本文整理汇总了Python中oauthlib.common.Request.oauth_params方法的典型用法代码示例。如果您正苦于以下问题:Python Request.oauth_params方法的具体用法?Python Request.oauth_params怎么用?Python Request.oauth_params使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oauthlib.common.Request的用法示例。
在下文中一共展示了Request.oauth_params方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _create_request
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def _create_request(self, uri, http_method, body, headers):
# Only include body data from x-www-form-urlencoded requests
headers = headers or {}
if "Content-Type" in headers and CONTENT_TYPE_FORM_URLENCODED in headers["Content-Type"]:
request = Request(uri, http_method, body, headers)
else:
request = Request(uri, http_method, "", headers)
signature_type, params, oauth_params = self._get_signature_type_and_params(request)
# The server SHOULD return a 400 (Bad Request) status code when
# receiving a request with duplicated protocol parameters.
if len(dict(oauth_params)) != len(oauth_params):
raise errors.InvalidRequestError(description="Duplicate OAuth2 entries.")
oauth_params = dict(oauth_params)
request.signature = oauth_params.get("oauth_signature")
request.client_key = oauth_params.get("oauth_consumer_key")
request.resource_owner_key = oauth_params.get("oauth_token")
request.nonce = oauth_params.get("oauth_nonce")
request.timestamp = oauth_params.get("oauth_timestamp")
request.redirect_uri = oauth_params.get("oauth_callback")
request.verifier = oauth_params.get("oauth_verifier")
request.signature_method = oauth_params.get("oauth_signature_method")
request.realm = dict(params).get("realm")
request.oauth_params = oauth_params
# Parameters to Client depend on signature method which may vary
# for each request. Note that HMAC-SHA1 and PLAINTEXT share parameters
request.params = [(k, v) for k, v in params if k != "oauth_signature"]
if "realm" in request.headers.get("Authorization", ""):
request.params = [(k, v) for k, v in request.params if k != "realm"]
return request示例2: _get_authorization_header
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def _get_authorization_header(request, client_key, client_secret):
"""
Get proper HTTP Authorization header for a given request
Arguments:
request: Request object to log Authorization header for
Returns:
authorization header
"""
sha1 = hashlib.sha1()
body = request.body or ''
sha1.update(body)
oauth_body_hash = unicode(base64.b64encode(
sha1.digest() # pylint: disable=too-many-function-args
))
client = Client(client_key, client_secret)
params = client.get_oauth_params(request)
params.append((u'oauth_body_hash', oauth_body_hash))
blank_request = Request(urllib.unquote(request.url), http_method=request.method, body='', headers=request.headers, encoding='utf_8')
blank_request.oauth_params = params
blank_request.decoded_body = ''
signature = client.get_oauth_signature(blank_request)
blank_request.oauth_params.append((u'oauth_signature', signature))
headers = client._render( # pylint: disable=protected-access
blank_request
)[1]
return headers['Authorization']示例3: sign
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def sign(self, uri, http_method=u'GET', body='', headers=None):
"""Sign a request
Signs an HTTP request with the specified parts.
Returns a 3-tuple of the signed request's URI, headers, and body.
Note that http_method is not returned as it is unaffected by the OAuth
signing process.
The body argument may be a dict, a list of 2-tuples, or a formencoded
string. If the body argument is not a formencoded string and/or the
Content-Type header is not 'x-www-form-urlencoded', it will be
returned verbatim as it is unaffected by the OAuth signing process.
Attempting to sign a request with non-formencoded data using the
OAuth body signature type is invalid and will raise an exception.
If the body does contain parameters, it will be returned as a properly-
formatted formencoded string.
All string data MUST be unicode. This includes strings inside body
dicts, for example.
"""
# normalize request data
request = Request(uri, http_method, body, headers)
# sanity check
content_type = request.headers.get('Content-Type', None)
if content_type == 'application/x-www-form-urlencoded' and not request.body_has_params:
raise ValueError("Headers indicate a formencoded body but body was not decodable.")
# generate the basic OAuth parameters
request.oauth_params = self.get_oauth_params()
# generate the signature
request.oauth_params.append((u'oauth_signature', self.get_oauth_signature(request)))
# render the signed request and return it
return self._render(request, formencode=True)示例4: sign
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def sign(self, uri, http_method='GET', body=None, headers=None, realm=None):
"""Sign a request
Signs an HTTP request with the specified parts.
Returns a 3-tuple of the signed request's URI, headers, and body.
Note that http_method is not returned as it is unaffected by the OAuth
signing process.
The body argument may be a dict, a list of 2-tuples, or a formencoded
string. The Content-Type header must be 'application/x-www-form-urlencoded'
if it is present.
If the body argument is not one of the above, it will be returned
verbatim as it is unaffected by the OAuth signing process. Attempting to
sign a request with non-formencoded data using the OAuth body signature
type is invalid and will raise an exception.
If the body does contain parameters, it will be returned as a properly-
formatted formencoded string.
All string data MUST be unicode. This includes strings inside body
dicts, for example.
"""
# normalize request data
request = Request(uri, http_method, body, headers,
encoding=self.encoding)
# sanity check
content_type = request.headers.get('Content-Type', None)
multipart = content_type and content_type.startswith('multipart/')
should_have_params = content_type == CONTENT_TYPE_FORM_URLENCODED
has_params = request.decoded_body is not None
# 3.4.1.3.1. Parameter Sources
# [Parameters are collected from the HTTP request entity-body, but only
# if [...]:
# * The entity-body is single-part.
if multipart and has_params:
raise ValueError("Headers indicate a multipart body but body contains parameters.")
# * The entity-body follows the encoding requirements of the
# "application/x-www-form-urlencoded" content-type as defined by
# [W3C.REC-html40-19980424].
elif should_have_params and not has_params:
raise ValueError("Headers indicate a formencoded body but body was not decodable.")
# * The HTTP request entity-header includes the "Content-Type"
# header field set to "application/x-www-form-urlencoded".
elif not should_have_params and has_params:
raise ValueError("Body contains parameters but Content-Type header was not set.")
# 3.5.2. Form-Encoded Body
# Protocol parameters can be transmitted in the HTTP request entity-
# body, but only if the following REQUIRED conditions are met:
# o The entity-body is single-part.
# o The entity-body follows the encoding requirements of the
# "application/x-www-form-urlencoded" content-type as defined by
# [W3C.REC-html40-19980424].
# o The HTTP request entity-header includes the "Content-Type" header
# field set to "application/x-www-form-urlencoded".
elif self.signature_type == SIGNATURE_TYPE_BODY and not (
should_have_params and has_params and not multipart):
raise ValueError('Body signatures may only be used with form-urlencoded content')
# generate the basic OAuth parameters
request.oauth_params = self.get_oauth_params()
# generate the signature
request.oauth_params.append(('oauth_signature', self.get_oauth_signature(request)))
# render the signed request and return it
return self._render(request, formencode=True,
realm=(realm or self.realm))示例5: sign
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def sign(self, uri, http_method='GET', body=None, headers=None, realm=None):
"""Sign a request
Signs an HTTP request with the specified parts.
Returns a 3-tuple of the signed request's URI, headers, and body.
Note that http_method is not returned as it is unaffected by the OAuth
signing process. Also worth noting is that duplicate parameters
will be included in the signature, regardless of where they are
specified (query, body).
The body argument may be a dict, a list of 2-tuples, or a formencoded
string. The Content-Type header must be 'application/x-www-form-urlencoded'
if it is present.
If the body argument is not one of the above, it will be returned
verbatim as it is unaffected by the OAuth signing process. Attempting to
sign a request with non-formencoded data using the OAuth body signature
type is invalid and will raise an exception.
If the body does contain parameters, it will be returned as a properly-
formatted formencoded string.
Body may not be included if the http_method is either GET or HEAD as
this changes the semantic meaning of the request.
All string data MUST be unicode or be encoded with the same encoding
scheme supplied to the Client constructor, default utf-8. This includes
strings inside body dicts, for example.
"""
# normalize request data
request = Request(uri, http_method, body, headers,
encoding=self.encoding)
# sanity check
content_type = request.headers.get('Content-Type', None)
multipart = content_type and content_type.startswith('multipart/')
should_have_params = content_type == CONTENT_TYPE_FORM_URLENCODED
has_params = request.decoded_body is not None
# 3.4.1.3.1. Parameter Sources
# [Parameters are collected from the HTTP request entity-body, but only
# if [...]:
# * The entity-body is single-part.
if multipart and has_params:
raise ValueError("Headers indicate a multipart body but body contains parameters.")
# * The entity-body follows the encoding requirements of the
# "application/x-www-form-urlencoded" content-type as defined by
# [W3C.REC-html40-19980424].
elif should_have_params and not has_params:
raise ValueError("Headers indicate a formencoded body but body was not decodable.")
# * The HTTP request entity-header includes the "Content-Type"
# header field set to "application/x-www-form-urlencoded".
elif not should_have_params and has_params:
raise ValueError("Body contains parameters but Content-Type header was not set.")
# 3.5.2. Form-Encoded Body
# Protocol parameters can be transmitted in the HTTP request entity-
# body, but only if the following REQUIRED conditions are met:
# o The entity-body is single-part.
# o The entity-body follows the encoding requirements of the
# "application/x-www-form-urlencoded" content-type as defined by
# [W3C.REC-html40-19980424].
# o The HTTP request entity-header includes the "Content-Type" header
# field set to "application/x-www-form-urlencoded".
elif self.signature_type == SIGNATURE_TYPE_BODY and not (
should_have_params and has_params and not multipart):
raise ValueError('Body signatures may only be used with form-urlencoded content')
# We amend http://tools.ietf.org/html/rfc5849#section-3.4.1.3.1
# with the clause that parameters from body should only be included
# in non GET or HEAD requests. Extracting the request body parameters
# and including them in the signature base string would give semantic
# meaning to the body, which it should not have according to the
# HTTP 1.1 spec.
elif http_method.upper() in ('GET', 'HEAD') and has_params:
raise ValueError('GET/HEAD requests should not include body.')
# generate the basic OAuth parameters
request.oauth_params = self.get_oauth_params()
# generate the signature
request.oauth_params.append(('oauth_signature', self.get_oauth_signature(request)))
# render the signed request and return it
uri, headers, body = self._render(request, formencode=True,
realm=(realm or self.realm))
if self.decoding:
log.debug('Encoding URI, headers and body to %s.', self.decoding)
uri = uri.encode(self.decoding)
body = body.encode(self.decoding) if body else body
new_headers = {}
for k, v in headers.items():
new_headers[k.encode(self.decoding)] = v.encode(self.decoding)
headers = new_headers
return uri, headers, body示例6: check_request_signature
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def check_request_signature(self, uri, http_method=u'GET', body='',
headers=None):
"""Check a request's supplied signature to make sure the request is
valid.
Servers should return HTTP status 400 if a ValueError exception
is raised and HTTP status 401 on return value False.
Per `section 3.2`_ of the spec.
.. _`section 3.2`: http://tools.ietf.org/html/rfc5849#section-3.2
"""
headers = headers or {}
signature_type = None
# FIXME: urlparse does not return unicode!
uri_query = urlparse.urlparse(uri).query
signature_type, params = self.get_signature_type_and_params(uri_query,
headers, body)
# the parameters may not include duplicate oauth entries
filtered_params = utils.filter_oauth_params(params)
if len(filtered_params) != len(params):
raise ValueError("Duplicate OAuth entries.")
params = dict(params)
request_signature = params.get(u'oauth_signature')
client_key = params.get(u'oauth_consumer_key')
resource_owner_key = params.get(u'oauth_token')
nonce = params.get(u'oauth_nonce')
timestamp = params.get(u'oauth_timestamp')
callback_uri = params.get(u'oauth_callback')
verifier = params.get(u'oauth_verifier')
signature_method = params.get(u'oauth_signature_method')
# ensure all mandatory parameters are present
if not all((request_signature, client_key, nonce,
timestamp, signature_method)):
raise ValueError("Missing OAuth parameters.")
# if version is supplied, it must be "1.0"
if u'oauth_version' in params and params[u'oauth_version'] != u'1.0':
raise ValueError("Invalid OAuth version.")
# signature method must be valid
if not signature_method in SIGNATURE_METHODS:
raise ValueError("Invalid signature method.")
# ensure client key is valid
if not self.check_client_key(client_key):
return False
# ensure resource owner key is valid and not expired
if not self.check_resource_owner_key(client_key, resource_owner_key):
return False
# ensure the nonce and timestamp haven't been used before
if not self.check_timestamp_and_nonce(timestamp, nonce):
return False
# FIXME: extract realm, then self.check_realm
# oauth_client parameters depend on client chosen signature method
# which may vary for each request, section 3.4
# HMAC-SHA1 and PLAINTEXT share parameters
if signature_method == SIGNATURE_RSA:
oauth_client = Client(client_key,
resource_owner_key=resource_owner_key,
callback_uri=callback_uri,
signature_method=signature_method,
signature_type=signature_type,
rsa_key=self.rsa_key, verifier=verifier)
else:
client_secret = self.get_client_secret(client_key)
resource_owner_secret = self.get_resource_owner_secret(
resource_owner_key)
oauth_client = Client(client_key,
client_secret=client_secret,
resource_owner_key=resource_owner_key,
resource_owner_secret=resource_owner_secret,
callback_uri=callback_uri,
signature_method=signature_method,
signature_type=signature_type,
verifier=verifier)
request = Request(uri, http_method, body, headers)
# OAuth parameters transmitted in the query or entity-body are
# already present in the parameter sources (section 3.4.1.3.1)
# used to construct the signature base string.
# FIXME: This should probably be handled by Request.
if signature_type == SIGNATURE_TYPE_AUTH_HEADER:
request.oauth_params = params.items()
client_signature = oauth_client.get_oauth_signature(request)
# FIXME: use near constant time string compare to avoid timing attacks
return client_signature == request_signature示例7: sign
# 需要导入模块: from oauthlib.common import Request [as 别名]
# 或者: from oauthlib.common.Request import oauth_params [as 别名]
def sign(self, uri, http_method='GET', body=None, headers=None, realm=None):
__doc__ = Client.sign.__doc__
# normalize request data
request = Request(uri, http_method, body, headers,
encoding=self.encoding)
# sanity check
content_type = request.headers.get('Content-Type', None)
multipart = content_type and content_type.startswith('multipart/')
should_have_params = content_type == CONTENT_TYPE_FORM_URLENCODED
has_params = request.decoded_body is not None
# 3.4.1.3.1. Parameter Sources
# [Parameters are collected from the HTTP request entity-body, but only
# if [...]:
# * The entity-body is single-part.
if multipart and has_params:
raise ValueError("Headers indicate a multipart body but body contains parameters.")
# * The entity-body follows the encoding requirements of the
# "application/x-www-form-urlencoded" content-type as defined by
# [W3C.REC-html40-19980424].
elif should_have_params and not has_params:
raise ValueError("Headers indicate a formencoded body but body was not decodable.")
# * The HTTP request entity-header includes the "Content-Type"
# header field set to "application/x-www-form-urlencoded".
elif not should_have_params and has_params:
raise ValueError("Body contains parameters but Content-Type header was not set.")
# 3.5.2. Form-Encoded Body
# Protocol parameters can be transmitted in the HTTP request entity-
# body, but only if the following REQUIRED conditions are met:
# o The entity-body is single-part.
# o The entity-body follows the encoding requirements of the
# "application/x-www-form-urlencoded" content-type as defined by
# [W3C.REC-html40-19980424].
# o The HTTP request entity-header includes the "Content-Type" header
# field set to "application/x-www-form-urlencoded".
elif self.signature_type == SIGNATURE_TYPE_BODY and not (
should_have_params and has_params and not multipart):
raise ValueError('Body signatures may only be used with form-urlencoded content')
# We amend http://tools.ietf.org/html/rfc5849#section-3.4.1.3.1
# with the clause that parameters from body should only be included
# in non GET or HEAD requests. Extracting the request body parameters
# and including them in the signature base string would give semantic
# meaning to the body, which it should not have according to the
# HTTP 1.1 spec.
elif http_method.upper() in ('GET', 'HEAD') and has_params:
raise ValueError('GET/HEAD requests should not include body.')
# generate the basic OAuth parameters
request.oauth_params = self.get_oauth_params(request)
# generate the signature
request.oauth_params.append(('oauth_signature', self.get_oauth_signature(request)))
# render the signed request and return it
uri, headers, body = self._render(request, formencode=True,
realm=(realm or self.realm))
if self.decoding:
log.debug('Encoding URI, headers and body to %s.', self.decoding)
uri = uri.encode(self.decoding)
body = body.encode(self.decoding) if body else body
new_headers = {}
for k, v in headers.items():
new_headers[k.encode(self.decoding)] = v.encode(self.decoding)
headers = new_headers
return uri, headers, body