github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-07-06 13:11:15 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update oauthlib-3.1.1

Browse source
This commit is contained in:
JonnyWong16 2021-10-14 22:34:45 -07:00
parent e58aa40099
commit d76838a607
No known key found for this signature in database
GPG key ID: B1F1F9807184697A
64 changed files with 4329 additions and 1421 deletions
Download patch file Download diff file Expand all files Collapse all files

132
lib/oauthlib/oauth1/rfc5849/request_validator.py
View file

@ -1,4 +1,3 @@
# -*- coding: utf-8 -*-
"""
oauthlib.oauth1.rfc5849
~~~~~~~~~~~~~~
@ -6,12 +5,10 @@ oauthlib.oauth1.rfc5849
This module is an implementation of various logic needed
for signing and checking OAuth 1.0 RFC 5849 requests.
"""
from __future__ import absolute_import, unicode_literals
from . import SIGNATURE_METHODS, utils
class RequestValidator(object):
class RequestValidator:
"""A validator/datastore interaction base class for OAuth 1 providers.
@ -107,7 +104,7 @@ class RequestValidator(object):
their use more straightforward and as such it could be worth reading what
follows in chronological order.
.. _`whitelisting or blacklisting`: http://www.schneier.com/blog/archives/2011/01/whitelisting_vs.html
.. _`whitelisting or blacklisting`: https://www.schneier.com/blog/archives/2011/01/whitelisting_vs.html
"""
def __init__(self):
@ -195,7 +192,15 @@ class RequestValidator(object):
def check_realms(self, realms):
"""Check that the realm is one of a set allowed realms."""
return all((r in self.realms for r in realms))
return all(r in self.realms for r in realms)
def _subclass_must_implement(self, fn):
"""
Returns a NotImplementedError for a function that should be implemented.
:param fn: name of the function
"""
m = "Missing function implementation in {}: {}".format(type(self), fn)
return NotImplementedError(m)
@property
def dummy_client(self):
@ -219,7 +224,7 @@ class RequestValidator(object):
* ResourceEndpoint
* SignatureOnlyEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("dummy_client")
@property
def dummy_request_token(self):
@ -235,7 +240,7 @@ class RequestValidator(object):
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("dummy_request_token")
@property
def dummy_access_token(self):
@ -251,13 +256,14 @@ class RequestValidator(object):
* ResourceEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("dummy_access_token")
def get_client_secret(self, client_key, request):
"""Retrieves the client secret associated with the client key.
:param client_key: The client/consumer key.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The client secret as a string.
This method must allow the use of a dummy client_key value.
@ -286,14 +292,15 @@ class RequestValidator(object):
* ResourceEndpoint
* SignatureOnlyEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement('get_client_secret')
def get_request_token_secret(self, client_key, token, request):
"""Retrieves the shared secret associated with the request token.
:param client_key: The client/consumer key.
:param token: The request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The token secret as a string.
This method must allow the use of a dummy values and the running time
@ -318,14 +325,15 @@ class RequestValidator(object):
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement('get_request_token_secret')
def get_access_token_secret(self, client_key, token, request):
"""Retrieves the shared secret associated with the access token.
:param client_key: The client/consumer key.
:param token: The access token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The token secret as a string.
This method must allow the use of a dummy values and the running time
@ -350,13 +358,14 @@ class RequestValidator(object):
* ResourceEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("get_access_token_secret")
def get_default_realms(self, client_key, request):
"""Get the default realms for a client.
:param client_key: The client/consumer key.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The list of default realms associated with the client.
The list of default realms will be set during client registration and
@ -366,13 +375,14 @@ class RequestValidator(object):
* RequestTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("get_default_realms")
def get_realms(self, token, request):
"""Get realms associated with a request token.
:param token: The request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The list of realms associated with the request token.
This method is used by
@ -380,13 +390,14 @@ class RequestValidator(object):
* AuthorizationEndpoint
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("get_realms")
def get_redirect_uri(self, token, request):
"""Get the redirect URI associated with a request token.
:param token: The request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The redirect URI associated with the request token.
It may be desirable to return a custom URI if the redirect is set to "oob".
@ -397,13 +408,14 @@ class RequestValidator(object):
* AuthorizationEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("get_redirect_uri")
def get_rsa_key(self, client_key, request):
"""Retrieves a previously stored client provided RSA key.
:param client_key: The client/consumer key.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: The rsa public key as a string.
This method must allow the use of a dummy client_key value. Fetching
@ -420,14 +432,15 @@ class RequestValidator(object):
* ResourceEndpoint
* SignatureOnlyEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("get_rsa_key")
def invalidate_request_token(self, client_key, request_token, request):
"""Invalidates a used request token.
:param client_key: The client/consumer key.
:param request_token: The request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: None
Per `Section 2.3`__ of the spec:
@ -435,7 +448,7 @@ class RequestValidator(object):
"The server MUST (...) ensure that the temporary
credentials have not expired or been used before."
.. _`Section 2.3`: http://tools.ietf.org/html/rfc5849#section-2.3
.. _`Section 2.3`: https://tools.ietf.org/html/rfc5849#section-2.3
This method should ensure that provided token won't validate anymore.
It can be simply removing RequestToken from storage or setting
@ -446,13 +459,14 @@ class RequestValidator(object):
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("invalidate_request_token")
def validate_client_key(self, client_key, request):
"""Validates that supplied client key is a registered and valid client.
:param client_key: The client/consumer key.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
Note that if the dummy client is supplied it should validate in same
@ -482,14 +496,15 @@ class RequestValidator(object):
* ResourceEndpoint
* SignatureOnlyEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_client_key")
def validate_request_token(self, client_key, token, request):
"""Validates that supplied request token is registered and valid.
:param client_key: The client/consumer key.
:param token: The request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
Note that if the dummy request_token is supplied it should validate in
@ -516,14 +531,15 @@ class RequestValidator(object):
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_request_token")
def validate_access_token(self, client_key, token, request):
"""Validates that supplied access token is registered and valid.
:param client_key: The client/consumer key.
:param token: The access token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
Note that if the dummy access token is supplied it should validate in
@ -550,7 +566,7 @@ class RequestValidator(object):
* ResourceEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_access_token")
def validate_timestamp_and_nonce(self, client_key, timestamp, nonce,
request, request_token=None, access_token=None):
@ -561,7 +577,8 @@ class RequestValidator(object):
:param nonce: The ``oauth_nonce`` parameter.
:param request_token: Request token string, if any.
:param access_token: Access token string, if any.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
Per `Section 3.3`_ of the spec.
@ -572,7 +589,7 @@ class RequestValidator(object):
channel. The nonce value MUST be unique across all requests with the
same timestamp, client credentials, and token combinations."
.. _`Section 3.3`: http://tools.ietf.org/html/rfc5849#section-3.3
.. _`Section 3.3`: https://tools.ietf.org/html/rfc5849#section-3.3
One of the first validation checks that will be made is for the validity
of the nonce and timestamp, which are associated with a client key and
@ -600,7 +617,7 @@ class RequestValidator(object):
* ResourceEndpoint
* SignatureOnlyEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_timestamp_and_nonce")
def validate_redirect_uri(self, client_key, redirect_uri, request):
"""Validates the client supplied redirection URI.
@ -608,7 +625,8 @@ class RequestValidator(object):
:param client_key: The client/consumer key.
:param redirect_uri: The URI the client which to redirect back to after
authorization is successful.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
It is highly recommended that OAuth providers require their clients
@ -633,14 +651,15 @@ class RequestValidator(object):
* RequestTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_redirect_uri")
def validate_requested_realms(self, client_key, realms, request):
"""Validates that the client may request access to the realm.
:param client_key: The client/consumer key.
:param realms: The list of realms that client is requesting access to.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
This method is invoked when obtaining a request token and should
@ -651,7 +670,7 @@ class RequestValidator(object):
* RequestTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_requested_realms")
def validate_realms(self, client_key, token, request, uri=None,
realms=None):
@ -659,7 +678,8 @@ class RequestValidator(object):
:param client_key: The client/consumer key.
:param token: A request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:param uri: The URI the realms is protecting.
:param realms: A list of realms that must have been granted to
the access token.
@ -685,7 +705,7 @@ class RequestValidator(object):
* ResourceEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_realms")
def validate_verifier(self, client_key, token, verifier, request):
"""Validates a verification code.
@ -693,7 +713,8 @@ class RequestValidator(object):
:param client_key: The client/consumer key.
:param token: A request token string.
:param verifier: The authorization verifier string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
OAuth providers issue a verification code to clients after the
@ -716,13 +737,14 @@ class RequestValidator(object):
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("validate_verifier")
def verify_request_token(self, token, request):
"""Verify that the given OAuth1 request token is valid.
:param token: A request token string.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
This method is used only in AuthorizationEndpoint to check whether the
@ -734,14 +756,15 @@ class RequestValidator(object):
* AuthorizationEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("verify_request_token")
def verify_realms(self, token, realms, request):
"""Verify authorized realms to see if they match those given to token.
:param token: An access token string.
:param realms: A list of realms the client attempts to access.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
:returns: True or False
This prevents the list of authorized realms sent by the client during
@ -757,13 +780,14 @@ class RequestValidator(object):
* AuthorizationEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("verify_realms")
def save_access_token(self, token, request):
"""Save an OAuth1 access token.
:param token: A dict with token credentials.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
The token dictionary will at minimum include
@ -780,13 +804,14 @@ class RequestValidator(object):
* AccessTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("save_access_token")
def save_request_token(self, token, request):
"""Save an OAuth1 request token.
:param token: A dict with token credentials.
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
The token dictionary will at minimum include
@ -800,7 +825,7 @@ class RequestValidator(object):
* RequestTokenEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("save_request_token")
def save_verifier(self, token, verifier, request):
"""Associate an authorization verifier with a request token.
@ -808,7 +833,8 @@ class RequestValidator(object):
:param token: A request token string.
:param verifier A dictionary containing the oauth_verifier and
oauth_token
:param request: An oauthlib.common.Request object.
:param request: OAuthlib request.
:type request: oauthlib.common.Request
We need to associate verifiers with tokens for validation during the
access token request.
@ -820,4 +846,4 @@ class RequestValidator(object):
* AuthorizationEndpoint
"""
raise NotImplementedError("Subclasses must implement this function.")
raise self._subclass_must_implement("save_verifier")