|
1 | 1 | import uuid |
| 2 | +import six |
2 | 3 |
|
3 | 4 |
|
4 | 5 | from rs_grading import _try_to_send_lti_grade |
5 | | -import oauth |
6 | | -import oauth_store |
| 6 | +import oauth2 |
7 | 7 |
|
8 | 8 |
|
9 | 9 | # For some reason, URL query parameters are being processed twice by Canvas and returned as a list, like [23, 23]. So, just take the first element in the list. |
@@ -63,20 +63,26 @@ def index(): |
63 | 63 | masterapp = 'welcome' |
64 | 64 | session.connect(request, response, masterapp=masterapp, db=db) |
65 | 65 |
|
66 | | - oauth_server = oauth.OAuthServer(oauth_store.LTI_OAuthDataStore(myrecord.consumer,myrecord.secret)) |
67 | | - oauth_server.add_signature_method(oauth.OAuthSignatureMethod_PLAINTEXT()) |
68 | | - oauth_server.add_signature_method(oauth.OAuthSignatureMethod_HMAC_SHA1()) |
69 | | - |
70 | | - # Use ``setting.lti_uri`` if it's defined; otherwise, use the current URI (which must be built from its components). Don't include query parameters, which causes a filure in OAuth security validation. |
71 | | - full_uri = settings.get('lti_uri', |
72 | | - '{}://{}{}'.format(request.env.wsgi_url_scheme, |
73 | | - request.env.http_host, request.url)) |
74 | | - oauth_request = oauth.OAuthRequest.from_request('POST', full_uri, None, |
75 | | - dict(request.vars), query_string=request.env.query_string) |
| 66 | + oauth_server = oauth2.Server() |
| 67 | + oauth_server.add_signature_method(oauth2.SignatureMethod_PLAINTEXT()) |
| 68 | + oauth_server.add_signature_method(oauth2.SignatureMethod_HMAC_SHA1()) |
| 69 | + |
| 70 | + # Use ``setting.lti_uri`` if it's defined; otherwise, use the current URI (which must be built from its components). Don't include query parameters, which causes a failure in OAuth security validation. |
| 71 | + full_uri = settings.get('lti_uri', '{}://{}{}'.format( |
| 72 | + request.env.wsgi_url_scheme, request.env.http_host, request.url |
| 73 | + )) |
| 74 | + oauth_request = oauth2.Request.from_request( |
| 75 | + 'POST', full_uri, None, dict(request.vars), |
| 76 | + query_string=request.env.query_string |
| 77 | + ) |
| 78 | + # Fix encoding -- the signed keys are in bytes, but the oauth2 Request constructor translates everything to a string. Therefore, they never compare as equal. ??? |
| 79 | + if isinstance(oauth_request.get('oauth_signature'), six.string_types): |
| 80 | + oauth_request['oauth_signature'] = oauth_request['oauth_signature'].encode('utf-8') |
| 81 | + consumer = oauth2.Consumer(myrecord.consumer, myrecord.secret) |
76 | 82 |
|
77 | 83 | try: |
78 | | - consumer, token, params = oauth_server.verify_request(oauth_request) |
79 | | - except oauth.OAuthError as err: |
| 84 | + oauth_server.verify_request(oauth_request, consumer, None) |
| 85 | + except oauth2.Error as err: |
80 | 86 | return dict(logged_in=False, lti_errors=["OAuth Security Validation failed:"+err.message, request.vars], |
81 | 87 | masterapp=masterapp) |
82 | 88 | consumer = None |
|
0 commit comments