o RDi @sddlmZddlmZddlmZddlmZddlm Z ddl m Z ddl m Z dd lmZd e efd d Zd e efd dZd S)wraps)ImproperlyConfigured)HttpResponseForbidden)Server) OAuthLibCore)OAuth2Validator)get_scopes_backend)oauth2_settingsNc|pgfdd}|S)a Decorator to protect views by providing OAuth2 authentication out of the box, optionally with scope handling. @protected_resource() def my_view(request): # An access token is required to get here... # ... pass ctfdd}|S)NcsL}t|}|j|d\}}|r#|j|_|g|Ri|StS)Nscopes)rverify_requestuserresource_ownerr)requestargskwargs validatorcorevalid oauthlib_req_scopes server_cls validator_cls view_funcS/var/www/Datamplify/venv/lib/python3.10/site-packages/oauth2_provider/decorators.py _validates z8protected_resource..decorator.._validaterrr!rrrrr decorators z%protected_resource..decoratorrrrrr%rr#r protected_resource s  r'cr )a Decorator to protect views by providing OAuth2 authentication and read/write scopes out of the box. GET, HEAD, OPTIONS http methods require "read" scope. Otherwise "write" scope is required. @rw_protected_resource() def my_view(request): # If this is a POST, you have to provide 'write' scope to get here... # ... pass cr )Nc st}tjtjg}t|t|std||j dvr) tjn tj}t |}|j |d\}}|rR|j|_|g|Ri|StS)Nzqrw_protected_resource decorator requires following scopes {0} to be in OAUTH2_PROVIDER['SCOPES'] list in settings)GETHEADOPTIONSr)r get_all_scopesr READ_SCOPE WRITE_SCOPEsetissubsetrformatmethodupperappendrrrrr) rrrprovided_scopesread_write_scopesrrrrrrr r!:s"    z;rw_protected_resource..decorator.._validaterr"r#r$r r%9sz(rw_protected_resource..decoratorrr&rr#r rw_protected_resource*s r6) functoolsrdjango.core.exceptionsr django.httproauthlib.oauth2roauth2_backendsroauth2_validatorsr rr settingsr r'r6rrrr s