xauth bug was fixed

Author: akirahrkw

README.md

@@ -1,6 +1,6 @@
 python-500px
 ======
-A Python client for the 500px API, inspired by tweepy(https://github.com/tweepy/tweepy), python-instagram(https://github.com/Instagram/python-instagram)
+A Python client for 500px API, inspired by tweepy(https://github.com/tweepy/tweepy), python-instagram(https://github.com/Instagram/python-instagram)
 
 Installation
 ----

fivehundredpx/auth.py

@@ -6,7 +6,7 @@
 
 class OAuthHandler(object):
 
-    def __init__(self,consumer_key,consumer_secret,callback=None,secure=False):
+    def __init__(self,consumer_key,consumer_secret,callback=None,secure=True):
         self._consumer 	   = oauth.OAuthConsumer(consumer_key,consumer_secret)
         self._sigmethod    = oauth.OAuthSignatureMethod_HMAC_SHA1()
         self.request_token = None
@@ -28,7 +28,7 @@ def set_request_token(self, key, secret):
     def set_access_token(self, key, secret):
         self.access_token = oauth.OAuthToken(key, secret)
 
-    def _get_request_token(self):
+    def get_request_token(self):
         url = self._get_oauth_url('request_token')
         request = oauth.OAuthRequest.from_consumer_and_token(self._consumer, http_url=url, callback=self.callback)
         request.sign_request(self._sigmethod,self._consumer,None)
@@ -48,7 +48,7 @@ def apply_auth(self,url,method,headers,parameters):
 
     def get_authorization_url(self):
         try:
-            self.request_token = self._get_request_token()
+            self.request_token = self.get_request_token()
             request = oauth.OAuthRequest.from_token_and_callback(
                 token=self.request_token, http_url=self._get_oauth_url('authorize')
             )
@@ -74,6 +74,7 @@ def get_xauth_access_token(self,username,password):
             url = self._get_oauth_url('access_token',secure=True)
             request = oauth.OAuthRequest.from_consumer_and_token(
 		        oauth_consumer=self._consumer,
+                token=self.request_token,
 		        http_method='POST',
 		        http_url=url,
 		        parameters={
@@ -82,7 +83,7 @@ def get_xauth_access_token(self,username,password):
 		            'x_auth_password': password
 		        }
 		    )
-            request.sign_request(self._sigmethod,self._consumer,None)
+            request.sign_request(self._sigmethod,self._consumer,self.request_token)
             response = urlopen(Request(url,data=request.to_postdata()))
             self.access_token = oauth.OAuthToken.from_string(response.read())
             return self.access_token

tests.py

@@ -22,11 +22,9 @@
 class AuthTestCase(unittest.TestCase):
     def setUp(self):
         super(AuthTestCase, self).setUp()
-        self.consumer_key       = CONSUMER_KEY
-        self.consumer_secret    = CONSUMER_SECRET
-        self.handler            = OAuthHandler(self.consumer_key,self.consumer_secret)
+        self.handler = OAuthHandler(CONSUMER_KEY,CONSUMER_SECRET)
 
-    def _testrequesttoken(self):
+    def testrequesttoken(self):
         headers = {}
         self.handler.apply_auth('https://api.500px.com/v1/oauth/request_token', 'POST', headers, { 'oauth_callback' : 'http://localhost' })
         conn = httplib.HTTPSConnection('api.500px.com')
@@ -37,7 +35,7 @@ def _testrequesttoken(self):
         conn.close()
         print "this is your request token:\n%s" % result
 
-    def _testauthurlwithverifier(self):
+    def testauthurlwithverifier(self):
         redirect_uri = self.handler.get_authorization_url()
         print "Please visit and authorize at:\n%s" % redirect_uri
 
@@ -49,13 +47,28 @@ def _testauthurlwithverifier(self):
         print "this is your access token:\n%s" % token.key
         print "this is your access token secret:\n%s" % token.secret
 
-    def _testxauth(self):
+    def testxauth(self):
+        print "this is your token:\n"
+        print self.handler.get_request_token()
+
+        request_token = raw_input("Input request token (blank to exit): ").strip()
+        if not request_token:
+            return
+
+        request_token_secret = raw_input("Input request token secret (blank to exit): ").strip()
+        if not request_token_secret:
+            return
+
+        self.handler.set_request_token(request_token,request_token_secret)
+
         username = raw_input("Input your username (blank to exit): ").strip()
         if not username:
             return
+
         password = raw_input("Input your password (blank to exit): ").strip()
         if not password:
             return
+
         token = self.handler.get_xauth_access_token(username,password)
 
         print "this is your access token:\n%s" % token.key