openstack/python-keystoneclient
Code Issues Proposed changes
Files
2e7bdb872e9660178451f71b35976a980f047300
python-keystoneclient/keystoneclient/v3/contrib/oauth1/access_tokens.py
Steve Martinelli 2e7bdb872e Add request/access token and consumer support for keystoneclient 
Add support for creating request and access tokens,
and to authorize request tokens. Also adding basic CRUD for
consumer entities.

implements: bp add-oauth-support

Change-Id: I9137e3426c82c73855ae0e50317cfd6477195318
2014-03-12 16:22:44 -05:00

60 lines
2.3 KiB
Python
Raw Blame History

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import unicode_literals
import oauthlib.oauth1 as oauth1
from six.moves.urllib import parse as urlparse
from keystoneclient import base
class AccessToken(base.Resource):
pass
class AccessTokenManager(base.CrudManager):
"""Manager class for manipulating Identity OAuth Access Tokens."""
resource_class = AccessToken
def create(self, consumer_key, consumer_secret, request_key,
request_secret, verifier):
# sign the request using oauthlib
endpoint = '/OS-OAUTH1/access_token'
oauth_client = oauth1.Client(consumer_key,
client_secret=consumer_secret,
resource_owner_key=request_key,
resource_owner_secret=request_secret,
signature_method=oauth1.SIGNATURE_HMAC,
verifier=verifier)
url = self.client.auth_url + endpoint
url, headers, body = oauth_client.sign(url, http_method='POST')
# actually send the request
resp, body = self.client.post(endpoint, headers=headers)
# returned format will be:
# 'oauth_token=12345&oauth_token_secret=67890'
# with 'oauth_expires_at' possibly there, too
credentials = urlparse.parse_qs(body)
key = credentials['oauth_token'][0]
secret = credentials['oauth_token_secret'][0]
access_token = {'access_key': key, 'id': key,
'access_secret': secret}
if credentials.get('oauth_expires_at'):
expires = credentials['oauth_expires_at'][0]
access_token['expires'] = expires
return self.resource_class(self, access_token)
View Git Blame Copy Permalink