def run(request): lang = choose_lang(request) sid = request.args.get("sid") consumer = Consumer({"sid": sid}, None) href = Href(request.url) url = href("../oid.py", {"sid": sid}) # try: info = consumer.complete(request.args, url) # <-- It crashes here. (When using an OpenID from Yahoo!) #print info.status # except Exception as e: # info = openid.consumer.consumer.Response() # info.status = e if info.status == CANCEL: return Response(get_html("oid_failure", lang), 401, mimetype="text/html") if info.status == SETUP_NEEDED: html = get_html("oid_setup_needed", lang) html = html.replace("<!-- URL -->", info.setup_url) return Response(html, 423, mimetype="text/html") if info.status == SUCCESS: display_identifier = info.getDisplayIdentifier() sregresp = SRegResponse.fromSuccessResponse(info) realoid = display_identifier if info.endpoint.canonicalID: realoid = info.endpoint.canonicalID try: nickname = sregresp.data["nickname"] except (AttributeError, KeyError): nickname = "" try: email = sregresp.data["email"] except (AttributeError, KeyError): email = "" con = SQLcon.con() cur = con.cursor() cur.execute("SELECT * FROM users WHERE openid=%s", (realoid,)) result = cur.fetchall() if result.__len__() == 0: cur.execute("INSERT INTO users (username, openid, email, first_login) VALUES (%s, %s, %s, true)", (nickname, realoid, email)) #log in cur.execute("SELECT uid FROM users WHERE openid=%s", (realoid,)) result = cur.fetchall() uid = result[0][0] #print result cur.execute("UPDATE sessions SET uid=%s WHERE sid=%s", (str(uid), sid)) cur.execute("UPDATE sessions SET oid=%s WHERE sid=%s", (realoid, sid)) con.close() return Response(get_html("oid_success", lang), 200, mimetype="text/html") #Something went wrong. #TODO: More investigation. return Response(get_html("oid_failure", lang), 500, mimetype="text/html")
def success_openid_login(request, openid_response, redirect_field_name=REDIRECT_FIELD_NAME): """ A view-helper to handle a successful OpenID authentication response. Note that this doesn't mean we've found a matching user yet. That's what this method does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the ``settings.AUTHENTICATION_BACKENDS`` list. """ #Get the OpenID URL openid_url = openid_response.identity_url sreg = SRegResponse.fromSuccessResponse(openid_response) nickname = None if sreg and sreg.has_key('nickname'): nickname = sreg.get('nickname') #Call the built in django auth function #(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list) user = authenticate(openid_url=openid_url, sreg=nickname) if user: #Log in the user with the built-in django function auth_login(request, user) #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://" + request.get_host(), user) #Do we not yet have any openids in the session? if OPENIDS_SESSION_NAME not in request.session.keys(): request.session[OPENIDS_SESSION_NAME] = [] #Eliminate any duplicate openids in the session request.session[OPENIDS_SESSION_NAME] = [ o for o in request.session[OPENIDS_SESSION_NAME] if o.openid != openid_url ] #Add this new openid to the list request.session[OPENIDS_SESSION_NAME].append( from_openid_response(openid_response)) #Get the page to redirect to redirect = request.REQUEST.get(redirect_field_name, None) if not redirect or not is_valid_redirect_url(redirect): redirect = settings.LOGIN_REDIRECT_URL return HttpResponseRedirect(redirect) else: #TODO: This should start the registration process return failure_openid_login( request, openid_url, _("The OpenID doesn't match any registered user."))
def from_openid_response(openid_response): issued = int(time.time()) openid = OpenID(openid_response.identity_url, issued, openid_response.signed_fields) if getattr(settings, 'OPENID_PAPE', False): openid.pape = PapeResponse.fromSuccessResponse(openid_response) if getattr(settings, 'OPENID_SREG', False): openid.sreg = SRegResponse.fromSuccessResponse(openid_response) if getattr(settings, 'OPENID_AX', False): openid.ax = AXFetchResponse.fromSuccessResponse(openid_response) return openid
def success_openid_login(request, openid_response, redirect_field_name=REDIRECT_FIELD_NAME): """ A view-helper to handle a successful OpenID authentication response. Note that this doesn't mean we've found a matching user yet. That's what this method does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the ``settings.AUTHENTICATION_BACKENDS`` list. """ #Get the OpenID URL openid_url = openid_response.identity_url sreg = SRegResponse.fromSuccessResponse(openid_response) nickname = None if sreg and sreg.has_key('nickname'): nickname = sreg.get('nickname') #Call the built in django auth function #(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list) user = authenticate(openid_url=openid_url, sreg=nickname) if user: #Log in the user with the built-in django function auth_login(request, user) #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://"+request.get_host(), user) #Do we not yet have any openids in the session? if OPENIDS_SESSION_NAME not in request.session.keys(): request.session[OPENIDS_SESSION_NAME] = [] #Eliminate any duplicate openids in the session request.session[OPENIDS_SESSION_NAME] = [o for o in request.session[OPENIDS_SESSION_NAME] if o.openid != openid_url] #Add this new openid to the list request.session[OPENIDS_SESSION_NAME].append(from_openid_response(openid_response)) #Get the page to redirect to redirect = request.REQUEST.get(redirect_field_name, None) if not redirect or not is_valid_redirect_url(redirect): redirect = settings.LOGIN_REDIRECT_URL return HttpResponseRedirect(redirect) else: #TODO: This should start the registration process return failure_openid_login(request, openid_url, _("The OpenID doesn't match any registered user."))
def from_openid_response(openid_response): issued = int(time.time()) return OpenID( openid_response.identity_url, issued, openid_response.signed_fields, SRegResponse.fromSuccessResponse(openid_response) )