I'm looking for a tutorial/example/explanation about writing a two-legged provider for OAuth in Django.
It's hard to find documentation about a OAuth provider, and even harder about a two-legged system...
I'm looking for a tutorial/example/explanation about writing a two-legged provider for OAuth in Django.
It's hard to find documentation about a OAuth provider, and even harder about a two-legged system...
'2 legged' is just normal OAuth request without an access token or access token secret. That's it. You still use the client credentials (identifier and secret) but use empty strings for the access token parameters. Depending on the server library you use, you can omit the oauth_token parameter when making the request.
I spent about 3 days trying to figure this out and wanted to provide anyone who can use it with this working example I finally got from the service I was trying to query. It wound up being extremely easy. P.S. Just because someone is using oauth 1.0 doesn't mean that you can't use the oauth2 library.
To get auth2, type pip install oauth2.
In your script, you need:
import oauth2
import time
import urllib2
def build_request(url, method='GET'):
params = {
'oauth_version': "1.0",
'oauth_nonce': oauth2.generate_nonce(),
'oauth_timestamp': int(time.time())
}
consumer = oauth2.Consumer(key='python_test',secret='your_secret')
params['oauth_consumer_key'] = consumer.key
req = oauth2.Request(method=method, url=url, parameters=params)
signature_method = oauth2.SignatureMethod_HMAC_SHA1()
req.sign_request(signature_method, consumer, None)
return req
Calling the function and viewing the output looks like this:
request = build_request('http://demo.echo360.com/ess/scheduleapi/v1/terms')
u = urllib2.urlopen(request.to_url())
print u.readlines()
This is a good starting article: http://philipsoutham.com/post/2172924723/two-legged-oauth-in-python
Two-legged OAuth for Piston: https://github.com/gregbayer/django-piston-two-legged-oauth