From 85c60e31e1ca7b3069d7c3a575e8a02240d6ec19 Mon Sep 17 00:00:00 2001 From: lpm0073 Date: Wed, 5 Oct 2022 20:51:52 -0500 Subject: [PATCH] add validators --- wp_oauth_backend/wp_oauth.py | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/wp_oauth_backend/wp_oauth.py b/wp_oauth_backend/wp_oauth.py index 1c9d5f0..2cc36ad 100644 --- a/wp_oauth_backend/wp_oauth.py +++ b/wp_oauth_backend/wp_oauth.py @@ -103,6 +103,18 @@ class StepwiseMathWPOAuth2(BaseOAuth2): def _urlopen(self, url): return urlopen(url).read().decode("utf-8") + def is_valid_user_details(self, response) -> bool: + if not type(response) == dict: return False + qc_keys = ['id', 'date_joined', 'email', 'first_name', 'fullname', 'is_staff', 'is_superuser', 'last_name', 'username'] + if all(key in response for key in qc_keys): return True + return False + + def is_wp_oauth_response(self, response) -> bool: + if not type(response) == dict: return False + qc_keys = ['ID' 'display_name', 'user_email', 'user_login', 'user_roles'] + if all(key in response for key in qc_keys): return True + return False + # override Python Social Auth default end points. # see https://wp-oauth.com/docs/general/endpoints/ # @@ -135,13 +147,12 @@ class StepwiseMathWPOAuth2(BaseOAuth2): @user_details.setter def user_details(self, value: dict): - self._user_details = value - - def is_valid_user_details(self, response) -> bool: - if not type(response) == dict: return False - qc_keys = ['id', 'date_joined', 'email', 'first_name', 'fullname', 'is_staff', 'is_superuser', 'last_name', 'username'] - if all(key in response for key in qc_keys): return True - return False + if self.is_valid_user_details(value): + self._user_details = value + else: + logger.error('user_details.setter: tried to pass an invalid object {value}'.format( + value=json.dumps(value, sort_keys=True, indent=4) + )) # see https://python-social-auth.readthedocs.io/en/latest/backends/implementation.html # Return user details from the Wordpress user account @@ -179,8 +190,7 @@ class StepwiseMathWPOAuth2(BaseOAuth2): # otherwise we pobably received the default response from the oauth provider based on # the scopes 'basic' 'email' 'profile'. We'll check a few of the most important keys to see # if they exist. - qc_keys = ['ID' 'display_name', 'user_email', 'user_login', 'user_roles'] - if not all(key in response for key in qc_keys): + if not self.is_wp_oauth_response(response): logger.warning('get_user_details() - response object is missing one or more required keys: {response}'.format( response=json.dumps(response, sort_keys=True, indent=4) ))