Skip to content
This repository
Browse code

Initial implementation of OAuth1 request signing with OAuthLib

  • Loading branch information...
commit 798dc4ae1d7033b178dc8fa3cc63cba1c985959e 1 parent 632d989
Idan Gazit authored April 12, 2012 dstufft committed May 01, 2012

Showing 2 changed files with 45 additions and 2 deletions. Show diff stats Hide diff stats

  1. 45  requests/auth.py
  2. 2  setup.py
45  requests/auth.py
@@ -11,11 +11,13 @@
11 11
 import hashlib
12 12
 
13 13
 from base64 import b64encode
  14
+from oauthlib.oauth1.rfc5849 import (Client, SIGNATURE_HMAC, SIGNATURE_RSA,
  15
+    SIGNATURE_PLAINTEXT, SIGNATURE_TYPE_AUTH_HEADER, SIGNATURE_TYPE_QUERY,
  16
+    SIGNATURE_TYPE_BODY)
14 17
 from .compat import urlparse, str
15 18
 from .utils import randombytes, parse_dict_header
16 19
 
17 20
 
18  
-
19 21
 def _basic_auth_str(username, password):
20 22
     """Returns a Basic Auth string."""
21 23
 
@@ -29,6 +31,47 @@ def __call__(self, r):
29 31
         raise NotImplementedError('Auth hooks must be callable.')
30 32
 
31 33
 
  34
+class OAuth1(AuthBase):
  35
+    """Signs the request using OAuth 1 (RFC5849)"""
  36
+    def __init__(self, client_key,
  37
+            client_secret=None,
  38
+            resource_owner_key=None,
  39
+            resource_owner_secret=None,
  40
+            callback_uri=None,
  41
+            signature_method=SIGNATURE_HMAC,
  42
+            signature_type=SIGNATURE_TYPE_AUTH_HEADER,
  43
+            rsa_key=None, verifier=None):
  44
+        self.client = Client(client_key, client_secret, resource_owner_key,
  45
+            resource_owner_secret, callback_uri, signature_method,
  46
+            signature_type, rsa_key, verifier)
  47
+
  48
+    def __call__(self, r):
  49
+        if (r.files or
  50
+            r.headers['Content-Type'] != 'application/x-www-form-urlencoded'):
  51
+
  52
+            # XXX TODO can we use body signatures with a non formencoded body?
  53
+            if self.client.signature_type == SIGNATURE_TYPE_BODY:
  54
+                raise ValueError('Body signatures may not be used with non-form-urlencoded content')
  55
+
  56
+            # Spec only specifies signing of application/x-www-form-urlencoded
  57
+            # params. Files don't get signed either.
  58
+            body = u''
  59
+            alter_body = False  # we shouldn't touch the body
  60
+        else:
  61
+            body = r.data  # OAuthLib is cool with both strings and dicts.
  62
+            if isinstance(str, body):
  63
+                # XXX gross hack. We must pass unicode...
  64
+                body = unicode(body, 'utf-8')
  65
+            alter_body = True
  66
+
  67
+        full_url, new_body, headers = self.client.sign(r.url, unicode(r.method), body, r.headers)
  68
+        r.url = full_url
  69
+        if alter_body:
  70
+            r.data = new_body
  71
+        r.headers = headers
  72
+        return r
  73
+
  74
+
32 75
 class HTTPBasicAuth(AuthBase):
33 76
     """Attaches HTTP Basic Authentication to the given Request object."""
34 77
     def __init__(self, username, password):
2  setup.py
@@ -21,7 +21,7 @@
21 21
     os.system('python tests/test_requests.py')
22 22
     sys.exit()
23 23
 
24  
-required = ['certifi>=0.0.7',]
  24
+required = ['certifi>=0.0.7','oauthlib']
25 25
 packages = [
26 26
     'requests',
27 27
     'requests.packages',

0 notes on commit 798dc4a

Please sign in to comment.
Something went wrong with that request. Please try again.