Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

hi world.

  • Loading branch information...
commit a899d74f85b752b76759a1fe878d1420944273de 0 parents
@shayne shayne authored
Showing with 4,458 additions and 0 deletions.
  1. +5 −0 .gitignore
  2. +20 −0 LICENSE.md
  3. +73 −0 README.md
  4. +19 −0 app.yaml
  5. +5 −0 debug.py
  6. 0  dropbox/__init__.py
  7. 0  dropbox/dropbox/__init__.py
  8. +222 −0 dropbox/dropbox/auth.py
  9. +277 −0 dropbox/dropbox/client.py
  10. +93 −0 dropbox/dropbox/rest.py
  11. +78 −0 dropbox/handlers.py
  12. +25 −0 dropbox/helper.py
  13. +1,202 −0 httplib2/__init__.py
  14. +110 −0 httplib2/iri2uri.py
  15. 0  instadrop/__init__.py
  16. +41 −0 instadrop/handlers.py
  17. +23 −0 instadrop/models.py
  18. +31 −0 instadrop/templates/connected.html
  19. +39 −0 instadrop/templates/not_connected.html
  20. 0  instagram/__init__.py
  21. +139 −0 instagram/handlers.py
  22. +2 −0  instagram/instagram/__init__.py
  23. +124 −0 instagram/instagram/bind.py
  24. +183 −0 instagram/instagram/client.py
  25. +4 −0 instagram/instagram/helper.py
  26. +118 −0 instagram/instagram/models.py
  27. +191 −0 instagram/instagram/oauth2.py
  28. +165 −0 lilcookies.py
  29. +19 −0 local_dropbox.ini.sample
  30. +12 −0 local_settings.py.sample
  31. +37 −0 main.py
  32. 0  oauth/__init__.py
  33. +655 −0 oauth/oauth.py
  34. 0  patches/__init__.py
  35. +12 −0 patches/webapp_patches.py
  36. +5 −0 poster/__init__.py
  37. +313 −0 poster/encode.py
  38. +177 −0 poster/streaminghttp.py
  39. +19 −0 prod_dropbox.ini.sample
  40. +20 −0 settings.py.sample
  41. 0  static/favicon.ico
5 .gitignore
@@ -0,0 +1,5 @@
+*.pyc
+.DS_Store
+settings.py
+local_settings.py
+*_dropbox.ini
20 LICENSE.md
@@ -0,0 +1,20 @@
+Copyright (c) 2010 Instagram (Burbn, Inc.)
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
73 README.md
@@ -0,0 +1,73 @@
+Instadrop
+====================
+Automatically sync your Instagram photos to Dropbox
+
+A demo application of the Instagram real-time API.
+
+It's live! <http://instadrop.appspot.com>
+
+
+Installation on Google App Engine
+---------------------------------
+1. [Sign up](https://appengine.google.com/) for an App Engine account.
+2. [Download](http://code.google.com/appengine/downloads.html) the App Engine SDK.
+3. Fork and modify our code! Need help? Read the Google App Engine [Getting Started Guide](http://code.google.com/appengine/docs/)
+
+
+Follow @instagramapi on Twitter
+----------------------------
+You should [follow @instagramapi on Twitter](http://twitter.com/#!/instagramapi) for announcements,
+updates, and news about the Instagram API.
+
+
+Join the mailing list!
+----------------------
+<https://groups.google.com/group/instagram-api-developers>
+
+
+Did you fork this app to create something cool?
+-----------------------------------------------
+Add it to the [apps](http://github.com/Instagram/Instadrop/wiki/apps) wiki!
+
+
+Contributing
+------------
+In the spirit of [free software](http://www.fsf.org/licensing/essays/free-sw.html), **everyone** is encouraged to help improve this project.
+
+Here are some ways *you* can contribute:
+
+* by using alpha, beta, and prerelease versions
+* by reporting bugs
+* by suggesting new features
+* by writing or editing documentation
+* by writing specifications
+* by writing code (**no patch is too small**: fix typos, add comments, clean up inconsistent whitespace)
+* by refactoring code
+* by closing [issues](http://github.com/Instagram/Instadrop/issues)
+* by reviewing patches
+
+
+Submitting an Issue
+-------------------
+We use the [GitHub issue tracker](http://github.com/Instagram/Instadrop/issues) to track bugs and
+features. Before submitting a bug report or feature request, check to make sure it hasn't already
+been submitted. You can indicate support for an existing issuse by voting it up. When submitting a
+bug report, please include a [Gist](http://gist.github.com/) that includes a stack trace and any
+details that may be necessary to reproduce the bug, including your Python version and
+operating system. Ideally, a bug report should include a pull request with failing specs.
+
+
+Submitting a Pull Request
+-------------------------
+1. Fork the project.
+2. Create a topic branch.
+3. Implement your feature or bug fix.
+4. Add documentation for your feature or bug fix.
+5. Commit and push your changes.
+6. Submit a pull request.
+
+
+Copyright
+---------
+Copyright (c) 2011 Instagram (Burbn, Inc).
+See [LICENSE](https://github.com/Instagram/Instadrop/blob/master/LICENSE.md) for details.
19 app.yaml
@@ -0,0 +1,19 @@
+application: instadrop
+version: 1
+runtime: python
+api_version: 1
+
+handlers:
+- url: /favicon.ico
+ static_files: static/favicon.ico
+ upload: static/favicon.ico
+
+- url: /css
+ static_dir: static/css
+
+- url: /.*
+ script: main.py
+
+skip_files:
+- ^(.*/)?local_settings\.py
+- ^(.*/)?local_dropbox\.ini
5 debug.py
@@ -0,0 +1,5 @@
+def set_trace():
+ import pdb, sys
+ debugger = pdb.Pdb(stdin=sys.__stdin__,
+ stdout=sys.__stdout__)
+ debugger.set_trace(sys._getframe().f_back)
0  dropbox/__init__.py
No changes.
0  dropbox/dropbox/__init__.py
No changes.
222 dropbox/dropbox/auth.py
@@ -0,0 +1,222 @@
+"""
+The dropbox.auth module is responsible for making OAuth work for the Dropbox
+Client API. It glues together all the separate parts of the Python OAuth
+reference implementation and gives a nicer API to it. You'll pass a
+configure dropbox.auth.Authenticator object to dropbox.client.DropboxClient
+in order to work with the API.
+"""
+
+import httplib
+import urllib
+from django.utils import simplejson as json
+from oauth import oauth
+from ConfigParser import SafeConfigParser
+
+REALM="No Realm"
+HTTP_DEBUG_LEVEL=0
+
+class SimpleOAuthClient(oauth.OAuthClient):
+ """
+ An implementation of the oauth.OAuthClient class providing OAuth services
+ for the Dropbox Client API. You shouldn't have to use this, but if you need
+ to implement your own OAuth, then this is where to look.
+
+ One setting of interest is the HTTP_DEBUG_LEVEL, which you can set to a
+ larger number to get detailed HTTP output.
+ """
+ def __init__(self, server, port=httplib.HTTP_PORT, request_token_url='', access_token_url='', authorization_url=''):
+ self.server = server
+ self.port = port
+ self.request_token_url = request_token_url
+ self.access_token_url = access_token_url
+ self.authorization_url = authorization_url
+ self.connection = httplib.HTTPConnection(self.server, int(self.port))
+ self.connection.set_debuglevel(HTTP_DEBUG_LEVEL)
+
+ def fetch_request_token(self, oauth_request):
+ """Called by oauth to fetch the request token from Dropbox. Returns an OAuthToken."""
+ self.connection.request(oauth_request.http_method,
+ self.request_token_url,
+ headers=oauth_request.to_header())
+ response = self.connection.getresponse()
+ data = response.read()
+ assert response.status == 200, "Invalid response code %d : %r" % (response.status, data)
+ return oauth.OAuthToken.from_string(data)
+
+ def fetch_access_token(self, oauth_request, trusted_url=None):
+ """Used to get a access token from Drobpox using the headers. Returns an OauthToken."""
+ url = trusted_url if trusted_url else self.access_token_url
+
+ self.connection.request(oauth_request.http_method, url,
+ headers=oauth_request.to_header())
+
+ response = self.connection.getresponse()
+ assert response.status == 200, "Invalid response code %d" % response.status
+ if trusted_url:
+ token = json.loads(response.read())
+ token['token'] = str(token['token'])
+ token['secret'] = str(token['secret'])
+ return oauth.OAuthToken(token['token'], token['secret'])
+ else:
+ return oauth.OAuthToken.from_string(response.read())
+
+ def authorize_token(self, oauth_request):
+ """
+ This is not used in the Drobpox API.
+ """
+ raise NotImplementedError("authorize_token is not implemented via OAuth.")
+
+ def access_resource(self, oauth_request):
+ """
+ Not used by the Dropbox API.
+ """
+ raise NotImplementedError("access_resource is not implemented via OAuth.")
+
+
+
+
+class Authenticator(object):
+ """
+ The Authenticator puts a thin gloss over the oauth.oauth Python library
+ so that the dropbox.client.DropboxClient doesn't need to know much about
+ your configuration and OAuth operations.
+
+ It uses a configuration file in the standard .ini format that ConfigParser
+ understands. A sample configuration is included in config/testing.ini
+ which you should copy and put in your own consumer keys and secrets.
+
+ Because different installations may want to store these configurations
+ differently, you aren't required to configure an Authenticator via
+ the .ini method. As long as you configure it with a dict with the
+ same keys you'll be fine.
+ """
+
+ def __init__(self, config):
+ """
+ Configures the Authenticator with all the required settings in config.
+ Typically you'll use Authenticator.load_config() to load these from
+ a .ini file and then pass the returned dict to here.
+ """
+ self.client = SimpleOAuthClient(config['server'],
+ config['port'],
+ config['request_token_url'],
+ config['access_token_url'],
+ config['authorization_url'])
+
+ self.trusted_access_token_url = config.get('trusted_access_token_url', None)
+
+ self.consumer = oauth.OAuthConsumer(config['consumer_key'],
+ config['consumer_secret'])
+
+ self.signature_method_hmac_sha1 = oauth.OAuthSignatureMethod_HMAC_SHA1()
+
+ self.config = config
+
+
+ @classmethod
+ def load_config(self, filename):
+ """
+ Loads a configuration .ini file, and then pulls out the 'auth' key
+ to make a dict you can pass to Authenticator().
+ """
+ config = SafeConfigParser()
+ config_file = open(filename, "r")
+ config.readfp(config_file)
+ return dict(config.items('auth'))
+
+ def build_authorize_url(self, req_token, callback=None):
+ """
+ When you send a user to authorize a request token you created, you need
+ to make the URL correctly. This is the method you use. It will
+ return a URL that you can then redirect a user at so they can login to
+ Dropbox and approve this request key.
+ """
+ if callback:
+ oauth_callback = "&%s" % urllib.urlencode({'oauth_callback': callback})
+ else:
+ oauth_callback = ""
+
+ return "%s?oauth_token=%s%s" % (self.config['authorization_url'], req_token.key, oauth_callback)
+
+
+ def obtain_request_token(self):
+ """
+ This is your first step in the OAuth process. You call this to get a
+ request_token from the Dropbox server that you can then use with
+ Authenticator.build_authorize_url() to get the user to authorize it.
+ After it's authorized you use this token with
+ Authenticator.obtain_access_token() to get an access token.
+
+ NOTE: You should only need to do this once for each user, and then you
+ store the access token for that user for later operations.
+ """
+ self.oauth_request = oauth.OAuthRequest.from_consumer_and_token(self.consumer,
+ http_url=self.client.request_token_url)
+
+ self.oauth_request.sign_request(self.signature_method_hmac_sha1, self.consumer, None)
+
+ token = self.client.fetch_request_token(self.oauth_request)
+
+ return token
+
+
+ def obtain_access_token(self, token, verifier):
+ """
+ After you get a request token, and then send the user to the authorize
+ URL, you can use the authorized access token with this method to get the
+ access token to use for future operations. Store this access token with
+ the user so that you can reuse it on future operations.
+
+ The verifier parameter is not currently used, but will be enforced in
+ the future to follow the 1.0a version of OAuth. Make it blank for now.
+ """
+ self.oauth_request = oauth.OAuthRequest.from_consumer_and_token(self.consumer,
+ token=token,
+ http_url=self.client.access_token_url,
+ verifier=verifier)
+ self.oauth_request.sign_request(self.signature_method_hmac_sha1, self.consumer, token)
+
+ token = self.client.fetch_access_token(self.oauth_request)
+
+ return token
+
+ def obtain_trusted_access_token(self, user_name, user_password):
+ """
+ This is for trusted partners using a constrained device such as a mobile
+ or other embedded system. It allows them to use the user's password
+ directly to obtain an access token, rather than going through all the
+ usual OAuth steps.
+ """
+ assert user_name, "The user name is required."
+ assert user_password, "The user password is required."
+ assert self.trusted_access_token_url, "You must set trusted_access_token_url in your config file."
+ parameters = {'email': user_name, 'password': user_password}
+ params = urllib.urlencode(parameters)
+ assert params, "Didn't get a valid params."
+
+ url = self.trusted_access_token_url + "?" + params
+ self.oauth_request = oauth.OAuthRequest.from_consumer_and_token(self.consumer, http_url=url, parameters=parameters)
+ self.oauth_request.sign_request(self.signature_method_hmac_sha1,
+ self.consumer, None)
+ token = self.client.fetch_access_token(self.oauth_request, url)
+ return token
+
+ def build_access_headers(self, method, token, resource_url, parameters, callback=None):
+ """
+ This is used internally to build all the required OAuth parameters and
+ signatures to make an OAuth request. It's provided for debugging
+ purposes.
+ """
+ params = parameters.copy()
+
+ if callback:
+ params['oauth_callback'] = callback
+
+ self.oauth_request = oauth.OAuthRequest.from_consumer_and_token(self.consumer,
+ token=token, http_method=method,
+ http_url=resource_url,
+ parameters=parameters)
+
+ self.oauth_request.sign_request(self.signature_method_hmac_sha1, self.consumer, token)
+ return self.oauth_request.to_header(), params
+
277 dropbox/dropbox/client.py
@@ -0,0 +1,277 @@
+"""
+The main client API you'll be working with most often. You'll need to
+configure a dropbox.client.Authenticator for this to work, but otherwise
+it's fairly self-explanatory.
+"""
+
+import rest
+import urllib
+import urllib2
+import poster
+import httplib
+
+API_VERSION=0
+HASH_BLOCK_SIZE=10*1024
+
+class DropboxClient(object):
+ """
+ The main access point of doing REST calls on Dropbox. You use it
+ by first creating and configuring a dropbox.auth.Authenticator,
+ and then configuring a DropboxClient to talk to the service. The
+ DropboxClient then does all the work of properly calling each API
+ with the correct OAuth authentication.
+ """
+
+
+ def __init__(self, api_host, content_host, port, auth, token):
+ """
+ The api_host and content_host are normally 'api.dropbox.com' and
+ 'api-content.dropbox.com' and will use the same port.
+ The auth is a dropbox.client.Authenticator that is properly configured.
+ The token is a valid OAuth `access token` that you got using
+ dropbox.client.Authenticator.obtain_access_token.
+ """
+ self.api_rest = rest.RESTClient(api_host, port)
+ self.content_rest = rest.RESTClient(content_host, port)
+ self.auth = auth
+ self.token = token
+ self.api_host = api_host
+ self.content_host = content_host
+ self.api_host = api_host
+ self.port = int(port)
+
+
+ def request(self, host, method, target, params, callback):
+ """
+ This is an internal method used to properly craft the url, headers, and
+ params for a Dropbox API request. It is exposed for you in case you
+ need craft other API calls not in this library or you want to debug it.
+
+ It is only expected to work for GET or POST parameters.
+ """
+ assert method in ['GET','POST'], "Only 'GET' and 'POST' are allowed for method."
+
+ base = self.build_full_url(host, target)
+ headers, params = self.auth.build_access_headers(method, self.token, base, params, callback)
+
+ if method == "GET":
+ url = self.build_url(target, params)
+ else:
+ url = self.build_url(target)
+
+ return url, headers, params
+
+
+ def account_info(self, status_in_response=False, callback=None):
+ """
+ Retrieve information about the user's account.
+
+ * callback. Optional. The server will wrap its response of format inside a call to the argument specified by callback. Value must contains only alphanumeric characters and underscores.
+ * status_in_response. Optional. Some clients (e.g., Flash) cannot handle HTTP status codes well. If this parameter is set to true, the service will always return a 200 status and report the relevant status code via additional information in the response body. Default is false.
+ """
+
+ params = {'status_in_response': status_in_response}
+
+ url, headers, params = self.request(self.api_host, "GET", "/account/info", params, callback)
+
+ return self.api_rest.GET(url, headers)
+
+
+ def put_file(self, root, to_path, file_obj):
+ """
+ Retrieve or upload file contents relative to the user's Dropbox root or
+ the application's sandbox directory within the user's Dropbox.
+
+ * root is one of "dropbox" or "sandbox", most clients will use "sandbox".
+ * to_path is the `directory` path to put the file (NOT the full path).
+ * file_obj is an open and ready to read file object that will be uploaded.
+
+ The filename is taken from the file_obj name currently, so you can't
+ have the local file named differently than it's target name. This may
+ change in future versions.
+
+ Finally, this function is not terribly efficient due to Python's
+ HTTPConnection requiring all of the file be read into ram for the POST.
+ Future versions will avoid this problem.
+ """
+ assert root in ["dropbox", "sandbox"]
+
+ path = "/files/%s%s" % (root, to_path)
+
+ params = { "file" : file_obj.name, }
+
+ url, headers, params = self.request(self.content_host, "POST", path, params, None)
+
+ params['file'] = file_obj
+ data, mp_headers = poster.encode.multipart_encode(params)
+ if 'Content-Length' in mp_headers:
+ mp_headers['Content-Length'] = str(mp_headers['Content-Length'])
+ headers.update(mp_headers)
+
+ conn = httplib.HTTPConnection(self.content_host, self.port)
+ conn.request("POST", url, "".join(data), headers)
+
+ resp = rest.RESTResponse(conn.getresponse())
+ conn.close()
+ file_obj.close()
+
+ return resp
+
+
+ def get_file(self, root, from_path):
+ """
+ Retrieves a file from the given root ("dropbox" or "sandbox") based on
+ from_path as the `full path` to the file. Unlike the other calls, this
+ one returns a raw HTTPResponse with the connection open. You should
+ do your read and any processing you need and then close it.
+ """
+ assert root in ["dropbox", "sandbox"]
+
+ path = "/files/%s%s" % (root, from_path)
+
+ url, headers, params = self.request(self.content_host, "GET", path, {}, None)
+ return self.content_rest.request("GET", url, headers=headers, raw_response=True)
+
+
+ def file_copy(self, root, from_path, to_path, callback=None):
+ """
+ Copy a file or folder to a new location.
+
+ * callback. Optional. The server will wrap its response of format inside a call to the argument specified by callback. Value must contains only alphanumeric characters and underscores.
+ * from_path. Required. from_path specifies either a file or folder to be copied to the location specified by to_path. This path is interpreted relative to the location specified by root.
+ * root. Required. Specify the root relative to which from_path and to_path are specified. Valid values are dropbox and sandbox.
+ * to_path. Required. to_path specifies the destination path including the new name for file or folder. This path is interpreted relative to the location specified by root.
+ """
+ assert root in ["dropbox", "sandbox"]
+
+ params = {'root': root, 'from_path': from_path, 'to_path': to_path}
+
+ url, headers, params = self.request(self.api_host, "POST", "/fileops/copy", params, callback)
+
+ return self.api_rest.POST(url, params, headers)
+
+
+ def file_create_folder(self, root, path, callback=None):
+ """
+ Create a folder relative to the user's Dropbox root or the user's application sandbox folder.
+
+ * callback. Optional. The server will wrap its response of format inside a call to the argument specified by callback. Value must contains only alphanumeric characters and underscores.
+ * path. Required. The path to the new folder to create, relative to root.
+ * root. Required. Specify the root relative to which path is specified. Valid values are dropbox and sandbox.
+ """
+ assert root in ["dropbox", "sandbox"]
+ params = {'root': root, 'path': path}
+
+ url, headers, params = self.request(self.api_host, "POST", "/fileops/create_folder", params, callback)
+
+ return self.api_rest.POST(url, params, headers)
+
+
+ def file_delete(self, root, path, callback=None):
+ """
+ Delete a file or folder.
+
+ * callback. Optional. The server will wrap its response of format inside a call to the argument specified by callback. Value must contains only alphanumeric characters and underscores.
+ * path. Required. path specifies either a file or folder to be deleted. This path is interpreted relative to the location specified by root.
+ * root. Required. Specify the root relative to which path is specified. Valid values are dropbox and sandbox.
+ """
+ assert root in ["dropbox", "sandbox"]
+
+ params = {'root': root, 'path': path}
+
+ url, headers, params = self.request(self.api_host, "POST", "/fileops/delete", params,
+ callback)
+
+ return self.api_rest.POST(url, params, headers)
+
+
+ def file_move(self, root, from_path, to_path, callback=None):
+ """
+ Move a file or folder to a new location.
+
+ * callback. Optional. The server will wrap its response of format inside a call to the argument specified by callback. Value must contains only alphanumeric characters and underscores.
+ * from_path. Required. from_path specifies either a file or folder to be copied to the location specified by to_path. This path is interpreted relative to the location specified by root.
+ * root. Required. Specify the root relative to which from_path and to_path are specified. Valid values are dropbox and sandbox.
+ * to_path. Required. to_path specifies the destination path including the new name for file or folder. This path is interpreted relative to the location specified by root.
+ """
+ assert root in ["dropbox", "sandbox"]
+
+ params = {'root': root, 'from_path': from_path, 'to_path': to_path}
+
+ url, headers, params = self.request(self.api_host, "POST", "/fileops/move", params, callback)
+
+ return self.api_rest.POST(url, params, headers)
+
+
+ def metadata(self, root, path, file_limit=10000, hash=None, list=True, status_in_response=False, callback=None):
+ """
+ The metadata API location provides the ability to retrieve file and
+ folder metadata and manipulate the directory structure by moving or
+ deleting files and folders.
+
+ * callback. Optional. The server will wrap its response of format inside a call to the argument specified by callback. Value must contains only alphanumeric characters and underscores.
+ * file_limit. Optional. Default is 10000. When listing a directory, the service will not report listings containing more than file_limit files and will instead respond with a 406 (Not Acceptable) status response.
+ * hash. Optional. Listing return values include a hash representing the state of the directory's contents. If you provide this argument to the metadata call, you give the service an opportunity to respond with a "304 Not Modified" status code instead of a full (potentially very large) directory listing. This argument is ignored if the specified path is associated with a file or if list=false.
+ * list. Optional. The strings true and false are valid values. true is the default. If true, this call returns a list of metadata representations for the contents of the directory. If false, this call returns the metadata for the directory itself.
+ * status_in_response. Optional. Some clients (e.g., Flash) cannot handle HTTP status codes well. If this parameter is set to true, the service will always return a 200 status and report the relevant status code via additional information in the response body. Default is false.
+ """
+
+ assert root in ["dropbox", "sandbox"]
+
+ path = "/metadata/%s%s" % (root, path)
+
+ params = {'file_limit': file_limit,
+ 'list': "true" if list else "false",
+ 'status_in_response': status_in_response}
+ if hash is not None:
+ params['hash'] = hash
+
+ url, headers, params = self.request(self.api_host, "GET", path, params, callback)
+
+ return self.api_rest.GET(url, headers)
+
+ def links(self, root, path):
+ assert root in ["dropbox", "sandbox"]
+ path = "/links/%s%s" % (root, path)
+ return self.build_full_url(self.api_host, path)
+
+
+ def build_url(self, url, params=None):
+ """Used internally to build the proper URL from parameters and the API_VERSION."""
+ if type(url) == unicode:
+ url = url.encode("utf8")
+ target_path = urllib2.quote(url)
+
+ if params:
+ return "/%d%s?%s" % (API_VERSION, target_path, urllib.urlencode(params))
+ else:
+ return "/%d%s" % (API_VERSION, target_path)
+
+
+ def build_full_url(self, host, target):
+ """Used internally to construct the complete URL to the service."""
+ port = "" if self.port == 80 else ":%d" % self.port
+ base_full_url = "http://%s%s" % (host, port)
+ return base_full_url + self.build_url(target)
+
+
+ def account(self, email='', password='', first_name='', last_name='', source=None):
+ params = {'email': email, 'password': password,
+ 'first_name': first_name, 'last_name': last_name}
+
+ url, headers, params = self.request(self.api_host, "POST", "/account",
+ params, None)
+
+ return self.api_rest.POST(url, params, headers)
+
+
+ def thumbnail(self, root, from_path, size='small'):
+ assert root in ["dropbox", "sandbox"]
+ assert size in ['small','medium','large']
+
+ path = "/thumbnails/%s%s" % (root, from_path)
+
+ url, headers, params = self.request(self.content_host, "GET", path,
+ {'size': size}, None)
+ return self.content_rest.request("GET", url, headers=headers, raw_response=True)
+
93 dropbox/dropbox/rest.py
@@ -0,0 +1,93 @@
+"""
+A simple JSON REST request abstraction that is used by the
+dropbox.client module. You shouldn't need to use this directly
+unless you're implementing unsupport methods.
+"""
+
+
+import httplib
+import urllib
+from django.utils import simplejson as json
+
+
+class RESTClient(object):
+ """
+ An abstraction on performing JSON REST requests that is used internally
+ by the Dropbox Client API. It provides just enough gear to make requests
+ and get responses as JSON data.
+
+ It is not designed well for file u.
+ """
+
+ def __init__(self, host, port):
+ self.host = host
+ self.port = port
+
+ def request(self, method, url, post_params=None, headers=None, raw_response=False):
+ """
+ Given the method and url this will make a JSON REST request to the
+ configured self.host:self.port and returns a RESTResponse for you.
+ If you pass in a dict for post_params then it will urlencode them
+ into the body. If you give in a headers dict then it will add
+ those to the request headers.
+
+ The raw_response parameter determines if you get a RESTResponse or a
+ raw HTTPResponse object. In some cases, like getting a file, you
+ don't want any JSON decoding or extra processing. In that case set
+ this to True and you'll get a plain HTTPResponse.
+ """
+ params = post_params or {}
+ headers = headers or {}
+
+ if params:
+ body = urllib.urlencode(params)
+ else:
+ body = None
+
+ if body:
+ headers["Content-type"] = "application/x-www-form-urlencoded"
+
+ conn = httplib.HTTPConnection(self.host, self.port)
+ conn.request(method, url, body, headers)
+
+ if raw_response:
+ return conn.getresponse()
+ else:
+ resp = RESTResponse(conn.getresponse())
+ conn.close()
+
+ return resp
+
+ def GET(self, url, headers=None):
+ """Convenience method that just does a GET request."""
+ return self.request("GET", url, headers=headers)
+
+ def POST(self, url, params, headers=None):
+ """Convenience method that just does a POST request."""
+ return self.request("POST", url, post_params=params, headers=headers)
+
+
+class RESTResponse(object):
+ """
+ Returned by dropbox.rest.RESTClient wrapping the base http response
+ object to make it more convenient. It contains the attributes
+ http_response, status, reason, body, headers. If the body can
+ be parsed into json, then you get a data attribute too, otherwise
+ it's set to None.
+ """
+
+ def __init__(self, http_resp):
+ self.http_response = http_resp
+ self.status = http_resp.status
+ self.reason = http_resp.reason
+ self.body = http_resp.read()
+ self.headers = dict(http_resp.getheaders())
+
+ try:
+ self.data = json.loads(self.body)
+ except ValueError:
+ # looks like this isn't json, data is None
+ self.data = None
+
+
+
78 dropbox/handlers.py
@@ -0,0 +1,78 @@
+from google.appengine.ext import webapp
+
+import settings
+
+from dropbox import auth as dropbox_auth
+from instadrop.models import Profile
+from lilcookies import LilCookies
+
+
+class DropboxAuth(webapp.RequestHandler):
+ def get(self):
+ cookieutil = LilCookies(self, settings.COOKIE_SECRET)
+ ig_user_id = cookieutil.get_secure_cookie(name = "ig_user_id")
+
+ dba = dropbox_auth.Authenticator(settings.DROPBOX_CONFIG)
+ req_token = dba.obtain_request_token()
+
+ profiles = Profile.all()
+ profiles.filter("ig_user_id =", ig_user_id)
+ profile = profiles.get()
+
+ if not profile:
+ self.redirect("/connect")
+ return
+
+ profile.db_oauth_token_key = req_token.key
+ profile.db_oauth_token_secret = req_token.secret
+ profile.put()
+
+ authorize_url = dba.build_authorize_url(
+ req_token,
+ callback = settings.DROPBOX_CALLBACK)
+
+ self.redirect(authorize_url)
+
+
+class DropboxDisconnect(webapp.RequestHandler):
+ def get(self):
+ cookieutil = LilCookies(self, settings.COOKIE_SECRET)
+ ig_user_id = cookieutil.get_secure_cookie(name = "ig_user_id")
+
+ profiles = Profile.all()
+ profiles.filter("ig_user_id =", ig_user_id)
+ profile = profiles.get()
+
+ if profile:
+ profile.db_access_token_key = None
+ profile.db_oauth_token_secret = None
+ profile.put()
+
+ self.redirect("/")
+
+
+class DropboxCallback(webapp.RequestHandler):
+ def get(self):
+ from oauth import oauth
+
+ dba = dropbox_auth.Authenticator(settings.DROPBOX_CONFIG)
+
+ token = self.request.get("oauth_token")
+ profile = Profile.all().filter("db_oauth_token_key =", token).get()
+
+ if not profile:
+ self.redirect("/connect")
+ return
+
+ oauth_token = oauth.OAuthToken(
+ key = profile.db_oauth_token_key,
+ secret = profile.db_oauth_token_secret)
+
+ verifier = settings.DROPBOX_CONFIG['verifier']
+ access_token = dba.obtain_access_token(oauth_token, verifier)
+
+ profile.db_access_token_key = access_token.key
+ profile.db_access_token_secret = access_token.secret
+ profile.put()
+
+ self.redirect("/connect")
25 dropbox/helper.py
@@ -0,0 +1,25 @@
+def load_config(config_file):
+ from dropbox import auth
+ return auth.Authenticator.load_config(config_file)
+
+
+def authenticated_client(profile):
+ import settings
+ from dropbox import auth
+ from dropbox.client import DropboxClient
+ from oauth import oauth
+
+ dba = auth.Authenticator(settings.DROPBOX_CONFIG)
+
+ access_token = oauth.OAuthToken(
+ key = profile.db_access_token_key,
+ secret = profile.db_access_token_secret)
+
+ client = DropboxClient(
+ settings.DROPBOX_CONFIG['server'],
+ settings.DROPBOX_CONFIG['content_server'],
+ settings.DROPBOX_CONFIG['port'],
+ dba,
+ access_token)
+
+ return client
1,202 httplib2/__init__.py
@@ -0,0 +1,1202 @@
+from __future__ import generators
+"""
+httplib2
+
+A caching http interface that supports ETags and gzip
+to conserve bandwidth.
+
+Requires Python 2.3 or later
+
+Changelog:
+2007-08-18, Rick: Modified so it's able to use a socks proxy if needed.
+
+"""
+
+__author__ = "Joe Gregorio (joe@bitworking.org)"
+__copyright__ = "Copyright 2006, Joe Gregorio"
+__contributors__ = ["Thomas Broyer (t.broyer@ltgt.net)",
+ "James Antill",
+ "Xavier Verges Farrero",
+ "Jonathan Feinberg",
+ "Blair Zajac",
+ "Sam Ruby",
+ "Louis Nyffenegger"]
+__license__ = "MIT"
+__version__ = "$Rev$"
+
+import re
+import sys
+import email
+import email.Utils
+import email.Message
+import email.FeedParser
+import StringIO
+import gzip
+import zlib
+import httplib
+import urlparse
+import base64
+import os
+import copy
+import calendar
+import time
+import random
+# remove depracated warning in python2.6
+try:
+ from hashlib import sha1 as _sha, md5 as _md5
+except ImportError:
+ import sha
+ import md5
+ _sha = sha.new
+ _md5 = md5.new
+import hmac
+from gettext import gettext as _
+import socket
+
+try:
+ import socks
+except ImportError:
+ socks = None
+
+# Build the appropriate socket wrapper for ssl
+try:
+ import ssl # python 2.6
+ _ssl_wrap_socket = ssl.wrap_socket
+except ImportError:
+ def _ssl_wrap_socket(sock, key_file, cert_file):
+ ssl_sock = socket.ssl(sock, key_file, cert_file)
+ return httplib.FakeSocket(sock, ssl_sock)
+
+
+if sys.version_info >= (2,3):
+ from iri2uri import iri2uri
+else:
+ def iri2uri(uri):
+ return uri
+
+def has_timeout(timeout): # python 2.6
+ if hasattr(socket, '_GLOBAL_DEFAULT_TIMEOUT'):
+ return (timeout is not None and timeout is not socket._GLOBAL_DEFAULT_TIMEOUT)
+ return (timeout is not None)
+
+__all__ = ['Http', 'Response', 'ProxyInfo', 'HttpLib2Error',
+ 'RedirectMissingLocation', 'RedirectLimit', 'FailedToDecompressContent',
+ 'UnimplementedDigestAuthOptionError', 'UnimplementedHmacDigestAuthOptionError',
+ 'debuglevel']
+
+
+# The httplib debug level, set to a non-zero value to get debug output
+debuglevel = 0
+
+
+# Python 2.3 support
+if sys.version_info < (2,4):
+ def sorted(seq):
+ seq.sort()
+ return seq
+
+# Python 2.3 support
+def HTTPResponse__getheaders(self):
+ """Return list of (header, value) tuples."""
+ if self.msg is None:
+ raise httplib.ResponseNotReady()
+ return self.msg.items()
+
+if not hasattr(httplib.HTTPResponse, 'getheaders'):
+ httplib.HTTPResponse.getheaders = HTTPResponse__getheaders
+
+# All exceptions raised here derive from HttpLib2Error
+class HttpLib2Error(Exception): pass
+
+# Some exceptions can be caught and optionally
+# be turned back into responses.
+class HttpLib2ErrorWithResponse(HttpLib2Error):
+ def __init__(self, desc, response, content):
+ self.response = response
+ self.content = content
+ HttpLib2Error.__init__(self, desc)
+
+class RedirectMissingLocation(HttpLib2ErrorWithResponse): pass
+class RedirectLimit(HttpLib2ErrorWithResponse): pass
+class FailedToDecompressContent(HttpLib2ErrorWithResponse): pass
+class UnimplementedDigestAuthOptionError(HttpLib2ErrorWithResponse): pass
+class UnimplementedHmacDigestAuthOptionError(HttpLib2ErrorWithResponse): pass
+
+class RelativeURIError(HttpLib2Error): pass
+class ServerNotFoundError(HttpLib2Error): pass
+
+# Open Items:
+# -----------
+# Proxy support
+
+# Are we removing the cached content too soon on PUT (only delete on 200 Maybe?)
+
+# Pluggable cache storage (supports storing the cache in
+# flat files by default. We need a plug-in architecture
+# that can support Berkeley DB and Squid)
+
+# == Known Issues ==
+# Does not handle a resource that uses conneg and Last-Modified but no ETag as a cache validator.
+# Does not handle Cache-Control: max-stale
+# Does not use Age: headers when calculating cache freshness.
+
+
+# The number of redirections to follow before giving up.
+# Note that only GET redirects are automatically followed.
+# Will also honor 301 requests by saving that info and never
+# requesting that URI again.
+DEFAULT_MAX_REDIRECTS = 5
+
+# Which headers are hop-by-hop headers by default
+HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade']
+
+def _get_end2end_headers(response):
+ hopbyhop = list(HOP_BY_HOP)
+ hopbyhop.extend([x.strip() for x in response.get('connection', '').split(',')])
+ return [header for header in response.keys() if header not in hopbyhop]
+
+URI = re.compile(r"^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?")
+
+def parse_uri(uri):
+ """Parses a URI using the regex given in Appendix B of RFC 3986.
+
+ (scheme, authority, path, query, fragment) = parse_uri(uri)
+ """
+ groups = URI.match(uri).groups()
+ return (groups[1], groups[3], groups[4], groups[6], groups[8])
+
+def urlnorm(uri):
+ (scheme, authority, path, query, fragment) = parse_uri(uri)
+ if not scheme or not authority:
+ raise RelativeURIError("Only absolute URIs are allowed. uri = %s" % uri)
+ authority = authority.lower()
+ scheme = scheme.lower()
+ if not path:
+ path = "/"
+ # Could do syntax based normalization of the URI before
+ # computing the digest. See Section 6.2.2 of Std 66.
+ request_uri = query and "?".join([path, query]) or path
+ scheme = scheme.lower()
+ defrag_uri = scheme + "://" + authority + request_uri
+ return scheme, authority, request_uri, defrag_uri
+
+
+# Cache filename construction (original borrowed from Venus http://intertwingly.net/code/venus/)
+re_url_scheme = re.compile(r'^\w+://')
+re_slash = re.compile(r'[?/:|]+')
+
+def safename(filename):
+ """Return a filename suitable for the cache.
+
+ Strips dangerous and common characters to create a filename we
+ can use to store the cache in.
+ """
+
+ try:
+ if re_url_scheme.match(filename):
+ if isinstance(filename,str):
+ filename = filename.decode('utf-8')
+ filename = filename.encode('idna')
+ else:
+ filename = filename.encode('idna')
+ except UnicodeError:
+ pass
+ if isinstance(filename,unicode):
+ filename=filename.encode('utf-8')
+ filemd5 = _md5(filename).hexdigest()
+ filename = re_url_scheme.sub("", filename)
+ filename = re_slash.sub(",", filename)
+
+ # limit length of filename
+ if len(filename)>200:
+ filename=filename[:200]
+ return ",".join((filename, filemd5))
+
+NORMALIZE_SPACE = re.compile(r'(?:\r\n)?[ \t]+')
+def _normalize_headers(headers):
+ return dict([ (key.lower(), NORMALIZE_SPACE.sub(value, ' ').strip()) for (key, value) in headers.iteritems()])
+
+def _parse_cache_control(headers):
+ retval = {}
+ if headers.has_key('cache-control'):
+ parts = headers['cache-control'].split(',')
+ parts_with_args = [tuple([x.strip().lower() for x in part.split("=", 1)]) for part in parts if -1 != part.find("=")]
+ parts_wo_args = [(name.strip().lower(), 1) for name in parts if -1 == name.find("=")]
+ retval = dict(parts_with_args + parts_wo_args)
+ return retval
+
+# Whether to use a strict mode to parse WWW-Authenticate headers
+# Might lead to bad results in case of ill-formed header value,
+# so disabled by default, falling back to relaxed parsing.
+# Set to true to turn on, usefull for testing servers.
+USE_WWW_AUTH_STRICT_PARSING = 0
+
+# In regex below:
+# [^\0-\x1f\x7f-\xff()<>@,;:\\\"/[\]?={} \t]+ matches a "token" as defined by HTTP
+# "(?:[^\0-\x08\x0A-\x1f\x7f-\xff\\\"]|\\[\0-\x7f])*?" matches a "quoted-string" as defined by HTTP, when LWS have already been replaced by a single space
+# Actually, as an auth-param value can be either a token or a quoted-string, they are combined in a single pattern which matches both:
+# \"?((?<=\")(?:[^\0-\x1f\x7f-\xff\\\"]|\\[\0-\x7f])*?(?=\")|(?<!\")[^\0-\x08\x0A-\x1f\x7f-\xff()<>@,;:\\\"/[\]?={} \t]+(?!\"))\"?
+WWW_AUTH_STRICT = re.compile(r"^(?:\s*(?:,\s*)?([^\0-\x1f\x7f-\xff()<>@,;:\\\"/[\]?={} \t]+)\s*=\s*\"?((?<=\")(?:[^\0-\x08\x0A-\x1f\x7f-\xff\\\"]|\\[\0-\x7f])*?(?=\")|(?<!\")[^\0-\x1f\x7f-\xff()<>@,;:\\\"/[\]?={} \t]+(?!\"))\"?)(.*)$")
+WWW_AUTH_RELAXED = re.compile(r"^(?:\s*(?:,\s*)?([^ \t\r\n=]+)\s*=\s*\"?((?<=\")(?:[^\\\"]|\\.)*?(?=\")|(?<!\")[^ \t\r\n,]+(?!\"))\"?)(.*)$")
+UNQUOTE_PAIRS = re.compile(r'\\(.)')
+def _parse_www_authenticate(headers, headername='www-authenticate'):
+ """Returns a dictionary of dictionaries, one dict
+ per auth_scheme."""
+ retval = {}
+ if headers.has_key(headername):
+ authenticate = headers[headername].strip()
+ www_auth = USE_WWW_AUTH_STRICT_PARSING and WWW_AUTH_STRICT or WWW_AUTH_RELAXED
+ while authenticate:
+ # Break off the scheme at the beginning of the line
+ if headername == 'authentication-info':
+ (auth_scheme, the_rest) = ('digest', authenticate)
+ else:
+ (auth_scheme, the_rest) = authenticate.split(" ", 1)
+ # Now loop over all the key value pairs that come after the scheme,
+ # being careful not to roll into the next scheme
+ match = www_auth.search(the_rest)
+ auth_params = {}
+ while match:
+ if match and len(match.groups()) == 3:
+ (key, value, the_rest) = match.groups()
+ auth_params[key.lower()] = UNQUOTE_PAIRS.sub(r'\1', value) # '\\'.join([x.replace('\\', '') for x in value.split('\\\\')])
+ match = www_auth.search(the_rest)
+ retval[auth_scheme.lower()] = auth_params
+ authenticate = the_rest.strip()
+ return retval
+
+
+def _entry_disposition(response_headers, request_headers):
+ """Determine freshness from the Date, Expires and Cache-Control headers.
+
+ We don't handle the following:
+
+ 1. Cache-Control: max-stale
+ 2. Age: headers are not used in the calculations.
+
+ Not that this algorithm is simpler than you might think
+ because we are operating as a private (non-shared) cache.
+ This lets us ignore 's-maxage'. We can also ignore
+ 'proxy-invalidate' since we aren't a proxy.
+ We will never return a stale document as
+ fresh as a design decision, and thus the non-implementation
+ of 'max-stale'. This also lets us safely ignore 'must-revalidate'
+ since we operate as if every server has sent 'must-revalidate'.
+ Since we are private we get to ignore both 'public' and
+ 'private' parameters. We also ignore 'no-transform' since
+ we don't do any transformations.
+ The 'no-store' parameter is handled at a higher level.
+ So the only Cache-Control parameters we look at are:
+
+ no-cache
+ only-if-cached
+ max-age
+ min-fresh
+ """
+
+ retval = "STALE"
+ cc = _parse_cache_control(request_headers)
+ cc_response = _parse_cache_control(response_headers)
+
+ if request_headers.has_key('pragma') and request_headers['pragma'].lower().find('no-cache') != -1:
+ retval = "TRANSPARENT"
+ if 'cache-control' not in request_headers:
+ request_headers['cache-control'] = 'no-cache'
+ elif cc.has_key('no-cache'):
+ retval = "TRANSPARENT"
+ elif cc_response.has_key('no-cache'):
+ retval = "STALE"
+ elif cc.has_key('only-if-cached'):
+ retval = "FRESH"
+ elif response_headers.has_key('date'):
+ date = calendar.timegm(email.Utils.parsedate_tz(response_headers['date']))
+ now = time.time()
+ current_age = max(0, now - date)
+ if cc_response.has_key('max-age'):
+ try:
+ freshness_lifetime = int(cc_response['max-age'])
+ except ValueError:
+ freshness_lifetime = 0
+ elif response_headers.has_key('expires'):
+ expires = email.Utils.parsedate_tz(response_headers['expires'])
+ if None == expires:
+ freshness_lifetime = 0
+ else:
+ freshness_lifetime = max(0, calendar.timegm(expires) - date)
+ else:
+ freshness_lifetime = 0
+ if cc.has_key('max-age'):
+ try:
+ freshness_lifetime = int(cc['max-age'])
+ except ValueError:
+ freshness_lifetime = 0
+ if cc.has_key('min-fresh'):
+ try:
+ min_fresh = int(cc['min-fresh'])
+ except ValueError:
+ min_fresh = 0
+ current_age += min_fresh
+ if freshness_lifetime > current_age:
+ retval = "FRESH"
+ return retval
+
+def _decompressContent(response, new_content):
+ content = new_content
+ try:
+ encoding = response.get('content-encoding', None)
+ if encoding in ['gzip', 'deflate']:
+ if encoding == 'gzip':
+ content = gzip.GzipFile(fileobj=StringIO.StringIO(new_content)).read()
+ if encoding == 'deflate':
+ content = zlib.decompress(content)
+ response['content-length'] = str(len(content))
+ # Record the historical presence of the encoding in a way the won't interfere.
+ response['-content-encoding'] = response['content-encoding']
+ del response['content-encoding']
+ except IOError:
+ content = ""
+ raise FailedToDecompressContent(_("Content purported to be compressed with %s but failed to decompress.") % response.get('content-encoding'), response, content)
+ return content
+
+def _updateCache(request_headers, response_headers, content, cache, cachekey):
+ if cachekey:
+ cc = _parse_cache_control(request_headers)
+ cc_response = _parse_cache_control(response_headers)
+ if cc.has_key('no-store') or cc_response.has_key('no-store'):
+ cache.delete(cachekey)
+ else:
+ info = email.Message.Message()
+ for key, value in response_headers.iteritems():
+ if key not in ['status','content-encoding','transfer-encoding']:
+ info[key] = value
+
+ # Add annotations to the cache to indicate what headers
+ # are variant for this request.
+ vary = response_headers.get('vary', None)
+ if vary:
+ vary_headers = vary.lower().replace(' ', '').split(',')
+ for header in vary_headers:
+ key = '-varied-%s' % header
+ try:
+ info[key] = request_headers[header]
+ except KeyError:
+ pass
+
+ status = response_headers.status
+ if status == 304:
+ status = 200
+
+ status_header = 'status: %d\r\n' % response_headers.status
+
+ header_str = info.as_string()
+
+ header_str = re.sub("\r(?!\n)|(?<!\r)\n", "\r\n", header_str)
+ text = "".join([status_header, header_str, content])
+
+ cache.set(cachekey, text)
+
+def _cnonce():
+ dig = _md5("%s:%s" % (time.ctime(), ["0123456789"[random.randrange(0, 9)] for i in range(20)])).hexdigest()
+ return dig[:16]
+
+def _wsse_username_token(cnonce, iso_now, password):
+ return base64.b64encode(_sha("%s%s%s" % (cnonce, iso_now, password)).digest()).strip()
+
+
+# For credentials we need two things, first
+# a pool of credential to try (not necesarily tied to BAsic, Digest, etc.)
+# Then we also need a list of URIs that have already demanded authentication
+# That list is tricky since sub-URIs can take the same auth, or the
+# auth scheme may change as you descend the tree.
+# So we also need each Auth instance to be able to tell us
+# how close to the 'top' it is.
+
+class Authentication(object):
+ def __init__(self, credentials, host, request_uri, headers, response, content, http):
+ (scheme, authority, path, query, fragment) = parse_uri(request_uri)
+ self.path = path
+ self.host = host
+ self.credentials = credentials
+ self.http = http
+
+ def depth(self, request_uri):
+ (scheme, authority, path, query, fragment) = parse_uri(request_uri)
+ return request_uri[len(self.path):].count("/")
+
+ def inscope(self, host, request_uri):
+ # XXX Should we normalize the request_uri?
+ (scheme, authority, path, query, fragment) = parse_uri(request_uri)
+ return (host == self.host) and path.startswith(self.path)
+
+ def request(self, method, request_uri, headers, content):
+ """Modify the request headers to add the appropriate
+ Authorization header. Over-rise this in sub-classes."""
+ pass
+
+ def response(self, response, content):
+ """Gives us a chance to update with new nonces
+ or such returned from the last authorized response.
+ Over-rise this in sub-classes if necessary.
+
+ Return TRUE is the request is to be retried, for
+ example Digest may return stale=true.
+ """
+ return False
+
+
+
+class BasicAuthentication(Authentication):
+ def __init__(self, credentials, host, request_uri, headers, response, content, http):
+ Authentication.__init__(self, credentials, host, request_uri, headers, response, content, http)
+
+ def request(self, method, request_uri, headers, content):
+ """Modify the request headers to add the appropriate
+ Authorization header."""
+ headers['authorization'] = 'Basic ' + base64.b64encode("%s:%s" % self.credentials).strip()
+
+
+class DigestAuthentication(Authentication):
+ """Only do qop='auth' and MD5, since that
+ is all Apache currently implements"""
+ def __init__(self, credentials, host, request_uri, headers, response, content, http):
+ Authentication.__init__(self, credentials, host, request_uri, headers, response, content, http)
+ challenge = _parse_www_authenticate(response, 'www-authenticate')
+ self.challenge = challenge['digest']
+ qop = self.challenge.get('qop', 'auth')
+ self.challenge['qop'] = ('auth' in [x.strip() for x in qop.split()]) and 'auth' or None
+ if self.challenge['qop'] is None:
+ raise UnimplementedDigestAuthOptionError( _("Unsupported value for qop: %s." % qop))
+ self.challenge['algorithm'] = self.challenge.get('algorithm', 'MD5').upper()
+ if self.challenge['algorithm'] != 'MD5':
+ raise UnimplementedDigestAuthOptionError( _("Unsupported value for algorithm: %s." % self.challenge['algorithm']))
+ self.A1 = "".join([self.credentials[0], ":", self.challenge['realm'], ":", self.credentials[1]])
+ self.challenge['nc'] = 1
+
+ def request(self, method, request_uri, headers, content, cnonce = None):
+ """Modify the request headers"""
+ H = lambda x: _md5(x).hexdigest()
+ KD = lambda s, d: H("%s:%s" % (s, d))
+ A2 = "".join([method, ":", request_uri])
+ self.challenge['cnonce'] = cnonce or _cnonce()
+ request_digest = '"%s"' % KD(H(self.A1), "%s:%s:%s:%s:%s" % (self.challenge['nonce'],
+ '%08x' % self.challenge['nc'],
+ self.challenge['cnonce'],
+ self.challenge['qop'], H(A2)
+ ))
+ headers['Authorization'] = 'Digest username="%s", realm="%s", nonce="%s", uri="%s", algorithm=%s, response=%s, qop=%s, nc=%08x, cnonce="%s"' % (
+ self.credentials[0],
+ self.challenge['realm'],
+ self.challenge['nonce'],
+ request_uri,
+ self.challenge['algorithm'],
+ request_digest,
+ self.challenge['qop'],
+ self.challenge['nc'],
+ self.challenge['cnonce'],
+ )
+ self.challenge['nc'] += 1
+
+ def response(self, response, content):
+ if not response.has_key('authentication-info'):
+ challenge = _parse_www_authenticate(response, 'www-authenticate').get('digest', {})
+ if 'true' == challenge.get('stale'):
+ self.challenge['nonce'] = challenge['nonce']
+ self.challenge['nc'] = 1
+ return True
+ else:
+ updated_challenge = _parse_www_authenticate(response, 'authentication-info').get('digest', {})
+
+ if updated_challenge.has_key('nextnonce'):
+ self.challenge['nonce'] = updated_challenge['nextnonce']
+ self.challenge['nc'] = 1
+ return False
+
+
+class HmacDigestAuthentication(Authentication):
+ """Adapted from Robert Sayre's code and DigestAuthentication above."""
+ __author__ = "Thomas Broyer (t.broyer@ltgt.net)"
+
+ def __init__(self, credentials, host, request_uri, headers, response, content, http):
+ Authentication.__init__(self, credentials, host, request_uri, headers, response, content, http)
+ challenge = _parse_www_authenticate(response, 'www-authenticate')
+ self.challenge = challenge['hmacdigest']
+ # TODO: self.challenge['domain']
+ self.challenge['reason'] = self.challenge.get('reason', 'unauthorized')
+ if self.challenge['reason'] not in ['unauthorized', 'integrity']:
+ self.challenge['reason'] = 'unauthorized'
+ self.challenge['salt'] = self.challenge.get('salt', '')
+ if not self.challenge.get('snonce'):
+ raise UnimplementedHmacDigestAuthOptionError( _("The challenge doesn't contain a server nonce, or this one is empty."))
+ self.challenge['algorithm'] = self.challenge.get('algorithm', 'HMAC-SHA-1')
+ if self.challenge['algorithm'] not in ['HMAC-SHA-1', 'HMAC-MD5']:
+ raise UnimplementedHmacDigestAuthOptionError( _("Unsupported value for algorithm: %s." % self.challenge['algorithm']))
+ self.challenge['pw-algorithm'] = self.challenge.get('pw-algorithm', 'SHA-1')
+ if self.challenge['pw-algorithm'] not in ['SHA-1', 'MD5']:
+ raise UnimplementedHmacDigestAuthOptionError( _("Unsupported value for pw-algorithm: %s." % self.challenge['pw-algorithm']))
+ if self.challenge['algorithm'] == 'HMAC-MD5':
+ self.hashmod = _md5
+ else:
+ self.hashmod = _sha
+ if self.challenge['pw-algorithm'] == 'MD5':
+ self.pwhashmod = _md5
+ else:
+ self.pwhashmod = _sha
+ self.key = "".join([self.credentials[0], ":",
+ self.pwhashmod.new("".join([self.credentials[1], self.challenge['salt']])).hexdigest().lower(),
+ ":", self.challenge['realm']
+ ])
+ self.key = self.pwhashmod.new(self.key).hexdigest().lower()
+
+ def request(self, method, request_uri, headers, content):
+ """Modify the request headers"""
+ keys = _get_end2end_headers(headers)
+ keylist = "".join(["%s " % k for k in keys])
+ headers_val = "".join([headers[k] for k in keys])
+ created = time.strftime('%Y-%m-%dT%H:%M:%SZ',time.gmtime())
+ cnonce = _cnonce()
+ request_digest = "%s:%s:%s:%s:%s" % (method, request_uri, cnonce, self.challenge['snonce'], headers_val)
+ request_digest = hmac.new(self.key, request_digest, self.hashmod).hexdigest().lower()
+ headers['Authorization'] = 'HMACDigest username="%s", realm="%s", snonce="%s", cnonce="%s", uri="%s", created="%s", response="%s", headers="%s"' % (
+ self.credentials[0],
+ self.challenge['realm'],
+ self.challenge['snonce'],
+ cnonce,
+ request_uri,
+ created,
+ request_digest,
+ keylist,
+ )
+
+ def response(self, response, content):
+ challenge = _parse_www_authenticate(response, 'www-authenticate').get('hmacdigest', {})
+ if challenge.get('reason') in ['integrity', 'stale']:
+ return True
+ return False
+
+
+class WsseAuthentication(Authentication):
+ """This is thinly tested and should not be relied upon.
+ At this time there isn't any third party server to test against.
+ Blogger and TypePad implemented this algorithm at one point
+ but Blogger has since switched to Basic over HTTPS and
+ TypePad has implemented it wrong, by never issuing a 401
+ challenge but instead requiring your client to telepathically know that
+ their endpoint is expecting WSSE profile="UsernameToken"."""
+ def __init__(self, credentials, host, request_uri, headers, response, content, http):
+ Authentication.__init__(self, credentials, host, request_uri, headers, response, content, http)
+
+ def request(self, method, request_uri, headers, content):
+ """Modify the request headers to add the appropriate
+ Authorization header."""
+ headers['Authorization'] = 'WSSE profile="UsernameToken"'
+ iso_now = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
+ cnonce = _cnonce()
+ password_digest = _wsse_username_token(cnonce, iso_now, self.credentials[1])
+ headers['X-WSSE'] = 'UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"' % (
+ self.credentials[0],
+ password_digest,
+ cnonce,
+ iso_now)
+
+class GoogleLoginAuthentication(Authentication):
+ def __init__(self, credentials, host, request_uri, headers, response, content, http):
+ from urllib import urlencode
+ Authentication.__init__(self, credentials, host, request_uri, headers, response, content, http)
+ challenge = _parse_www_authenticate(response, 'www-authenticate')
+ service = challenge['googlelogin'].get('service', 'xapi')
+ # Bloggger actually returns the service in the challenge
+ # For the rest we guess based on the URI
+ if service == 'xapi' and request_uri.find("calendar") > 0:
+ service = "cl"
+ # No point in guessing Base or Spreadsheet
+ #elif request_uri.find("spreadsheets") > 0:
+ # service = "wise"
+
+ auth = dict(Email=credentials[0], Passwd=credentials[1], service=service, source=headers['user-agent'])
+ resp, content = self.http.request("https://www.google.com/accounts/ClientLogin", method="POST", body=urlencode(auth), headers={'Content-Type': 'application/x-www-form-urlencoded'})
+ lines = content.split('\n')
+ d = dict([tuple(line.split("=", 1)) for line in lines if line])
+ if resp.status == 403:
+ self.Auth = ""
+ else:
+ self.Auth = d['Auth']
+
+ def request(self, method, request_uri, headers, content):
+ """Modify the request headers to add the appropriate
+ Authorization header."""
+ headers['authorization'] = 'GoogleLogin Auth=' + self.Auth
+
+
+AUTH_SCHEME_CLASSES = {
+ "basic": BasicAuthentication,
+ "wsse": WsseAuthentication,
+ "digest": DigestAuthentication,
+ "hmacdigest": HmacDigestAuthentication,
+ "googlelogin": GoogleLoginAuthentication
+}
+
+AUTH_SCHEME_ORDER = ["hmacdigest", "googlelogin", "digest", "wsse", "basic"]
+
+class FileCache(object):
+ """Uses a local directory as a store for cached files.
+ Not really safe to use if multiple threads or processes are going to
+ be running on the same cache.
+ """
+ def __init__(self, cache, safe=safename): # use safe=lambda x: md5.new(x).hexdigest() for the old behavior
+ self.cache = cache
+ self.safe = safe
+ if not os.path.exists(cache):
+ os.makedirs(self.cache)
+
+ def get(self, key):
+ retval = None
+ cacheFullPath = os.path.join(self.cache, self.safe(key))
+ try:
+ f = file(cacheFullPath, "rb")
+ retval = f.read()
+ f.close()
+ except IOError:
+ pass
+ return retval
+
+ def set(self, key, value):
+ cacheFullPath = os.path.join(self.cache, self.safe(key))
+ f = file(cacheFullPath, "wb")
+ f.write(value)
+ f.close()
+
+ def delete(self, key):
+ cacheFullPath = os.path.join(self.cache, self.safe(key))
+ if os.path.exists(cacheFullPath):
+ os.remove(cacheFullPath)
+
+class Credentials(object):
+ def __init__(self):
+ self.credentials = []
+
+ def add(self, name, password, domain=""):
+ self.credentials.append((domain.lower(), name, password))
+
+ def clear(self):
+ self.credentials = []
+
+ def iter(self, domain):
+ for (cdomain, name, password) in self.credentials:
+ if cdomain == "" or domain == cdomain:
+ yield (name, password)
+
+class KeyCerts(Credentials):
+ """Identical to Credentials except that
+ name/password are mapped to key/cert."""
+ pass
+
+
+class ProxyInfo(object):
+ """Collect information required to use a proxy."""
+ def __init__(self, proxy_type, proxy_host, proxy_port, proxy_rdns=None, proxy_user=None, proxy_pass=None):
+ """The parameter proxy_type must be set to one of socks.PROXY_TYPE_XXX
+ constants. For example:
+
+p = ProxyInfo(proxy_type=socks.PROXY_TYPE_HTTP, proxy_host='localhost', proxy_port=8000)
+ """
+ self.proxy_type, self.proxy_host, self.proxy_port, self.proxy_rdns, self.proxy_user, self.proxy_pass = proxy_type, proxy_host, proxy_port, proxy_rdns, proxy_user, proxy_pass
+
+ def astuple(self):
+ return (self.proxy_type, self.proxy_host, self.proxy_port, self.proxy_rdns,
+ self.proxy_user, self.proxy_pass)
+
+ def isgood(self):
+ return socks and (self.proxy_host != None) and (self.proxy_port != None)
+
+
+class HTTPConnectionWithTimeout(httplib.HTTPConnection):
+ """HTTPConnection subclass that supports timeouts"""
+
+ def __init__(self, host, port=None, strict=None, timeout=None, proxy_info=None):
+ httplib.HTTPConnection.__init__(self, host, port, strict)
+ self.timeout = timeout
+ self.proxy_info = proxy_info
+
+ def connect(self):
+ """Connect to the host and port specified in __init__."""
+ # Mostly verbatim from httplib.py.
+ msg = "getaddrinfo returns an empty list"
+ for res in socket.getaddrinfo(self.host, self.port, 0,
+ socket.SOCK_STREAM):
+ af, socktype, proto, canonname, sa = res
+ try:
+ if self.proxy_info and self.proxy_info.isgood():
+ self.sock = socks.socksocket(af, socktype, proto)
+ self.sock.setproxy(*self.proxy_info.astuple())
+ else:
+ self.sock = socket.socket(af, socktype, proto)
+ # Different from httplib: support timeouts.
+ if has_timeout(self.timeout):
+ self.sock.settimeout(self.timeout)
+ # End of difference from httplib.
+ if self.debuglevel > 0:
+ print "connect: (%s, %s)" % (self.host, self.port)
+
+ self.sock.connect(sa)
+ except socket.error, msg:
+ if self.debuglevel > 0:
+ print 'connect fail:', (self.host, self.port)
+ if self.sock:
+ self.sock.close()
+ self.sock = None
+ continue
+ break
+ if not self.sock:
+ raise socket.error, msg
+
+class HTTPSConnectionWithTimeout(httplib.HTTPSConnection):
+ "This class allows communication via SSL."
+
+ def __init__(self, host, port=None, key_file=None, cert_file=None,
+ strict=None, timeout=None, proxy_info=None):
+ httplib.HTTPSConnection.__init__(self, host, port=port, key_file=key_file,
+ cert_file=cert_file, strict=strict)
+ self.timeout = timeout
+ self.proxy_info = proxy_info
+
+ def connect(self):
+ "Connect to a host on a given (SSL) port."
+
+ if self.proxy_info and self.proxy_info.isgood():
+ sock = socks.socksocket(socket.AF_INET, socket.SOCK_STREAM)
+ sock.setproxy(*self.proxy_info.astuple())
+ else:
+ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+
+ if has_timeout(self.timeout):
+ sock.settimeout(self.timeout)
+ sock.connect((self.host, self.port))
+ self.sock =_ssl_wrap_socket(sock, self.key_file, self.cert_file)
+
+
+
+class Http(object):
+ """An HTTP client that handles:
+- all methods
+- caching
+- ETags
+- compression,
+- HTTPS
+- Basic
+- Digest
+- WSSE
+
+and more.
+ """
+ def __init__(self, cache=None, timeout=None, proxy_info=None):
+ """The value of proxy_info is a ProxyInfo instance.
+
+If 'cache' is a string then it is used as a directory name
+for a disk cache. Otherwise it must be an object that supports
+the same interface as FileCache."""
+ self.proxy_info = proxy_info
+ # Map domain name to an httplib connection
+ self.connections = {}
+ # The location of the cache, for now a directory
+ # where cached responses are held.
+ if cache and isinstance(cache, str):
+ self.cache = FileCache(cache)
+ else:
+ self.cache = cache
+
+ # Name/password
+ self.credentials = Credentials()
+
+ # Key/cert
+ self.certificates = KeyCerts()
+
+ # authorization objects
+ self.authorizations = []
+
+ # If set to False then no redirects are followed, even safe ones.
+ self.follow_redirects = True
+
+ # Which HTTP methods do we apply optimistic concurrency to, i.e.
+ # which methods get an "if-match:" etag header added to them.
+ self.optimistic_concurrency_methods = ["PUT"]
+
+ # If 'follow_redirects' is True, and this is set to True then
+ # all redirecs are followed, including unsafe ones.
+ self.follow_all_redirects = False
+
+ self.ignore_etag = False
+
+ self.force_exception_to_status_code = False
+
+ self.timeout = timeout
+
+ def _auth_from_challenge(self, host, request_uri, headers, response, content):
+ """A generator that creates Authorization objects
+ that can be applied to requests.
+ """
+ challenges = _parse_www_authenticate(response, 'www-authenticate')
+ for cred in self.credentials.iter(host):
+ for scheme in AUTH_SCHEME_ORDER:
+ if challenges.has_key(scheme):
+ yield AUTH_SCHEME_CLASSES[scheme](cred, host, request_uri, headers, response, content, self)
+
+ def add_credentials(self, name, password, domain=""):
+ """Add a name and password that will be used
+ any time a request requires authentication."""
+ self.credentials.add(name, password, domain)
+
+ def add_certificate(self, key, cert, domain):
+ """Add a key and cert that will be used
+ any time a request requires authentication."""
+ self.certificates.add(key, cert, domain)
+
+ def clear_credentials(self):
+ """Remove all the names and passwords
+ that are used for authentication"""
+ self.credentials.clear()
+ self.authorizations = []
+
+ def _conn_request(self, conn, request_uri, method, body, headers):
+ for i in range(2):
+ try:
+ conn.request(method, request_uri, body, headers)
+ except socket.gaierror:
+ conn.close()
+ raise ServerNotFoundError("Unable to find the server at %s" % conn.host)
+ except (socket.error, httplib.HTTPException):
+ # Just because the server closed the connection doesn't apparently mean
+ # that the server didn't send a response.
+ pass
+ try:
+ response = conn.getresponse()
+ except (socket.error, httplib.HTTPException):
+ if i == 0:
+ conn.close()
+ conn.connect()
+ continue
+ else:
+ raise
+ else:
+ content = ""
+ if method == "HEAD":
+ response.close()
+ else:
+ content = response.read()
+ response = Response(response)
+ if method != "HEAD":
+ content = _decompressContent(response, content)
+ break
+ return (response, content)
+
+
+ def _request(self, conn, host, absolute_uri, request_uri, method, body, headers, redirections, cachekey):
+ """Do the actual request using the connection object
+ and also follow one level of redirects if necessary"""
+
+ auths = [(auth.depth(request_uri), auth) for auth in self.authorizations if auth.inscope(host, request_uri)]
+ auth = auths and sorted(auths)[0][1] or None
+ if auth:
+ auth.request(method, request_uri, headers, body)
+
+ (response, content) = self._conn_request(conn, request_uri, method, body, headers)
+
+ if auth:
+ if auth.response(response, body):
+ auth.request(method, request_uri, headers, body)
+ (response, content) = self._conn_request(conn, request_uri, method, body, headers )
+ response._stale_digest = 1
+
+ if response.status == 401:
+ for authorization in self._auth_from_challenge(host, request_uri, headers, response, content):
+ authorization.request(method, request_uri, headers, body)
+ (response, content) = self._conn_request(conn, request_uri, method, body, headers, )
+ if response.status != 401:
+ self.authorizations.append(authorization)
+ authorization.response(response, body)
+ break
+
+ if (self.follow_all_redirects or (method in ["GET", "HEAD"]) or response.status == 303):
+ if self.follow_redirects and response.status in [300, 301, 302, 303, 307]:
+ # Pick out the location header and basically start from the beginning
+ # remembering first to strip the ETag header and decrement our 'depth'
+ if redirections:
+ if not response.has_key('location') and response.status != 300:
+ raise RedirectMissingLocation( _("Redirected but the response is missing a Location: header."), response, content)
+ # Fix-up relative redirects (which violate an RFC 2616 MUST)
+ if response.has_key('location'):
+ location = response['location']
+ (scheme, authority, path, query, fragment) = parse_uri(location)
+ if authority == None:
+ response['location'] = urlparse.urljoin(absolute_uri, location)
+ if response.status == 301 and method in ["GET", "HEAD"]:
+ response['-x-permanent-redirect-url'] = response['location']
+ if not response.has_key('content-location'):
+ response['content-location'] = absolute_uri
+ _updateCache(headers, response, content, self.cache, cachekey)
+ if headers.has_key('if-none-match'):
+ del headers['if-none-match']
+ if headers.has_key('if-modified-since'):
+ del headers['if-modified-since']
+ if response.has_key('location'):
+ location = response['location']
+ old_response = copy.deepcopy(response)
+ if not old_response.has_key('content-location'):
+ old_response['content-location'] = absolute_uri
+ redirect_method = ((response.status == 303) and (method not in ["GET", "HEAD"])) and "GET" or method
+ (response, content) = self.request(location, redirect_method, body=body, headers = headers, redirections = redirections - 1)
+ response.previous = old_response
+ else:
+ raise RedirectLimit( _("Redirected more times than rediection_limit allows."), response, content)
+ elif response.status in [200, 203] and method == "GET":
+ # Don't cache 206's since we aren't going to handle byte range requests
+ if not response.has_key('content-location'):
+ response['content-location'] = absolute_uri
+ _updateCache(headers, response, content, self.cache, cachekey)
+
+ return (response, content)
+
+ def _normalize_headers(self, headers):
+ return _normalize_headers(headers)
+
+# Need to catch and rebrand some exceptions
+# Then need to optionally turn all exceptions into status codes
+# including all socket.* and httplib.* exceptions.
+
+
+ def request(self, uri, method="GET", body=None, headers=None, redirections=DEFAULT_MAX_REDIRECTS, connection_type=None):
+ """ Performs a single HTTP request.
+The 'uri' is the URI of the HTTP resource and can begin
+with either 'http' or 'https'. The value of 'uri' must be an absolute URI.
+
+The 'method' is the HTTP method to perform, such as GET, POST, DELETE, etc.
+There is no restriction on the methods allowed.
+
+The 'body' is the entity body to be sent with the request. It is a string
+object.
+
+Any extra headers that are to be sent with the request should be provided in the
+'headers' dictionary.
+
+The maximum number of redirect to follow before raising an
+exception is 'redirections. The default is 5.
+
+The return value is a tuple of (response, content), the first
+being and instance of the 'Response' class, the second being
+a string that contains the response entity body.
+ """
+ try:
+ if headers is None:
+ headers = {}
+ else:
+ headers = self._normalize_headers(headers)
+
+ if not headers.has_key('user-agent'):
+ headers['user-agent'] = "Python-httplib2/%s" % __version__
+
+ uri = iri2uri(uri)
+
+ (scheme, authority, request_uri, defrag_uri) = urlnorm(uri)
+ domain_port = authority.split(":")[0:2]
+ if len(domain_port) == 2 and domain_port[1] == '443' and scheme == 'http':
+ scheme = 'https'
+ authority = domain_port[0]
+
+ conn_key = scheme+":"+authority
+ if conn_key in self.connections:
+ conn = self.connections[conn_key]
+ else:
+ if not connection_type:
+ connection_type = (scheme == 'https') and HTTPSConnectionWithTimeout or HTTPConnectionWithTimeout
+ certs = list(self.certificates.iter(authority))
+ if scheme == 'https' and certs:
+ conn = self.connections[conn_key] = connection_type(authority, key_file=certs[0][0],
+ cert_file=certs[0][1], timeout=self.timeout, proxy_info=self.proxy_info)
+ else:
+ conn = self.connections[conn_key] = connection_type(authority, timeout=self.timeout, proxy_info=self.proxy_info)
+ conn.set_debuglevel(debuglevel)
+
+ if method in ["GET", "HEAD"] and 'range' not in headers and 'accept-encoding' not in headers:
+ headers['accept-encoding'] = 'gzip, deflate'
+
+ info = email.Message.Message()
+ cached_value = None
+ if self.cache:
+ cachekey = defrag_uri
+ cached_value = self.cache.get(cachekey)
+ if cached_value:
+ # info = email.message_from_string(cached_value)
+ #
+ # Need to replace the line above with the kludge below
+ # to fix the non-existent bug not fixed in this
+ # bug report: http://mail.python.org/pipermail/python-bugs-list/2005-September/030289.html
+ try:
+ info, content = cached_value.split('\r\n\r\n', 1)
+ feedparser = email.FeedParser.FeedParser()
+ feedparser.feed(info)
+ info = feedparser.close()
+ feedparser._parse = None
+ except IndexError:
+ self.cache.delete(cachekey)
+ cachekey = None
+ cached_value = None
+ else:
+ cachekey = None
+
+ if method in self.optimistic_concurrency_methods and self.cache and info.has_key('etag') and not self.ignore_etag and 'if-match' not in headers:
+ # http://www.w3.org/1999/04/Editing/
+ headers['if-match'] = info['etag']
+
+ if method not in ["GET", "HEAD"] and self.cache and cachekey:
+ # RFC 2616 Section 13.10
+ self.cache.delete(cachekey)
+
+ # Check the vary header in the cache to see if this request
+ # matches what varies in the cache.
+ if method in ['GET', 'HEAD'] and 'vary' in info:
+ vary = info['vary']
+ vary_headers = vary.lower().replace(' ', '').split(',')
+ for header in vary_headers:
+ key = '-varied-%s' % header
+ value = info[key]
+ if headers.get(header, '') != value:
+ cached_value = None
+ break
+
+ if cached_value and method in ["GET", "HEAD"] and self.cache and 'range' not in headers:
+ if info.has_key('-x-permanent-redirect-url'):
+ # Should cached permanent redirects be counted in our redirection count? For now, yes.
+ (response, new_content) = self.request(info['-x-permanent-redirect-url'], "GET", headers = headers, redirections = redirections - 1)
+ response.previous = Response(info)
+ response.previous.fromcache = True
+ else:
+ # Determine our course of action:
+ # Is the cached entry fresh or stale?
+ # Has the client requested a non-cached response?
+ #
+ # There seems to be three possible answers:
+ # 1. [FRESH] Return the cache entry w/o doing a GET
+ # 2. [STALE] Do the GET (but add in cache validators if available)
+ # 3. [TRANSPARENT] Do a GET w/o any cache validators (Cache-Control: no-cache) on the request
+ entry_disposition = _entry_disposition(info, headers)
+
+ if entry_disposition == "FRESH":
+ if not cached_value:
+ info['status'] = '504'
+ content = ""
+ response = Response(info)
+ if cached_value:
+ response.fromcache = True
+ return (response, content)
+
+ if entry_disposition == "STALE":
+ if info.has_key('etag') and not self.ignore_etag and not 'if-none-match' in headers:
+ headers['if-none-match'] = info['etag']
+ if info.has_key('last-modified') and not 'last-modified' in headers:
+ headers['if-modified-since'] = info['last-modified']
+ elif entry_disposition == "TRANSPARENT":
+ pass
+
+ (response, new_content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
+
+ if response.status == 304 and method == "GET":
+ # Rewrite the cache entry with the new end-to-end headers
+ # Take all headers that are in response
+ # and overwrite their values in info.
+ # unless they are hop-by-hop, or are listed in the connection header.
+
+ for key in _get_end2end_headers(response):
+ info[key] = response[key]
+ merged_response = Response(info)
+ if hasattr(response, "_stale_digest"):
+ merged_response._stale_digest = response._stale_digest
+ _updateCache(headers, merged_response, content, self.cache, cachekey)
+ response = merged_response
+ response.status = 200
+ response.fromcache = True
+
+ elif response.status == 200:
+ content = new_content
+ else:
+ self.cache.delete(cachekey)
+ content = new_content
+ else:
+ cc = _parse_cache_control(headers)
+ if cc.has_key('only-if-cached'):
+ info['status'] = '504'
+ response = Response(info)
+ content = ""
+ else:
+ (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
+ except Exception, e:
+ if self.force_exception_to_status_code:
+ if isinstance(e, HttpLib2ErrorWithResponse):
+ response = e.response
+ content = e.content
+ response.status = 500
+ response.reason = str(e)
+ elif isinstance(e, socket.timeout):
+ content = "Request Timeout"
+ response = Response( {
+ "content-type": "text/plain",
+ "status": "408",
+ "content-length": len(content)
+ })
+ response.reason = "Request Timeout"
+ else:
+ content = str(e)
+ response = Response( {
+ "content-type": "text/plain",
+ "status": "400",
+ "content-length": len(content)
+ })
+ response.reason = "Bad Request"
+ else:
+ raise
+
+
+ return (response, content)
+
+
+
+class Response(dict):
+ """An object more like email.Message than httplib.HTTPResponse."""
+
+ """Is this response from our local cache"""
+ fromcache = False
+
+ """HTTP protocol version used by server. 10 for HTTP/1.0, 11 for HTTP/1.1. """
+ version = 11
+
+ "Status code returned by server. "
+ status = 200
+
+ """Reason phrase returned by server."""
+ reason = "Ok"
+
+ previous = None
+
+ def __init__(self, info):
+ # info is either an email.Message or
+ # an httplib.HTTPResponse object.
+ if isinstance(info, httplib.HTTPResponse):
+ for key, value in info.getheaders():
+ self[key.lower()] = value
+ self.status = info.status
+ self['status'] = str(self.status)
+ self.reason = info.reason
+ self.version = info.version
+ elif isinstance(info, email.Message.Message):
+ for key, value in info.items():
+ self[key] = value
+ self.status = int(self['status'])
+ else:
+ for key, value in info.iteritems():
+ self[key] = value
+ self.status = int(self.get('status', self.status))
+
+
+ def __getattr__(self, name):
+ if name == 'dict':
+ return self
+ else:
+ raise AttributeError, name
110 httplib2/iri2uri.py
@@ -0,0 +1,110 @@
+"""
+iri2uri
+
+Converts an IRI to a URI.
+
+"""
+__author__ = "Joe Gregorio (joe@bitworking.org)"
+__copyright__ = "Copyright 2006, Joe Gregorio"
+__contributors__ = []
+__version__ = "1.0.0"
+__license__ = "MIT"
+__history__ = """
+"""
+
+import urlparse
+
+
+# Convert an IRI to a URI following the rules in RFC 3987
+#
+# The characters we need to enocde and escape are defined in the spec:
+#
+# iprivate = %xE000-F8FF / %xF0000-FFFFD / %x100000-10FFFD
+# ucschar = %xA0-D7FF / %xF900-FDCF / %xFDF0-FFEF
+# / %x10000-1FFFD / %x20000-2FFFD / %x30000-3FFFD
+# / %x40000-4FFFD / %x50000-5FFFD / %x60000-6FFFD
+# / %x70000-7FFFD / %x80000-8FFFD / %x90000-9FFFD
+# / %xA0000-AFFFD / %xB0000-BFFFD / %xC0000-CFFFD
+# / %xD0000-DFFFD / %xE1000-EFFFD
+
+escape_range = [
+ (0xA0, 0xD7FF ),
+ (0xE000, 0xF8FF ),
+ (0xF900, 0xFDCF ),
+ (0xFDF0, 0xFFEF),
+ (0x10000, 0x1FFFD ),
+ (0x20000, 0x2FFFD ),
+ (0x30000, 0x3FFFD),
+ (0x40000, 0x4FFFD ),
+ (0x50000, 0x5FFFD ),
+ (0x60000, 0x6FFFD),
+ (0x70000, 0x7FFFD ),
+ (0x80000, 0x8FFFD ),
+ (0x90000, 0x9FFFD),
+ (0xA0000, 0xAFFFD ),
+ (0xB0000, 0xBFFFD ),
+ (0xC0000, 0xCFFFD),
+ (0xD0000, 0xDFFFD ),
+ (0xE1000, 0xEFFFD),
+ (0xF0000, 0xFFFFD ),
+ (0x100000, 0x10FFFD)
+]
+
+def encode(c):
+ retval = c
+ i = ord(c)
+ for low, high in escape_range:
+ if i < low:
+ break
+ if i >= low and i <= high:
+ retval = "".join(["%%%2X" % ord(o) for o in c.encode('utf-8')])
+ break
+ return retval
+
+
+def iri2uri(uri):
+ """Convert an IRI to a URI. Note that IRIs must be
+ passed in a unicode strings. That is, do not utf-8 encode
+ the IRI before passing it into the function."""
+ if isinstance(uri ,unicode):
+ (scheme, authority, path, query, fragment) = urlparse.urlsplit(uri)
+ authority = authority.encode('idna')
+ # For each character in 'ucschar' or 'iprivate'
+ # 1. encode as utf-8
+ # 2. then %-encode each octet of that utf-8
+ uri = urlparse.urlunsplit((scheme, authority, path, query, fragment))
+ uri = "".join([encode(c) for c in uri])
+ return uri
+
+if __name__ == "__main__":
+ import unittest
+
+ class Test(unittest.TestCase):
+
+ def test_uris(self):
+ """Test that URIs are invariant under the transformation."""
+ invariant = [
+ u"ftp://ftp.is.co.za/rfc/rfc1808.txt",
+ u"http://www.ietf.org/rfc/rfc2396.txt",
+ u"ldap://[2001:db8::7]/c=GB?objectClass?one",
+ u"mailto:John.Doe@example.com",
+ u"news:comp.infosystems.www.servers.unix",
+ u"tel:+1-816-555-1212",
+ u"telnet://192.0.2.16:80/",
+ u"urn:oasis:names:specification:docbook:dtd:xml:4.1.2" ]
+ for uri in invariant:
+ self.assertEqual(uri, iri2uri(uri))
+
+ def test_iri(self):
+ """ Test that the right type of escaping is done for each part of the URI."""
+ self.assertEqual("http://xn--o3h.com/%E2%98%84", iri2uri(u"http://\N{COMET}.com/\N{COMET}"))
+ self.assertEqual("http://bitworking.org/?fred=%E2%98%84", iri2uri(u"http://bitworking.org/?fred=\N{COMET}"))
+ self.assertEqual("http://bitworking.org/#%E2%98%84", iri2uri(u"http://bitworking.org/#\N{COMET}"))
+ self.assertEqual("#%E2%98%84", iri2uri(u"#\N{COMET}"))
+ self.assertEqual("/fred?bar=%E2%98%9A#%E2%98%84", iri2uri(u"/fred?bar=\N{BLACK LEFT POINTING INDEX}#\N{COMET}"))
+ self.assertEqual("/fred?bar=%E2%98%9A#%E2%98%84", iri2uri(iri2uri(u"/fred?bar=\N{BLACK LEFT POINTING INDEX}#\N{COMET}")))
+ self.assertNotEqual("/fred?bar=%E2%98%9A#%E2%98%84", iri2uri(u"/fred?bar=\N{BLACK LEFT POINTING INDEX}#\N{COMET}".encode('utf-8')))
+
+ unittest.main()
+
+
0  instadrop/__init__.py
No changes.
41 instadrop/handlers.py
@@ -0,0 +1,41 @@
+from google.appengine.ext import webapp
+
+import settings
+
+from lilcookies import LilCookies
+from instadrop.models import Profile
+
+
+class WelcomeHandler(webapp.RequestHandler):
+ def get(self):
+ cookieutil = LilCookies(self, settings.COOKIE_SECRET)
+ ig_user_id = cookieutil.get_secure_cookie(name = "ig_user_id")
+
+ profiles = Profile.all()
+ profiles.filter("ig_user_id =", ig_user_id)
+ profile = profiles.get()
+
+ if profile and profile.fully_connected():
+ self.render_template("connected.html")
+ else:
+ self.render_template("not_connected.html", {"profile": profile})
+
+
+class ConnectHandler(webapp.RequestHandler):
+ def get(self):
+ cookieutil = LilCookies(self, settings.COOKIE_SECRET)
+ ig_user_id = cookieutil.get_secure_cookie(name = "ig_user_id")
+
+
+ profiles = Profile.all()
+ profiles.filter("ig_user_id =", ig_user_id)
+ profile = profiles.get()
+
+ if profile and profile.db_access_token_key and \
+ profile.db_access_token_secret:
+ self.redirect("/")
+ elif profile and not (profile.db_access_token_key or
+ profile.db_access_token_secret):
+ self.redirect("/dropbox/auth")
+ else:
+ self.redirect("/instagram/auth")
23 instadrop/models.py
@@ -0,0 +1,23 @@
+from google.appengine.ext import db
+
+
+class Profile(db.Model):
+ full_name = db.StringProperty()
+ ig_user_id = db.StringProperty()
+ ig_username = db.StringProperty()
+ ig_access_token = db.StringProperty()
+ db_oauth_token_key = db.StringProperty()
+ db_oauth_token_secret = db.StringProperty()
+ db_access_token_key = db.StringProperty()
+ db_access_token_secret = db.StringProperty()
+
+ def dropbox_connected(self):
+ return (self.db_access_token_key and self.db_access_token_secret)
+
+
+ def instagram_connected(self):
+ return (self.ig_access_token and self.ig_user_id)
+
+
+ def fully_connected(self):
+ return (self.dropbox_connected() and self.instagram_connected())
31 instadrop/templates/connected.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Instadrop - automatically sync your Instagram photos to Dropbox</title>
+</head>
+<body style="font-family:'Helvetica Neue'">
+ <a href="http://github.com/Instagram/Instadrop"><img style="position: absolute; top: 0; right: 0; border: 0;" src="https://assets1.github.com/img/e6bef7a091f5f3138b8cd40bc3e114258dd68ddf?repo=&url=http%3A%2F%2Fs3.amazonaws.com%2Fgithub%2Fribbons%2Fforkme_right_red_aa0000.png&path=" alt="Fork me on GitHub"></a>
+ <div style="margin:50px auto;width:550px;position:relative">
+ <h1>
+ Great news! <br/><br/>Both your Instagram
+ and Dropbox accounts are connected.
+ <br /> <br /> Starting now, every time you take a picture using
+ Instagram, it will be automatically be pushed to your Dropbox
+ &mdash; in real-time!
+ </h1>
+ <div style="position:relative">
+ <br /> <br />
+ <div style:"position:absolute;left:0">
+ <h1 style="display:inline;margin:0">*\(^o^)/*</h1>
+ </div>
+ <div style="position:absolute;right:0;margin:0">
+ Photos are placed in an "Instagram Photos" folder.
+ </div>
+ </div>
+ <br /> <br />
+ <div style="position:absolute;right:0;">
+ <h4><a href="/instagram/disconnect">Disconnect Instagram</a></h4>
+ <h4><a href="/dropbox/disconnect">Disconnect Dropbox</a></h4>
+ </div>
+ </div>
+</body>
39 instadrop/templates/not_connected.html
@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Instadrop - automatically sync your Instagram photos to Dropbox</title>
+</head>
+<body style="font-family:'Helvetica Neue'">
+ <a href="http://github.com/Instagram/Instadrop"><img style="position: absolute; top: 0; right: 0; border: 0;" src="https://assets1.github.com/img/e6bef7a091f5f3138b8cd40bc3e114258dd68ddf?repo=&url=http%3A%2F%2Fs3.amazonaws.com%2Fgithub%2Fribbons%2Fforkme_right_red_aa0000.png&path=" alt="Fork me on GitHub"></a>
+ <div style="margin:50px auto;width:550px;position:relative">
+ <h1>
+ {% if profile %}
+ Almost...
+ {% else %}
+ Hello there.
+ {% endif %}
+ </h1>
+ <h1>
+ Instadrop connects your Instagram account to your Dropbox. Once
+ connected Instadrop will automatically push the photos you take
+ on Instagram into your Dropbox– in real-time!
+ <br /> <br />
+ </h1>
+ {% if profile and profile.instagram_connected and not profile.dropbox_connected %}
+ <h3>
+ Great, you're almost there! We have your Instagram account
+ connected.
+ <br /> <br />
+ One last step: <a href="/dropbox/auth">connect your Dropbox account</a>.
+ </h3>
+ <div style="position:absolute;right:0">
+ <h4><a href="/instagram/disconnect">Disconnect Instagram</a></h4>
+ </div>
+ {% else %}
+ <h1>
+ Sound good? Let's get started. <br />
+ <a href="/instagram/auth">Connect your Instagram account</a>
+ </h1>
+ {% endif %}
+ </div>
+</body>
0  instagram/__init__.py
No changes.
139 instagram/handlers.py
@@ -0,0 +1,139 @@
+from google.appengine.ext import webapp
+
+import settings
+
+from instagram.client import InstagramAPI
+
+from instadrop.models import Profile
+from lilcookies import LilCookies
+
+
+class InstagramAuth(webapp.RequestHandler):
+ def get(self):
+ api = InstagramAPI(**settings.INSTAGRAM_CONFIG)
+ self.redirect(api.get_authorize_url())
+
+
+class InstagramDisconnect(webapp.RequestHandler):
+ def get(self):
+ cookieutil = LilCookies(self, settings.COOKIE_SECRET)
+ ig_user_id = cookieutil.get_secure_cookie(name = "ig_user_id")
+
+ profiles = Profile.all()
+ profiles.filter("ig_user_id =", ig_user_id)
+ profile = profiles.get()
+
+ if profile:
+ profile.delete()
+
+ self.redirect("/")
+
+
+class InstagramCallback(webapp.RequestHandler):
+ def get(self):
+ instagram_client = InstagramAPI(**settings.INSTAGRAM_CONFIG)
+
+ code = self.request.get("code")
+ access_token = instagram_client.exchange_code_for_access_token(code)
+
+ instagram_client = InstagramAPI(access_token = access_token)
+
+ user = instagram_client.user("self")
+
+ profiles = Profile.all()
+ profiles.filter("ig_user_id = ", user.id)
+ profile = (profiles.get() or Profile())
+
+ profile.full_name = (user.full_name or user.username)
+ profile.ig_user_id = user.id
+ profile.ig_username = user.username
+ profile.ig_access_token = access_token
+ profile.put()
+
+ cookieutil = LilCookies(self, settings.COOKIE_SECRET)
+ cookieutil.set_secure_cookie(
+ name = "ig_user_id",
+ value = user.id,
+ expires_days = 365)
+
+ self.redirect("/connect")
+
+
+class InstagramSubscribe(webapp.RequestHandler):
+ def get(self):
+ from urllib import urlencode
+ from httplib2 import Http
+
+ subscriptions_url = "https://api.instagram.com/v1/subscriptions"
+
+ data = {
+ "client_id": settings.INSTAGRAM_CONFIG["client_id"],
+ "client_secret": settings.INSTAGRAM_CONFIG["client_secret"],
+ "callback_url": settings.INSTAGRAM_PUSH_CALLBACK,
+ "aspect": "media",
+ "object": "user"
+ }
+
+ http_object = Http(timeout = 20)
+ response, content = http_object.request(
+ subscriptions_url, "POST", urlencode(data))
+
+
+class InstagramPushCallback(webapp.RequestHandler):
+ def get(self):
+ challenge = self.request.get("hub.challenge")
+ self.response.out.write(challenge)
+
+
+ def post(self):
+ import hashlib
+ import hmac
+ import logging
+ from StringIO import StringIO
+ from time import time
+ from urllib2 import urlopen
+ from