added updated version of oauthlib

[twitter-api-cdsw] / oauthlib / oauth1 / rfc5849 / __init__.py

diff --git a/oauthlib/oauth1/rfc5849/__init__.py b/oauthlib/oauth1/rfc5849/__init__.py
index ad9713cda3edc9fb1a9b7b4ef235d2a36ed40076..56b8c6f20c964ea97f7890509a6ecb1a8a056917 100644 (file)
--- a/oauthlib/oauth1/rfc5849/__init__.py
+++ b/oauthlib/oauth1/rfc5849/__init__.py
@@ -7,7 +7,8 @@ This module is an implementation of various logic needed
 for signing and checking OAuth 1.0 RFC 5849 requests.
 """
 from __future__ import absolute_import, unicode_literals
 for signing and checking OAuth 1.0 RFC 5849 requests.
 """
 from __future__ import absolute_import, unicode_literals

-
+import base64
+import hashlib

 import logging
 log = logging.getLogger(__name__)
 
 import logging
 log = logging.getLogger(__name__)
 


@@ -101,10 +102,6 @@ class Client(object):
         self.nonce = encode(nonce)
         self.timestamp = encode(timestamp)
 
         self.nonce = encode(nonce)
         self.timestamp = encode(timestamp)
 

-        if self.signature_method == SIGNATURE_RSA and self.rsa_key is None:
-            raise ValueError(
-                'rsa_key is required when using RSA signature method.')
-

     def __repr__(self):
         attrs = vars(self).copy()
         attrs['client_secret'] = '****' if attrs['client_secret'] else None
     def __repr__(self):
         attrs = vars(self).copy()
         attrs['client_secret'] = '****' if attrs['client_secret'] else None


@@ -176,6 +173,16 @@ class Client(object):
         if self.verifier:
             params.append(('oauth_verifier', self.verifier))
 
         if self.verifier:
             params.append(('oauth_verifier', self.verifier))
 

+        # providing body hash for requests other than x-www-form-urlencoded
+        # as described in http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html
+        # 4.1.1. When to include the body hash
+        #    *  [...] MUST NOT include an oauth_body_hash parameter on requests with form-encoded request bodies
+        #    *  [...] SHOULD include the oauth_body_hash parameter on all other requests.
+        content_type = request.headers.get('Content-Type', None)
+        content_type_eligible = content_type and content_type.find('application/x-www-form-urlencoded') < 0
+        if request.body is not None and content_type_eligible:
+            params.append(('oauth_body_hash', base64.b64encode(hashlib.sha1(request.body.encode('utf-8')).digest()).decode('utf-8')))
+

         return params
 
     def _render(self, request, formencode=False, realm=None):
         return params
 
     def _render(self, request, formencode=False, realm=None):