauth_request):
|
if not self.check_nonce(request, oauth_request):
|
||||||
raise exceptions.AuthenticationFailed("Nonce check failed")
|
msg = 'Nonce check failed'
|
||||||
|
raise exceptions.AuthenticationFailed(msg)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
|
consumer_key = oauth_request.get_parameter('oauth_consumer_key')
|
||||||
|
@ -207,40 +227,27 @@ class OAuthAuthentication(BaseAuthentication):
|
||||||
user = token.user
|
user = token.user
|
||||||
|
|
||||||
if not user.is_active:
|
if not user.is_active:
|
||||||
raise exceptions.AuthenticationFailed('User inactive or deleted: %s' % user.username)
|
msg = 'User inactive or deleted: %s' % user.username
|
||||||
|
raise exceptions.AuthenticationFailed(msg)
|
||||||
|
|
||||||
return (token.user, token)
|
return (token.user, token)
|
||||||
|
|
||||||
def authenticate_header(self, request):
|
def authenticate_header(self, request):
|
||||||
|
"""
|
||||||
|
If permission is denied, return a '401 Unauthorized' response,
|
||||||
|
with an appropraite 'WWW-Authenticate' header.
|
||||||
|
"""
|
||||||
return 'OAuth realm="%s"' % self.www_authenticate_realm
|
return 'OAuth realm="%s"' % self.www_authenticate_realm
|
||||||
|
|
||||||
def is_in(self, params):
|
|
||||||
"""
|
|
||||||
Checks to ensure that all the OAuth parameter names are in the
|
|
||||||
provided ``params``.
|
|
||||||
"""
|
|
||||||
for param_name in oauth_provider.consts.OAUTH_PARAMETERS_NAMES:
|
|
||||||
if param_name not in params:
|
|
||||||
return False
|
|
||||||
|
|
||||||
return True
|
|
||||||
|
|
||||||
def is_valid_request(self, request):
|
|
||||||
"""
|
|
||||||
Checks whether the required parameters are either in the HTTP
|
|
||||||
`Authorization` header sent by some clients.
|
|
||||||
(The preferred method according to OAuth spec.)
|
|
||||||
Or fall back to `GET/POST`.
|
|
||||||
"""
|
|
||||||
auth_params = request.META.get('HTTP_AUTHORIZATION', [])
|
|
||||||
return self.is_in(auth_params) or self.is_in(request.REQUEST)
|
|
||||||
|
|
||||||
def validate_token(self, request, consumer, token):
|
def validate_token(self, request, consumer, token):
|
||||||
|
"""
|
||||||
|
Check the token and raise an `oauth.Error` exception if invalid.
|
||||||
|
"""
|
||||||
oauth_server, oauth_request = oauth_provider.utils.initialize_server_request(request)
|
oauth_server, oauth_request = oauth_provider.utils.initialize_server_request(request)
|
||||||
return oauth_server.verify_request(oauth_request, consumer, token)
|
oauth_server.verify_request(oauth_request, consumer, token)
|
||||||
|
|
||||||
def check_nonce(self, request, oauth_request):
|
def check_nonce(self, request, oauth_request):
|
||||||
"""
|
"""
|
||||||
Checks nonce of request.
|
Checks nonce of request, and return True if valid.
|
||||||
"""
|
"""
|
||||||
return oauth_provider.store.store.check_nonce(request, oauth_request, oauth_request['oauth_nonce'])
|
return oauth_provider_store.check_nonce(request, oauth_request, oauth_request['oauth_nonce'])
|
||||||
|
|
Loading…
Reference in New Issue
Block a user