ó O'—^c@s˜ddlmZddlmZddlmZddlmZddlm Z ddl m Z ddl m Z d e ed „Zd e ed „Zd S( i˙˙˙˙(twraps(tServer(tHttpResponseForbidden(tImproperlyConfiguredi(tOAuth2Validator(t OAuthLibCore(toauth2_settingscs%|p g‰‡‡‡fd†}|S(s Decorator to protect views by providing OAuth2 authentication out of the box, optionally with scope handling. @protected_resource() def my_view(request): # An access token is required to get here... # ... pass cs(tˆƒ‡‡‡‡fd†ƒ}|S(Ncs_ˆƒ}tˆ|ƒƒ}|j|dˆƒ\}}|rX|j|_ˆ|||ŽStƒS(Ntscopes(Rtverify_requesttusertresource_ownerR(trequesttargstkwargst validatortcoretvalidt oauthlib_req(t_scopest server_clst validator_clst view_func(s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pyt _validates  (R(RR(RRR(Rs</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pyt decorators$ ((RRRR((RRRs</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pytprotected_resource s  cs%|p g‰‡‡‡fd†}|S(s† Decorator to protect views by providing OAuth2 authentication and read/write scopes out of the box. GET, HEAD, OPTIONS http methods require "read" scope. Otherwise "write" scope is required. @rw_protected_resource() def my_view(request): # If this is a POST, you have to provide 'write' scope to get here... # ... pass cs(tˆƒ‡‡‡‡fd†ƒ}|S(Nc sċtj}tjtjg}t|ƒjt|ƒƒsNtdj|ƒƒ‚n|jj ƒdkrvˆj tjƒnˆj tjƒˆƒ}t ˆ|ƒƒ}|j |dˆƒ\}}|rŜ|j |_ˆ|||ŽStƒS(Nsqrw_protected_resource decorator requires following scopes {0} to be in OAUTH2_PROVIDER['SCOPES'] list in settingstGETtHEADtOPTIONSR(RRR(Rt_SCOPESt READ_SCOPEt WRITE_SCOPEtsettissubsetRtformattmethodtuppertappendRRR R R( R R R tprovided_scopestread_write_scopesRRRR(RRRR(s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pyR7s    (R(RR(RRR(Rs</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pyR6s$((RRRR((RRRs</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pytrw_protected_resource's N(t functoolsRtoauthlib.oauth2Rt django.httpRtdjango.core.exceptionsRtoauth2_validatorsRtoauth2_backendsRtsettingsRtNoneRR'(((s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/decorators.pyts