~ubuntuone-control-tower/ubuntu-sso-client/stable-1-0

« back to all changes in this revision

Viewing changes to ubuntu_sso/main.py

  • Committer: Tarmac
  • Author(s): Alejandro J. Cura
  • Date: 2011-12-02 19:30:27 UTC
  • mfrom: (646.1.3 timestamp-autofix-1-0)
  • Revision ID: tarmac-20111202193027-f1u4ma2pyar42qdc
Do a HEAD request on the server to get accurate timestamp (LP: #692597 & LP: #891644)

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
# Author: Natalia Bidart <natalia.bidart@canonical.com>
4
4
# Author: Alejandro J. Cura <alecu@canonical.com>
5
5
#
6
 
# Copyright 2009 Canonical Ltd.
 
6
# Copyright 2009, 2011 Canonical Ltd.
7
7
#
8
8
# This program is free software: you can redistribute it and/or modify it
9
9
# under the terms of the GNU General Public License version 3, as published
46
46
from ubuntu_sso import DBUS_IFACE_USER_NAME, DBUS_IFACE_CRED_NAME
47
47
from ubuntu_sso.keyring import Keyring, get_token_name, U1_APP_NAME
48
48
from ubuntu_sso.logger import setup_logging
 
49
from ubuntu_sso.utils import timestamp_checker
49
50
 
50
51
 
51
52
# Disable the invalid name warning, as we have a lot of DBus style names
117
118
    return creds
118
119
 
119
120
 
 
121
class TimestampedAuthorizer(OAuthAuthorizer):
 
122
    """Includes a custom timestamp on OAuth signatures."""
 
123
 
 
124
    def __init__(self, get_timestamp, *args, **kwargs):
 
125
        """Store the get_timestamp method, and move on."""
 
126
        OAuthAuthorizer.__init__(self, *args, **kwargs)
 
127
        self.get_timestamp = get_timestamp
 
128
 
 
129
    # pylint: disable=C0103,E1101
 
130
    def authorizeRequest(self, absolute_uri, method, body, headers):
 
131
        """Override authorizeRequest including the timestamp."""
 
132
        parameters = {"oauth_timestamp": self.get_timestamp()}
 
133
        oauth_request = oauth.OAuthRequest.from_consumer_and_token(
 
134
        self.consumer, self.access_token, http_url=absolute_uri,
 
135
        parameters=parameters)
 
136
        oauth_request.sign_request(
 
137
        oauth.OAuthSignatureMethod_PLAINTEXT(),
 
138
        self.consumer, self.access_token)
 
139
        headers.update(oauth_request.to_header(self.oauth_realm))
 
140
 
 
141
 
120
142
class SSOLoginProcessor(object):
121
143
    """Login and register users using the Ubuntu Single Sign On service."""
122
144
 
236
258
        if sso_service is None:
237
259
            oauth_token = oauth.OAuthToken(token['token'],
238
260
                                           token['token_secret'])
239
 
            authorizer = OAuthAuthorizer(token['consumer_key'],
 
261
            authorizer = TimestampedAuthorizer(
 
262
                                         timestamp_checker.get_faithful_time,
 
263
                                         token['consumer_key'],
240
264
                                         token['consumer_secret'],
241
265
                                         oauth_token)
242
266
            sso_service = self.sso_service_class(authorizer, self.service_url)
258
282
                           token_name=token_name)
259
283
 
260
284
        oauth_token = oauth.OAuthToken(token['token'], token['token_secret'])
261
 
        authorizer = OAuthAuthorizer(token['consumer_key'],
 
285
        authorizer = TimestampedAuthorizer(
 
286
                                     timestamp_checker.get_faithful_time,
262
287
                                     token['consumer_secret'],
263
288
                                     oauth_token)
264
289
        sso_service = self.sso_service_class(authorizer, self.service_url)
607
632
                                           credentials['consumer_secret'])
608
633
            token = oauth.OAuthToken(credentials['token'],
609
634
                                     credentials['token_secret'])
 
635
            timestamp = timestamp_checker.get_faithful_time()
 
636
            parameters = {"oauth_timestamp": timestamp}
610
637
            get_request = oauth.OAuthRequest.from_consumer_and_token
611
638
            oauth_req = get_request(oauth_consumer=consumer, token=token,
612
 
                                    http_method="GET", http_url=url)
 
639
                                    http_method="GET", http_url=url,
 
640
                                    parameters=parameters)
613
641
            oauth_req.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1(),
614
642
                                   consumer, token)
615
643
            request = urllib2.Request(url, headers=oauth_req.to_header())