add validators

2022-10-05 20:51:52 -05:00 · 2022-10-05 20:51:52 -05:00 · 85c60e31e1
commit 85c60e31e1
parent 1b668c5029
1 changed files with 19 additions and 9 deletions
--- a/wp_oauth_backend/wp_oauth.py
+++ b/wp_oauth_backend/wp_oauth.py
@ -103,6 +103,18 @@ class StepwiseMathWPOAuth2(BaseOAuth2):
    def _urlopen(self, url):
        return urlopen(url).read().decode("utf-8")

+    def is_valid_user_details(self, response) -> bool:
+        if not type(response) == dict: return False
+        qc_keys = ['id', 'date_joined', 'email', 'first_name', 'fullname', 'is_staff', 'is_superuser', 'last_name', 'username']
+        if all(key in response for key in qc_keys): return True
+        return False
+
+    def is_wp_oauth_response(self, response) -> bool:
+        if not type(response) == dict: return False
+        qc_keys = ['ID' 'display_name', 'user_email', 'user_login', 'user_roles']
+        if all(key in response for key in qc_keys): return True
+        return False
+
    # override Python Social Auth default end points.
    # see https://wp-oauth.com/docs/general/endpoints/
    #
@ -135,13 +147,12 @@ class StepwiseMathWPOAuth2(BaseOAuth2):

    @user_details.setter
    def user_details(self, value: dict):
+        if self.is_valid_user_details(value):
            self._user_details = value
-
-    def is_valid_user_details(self, response) -> bool:
-        if not type(response) == dict: return False
-        qc_keys = ['id', 'date_joined', 'email', 'first_name', 'fullname', 'is_staff', 'is_superuser', 'last_name', 'username']
-        if all(key in response for key in qc_keys): return True
-        return False
+        else:
+            logger.error('user_details.setter: tried to pass an invalid object {value}'.format(
+                value=json.dumps(value, sort_keys=True, indent=4)
+            ))

    # see https://python-social-auth.readthedocs.io/en/latest/backends/implementation.html
    # Return user details from the Wordpress user account
@ -179,8 +190,7 @@ class StepwiseMathWPOAuth2(BaseOAuth2):
            # otherwise we pobably received the default response from the oauth provider based on 
            # the scopes 'basic' 'email' 'profile'. We'll check a few of the most important keys to see
            # if they exist.
-            qc_keys = ['ID' 'display_name', 'user_email', 'user_login', 'user_roles']
-            if not all(key in response for key in qc_keys):
+            if not self.is_wp_oauth_response(response):
                logger.warning('get_user_details() -  response object is missing one or more required keys: {response}'.format(
                    response=json.dumps(response, sort_keys=True, indent=4)
                ))