ciddlZddlmZddlmZddlmZddlmZddlmZddl m Z ddl m Z dd lmZGd d e Z d ZeeZy) N)Response)g)json)request) LocalProxy)default_json_headers)ResourceProtector) OAuth1ErrorcBeZdZdZ d dZd dZdZdZdZdZ d d Z y) r aMA protecting method for resource servers. Initialize a resource protector with the these method: 1. query_client 2. query_token, 3. exists_nonce Usually, a ``query_client`` method would look like (if using SQLAlchemy):: def query_client(client_id): return Client.query.filter_by(client_id=client_id).first() A ``query_token`` method accept two parameters, ``client_id`` and ``oauth_token``:: def query_token(client_id, oauth_token): return Token.query.filter_by( client_id=client_id, oauth_token=oauth_token ).first() And for ``exists_nonce``, if using cache, we have a built-in hook to create this method:: from authlib.integrations.flask_oauth1 import create_exists_nonce_func exists_nonce = create_exists_nonce_func(cache) Then initialize the resource protector with those methods:: require_oauth = ResourceProtector( app, query_client=query_client, query_token=query_token, exists_nonce=exists_nonce, ) Ncd||_||_||_||_|r|j |yyN) query_client query_token _exists_nonceappinit_app)selfrrr exists_nonces [/tmp/pip-target-z3e9_cxr/lib/python/authlib/integrations/flask_oauth1/resource_protector.py__init__zResourceProtector.__init__2s7)&)  MM#  c|||_|||_|||_|jj d}|rt |t tfr||_||_ y)N"OAUTH1_SUPPORTED_SIGNATURE_METHODS) rrrconfigget isinstancelisttupleSUPPORTED_SIGNATURE_METHODSr)rrrrrmethodss rrzResourceProtector.init_app=s^  # ,D   "*D   #!-D **..!EF z'D%=9/6D ,rc$|j|Sr )r)r client_ids rget_client_by_idz"ResourceProtector.get_client_by_idKs  ++rcN|j|j|jSr )rr"token)rrs rget_token_credentialz&ResourceProtector.get_token_credentialNs 1 17==AArc|js td|j}|j}|j}|j||||S)Nz$"exists_nonce" function is required.)r RuntimeError timestampr"r%)rnoncerr)r"r%s rrzResourceProtector.exists_nonceQsM!!EF F%% %%  !!%IuEErc|jtjtjtjj dtj }|jt_ |jS)NT)flat) validate_request_reqmethodurlformto_dictheaders credentialr authlib_server_oauth1_credential)rreqs racquire_credentialz$ResourceProtector.acquire_credentialZsQ## KK499#4#4$#4#? .1^^*~~rcfd}|S)NcFtjfd}|S)Nc j|i|S#t$rR}t|j}t t j ||jtcYd}~Sd}~wwxYw)N)statusr3) r7r dictget_bodyrrdumps status_coder)argskwargserrorbodyfrs r decoratedz>ResourceProtector.__call__..wrapper..decoratedcsn++-$)&))# 01D# 4($00 4s A6AA1+A61A6) functoolswraps)rDrErs` rwrapperz+ResourceProtector.__call__..wrapperbs& __Q  *  * r)rscoperHs` r__call__zResourceProtector.__call__as  r)NNNN)NNNr ) __name__ __module__ __qualname____doc__rrr#r&rr7rKrIrrr r s4!HKO  ,BFrr c,tjdS)Nr5)rrrIrr_get_current_credentialrQus 553 44r)rFflaskrrrrr.werkzeug.localrauthlib.constsrauthlib.oauth1r _ResourceProtectorauthlib.oauth1.errorsr rQcurrent_credentialrIrrrYsC!%/B-d*dN5 78r