heckyel/mediagoblin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use oauthlib's safe characters when generating client_key and client_secret

Browse Source
This commit is contained in:
Jessica Tallon 2014-08-05 21:41:31 +01:00 committed by Christopher Allan Webber
parent a7800e6da8
commit 32ff6f4dc0
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
mediagoblin/oauth/views.py
View File

@ -17,6 +17,7 @@
import datetime import datetime
import string import string
from oauthlib.oauth1.rfc5849.utils import UNICODE_ASCII_CHARACTER_SET
from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint, from oauthlib.oauth1 import (RequestTokenEndpoint, AuthorizationEndpoint,
AccessTokenEndpoint) AccessTokenEndpoint)
@ -37,8 +38,6 @@ from mediagoblin.db.models import NonceTimestamp, Client, RequestToken
# possible client types # possible client types
CLIENT_TYPES = ["web", "native"] # currently what pump supports CLIENT_TYPES = ["web", "native"] # currently what pump supports
OAUTH_ALPHABET = (string.ascii_letters.decode('ascii') +
string.digits.decode('ascii'))
@csrf_exempt @csrf_exempt
def client_register(request): def client_register(request):
@ -107,8 +106,8 @@ def client_register(request):
return json_response({"error": error}, status=400) return json_response({"error": error}, status=400)
# generate the client_id and client_secret # generate the client_id and client_secret
client_id = random_string(22, OAUTH_ALPHABET) client_id = random_string(22, UNICODE_ASCII_CHARACTER_SET)
client_secret = random_string(43, OAUTH_ALPHABET) client_secret = random_string(43, UNICODE_ASCII_CHARACTER_SET)
expirey = 0 # for now, lets not have it expire expirey = 0 # for now, lets not have it expire
expirey_db = None if expirey == 0 else expirey expirey_db = None if expirey == 0 else expirey
application_type = data["application_type"] application_type = data["application_type"]