Example #1
0
def login(request):
    if 'openid' in request.GET or request.method == 'POST':
        form = LoginForm(request.REQUEST)
        if form.is_valid():
            client = _openid_consumer(request)
            try:
                auth_request = client.begin(form.cleaned_data['openid'])
                if QUERY_EMAIL:
                    sreg = SRegRequest()
                    sreg.requestField(field_name=SRegField.EMAIL,
                                      required=True)
                    auth_request.addExtension(sreg)
                    ax = FetchRequest()
                    ax.add(AttrInfo(AXAttribute.CONTACT_EMAIL, required=True))
                    auth_request.addExtension(ax)
                callback_url = reverse(callback)
                SocialLogin.stash_state(request)
                redirect_url = auth_request.redirectURL(
                    request.build_absolute_uri('/'),
                    request.build_absolute_uri(callback_url))
                return HttpResponseRedirect(redirect_url)
            # UnicodeDecodeError:
            # see https://github.com/necaris/python3-openid/issues/1
            except (UnicodeDecodeError, DiscoveryFailure) as e:
                if request.method == 'POST':
                    form._errors["openid"] = form.error_class([e])
                else:
                    return render_authentication_error(request)
    else:
        form = LoginForm()
    d = dict(form=form)
    return render_to_response('openid/login.html',
                              d,
                              context_instance=RequestContext(request))
Example #2
0
 def post(self, request, *args, **kwargs):
     data = dict(list(request.GET.items()) + list(request.POST.items()))
     if self.provider.endpoint:
         data['openid'] = self.provider.endpoint
     form = LoginForm(data)
     if form.is_valid():
         client = _openid_consumer(request)
         try:
             auth_request = client.begin(form.cleaned_data['openid'])
             if QUERY_EMAIL:
                 sreg = SRegRequest()
                 for name in SRegFields:
                     sreg.requestField(field_name=name, required=True)
                 auth_request.addExtension(sreg)
                 ax = FetchRequest()
                 for name in AXAttributes:
                     ax.add(AttrInfo(name, required=True))
                 auth_request.addExtension(ax)
             callback_url = reverse(self.callback_view)
             SocialLogin.stash_state(request)
             redirect_url = auth_request.redirectURL(
                 request.build_absolute_uri('/'),
                 request.build_absolute_uri(callback_url))
             return HttpResponseRedirect(redirect_url)
         # UnicodeDecodeError:
         # see https://github.com/necaris/python3-openid/issues/1
         except (UnicodeDecodeError, DiscoveryFailure) as e:
             if request.method == 'POST':
                 form._errors["openid"] = form.error_class([e])
             else:
                 return render_authentication_error(request,
                                                    self.provider.id,
                                                    exception=e)
     return render(request, self.template_name, {'form': form})
Example #3
0
def login(request):
    if 'openid' in request.GET or request.method == 'POST':
        form = LoginForm(request.REQUEST)
        if form.is_valid():
            client = _openid_consumer(request)
            try:
                auth_request = client.begin(form.cleaned_data['openid'])
                if QUERY_EMAIL:
                    sreg = SRegRequest()
                    sreg.requestField(field_name=SRegField.EMAIL, required=True)
                    auth_request.addExtension(sreg)
                    ax = FetchRequest()
                    ax.add(AttrInfo(AXAttribute.CONTACT_EMAIL,
                                    required=True))
                    auth_request.addExtension(ax)
                callback_url = reverse(callback)
                state = SocialLogin.marshall_state(request)
                callback_url = callback_url + '?' + urlencode(dict(state=state))
                redirect_url = auth_request.redirectURL(
                    request.build_absolute_uri('/'),
                    request.build_absolute_uri(callback_url))
                return HttpResponseRedirect(redirect_url)
            except DiscoveryFailure, e:
                if request.method == 'POST':
                    form._errors["openid"] = form.error_class([e])
                else:
                    return render_authentication_error(request)
Example #4
0
    def begin(self, request, data):
        try:
            openid_url = data['openid_url'].strip()
        except KeyError:
            messages.error(request, lang.FILL_OPENID_URL)
            raise Redirect('publicauth-login')

        # allow user to type openid provider without http:// prefix
        if not openid_url.startswith("http"):
            openid_url = "http://%s" % openid_url

        return_url = request.build_absolute_uri(
            reverse('publicauth-complete', args=[self.provider]))
        request.session['openid_return_to'] = return_url
        client = consumer.Consumer(request.session, None)

        try:
            openid_request = client.begin(openid_url)
            sreg_extra = [i for i in self.PROFILE_MAPPING]
            sreg = SRegRequest(required=sreg_extra)
            openid_request.addExtension(sreg)
            ax_msg = FetchRequest()
            for detail in self.PROFILE_MAPPING:
                ax_msg.add(AttrInfo(settings.AX_URIS[detail], required=True))
            openid_request.addExtension(ax_msg)

            redirect_url = openid_request.redirectURL(realm='http://' +
                                                      request.get_host(),
                                                      return_to=return_url)
            raise Redirect(redirect_url)

        except discover.DiscoveryFailure:
            messages.error(request, _('Could not find OpenID server'))
            raise Redirect('publicauth-login')
 def test02(self):
     interface = SQLAlchemyAXInterface()
     interface.connectionString = \
         SQLAlchemyAXInterfaceTestCase.DB_CONNECTION_STR
         
     interface.attributeNames = ('firstName', 'lastName', 'emailAddress')
     
     interface.sqlQuery = ("select firstname, lastname, emailAddress from "
                           "users where username = '******'")
     
     axReq = FetchRequest()
     
     for typeURI in interface.attributeNames:
         axReq.add(AttrInfo(typeURI, required=True))
         
     axResp = FetchResponse()
     
     authnCtx = {
         SQLAlchemyAXInterface.USERNAME_SESSION_KEYNAME: 
             SQLAlchemyAXInterfaceTestCase.USERNAME
     }
     
     interface(axReq, axResp, None, authnCtx)
     axData = axResp.getExtensionArgs()
     self.assert_(len(axData.keys()) > 0)
     print(axData)
                           
Example #6
0
    def perform_openid_auth(self, form):
        if not form.is_valid():
            return form

        request = self.request
        provider = self.provider(request)
        endpoint = form.cleaned_data["openid"]
        client = self.get_client(provider, endpoint)
        realm = self.get_realm(provider)

        auth_request = client.begin(endpoint)
        if QUERY_EMAIL:
            sreg = SRegRequest()
            for name in SRegFields:
                sreg.requestField(field_name=name, required=True)
            auth_request.addExtension(sreg)
            ax = FetchRequest()
            for name in AXAttributes:
                ax.add(AttrInfo(name, required=True))
            provider = OpenIDProvider(request)
            server_settings = provider.get_server_settings(
                request.GET.get("openid"))
            extra_attributes = server_settings.get("extra_attributes", [])
            for _, name, required in extra_attributes:
                ax.add(AttrInfo(name, required=required))
            auth_request.addExtension(ax)

        SocialLogin.stash_state(request)

        # Fix for issues 1523 and 2072 (github django-allauth)
        if "next" in form.cleaned_data and form.cleaned_data["next"]:
            auth_request.return_to_args["next"] = form.cleaned_data["next"]
        redirect_url = auth_request.redirectURL(
            realm, request.build_absolute_uri(self.get_callback_url()))
        return HttpResponseRedirect(redirect_url)
Example #7
0
    def dispatch(self, request):
        if 'openid' in request.GET or request.method == 'POST':
            form = LoginForm(
                dict(list(request.GET.items()) + list(request.POST.items())))
            if form.is_valid():
                client = _openid_consumer(request)
                try:
                    auth_request = client.begin(form.cleaned_data['openid'])
                    provider = self.provider
                    app = provider.get_app(request)

                    if QUERY_EMAIL:
                        sreg = SRegRequest()
                        for name in SRegFields:
                            sreg.requestField(field_name=name, required=True)
                        auth_request.addExtension(sreg)
                        ax = FetchRequest()
                        for name in AXAttributes:
                            ax.add(AttrInfo(name, required=True))
                        server_settings = provider.get_server_settings(
                            request.GET.get('openid'))
                        extra_attributes = server_settings.get(
                            'extra_attributes', [])
                        for _, name, required in extra_attributes:
                            ax.add(AttrInfo(name, required=required))
                        auth_request.addExtension(ax)

                    callback_url = provider.get_callback_url(request, app)
                    SocialLogin.stash_state(request)
                    # https://github.com/pennersr/django-allauth/issues/1523
                    auth_request.return_to_args['next'] = \
                        form.cleaned_data.get('next', '/')
                    redirect_url = auth_request.redirectURL(
                        request.build_absolute_uri('/'),
                        request.build_absolute_uri(callback_url))
                    return HttpResponseRedirect(redirect_url)
                # UnicodeDecodeError:
                # see https://github.com/necaris/python3-openid/issues/1
                except (UnicodeDecodeError, DiscoveryFailure) as e:
                    if request.method == 'POST':
                        form._errors["openid"] = form.error_class([e])
                    else:
                        return render_authentication_error(request,
                                                           self.provider.id,
                                                           exception=e)
        else:
            form = LoginForm(
                initial={
                    'next': request.GET.get('next'),
                    'process': request.GET.get('process')
                })
        d = dict(form=form)
        return render(request, "openid/login.html", d)
Example #8
0
def login(request):
    if 'openid' in request.GET or request.method == 'POST':
        form = LoginForm(
            dict(list(request.GET.items()) + list(request.POST.items())))
        if form.is_valid():
            client = _openid_consumer(request)
            try:
                auth_request = client.begin(form.cleaned_data['openid'])
                if QUERY_EMAIL:
                    sreg = SRegRequest()
                    for name in SRegFields:
                        sreg.requestField(field_name=name, required=True)
                    auth_request.addExtension(sreg)
                    ax = FetchRequest()
                    for name in AXAttributes:
                        ax.add(AttrInfo(name, required=True))
                    auth_request.addExtension(ax)
                callback_url = reverse(callback)
                SocialLogin.stash_state(request)
                redirect_url = auth_request.redirectURL(
                    request.build_absolute_uri('/'),
                    request.build_absolute_uri(callback_url))
                return HttpResponseRedirect(redirect_url)
            # UnicodeDecodeError:
            # see https://github.com/necaris/python3-openid/issues/1
            except (UnicodeDecodeError, DiscoveryFailure) as e:
                if request.method == 'POST':
                    form._errors["openid"] = form.error_class([e])
                else:
                    return render_authentication_error(request,
                                                       OpenIDProvider.id,
                                                       exception=e)
    else:
        form = LoginForm(initial={
            'next': request.GET.get('next'),
            'process': request.GET.get('process')
        })
    d = dict(form=form)
    return render_to_response('openid/login.html',
                              d,
                              context_instance=RequestContext(request))
 def test01InvalidQueryUsernameKey(self):
     interface = SQLAlchemyAXInterface()
     interface.connectionString = \
         SQLAlchemyAXInterfaceTestCase.DB_CONNECTION_STR
         
     interface.sqlQuery = ("select firstname from users where username = "******"'${invalidUsernameKey}'")
     
     axReq = FetchRequest()
     axResp = FetchResponse()
     
     authnCtx = {
         SQLAlchemyAXInterface.USERNAME_SESSION_KEYNAME: 
             SQLAlchemyAXInterfaceTestCase.USERNAME
     }
     
     try:
         interface(axReq, axResp, None, authnCtx)
         
     except AXInterfaceConfigError:
         pass
     else:
         self.fail("Expected AXInterfaceConfigError exception")