misc: move some util functions in a utils.py file (#16842)
This commit is contained in:
parent
bdc7945217
commit
94dab06b42
|
@ -0,0 +1,75 @@
|
|||
import cgi
|
||||
import base64
|
||||
from urllib import unquote
|
||||
|
||||
from .models import OAuth2Authorize, OAuth2Client
|
||||
|
||||
|
||||
def authenticate_bearer(request):
|
||||
authorization = request.META.get('HTTP_AUTHORIZATION')
|
||||
if not authorization:
|
||||
return False
|
||||
splitted = authorization.split()
|
||||
if len(splitted) < 2:
|
||||
return False
|
||||
if splitted[0] != 'Bearer':
|
||||
return False
|
||||
token = splitted[1]
|
||||
try:
|
||||
return OAuth2Authorize.objects.get(access_token=token)
|
||||
except OAuth2Authorize.DoesNotExist:
|
||||
return False
|
||||
|
||||
|
||||
def authenticate_client(request, client=False):
|
||||
'''Authenticate client on the token endpoint'''
|
||||
|
||||
if 'HTTP_AUTHORIZATION' in request.META:
|
||||
authorization = request.META['HTTP_AUTHORIZATION'].split()
|
||||
if authorization[0] != 'Basic' or len(authorization) != 2:
|
||||
return False
|
||||
try:
|
||||
decoded = base64.b64decode(authorization[1])
|
||||
except TypeError:
|
||||
return False
|
||||
parts = decoded.split(':')
|
||||
if len(parts) != 2:
|
||||
return False
|
||||
client_id, client_secret = parts
|
||||
elif 'client_id' in request.POST:
|
||||
client_id = request.POST['client_id']
|
||||
client_secret = request.POST.get('client_secret', '')
|
||||
else:
|
||||
return False
|
||||
if not client:
|
||||
try:
|
||||
client = OAuth2Client.objects.get(client_id=client_id)
|
||||
except OAuth2Client.DoesNotExist:
|
||||
return False
|
||||
if client.client_secret != client_secret:
|
||||
return False
|
||||
return client
|
||||
|
||||
|
||||
def get_content_disposition_value(request):
|
||||
if 'HTTP_CONTENT_DISPOSITION' not in request.META:
|
||||
return None, 'missing content-disposition header'
|
||||
content_header = request.META['HTTP_CONTENT_DISPOSITION']
|
||||
disposition_type, filename = cgi.parse_header(content_header)
|
||||
if disposition_type != 'attachement':
|
||||
return None, 'wrong disposition type: attachement excpected'
|
||||
if 'filename*' in filename:
|
||||
encode, country, name = filename['filename*'].split("'")
|
||||
|
||||
# check accepted charset from rfc 5987
|
||||
if encode == 'UTF-8':
|
||||
return unquote(name.decode('utf8')), None
|
||||
elif encode == 'ISO-8859-1':
|
||||
return unquote(name.decode('iso-8859-1')), None
|
||||
else:
|
||||
return None, 'unknown encoding: UTF-8 or ISO-8859-1 allowed'
|
||||
elif 'filename' in filename:
|
||||
return filename['filename'], None
|
||||
else:
|
||||
# no filename in header
|
||||
return None, 'missing filename(*) parameter in header'
|
|
@ -14,10 +14,8 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import cgi
|
||||
import base64
|
||||
import urllib
|
||||
from urllib import quote, unquote
|
||||
from urllib import quote
|
||||
|
||||
from django.core.files.base import ContentFile
|
||||
from django.core.urlresolvers import reverse
|
||||
|
@ -28,6 +26,7 @@ from django.views.generic import FormView, TemplateView
|
|||
|
||||
from .forms import OAuth2AuthorizeForm
|
||||
from .models import OAuth2Authorize, OAuth2Client, OAuth2TempFile
|
||||
from .utils import authenticate_bearer, authenticate_client, get_content_disposition_value
|
||||
|
||||
from fargo.fargo.models import UserDocument, Document
|
||||
|
||||
|
@ -140,76 +139,6 @@ def get_document(request):
|
|||
return response
|
||||
|
||||
|
||||
def authenticate_bearer(request):
|
||||
authorization = request.META.get('HTTP_AUTHORIZATION')
|
||||
if not authorization:
|
||||
return False
|
||||
splitted = authorization.split()
|
||||
if len(splitted) < 2:
|
||||
return False
|
||||
if splitted[0] != 'Bearer':
|
||||
return False
|
||||
token = splitted[1]
|
||||
try:
|
||||
return OAuth2Authorize.objects.get(access_token=token)
|
||||
except OAuth2Authorize.DoesNotExist:
|
||||
return False
|
||||
|
||||
|
||||
def authenticate_client(request, client=False):
|
||||
'''Authenticate client on the token endpoint'''
|
||||
|
||||
if 'HTTP_AUTHORIZATION' in request.META:
|
||||
authorization = request.META['HTTP_AUTHORIZATION'].split()
|
||||
if authorization[0] != 'Basic' or len(authorization) != 2:
|
||||
return False
|
||||
try:
|
||||
decoded = base64.b64decode(authorization[1])
|
||||
except TypeError:
|
||||
return False
|
||||
parts = decoded.split(':')
|
||||
if len(parts) != 2:
|
||||
return False
|
||||
client_id, client_secret = parts
|
||||
elif 'client_id' in request.POST:
|
||||
client_id = request.POST['client_id']
|
||||
client_secret = request.POST.get('client_secret', '')
|
||||
else:
|
||||
return False
|
||||
if not client:
|
||||
try:
|
||||
client = OAuth2Client.objects.get(client_id=client_id)
|
||||
except OAuth2Client.DoesNotExist:
|
||||
return False
|
||||
if client.client_secret != client_secret:
|
||||
return False
|
||||
return client
|
||||
|
||||
|
||||
def get_content_disposition_value(request):
|
||||
if 'HTTP_CONTENT_DISPOSITION' not in request.META:
|
||||
return None, 'missing content-disposition header'
|
||||
content_header = request.META['HTTP_CONTENT_DISPOSITION']
|
||||
disposition_type, filename = cgi.parse_header(content_header)
|
||||
if disposition_type != 'attachement':
|
||||
return None, 'wrong disposition type: attachement excpected'
|
||||
if 'filename*' in filename:
|
||||
encode, country, name = filename['filename*'].split("'")
|
||||
|
||||
# check accepted charset from rfc 5987
|
||||
if encode == 'UTF-8':
|
||||
return unquote(name.decode('utf8')), None
|
||||
elif encode == 'ISO-8859-1':
|
||||
return unquote(name.decode('iso-8859-1')), None
|
||||
else:
|
||||
return None, 'unknown encoding: UTF-8 or ISO-8859-1 allowed'
|
||||
elif 'filename' in filename:
|
||||
return filename['filename'], None
|
||||
else:
|
||||
# no filename in header
|
||||
return None, 'missing filename(*) parameter in header'
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
def put_document(request):
|
||||
client = authenticate_client(request)
|
||||
|
|
Loading…
Reference in New Issue