From 142ad13515a47d8d803c93d9766359e5df5aaa14 Mon Sep 17 00:00:00 2001 From: Josue Kouka Date: Wed, 31 Jan 2018 11:19:21 +0100 Subject: [PATCH 1/3] misc: move some util functions in a utils.py file (#16842) --- fargo/oauth2/utils.py | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++ fargo/oauth2/views.py | 75 ++------------------------------------------------- 2 files changed, 77 insertions(+), 73 deletions(-) create mode 100644 fargo/oauth2/utils.py diff --git a/fargo/oauth2/utils.py b/fargo/oauth2/utils.py new file mode 100644 index 0000000..82b93e4 --- /dev/null +++ b/fargo/oauth2/utils.py @@ -0,0 +1,75 @@ +import cgi +import base64 +from urllib import unquote + +from .models import OAuth2Authorize, OAuth2Client + + +def authenticate_bearer(request): + authorization = request.META.get('HTTP_AUTHORIZATION') + if not authorization: + return False + splitted = authorization.split() + if len(splitted) < 2: + return False + if splitted[0] != 'Bearer': + return False + token = splitted[1] + try: + return OAuth2Authorize.objects.get(access_token=token) + except OAuth2Authorize.DoesNotExist: + return False + + +def authenticate_client(request, client=False): + '''Authenticate client on the token endpoint''' + + if 'HTTP_AUTHORIZATION' in request.META: + authorization = request.META['HTTP_AUTHORIZATION'].split() + if authorization[0] != 'Basic' or len(authorization) != 2: + return False + try: + decoded = base64.b64decode(authorization[1]) + except TypeError: + return False + parts = decoded.split(':') + if len(parts) != 2: + return False + client_id, client_secret = parts + elif 'client_id' in request.POST: + client_id = request.POST['client_id'] + client_secret = request.POST.get('client_secret', '') + else: + return False + if not client: + try: + client = OAuth2Client.objects.get(client_id=client_id) + except OAuth2Client.DoesNotExist: + return False + if client.client_secret != client_secret: + return False + return client + + +def get_content_disposition_value(request): + if 'HTTP_CONTENT_DISPOSITION' not in request.META: + return None, 'missing content-disposition header' + content_header = request.META['HTTP_CONTENT_DISPOSITION'] + disposition_type, filename = cgi.parse_header(content_header) + if disposition_type != 'attachement': + return None, 'wrong disposition type: attachement excpected' + if 'filename*' in filename: + encode, country, name = filename['filename*'].split("'") + + # check accepted charset from rfc 5987 + if encode == 'UTF-8': + return unquote(name.decode('utf8')), None + elif encode == 'ISO-8859-1': + return unquote(name.decode('iso-8859-1')), None + else: + return None, 'unknown encoding: UTF-8 or ISO-8859-1 allowed' + elif 'filename' in filename: + return filename['filename'], None + else: + # no filename in header + return None, 'missing filename(*) parameter in header' diff --git a/fargo/oauth2/views.py b/fargo/oauth2/views.py index 0bb7d24..f4d2633 100644 --- a/fargo/oauth2/views.py +++ b/fargo/oauth2/views.py @@ -14,10 +14,8 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . -import cgi -import base64 import urllib -from urllib import quote, unquote +from urllib import quote from django.core.files.base import ContentFile from django.core.urlresolvers import reverse @@ -28,6 +26,7 @@ from django.views.generic import FormView, TemplateView from .forms import OAuth2AuthorizeForm from .models import OAuth2Authorize, OAuth2Client, OAuth2TempFile +from .utils import authenticate_bearer, authenticate_client, get_content_disposition_value from fargo.fargo.models import UserDocument, Document @@ -140,76 +139,6 @@ def get_document(request): return response -def authenticate_bearer(request): - authorization = request.META.get('HTTP_AUTHORIZATION') - if not authorization: - return False - splitted = authorization.split() - if len(splitted) < 2: - return False - if splitted[0] != 'Bearer': - return False - token = splitted[1] - try: - return OAuth2Authorize.objects.get(access_token=token) - except OAuth2Authorize.DoesNotExist: - return False - - -def authenticate_client(request, client=False): - '''Authenticate client on the token endpoint''' - - if 'HTTP_AUTHORIZATION' in request.META: - authorization = request.META['HTTP_AUTHORIZATION'].split() - if authorization[0] != 'Basic' or len(authorization) != 2: - return False - try: - decoded = base64.b64decode(authorization[1]) - except TypeError: - return False - parts = decoded.split(':') - if len(parts) != 2: - return False - client_id, client_secret = parts - elif 'client_id' in request.POST: - client_id = request.POST['client_id'] - client_secret = request.POST.get('client_secret', '') - else: - return False - if not client: - try: - client = OAuth2Client.objects.get(client_id=client_id) - except OAuth2Client.DoesNotExist: - return False - if client.client_secret != client_secret: - return False - return client - - -def get_content_disposition_value(request): - if 'HTTP_CONTENT_DISPOSITION' not in request.META: - return None, 'missing content-disposition header' - content_header = request.META['HTTP_CONTENT_DISPOSITION'] - disposition_type, filename = cgi.parse_header(content_header) - if disposition_type != 'attachement': - return None, 'wrong disposition type: attachement excpected' - if 'filename*' in filename: - encode, country, name = filename['filename*'].split("'") - - # check accepted charset from rfc 5987 - if encode == 'UTF-8': - return unquote(name.decode('utf8')), None - elif encode == 'ISO-8859-1': - return unquote(name.decode('iso-8859-1')), None - else: - return None, 'unknown encoding: UTF-8 or ISO-8859-1 allowed' - elif 'filename' in filename: - return filename['filename'], None - else: - # no filename in header - return None, 'missing filename(*) parameter in header' - - @csrf_exempt def put_document(request): client = authenticate_client(request) -- 2.11.0