cK$ndZddlZddlmZddlmZddlmZeje Z Gdd eZ y) aV oauthlib.oauth1.rfc5849.endpoints.request_token ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This module is an implementation of the request token provider logic of OAuth 1.0 RFC 5849. It validates the correctness of request token requests, creates and persists tokens as well as create the proper response to be returned to the client. N) urlencode)errors) BaseEndpointc(eZdZdZdZ ddZdZy)RequestTokenEndpointaAn endpoint responsible for providing OAuth 1 request tokens. Typical use is to instantiate with a request validator and invoke the ``create_request_token_response`` from a view function. The tuple returned has all information necessary (body, status, headers) to quickly form and return a proper response. See :doc:`/oauth1/validator` for details on which validator methods to implement for this endpoint. c|j|jdd}|j||jj||t |j S)zCreate and save a new request token. :param request: OAuthlib request. :type request: oauthlib.common.Request :param credentials: A dict of extra token credentials. :returns: The token as an urlencoded string. true) oauth_tokenoauth_token_secretoauth_callback_confirmed)token_generatorupdaterequest_validatorsave_request_tokenritems)selfrequest credentialstokens Q/usr/lib/python3/dist-packages/oauthlib/oauth1/rfc5849/endpoints/request_token.pycreate_request_tokenz)RequestTokenEndpoint.create_request_token s[ //1"&"6"6"8(.   [! 11%A''Ncddi} |j||||}|j|\}} |r|j||xsi} || dfSiddfS#tj$r#} || j | j fcYd} ~ Sd} ~ wwxYw)aCreate a request token response, with a new request token if valid. :param uri: The full URI of the token request. :param http_method: A valid HTTP verb, i.e. GET, POST, PUT, HEAD, etc. :param body: The request body as a string. :param headers: The request headers as a dict. :param credentials: A list of extra credentials to include in the token. :returns: A tuple of 3 elements. 1. A dict of headers to set on the response. 2. The response body as a string. 3. The response status code as an integer. An example of a valid request:: >>> from your_validator import your_validator >>> from oauthlib.oauth1 import RequestTokenEndpoint >>> endpoint = RequestTokenEndpoint(your_validator) >>> h, b, s = endpoint.create_request_token_response( ... 'https://your.provider/request_token?foo=bar', ... headers={ ... 'Authorization': 'OAuth realm=movies user, oauth_....' ... }, ... credentials={ ... 'my_specific': 'argument', ... }) >>> h {'Content-Type': 'application/x-www-form-urlencoded'} >>> b 'oauth_token=lsdkfol23w54jlksdef&oauth_token_secret=qwe089234lkjsdf&oauth_callback_confirmed=true&my_specific=argument' >>> s 200 An response to invalid request would have a different body and status:: >>> b 'error=invalid_request&description=missing+callback+uri' >>> s 400 The same goes for an an unauthorized request: >>> b '' >>> s 401 z Content-Typez!application/x-www-form-urlencodedNi)_create_requestvalidate_request_token_requestrr OAuth1Error urlencoded status_code) ruri http_methodbodyheadersr resp_headersrvalidprocessed_requestres rcreate_request_token_responsez2RequestTokenEndpoint.create_request_token_response1s`'(KL  =**3 T7KG'+'J'J( $E$11';;L"M#UC//4}$!! =q}}< < =s$AA AB#B;BBc|j||j||jr!|jjd|_n+|j j |j||_|j j|jsDtjdj|j|j j|jstjd|j j|j|j|j||j sd|fS|j j#|j|}|s|j j$|_|j j'|j|j|}|j j)|j|j|}|js t+d|j-|}||j.d<||j.d <||j.d <||j.d <t1||||f}|smt2j5d t2j5d |t2j5d|t2j5d|t2j5d|||fS)aJValidate a request token request. :param request: OAuthlib request. :type request: oauthlib.common.Request :raises: OAuth1Error if the request is invalid. :returns: A tuple of 2 elements. 1. The validation result (True or False). 2. The request object.  z#Invalid realm {}. Allowed are {!r}.) descriptionzMissing callback URI.) request_tokenFzKRedirect URI must either be provided or set to a default during validation.clientrealmcallback signaturez&[Failure] request verification failed.zValid client: %s.zValid realm: %s.zValid callback: %s.zValid signature: %s.)_check_transport_security_check_mandatory_parametersr0splitrealmsrget_default_realms client_key check_realmsrInvalidRequestErrorformat redirect_urivalidate_timestamp_and_nonce timestampnonceresource_owner_keyvalidate_client_key dummy_clientvalidate_requested_realmsvalidate_redirect_uriNotImplementedError_check_signature validator_logallloginfo)rr valid_client valid_realmvalid_redirectvalid_signaturevs rrz3RequestTokenEndpoint.validate_request_token_requestns &&w/ ((1 ==$]]005GN!33FF""G-GN%%227>>B,,AHHNND$:$:$A$ACD D##,,35 5%%BB""G$5$5w}}g%88C:'> !--AA   ) !%!7!7!D!DG 0,,FF   9 //EE    4 4g?##%'OP P//8+7h')4g&,:j)-<k* {NOL M HH= > HH(, 7 HH' 5 HH*N ; HH+_ ='zr)GETNNN)__name__ __module__ __qualname____doc__rr*rrrr r s"("JN@D;=zcrr ) rTloggingoauthlib.commonrrbaser getLoggerrQrIr rUrrr[s8%g!|<|r