From a1d3899a4d93c2beb18388e0ea85d19617d71251 Mon Sep 17 00:00:00 2001
From: David Baumgold <david@davidbaumgold.com>
Date: Tue, 10 Sep 2013 11:02:30 -0400
Subject: [PATCH] Use oauthlib directly for LTI module

---
 common/lib/xmodule/xmodule/lti_module.py              | 11 ++++-------
 docs/shared/requirements.txt                          |  1 +
 .../courseware/mock_lti_server/mock_lti_server.py     |  2 +-
 lms/djangoapps/courseware/tests/test_lti.py           |  9 +++++----
 requirements/edx/base.txt                             |  1 +
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/common/lib/xmodule/xmodule/lti_module.py b/common/lib/xmodule/xmodule/lti_module.py
index bc07cea97e..6a9adba929 100644
--- a/common/lib/xmodule/xmodule/lti_module.py
+++ b/common/lib/xmodule/xmodule/lti_module.py
@@ -1,15 +1,12 @@
 """
 Module that allows to insert LTI tools to page.
 
-Module uses current edx-platform 0.14.2 version of requests (oauth part).
-Please update code when upgrading requests.
-
 Protocol is oauth1, LTI version is 1.1.1:
 http://www.imsglobal.org/LTI/v1p1p1/ltiIMGv1p1p1.html
 """
 
 import logging
-import requests
+import oauthlib
 import urllib
 
 from xmodule.editing_module import MetadataOnlyEditingDescriptor
@@ -192,7 +189,7 @@ class LTIModule(LTIFields, XModule):
         Also *anonymous student id* is passed to template and therefore to LTI provider.
         """
 
-        client = requests.auth.Client(
+        client = oauthlib.oauth1.Client(
             client_key=unicode(client_key),
             client_secret=unicode(client_secret)
         )
@@ -230,8 +227,8 @@ class LTIModule(LTIFields, XModule):
         params[u'oauth_nonce'] = params[u'OAuth oauth_nonce']
         del params[u'OAuth oauth_nonce']
 
-        # 0.14.2 (current) version of requests oauth library encodes signature,
-        # with 'Content-Type': 'application/x-www-form-urlencoded'
+        # oauthlib encodes signature with
+        # 'Content-Type': 'application/x-www-form-urlencoded'
         # so '='' becomes '%3D'.
         # We send form via browser, so browser will encode it again,
         # So we need to decode signature back:
diff --git a/docs/shared/requirements.txt b/docs/shared/requirements.txt
index 6504319c0d..74c05d6d53 100644
--- a/docs/shared/requirements.txt
+++ b/docs/shared/requirements.txt
@@ -36,6 +36,7 @@ mako==0.7.3
 Markdown==2.2.1
 networkx==1.7
 nltk==2.0.4
+oauthlib==0.5.1
 paramiko==1.9.0
 path.py==3.0.1
 Pillow==1.7.8
diff --git a/lms/djangoapps/courseware/mock_lti_server/mock_lti_server.py b/lms/djangoapps/courseware/mock_lti_server/mock_lti_server.py
index ba9cea84d6..833df3a1c3 100644
--- a/lms/djangoapps/courseware/mock_lti_server/mock_lti_server.py
+++ b/lms/djangoapps/courseware/mock_lti_server/mock_lti_server.py
@@ -1,6 +1,6 @@
 from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
 import urlparse
-from requests.packages.oauthlib.oauth1.rfc5849 import signature
+from oauthlib.oauth1.rfc5849 import signature
 import mock
 from logging import getLogger
 logger = getLogger(__name__)
diff --git a/lms/djangoapps/courseware/tests/test_lti.py b/lms/djangoapps/courseware/tests/test_lti.py
index d2b4ea6867..71b5a1c3bb 100644
--- a/lms/djangoapps/courseware/tests/test_lti.py
+++ b/lms/djangoapps/courseware/tests/test_lti.py
@@ -1,6 +1,6 @@
 """LTI integration tests"""
 
-import requests
+import oauthlib
 from . import BaseTestXmodule
 from collections import OrderedDict
 import mock
@@ -11,7 +11,8 @@ class TestLTI(BaseTestXmodule):
     Integration test for lti xmodule.
 
     It checks overall code, by assuring that context that goes to template is correct.
-    As part of that, checks oauth signature generation by mocking signing function of `requests` library.
+    As part of that, checks oauth signature generation by mocking signing function
+    of `oauthlib` library.
     """
     CATEGORY = "lti"
 
@@ -43,7 +44,7 @@ class TestLTI(BaseTestXmodule):
             u'oauth_signature': mocked_decoded_signature
         }
 
-        saved_sign = requests.auth.Client.sign
+        saved_sign = oauthlib.oauth1.Client.sign
 
         def mocked_sign(self, *args, **kwargs):
             """
@@ -60,7 +61,7 @@ class TestLTI(BaseTestXmodule):
             headers[u'Authorization'] = ', '.join([k+'="'+v+'"' for k, v in old_parsed.items()])
             return None, headers, None
 
-        patcher = mock.patch.object(requests.auth.Client, "sign", mocked_sign)
+        patcher = mock.patch.object(oauthlib.oauth1.Client, "sign", mocked_sign)
         patcher.start()
         self.addCleanup(patcher.stop)
 
diff --git a/requirements/edx/base.txt b/requirements/edx/base.txt
index 61c98bf419..44ab122c94 100644
--- a/requirements/edx/base.txt
+++ b/requirements/edx/base.txt
@@ -39,6 +39,7 @@ mako==0.7.3
 Markdown==2.2.1
 networkx==1.7
 nltk==2.0.4
+oauthlib==0.5.1
 paramiko==1.9.0
 path.py==3.0.1
 Pillow==1.7.8