Python lib 1.0a support. Very basic and hurting for tests. Thanks and John L. Scarfone.

git-svn-id: https://oauth.googlecode.com/svn/code/python@1092 f7ae4463-c52f-0410-a7dc-93bad6e629e8

Author: leah.culver

oauth/example/client.py

@@ -98,7 +98,7 @@ def run_example():
     # get request token
     print '* Obtain a request token ...'
     pause()
-    oauth_request = oauth.OAuthRequest.from_consumer_and_token(consumer, http_url=client.request_token_url)
+    oauth_request = oauth.OAuthRequest.from_consumer_and_token(consumer, callback=CALLBACK_URL, http_url=client.request_token_url)
     oauth_request.sign_request(signature_method_plaintext, consumer, None)
     print 'REQUEST (via headers)'
     print 'parameters: %s' % str(oauth_request.parameters)
@@ -107,24 +107,31 @@ def run_example():
     print 'GOT'
     print 'key: %s' % str(token.key)
     print 'secret: %s' % str(token.secret)
+    print 'callback confirmed? %s' % str(token.callback_confirmed)
     pause()
 
     print '* Authorize the request token ...'
     pause()
-    oauth_request = oauth.OAuthRequest.from_token_and_callback(token=token, callback=CALLBACK_URL, http_url=client.authorization_url)
+    oauth_request = oauth.OAuthRequest.from_token_and_callback(token=token, http_url=client.authorization_url)
     print 'REQUEST (via url query string)'
     print 'parameters: %s' % str(oauth_request.parameters)
     pause()
     # this will actually occur only on some callback
     response = client.authorize_token(oauth_request)
     print 'GOT'
     print response
+    # sad way to get the verifier
+    import urlparse, cgi
+    query = urlparse.urlparse(response)[4]
+    params = cgi.parse_qs(query, keep_blank_values=False)
+    verifier = params['oauth_verifier'][0]
+    print 'verifier: %s' % verifier
     pause()
 
     # get access token
     print '* Obtain an access token ...'
     pause()
-    oauth_request = oauth.OAuthRequest.from_consumer_and_token(consumer, token=token, http_url=client.access_token_url)
+    oauth_request = oauth.OAuthRequest.from_consumer_and_token(consumer, token=token, verifier=verifier, http_url=client.access_token_url)
     oauth_request.sign_request(signature_method_plaintext, consumer, token)
     print 'REQUEST (via headers)'
     print 'parameters: %s' % str(oauth_request.parameters)
@@ -138,7 +145,7 @@ def run_example():
     # access some protected resources
     print '* Access protected resources ...'
     pause()
-    parameters = {'file': 'vacation.jpg', 'size': 'original', 'oauth_callback': CALLBACK_URL} # resource specific params
+    parameters = {'file': 'vacation.jpg', 'size': 'original'} # resource specific params
     oauth_request = oauth.OAuthRequest.from_consumer_and_token(consumer, token=token, http_method='POST', http_url=RESOURCE_URL, parameters=parameters)
     oauth_request.sign_request(signature_method_hmac_sha1, consumer, token)
     print 'REQUEST (via post body)'

oauth/example/server.py

@@ -31,8 +31,10 @@
 REQUEST_TOKEN_URL = 'https://photos.example.net/request_token'
 ACCESS_TOKEN_URL = 'https://photos.example.net/access_token'
 AUTHORIZATION_URL = 'https://photos.example.net/authorize'
+CALLBACK_URL = 'http://printer.example.com/request_token_ready'
 RESOURCE_URL = 'http://photos.example.net/photos'
 REALM = 'http://photos.example.net/'
+VERIFIER = 'verifier'
 
 # example store for one of each thing
 class MockOAuthDataStore(oauth.OAuthDataStore):
@@ -42,6 +44,7 @@ def __init__(self):
         self.request_token = oauth.OAuthToken('requestkey', 'requestsecret')
         self.access_token = oauth.OAuthToken('accesskey', 'accesssecret')
         self.nonce = 'nonce'
+        self.verifier = VERIFIER
 
     def lookup_consumer(self, key):
         if key == self.consumer.key:
@@ -51,6 +54,8 @@ def lookup_consumer(self, key):
     def lookup_token(self, token_type, token):
         token_attrib = getattr(self, '%s_token' % token_type)
         if token == token_attrib.key:
+            ## HACK
+            token_attrib.set_callback(CALLBACK_URL)
             return token_attrib
         return None
 
@@ -59,13 +64,17 @@ def lookup_nonce(self, oauth_consumer, oauth_token, nonce):
             return self.nonce
         return None
 
-    def fetch_request_token(self, oauth_consumer):
+    def fetch_request_token(self, oauth_consumer, oauth_callback):
         if oauth_consumer.key == self.consumer.key:
+            if oauth_callback:
+                # want to check here if callback is sensible
+                # for mock store, we assume it is
+                self.request_token.set_callback(oauth_callback)
             return self.request_token
         return None
 
-    def fetch_access_token(self, oauth_consumer, oauth_token):
-        if oauth_consumer.key == self.consumer.key and oauth_token.key == self.request_token.key:
+    def fetch_access_token(self, oauth_consumer, oauth_token, oauth_verifier):
+        if oauth_consumer.key == self.consumer.key and oauth_token.key == self.request_token.key and oauth_verifier == self.verifier:
             # want to check here if token is authorized
             # for mock store, we assume it is
             return self.access_token
@@ -131,18 +140,14 @@ def do_GET(self):
             try:
                 # get the request token
                 token = self.oauth_server.fetch_request_token(oauth_request)
-                callback = self.oauth_server.get_callback(oauth_request)
+                # authorize the token (kind of does nothing for now)
+                token = self.oauth_server.authorize_token(token, None)
+                token.set_verifier(VERIFIER)
                 # send okay response
                 self.send_response(200, 'OK')
                 self.end_headers()
                 # return the callback url (to show server has it)
-                self.wfile.write('callback: %s' % callback)
-                # authorize the token (kind of does nothing for now)
-                token = self.oauth_server.authorize_token(token, None)
-                self.wfile.write('\n')
-                # return the token key
-                token_key = urllib.urlencode({'oauth_token': token.key})
-                self.wfile.write('token key: %s' % token_key)
+                self.wfile.write(token.get_callback_url())
             except oauth.OAuthError, err:
                 self.send_oauth_error(err)
             return

oauth/oauth.py

@@ -64,6 +64,10 @@ def generate_nonce(length=8):
     """Generate pseudorandom number."""
     return ''.join([str(random.randint(0, 9)) for i in range(length)])
 
+def generate_verifier(length=8):
+    """Generate pseudorandom number."""
+    return ''.join([str(random.randint(0, 9)) for i in range(length)])
+
 
 class OAuthConsumer(object):
     """Consumer of OAuth authentication.
@@ -79,7 +83,7 @@ def __init__(self, key, secret):
         self.key = key
         self.secret = secret
 
-   
+
 class OAuthToken(object):
     """OAuthToken is a data type that represents an End User via either an access
     or request token.
@@ -90,14 +94,45 @@ class OAuthToken(object):
     """
     key = None
     secret = None
+    callback = None
+    callback_confirmed = None
+    verifier = None
 
     def __init__(self, key, secret):
         self.key = key
         self.secret = secret
 
+    def set_callback(self, callback):
+        self.callback = callback
+        self.callback_confirmed = 'true'
+
+    def set_verifier(self, verifier=None):
+        if verifier is not None:
+            self.verifier = verifier
+        else:
+            self.verifier = generate_verifier()
+
+    def get_callback_url(self):
+        if self.callback and self.verifier:
+            # Append the oauth_verifier.
+            parts = urlparse.urlparse(self.callback)
+            scheme, netloc, path, params, query, fragment = parts[:6]
+            if query:
+                query = '%s&oauth_verifier=%s' % (query, self.verifier)
+            else:
+                query = 'oauth_verifier=%s' % self.verifier
+            return urlparse.urlunparse((scheme, netloc, path, params,
+                query, fragment))
+        return self.callback
+
     def to_string(self):
-        return urllib.urlencode({'oauth_token': self.key,
-            'oauth_token_secret': self.secret})
+        data = {
+            'oauth_token': self.key,
+            'oauth_token_secret': self.secret,
+        }
+        if self.callback_confirmed is not None:
+            data['oauth_callback_confirmed'] = self.callback_confirmed
+        return urllib.urlencode(data)
 
     def from_string(s):
         """ Returns a token from something like:
@@ -106,7 +141,12 @@ def from_string(s):
         params = cgi.parse_qs(s, keep_blank_values=False)
         key = params['oauth_token'][0]
         secret = params['oauth_token_secret'][0]
-        return OAuthToken(key, secret)
+        token = OAuthToken(key, secret)
+        try:
+            token.callback_confirmed = params['oauth_callback_confirmed'][0]
+        except KeyError:
+            pass # 1.0, no callback confirmed.
+        return token
     from_string = staticmethod(from_string)
 
     def __str__(self):
@@ -124,6 +164,7 @@ class OAuthRequest(object):
         - oauth_timestamp 
         - oauth_nonce
         - oauth_version
+        - oauth_verifier
         ... any additional parameters, as defined by the Service Provider.
     """
     parameters = None # OAuth parameters.
@@ -258,7 +299,8 @@ def from_request(http_method, http_url, headers=None, parameters=None,
     from_request = staticmethod(from_request)
 
     def from_consumer_and_token(oauth_consumer, token=None,
-            http_method=HTTP_METHOD, http_url=None, parameters=None):
+            callback=None, verifier=None, http_method=HTTP_METHOD,
+            http_url=None, parameters=None):
         if not parameters:
             parameters = {}
 
@@ -274,6 +316,12 @@ def from_consumer_and_token(oauth_consumer, token=None,
 
         if token:
             parameters['oauth_token'] = token.key
+            parameters['oauth_callback'] = token.callback
+            # 1.0a support for verifier.
+            parameters['oauth_verifier'] = verifier
+        elif callback:
+            # 1.0a support for callback in the request token request.
+            parameters['oauth_callback'] = callback
 
         return OAuthRequest(http_method, http_url, parameters)
     from_consumer_and_token = staticmethod(from_consumer_and_token)
@@ -348,9 +396,13 @@ def fetch_request_token(self, oauth_request):
             # No token required for the initial token request.
             version = self._get_version(oauth_request)
             consumer = self._get_consumer(oauth_request)
+            try:
+                callback = self.get_callback(oauth_request)
+            except OAuthError:
+                callback = None # 1.0, no callback specified.
             self._check_signature(oauth_request, consumer, None)
             # Fetch a new token.
-            token = self.data_store.fetch_request_token(consumer)
+            token = self.data_store.fetch_request_token(consumer, callback)
         return token
 
     def fetch_access_token(self, oauth_request):
@@ -359,10 +411,11 @@ def fetch_access_token(self, oauth_request):
         """
         version = self._get_version(oauth_request)
         consumer = self._get_consumer(oauth_request)
+        verifier = self._get_verifier(oauth_request)
         # Get the request token.
         token = self._get_token(oauth_request, 'request')
         self._check_signature(oauth_request, consumer, token)
-        new_token = self.data_store.fetch_access_token(consumer, token)
+        new_token = self.data_store.fetch_access_token(consumer, token, verifier)
         return new_token
 
     def verify_request(self, oauth_request):
@@ -429,6 +482,9 @@ def _get_token(self, oauth_request, token_type='access'):
         if not token:
             raise OAuthError('Invalid %s token: %s' % (token_type, token_field))
         return token
+    
+    def _get_verifier(self, oauth_request):
+        return oauth_request.get_parameter('oauth_verifier')
 
     def _check_signature(self, oauth_request, consumer, token):
         timestamp, nonce = oauth_request._get_timestamp_nonce()
@@ -509,11 +565,11 @@ def lookup_nonce(self, oauth_consumer, oauth_token, nonce):
         """-> OAuthToken."""
         raise NotImplementedError
 
-    def fetch_request_token(self, oauth_consumer):
+    def fetch_request_token(self, oauth_consumer, oauth_callback):
         """-> OAuthToken."""
         raise NotImplementedError
 
-    def fetch_access_token(self, oauth_consumer, oauth_token):
+    def fetch_access_token(self, oauth_consumer, oauth_token, oauth_verifier):
         """-> OAuthToken."""
         raise NotImplementedError