Last active
December 10, 2015 16:29
-
-
Save tino/4461572 to your computer and use it in GitHub Desktop.
Minimal view code for setting up https://github.com/idan/oauthlib as an OAuth provider. Lines 7 - 70 are for oauthlib, the rest are the actual django views.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
import re | |
from django.http import HttpResponseRedirect, HttpResponse, HttpResponseForbidden, QueryDict | |
from django.views.decorators.csrf import csrf_exempt | |
from oauthlib.oauth2.draft25 import AuthorizationEndpoint, TokenEndpoint, ResourceEndpoint | |
from oauthlib.oauth2.draft25.grant_types import RequestValidator, AuthorizationCodeGrant | |
from oauthlib.oauth2.draft25.tokens import BearerToken | |
class TestRequestValidator(RequestValidator): | |
def validate_client_id(self, client_id, *args, **kwargs): | |
return True | |
def validate_client(self, client_id, grant_type, client, *args, **kwargs): | |
return True | |
def validate_code(self, client_id, code, client, *args, **kwargs): | |
return True | |
def validate_bearer_token(self, token): | |
return True | |
def validate_refresh_token(self, refresh_token, client, *args, **kwargs): | |
return True | |
def authenticate_client(self, request, *args, **kwargs): | |
return True | |
def validate_scopes(self, client_id, scopes): | |
return True | |
def confirm_scopes(self, refresh_token, scopes): | |
return True | |
def validate_user(self, username, password, client=None): | |
return True | |
def validate_redirect_uri(self, client_id, redirect_uri): | |
return True | |
def confirm_redirect_uri(self, client_id, code, redirect_uri, client): | |
return True | |
def get_default_redirect_uri(self, client_id): | |
return None | |
class TestAuthorizationCodeGrant(AuthorizationCodeGrant): | |
def save_authorization_code(self, client_id, grant): | |
pass | |
class TestBearerToken(BearerToken): | |
def save_token(self, request, token): | |
pass | |
authorization_code_grant = TestAuthorizationCodeGrant(TestRequestValidator()) | |
authorization_endpoint = AuthorizationEndpoint('code', | |
response_types={'code': authorization_code_grant}) | |
default_token = TestBearerToken(TestRequestValidator()) | |
token_endpoint = TokenEndpoint('authorization_code_grant', default_token, | |
{'authorization_code_grant': authorization_code_grant}) | |
resource_endpoint = ResourceEndpoint('Bearer', {'Bearer': default_token}) | |
def get_headers(request): | |
regex = re.compile('^HTTP_') | |
return dict((regex.sub('', header), value) for (header, value) | |
in request.META.items() if header.startswith('HTTP_')) | |
def authenticate(request): | |
headers = get_headers(request) | |
uri = '%s?%s' % (request.path, request.GET.urlencode()) | |
response_data = authorization_endpoint.create_authorization_response(uri, | |
request.method, request.body, headers) | |
response = HttpResponseRedirect(response_data[0]) | |
return response | |
@csrf_exempt | |
def token(request): | |
headers = get_headers(request) | |
uri = '%s?%s' % (request.path, request.GET.urlencode()) | |
response_data = token_endpoint.create_token_response(uri, | |
request.method, request.body, headers) | |
response = HttpResponse(response_data[2], status=response_data[3]) | |
return response | |
def api(request, *args, **kwargs): | |
headers = get_headers(request) | |
uri = '%s?%s' % (request.path, request.GET.urlencode()) | |
if not resource_endpoint.verify_request(uri, request.method, request.body, headers): | |
return HttpResponseForbidden('Invalid access_token') | |
return HttpResponse(json.dumps(dict(id=1, | |
name="Someone", | |
friends=["Somebody", "Nobody"]))) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment