Adds the decorator

2013-07-11 20:24:20 +01:00 · 2013-07-11 20:24:20 +01:00 · 1e2675b0c0
commit 1e2675b0c0
parent 786bbd79e8
4 changed files with 31 additions and 5 deletions
--- a/mediagoblin/decorators.py
+++ b/mediagoblin/decorators.py
@ -18,6 +18,7 @@ from functools import wraps

 from urlparse import urljoin
 from werkzeug.exceptions import Forbidden, NotFound
+from oauthlib.oauth1 import ResourceEndpoint

 from mediagoblin import mg_globals as mgg
 from mediagoblin import messages
@ -271,7 +272,7 @@ def auth_enabled(controller):

    return wrapper

-def oauth_requeired(controller):
+def oauth_required(controller):
    """ Used to wrap API endpoints where oauth is required """
    @wraps(controller)
    def wrapper(request, *args, **kwargs):
@ -282,5 +283,18 @@ def oauth_requeired(controller):
            error = "Missing required parameter."
            return json_response({"error": error}, status=400)

-        
-        
+         
+        request_validator = GMGRequestValidator()
+        resource_endpoint = ResourceEndpoint(request_validator)
+        valid, request = resource_endpoint.validate_protected_resource_request(
+                uri=request.url,
+                http_method=request.method,
+                body=request.get_data(),
+                headers=dict(request.headers),
+                )
+        #print "[VALID] %s" % valid
+        #print "[REQUEST] %s" % request
+
+        return controller(request, *args, **kwargs)
+
+    return wrapper
--- a/mediagoblin/federation/oauth.py
+++ b/mediagoblin/federation/oauth.py
@ -24,6 +24,8 @@ from mediagoblin.db.models import Client, RequestToken, AccessToken

 class GMGRequestValidator(RequestValidator):

+    enforce_ssl = False
+
    def __init__(self, data=None):
        self.POST = data

--- a/mediagoblin/federation/routing.py
+++ b/mediagoblin/federation/routing.py
@ -41,3 +41,9 @@ add_route(
        "/oauth/access_token",
        "mediagoblin.federation.views:access_token"
        )
+
+add_route(
+        "mediagoblin.federation",
+        "/api/test",
+        "mediagoblin.federation.views:test"
+        )
--- a/mediagoblin/federation/views.py
+++ b/mediagoblin/federation/views.py
@ -19,7 +19,7 @@ import datetime
 from oauthlib.oauth1 import (AuthorizationEndpoint, RequestValidator, 
                             RequestTokenEndpoint, AccessTokenEndpoint)

-from mediagoblin.decorators import require_active_login
+from mediagoblin.decorators import require_active_login, oauth_required
 from mediagoblin.tools.translate import pass_to_ugettext
 from mediagoblin.meddleware.csrf import csrf_exempt
 from mediagoblin.tools.request import decode_request
@ -337,4 +337,8 @@ def access_token(request):
    av = AccessTokenEndpoint(request_validator)
    tokens = av.create_access_token(request, {})
    return form_response(tokens)
- 
+
+@csrf_exempt
+@oauth_required 
+def test(request):
+    return json_response({"check":"OK"})