3 @VVZ@s2dZddlZddlZddlZddlZddlZddlZddlZddlZddl Z dZ dZ dZ Gddde Zd(d d Zd d Zd dZddZd)ddZd*ddZGdddeZGdddeZGdddeZGdddeZGdddeZGd d!d!eZGd"d#d#eZGd$d%d%eZGd&d'd'eZdS)+a1 The MIT License Copyright (c) 2007 Leah Culver Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Nz1.0ZGET PLAINTEXTc@seZdZdZdddZdS) OAuthErrorzGeneric exception class.OAuth error occured.cCs ||_dS)N)message)selfrr-/usr/lib/python3/dist-packages/oauth/oauth.py__init__)szOAuthError.__init__N)r)__name__ __module__ __qualname____doc__r rrrrr'srcCs dd|iS)z,Optional WWW-Authenticate header (401 error)zWWW-AuthenticatezOAuth realm="%s"r)realmrrrbuild_authenticate_header,srcCstjj|ddS)zEscape a URL including any /.~)Zsafe)urllibparseZquote)srrrescape0srcCs t|tr|jdSt|SdS)zConvert unicode to utf-8.zutf-8N) isinstancestrencode)rrrr _utf8_str4s  rcCs ttjS)zGet seconds since epoch (UTC).)inttimerrrrgenerate_timestamp;srcCsdjddt|DS)zGenerate pseudorandom number.rcSsg|]}ttjddqS)r )rrandomrandint).0irrr Asz"generate_nonce..)joinrange)lengthrrrgenerate_nonce?sr'cCsdjddt|DS)zGenerate pseudorandom number.rcSsg|]}ttjddqS)rr)rrr )r!r"rrrr#Esz%generate_verifier..)r$r%)r&rrrgenerate_verifierCsr(c@s eZdZdZdZdZddZdS) OAuthConsumerzConsumer of OAuth authentication. OAuthConsumer is a data type that represents the identity of the Consumer via its shared secret with the Service Provider. NcCs||_||_dS)N)keysecret)rr*r+rrrr RszOAuthConsumer.__init__)r r r r r*r+r rrrrr)Hsr)c@sfeZdZdZdZdZdZdZdZddZ ddZ dddZ d d Z d d Z d dZeeZddZdS) OAuthTokenzOAuthToken is a data type that represents an End User via either an access or request token. key -- the token secret -- the token secret NcCs||_||_dS)N)r*r+)rr*r+rrrr eszOAuthToken.__init__cCs||_d|_dS)Ntrue)callbackcallback_confirmed)rr.rrr set_callbackiszOAuthToken.set_callbackcCs|dk r||_nt|_dS)N)verifierr()rr1rrr set_verifiermszOAuthToken.set_verifiercCsn|jrh|jrhtjj|j}|dd\}}}}}}|rFd||jf}n d|j}tjj||||||fS|jS)Nz%s&oauth_verifier=%szoauth_verifier=%s)r.r1rrurlparseZ urlunparse)rpartsschemenetlocpathparamsZqueryZfragmentrrrget_callback_urlss   zOAuthToken.get_callback_urlcCs.|j|jd}|jdk r"|j|d<tjj|S)N) oauth_tokenoauth_token_secretoauth_callback_confirmed)r*r+r/rrZ urlencode)rdatarrr to_strings    zOAuthToken.to_stringc Cs\tj|dd}|dd}|dd}t||}y|dd|_Wntk rVYnX|S)z] Returns a token from something like: oauth_token_secret=xxx&oauth_token=xxx F)keep_blank_valuesr;rr<r=)cgiparse_qsr,r/KeyError)rr9r*r+tokenrrr from_strings   zOAuthToken.from_stringcCs|jS)N)r?)rrrr__str__szOAuthToken.__str__)N)r r r r r*r+r.r/r1r r0r2r:r?rE staticmethodrFrrrrr,Ws    r,c@seZdZdZdZeZdZeZ eddfddZ ddZ ddZ d d Z d d Zd(ddZddZddZddZddZddZddZddZd)ddZeeZdddeddfd d!ZeeZdeddfd"d#ZeeZd$d%ZeeZd&d'ZeeZdS)* OAuthRequestasOAuthRequest represents the request and can be serialized. OAuth parameters: - oauth_consumer_key - oauth_token - oauth_signature_method - oauth_signature - oauth_timestamp - oauth_nonce - oauth_version - oauth_verifier ... any additional parameters, as defined by the Service Provider. NcCs||_||_|pi|_dS)N) http_methodhttp_url parameters)rrIrJrKrrrr szOAuthRequest.__init__cCs||j|<dS)N)rK)r parametervaluerrr set_parameterszOAuthRequest.set_parameterc Cs(y |j|Std|YnXdS)NzParameter not found: %s)rKr)rrLrrr get_parameters zOAuthRequest.get_parametercCs|jd|jdfS)Noauth_timestamp oauth_nonce)rO)rrrr_get_timestamp_nonces z!OAuthRequest._get_timestamp_noncecCs6i}x,|jjD]\}}|jddkr|||<qW|S)zGet any non-OAuth parameters.oauth_r)rKitemsfind)rrKkvrrrget_nonoauth_parameterss  z$OAuthRequest.get_nonoauth_parametersrcCsVd|}|jrNx>|jjD]0\}}|dddkr|d|tt|f7}qWd|iS)z.Serialize as a header for an HTTPAuth request.zOAuth realm="%s"Nr3rSz , %s="%s" Authorization)rKrTrr)rr auth_headerrVrWrrr to_headers zOAuthRequest.to_headercCsdjdd|jjDS)z*Serialize as post data for a POST request.&cSs,g|]$\}}dtt|tt|fqS)z%s=%s)rr)r!rVrWrrrr#sz,OAuthRequest.to_postdata..)r$rKrT)rrrr to_postdatas zOAuthRequest.to_postdatacCsd|j|jfS)z%Serialize as a URL for a GET request.z%s?%s)get_normalized_http_urlr])rrrrto_urlszOAuthRequest.to_urlc CsP|j}y |d=Wn YnXddt|jD}|jdjdd|DS)zAReturn a string that contains the parameters that must be signed.oauth_signaturecSs(g|] \}}tt|tt|fqSr)rr)r!rVrWrrrr#sz:OAuthRequest.get_normalized_parameters..r\cSsg|]\}}d||fqS)z%s=%sr)r!rVrWrrrr#s)rKlistrTsortr$)rr9Z key_valuesrrrget_normalized_parameterss z&OAuthRequest.get_normalized_parameterscCs |jjS)zUppercases the http method.)rIupper)rrrrget_normalized_http_methodsz'OAuthRequest.get_normalized_http_methodcCsxtjj|j}|dd\}}}|dkrF|d ddkrF|dd }n$|dkrj|d ddkrj|dd }d|||fS) z8Parses the URL and rebuilds it to be scheme://host/path.NZhttpz:80Zhttpsz:443z %s://%s%srhri)rrr4rJ)rr5r6r7r8rrrr^s z$OAuthRequest.get_normalized_http_urlcCs*|jd|j|jd|j|||dS)z=Set the signature parameter to the result of build_signature.oauth_signature_methodr`N)rNget_namebuild_signature)rsignature_methodconsumerrDrrr sign_requests zOAuthRequest.sign_requestcCs|j|||S)z=Calls the build signature method within the signature method.)rl)rrmrnrDrrrrlszOAuthRequest.build_signaturec Cs|dkr i}|rjd|krj|d}|dddkrj|dd}ytj|}|j|WntdYnX|rtj|}|j|tjj|d}tj|} |j| |rt|||SdS)z$Combines multiple parameter sources.NrYr3zOAuth z;Unable to parse OAuth parameters from Authorization header.rg)rH _split_headerupdater_split_url_stringrrr4) rIrJZheadersrKZ query_stringrZZ header_paramsZ query_params param_strZ url_paramsrrr from_request s(        zOAuthRequest.from_requestcCsp|si}|jtttjd}|j||}|rX|j|d<|jrJ|j|d<|rd||d<n |rd||d<t|||S)N)oauth_consumer_keyrPrQ oauth_versionr;oauth_callbackoauth_verifier)r*rr'rHversionrqr.)oauth_consumerrDr.r1rIrJrKZdefaultsrrrfrom_consumer_and_token-s"     z$OAuthRequest.from_consumer_and_tokencCs*|si}|j|d<|r||d<t|||S)Nr;rw)r*rH)rDr.rIrJrKrrrfrom_token_and_callbackKs  z$OAuthRequest.from_token_and_callbackcCsbi}|jd}xN|D]F}|jddkr(q|j}|jdd}tjj|djd||d<qW|S)z+Turn Authorization: header into parameters.,r="r)splitrUstriprrunquote)headerr9r5ZparamZ param_partsrrrrpXs   "zOAuthRequest._split_headercCs<tj|dd}x(|jD]\}}tjj|d||<qW|S)z Turn URL string into parameters.F)r@r)rArBrTrrr)rsrKrVrWrrrrriszOAuthRequest._split_url_string)r)NNN)r r r r rK HTTP_METHODrIrJVERSIONryr rNrOrRrXr[r]r_rcrer^rorlrtrGr{r|rprrrrrrrHs@     ! rHc@seZdZdZdZeZdZdZd*ddZ ddZ dd Z d d Z d d Z ddZddZddZddZd+ddZddZddZddZd,d d!Zd"d#Zd$d%Zd&d'Zd(d)ZdS)- OAuthServerzAA worker to check the validity of a request against a data store.i,NcCs||_|p i|_dS)N) data_storesignature_methods)rrrrrrr xszOAuthServer.__init__cCs ||_dS)N)r)rrrrrset_data_store|szOAuthServer.set_data_storecCs|jS)N)r)rrrrget_data_storeszOAuthServer.get_data_storecCs||j|j<|jS)N)rrk)rrmrrradd_signature_methodsz OAuthServer.add_signature_methodcCsy|j|d}Wnltk r||j|}|j|}y|j|}Wntk rZd}YnX|j||d|jj||}YnX|S)z\Processes a request_token request and returns the request token on success. requestN) _get_tokenr _get_version _get_consumer get_callback_check_signaturerfetch_request_token)r oauth_requestrDryrnr.rrrrs   zOAuthServer.fetch_request_tokenc Csj|j|}|j|}y|j|}Wntk r:d}YnX|j|d}|j||||jj|||}|S)z[Processes an access_token request and returns the access token on success. Nr)rr _get_verifierrrrrfetch_access_token)rrryrnr1rDZ new_tokenrrrrs    zOAuthServer.fetch_access_tokencCs@|j|}|j|}|j|d}|j||||j}|||fS)z3Verifies an api call and checks all the parameters.access)rrrrrX)rrryrnrDrKrrrverify_requests    zOAuthServer.verify_requestcCs|jj||S)zAuthorize a request token.)rauthorize_request_token)rrDuserrrrauthorize_tokenszOAuthServer.authorize_tokencCs |jdS)zGet the callback URL.rw)rO)rrrrrrszOAuthServer.get_callbackrcCs dd|iS)z-Optional support for the authenticate header.zWWW-AuthenticatezOAuth realm="%s"r)rrrrrrsz%OAuthServer.build_authenticate_headerc CsBy|jd}Wnt}YnX|r>||jkr>tdt||S)z3Verify the correct version request for this server.rvzOAuth version %s not supported.)rOrryrr)rrryrrrrs zOAuthServer._get_versioncCsdy|jd}Wnt}YnXy|j|}Wn0djt|jj}td||fYnX|S)z,Figure out the signature with some defaults.rjz, z>Signature method %s not supported try one of the following: %s)rOSIGNATURE_METHODrr$rakeysr)rrrmZsignature_method_namesrrr_get_signature_methods  z!OAuthServer._get_signature_methodcCs&|jd}|jj|}|s"td|S)NruzInvalid consumer.)rOrlookup_consumerr)rrZ consumer_keyrnrrrrs   zOAuthServer._get_consumerrcCs0|jd}|jj||}|s,td||f|S)z9Try to find the token for the provided request token key.r;zInvalid %s token: %s)rOr lookup_tokenr)rr token_typeZ token_fieldrDrrrrs  zOAuthServer._get_tokencCs |jdS)Nrx)rO)rrrrrrszOAuthServer._get_verifierc Cs|j\}}|j||j||||j|}y|jd}WntdYnX|j||||}|s|j|||\} } td| |j|||} dS)Nr`zMissing signature.z5Invalid signature. Expected signature base string: %s) rR_check_timestamp _check_noncerrOrcheck_signaturebuild_signature_base_stringrl) rrrnrD timestampnoncerm signatureZ valid_sigr*basebuiltrrrrs    zOAuthServer._check_signaturecCs>t|}ttj}||}||jkr:td|||jfdS)z#Verify that timestamp is recentish.zQExpired timestamp: given %d and now %s has a greater difference than threshold %dN)rrtimestamp_thresholdr)rrZnowZlapsedrrrrs   zOAuthServer._check_timestampcCs(|jj|||}|r$tdt|dS)z#Verify that the nonce is uniqueish.zNonce already used: %sN)r lookup_noncerr)rrnrDrrrrr szOAuthServer._check_nonce)NN)r)r)r r r r rrryrrr rrrrrrrrrrrrrrrrrrrrrrqs.      rc@sHeZdZdZdZdZddZddZddZd d Z d d Z d dZ dS) OAuthClientz8OAuthClient is a worker to attempt to execute a request.NcCs||_||_dS)N)rnrD)rrzr;rrrr szOAuthClient.__init__cCs|jS)N)rn)rrrr get_consumerszOAuthClient.get_consumercCs|jS)N)rD)rrrr get_tokenszOAuthClient.get_tokencCstdS)z-> OAuthToken.N)NotImplementedError)rrrrrr!szOAuthClient.fetch_request_tokencCstdS)z-> OAuthToken.N)r)rrrrrr%szOAuthClient.fetch_access_tokencCstdS)z-> Some protected resource.N)r)rrrrraccess_resource)szOAuthClient.access_resource) r r r r rnrDr rrrrrrrrrrsrc@s@eZdZdZddZddZddZdd Zd d Zd d Z dS)OAuthDataStorez;A database abstraction used to lookup consumers and tokens.cCstdS)z-> OAuthConsumer.N)r)rr*rrrr1szOAuthDataStore.lookup_consumercCstdS)z-> OAuthToken.N)r)rrzrZ token_tokenrrrr5szOAuthDataStore.lookup_tokencCstdS)z-> OAuthToken.N)r)rrzr;rrrrr9szOAuthDataStore.lookup_noncecCstdS)z-> OAuthToken.N)r)rrzrwrrrr=sz"OAuthDataStore.fetch_request_tokencCstdS)z-> OAuthToken.N)r)rrzr;rxrrrrAsz!OAuthDataStore.fetch_access_tokencCstdS)z-> OAuthToken.N)r)rr;rrrrrEsz&OAuthDataStore.authorize_request_tokenN) r r r r rrrrrrrrrrr.src@s0eZdZdZddZddZddZdd Zd S) OAuthSignatureMethodz4A strategy class that implements a signature method.cCstdS)z-> str.N)r)rrrrrkLszOAuthSignatureMethod.get_namecCstdS)z-> str key, str raw.N)r)rrrzr;rrrrPsz0OAuthSignatureMethod.build_signature_base_stringcCstdS)z-> str.N)r)rrrzr;rrrrlTsz$OAuthSignatureMethod.build_signaturecCs|j|||}||kS)N)rl)rrrnrDrrrrrrXsz$OAuthSignatureMethod.check_signatureN)r r r r rkrrlrrrrrrJs rc@s$eZdZddZddZddZdS)OAuthSignatureMethod_HMAC_SHA1cCsdS)Nz HMAC-SHA1r)rrrrrk_sz'OAuthSignatureMethod_HMAC_SHA1.get_namecCsTt|jt|jt|jf}dt|j}|rB|t|j7}dj|}||fS)Nz%s&r\)rrer^rcr+r$)rrrnrDsigr*rawrrrrbs   z:OAuthSignatureMethod_HMAC_SHA1.build_signature_base_stringc Csh|j|||\}}yddl}tj|||j}Wn"ddl}tj|||}YnXtj|jddS)z!Builds the base signature string.rNr~r) rhashlibhmacnewZsha1shabinasciiZ b2a_base64Zdigest) rrrnrDr*rrZhashedrrrrrlos z.OAuthSignatureMethod_HMAC_SHA1.build_signatureN)r r r rkrrlrrrrr]s rc@s$eZdZddZddZddZdS)OAuthSignatureMethod_PLAINTEXTcCsdS)Nrr)rrrrrksz'OAuthSignatureMethod_PLAINTEXT.get_namecCs(dt|j}|r |t|j}||fS)z)Concatenates the consumer key and secret.z%s&)rr+)rrrnrDrrrrrsz:OAuthSignatureMethod_PLAINTEXT.build_signature_base_stringcCs|j|||\}}|S)N)r)rrrnrDr*rrrrrls z.OAuthSignatureMethod_PLAINTEXT.build_signatureN)r r r rkrrlrrrrrsr)r)r)r)r rAZurllib.requestrZ urllib.parseZ urllib.errorrrrrrrr RuntimeErrorrrrrrr'r(objectr)r,rHrrrrrrrrrrs8   EV"#