class AccountController(BaseController):
geoip = GeoIP(os.path.join(config['pylons.paths']['data'], 'geoip.dat'))
openid_store = FileOpenIDStore('/var/tmp')
@require('guest')
def login(self):
login = render('account/login.tpl', slacks=True)
if request.environ['REQUEST_METHOD'] != 'POST':
return login
try:
form = LoginForm().to_python(request.POST)
except validators.Invalid, e:
return h.htmlfill(e, form=login)
try:
cons = Consumer(session=session, store=self.openid_store)
auth_request = cons.begin(form['openid_identifier'])
auth_request.addExtension(
SRegRequest(optional=['nickname', 'email']))
except DiscoveryFailure:
h.flash(_('The specified URL is not a valid OpenID end-point.'),
'error')
redirect(url(controller='account', action='login'))
host = request.headers['host']
realm = '%s://%s' % (request_config().protocol, host)
return_url = url(host=host,
controller='account',
action='login_complete')
new_url = auth_request.redirectURL(return_to=return_url, realm=realm)
redirect(new_url)
def __init__(self,
name='openid2',
file_store_path='',
app=None,
login_url='/login/',
verify_url='/login/verify/',
logout_url='/login/logout/',
openid2_yadis_url='',
openid2_logout_url='',
openid2_user_cookie_name='USER_COOKIE_NAME',
openid2_sig_cookie_name='SIG_COOKIE_NAME',
openid2_profile_cookie_name='PROFILE_COOKIE_NAME'):
self.name = name
if not file_store_path:
file_store_path = os.path.join(tempfile.gettempdir(),
'algalon-openid2')
self.file_store_path = file_store_path
self.app = app
self.login_url = login_url
self.verify_url = verify_url
self.logout_url = logout_url
self.openid2_yadis_url = openid2_yadis_url
self.openid2_logout_url = openid2_logout_url
self.openid2_user_cookie_name = openid2_user_cookie_name
self.openid2_sig_cookie_name = openid2_sig_cookie_name
self.openid2_profile_cookie_name = openid2_profile_cookie_name
self.store = FileOpenIDStore(self.file_store_path)
if app is not None:
self.init_app(app)
def openid(self):
store = FileOpenIDStore('/tmp')
oserver = openid.server.server.Server(store, '/')
oid_request = oserver.decodeRequest(request.params)
if isinstance(oid_request, openid.server.server.CheckIDRequest):
sreg_req = openid.extensions.sreg.SRegRequest.fromOpenIDRequest(
oid_request)
data = {}
for field in sreg_req.required + sreg_req.optional:
data[field] = self.data[field]
sr_resp = openid.extensions.sreg.SRegResponse.extractResponse(
sreg_req, data)
oid_response = oid_request.answer(
True, identity=self._data['identity'])
oid_response.addExtension(sr_resp)
elif isinstance(oid_request, openid.server.server.CheckAuthRequest):
oid_response = oserver.openid_check_authentication(oid_request)
pass
webresponse = oserver.encodeResponse(oid_response)
response.status_code = webresponse.code
for k, v in webresponse.headers.items():
response.headers[k] = v.encode('utf-8')
response.body = webresponse.body.encode('utf-8')
return response
def getOpenIDStore(filestore_path, table_prefix):
"""
Returns an OpenID association store object based on the database
engine chosen for this Django application.
* If no database engine is chosen, a filesystem-based store will
be used whose path is filestore_path.
* If a database engine is chosen, a store object for that database
type will be returned.
* If the chosen engine is not supported by the OpenID library,
raise ImproperlyConfigured.
* If a database store is used, this will create the tables
necessary to use it. The table names will be prefixed with
table_prefix. DO NOT use the same table prefix for both an
OpenID consumer and an OpenID server in the same database.
The result of this function should be passed to the Consumer
constructor as the store parameter.
"""
db_engine = settings.DATABASES['default']['ENGINE']
if not db_engine:
return FileOpenIDStore(filestore_path)
# get the suffix
db_engine = db_engine.split('.')[-1]
# Possible side-effect: create a database connection if one isn't
# already open.
connection.cursor()
# Create table names to specify for SQL-backed stores.
tablenames = {
'associations_table': table_prefix + 'openid_associations',
'nonces_table': table_prefix + 'openid_nonces',
}
types = {
'postgresql': sqlstore.PostgreSQLStore,
'postgresql_psycopg2': sqlstore.PostgreSQLStore,
'mysql': sqlstore.MySQLStore,
'sqlite3': sqlstore.SQLiteStore,
}
try:
s = types[db_engine](connection.connection,
**tablenames)
except KeyError:
raise ImproperlyConfigured, \
"Database engine %s not supported by OpenID library" % \
(db_engine,)
try:
s.createTables()
except (SystemExit, KeyboardInterrupt, MemoryError), e:
raise
def get_openid_request(openid_url):
"""
リダイレクト先URLとconsumerオブジェクトを返す
"""
# consumerオブジェクトを作ってリダイレクト先を取得
c = consumer.Consumer({}, FileOpenIDStore(settings.OPENID_STORE_DIR))
req = c.begin(openid_url)
return req.redirectURL(get_openid_realm(), get_openid_verify_url()), c
def main(host, port, data_path):
addr = (host, port)
httpserver = OpenIDHTTPServer(addr, ServerHandler)
# Instantiate OpenID consumer store and OpenID consumer. If you
# were connecting to a database, you would create the database
# connection and instantiate an appropriate store here.
store = FileOpenIDStore(data_path)
oidserver = server.Server(store, httpserver.base_url + 'openidserver')
httpserver.setOpenIDServer(oidserver)
httpserver.serve_forever()
def login():
"""
Authenticate a user with Google OpenID.
"""
# create new session state. should be deleted in login_complete.
session['openid_session'] = {}
# create consumer and make create request
openid_consumer = Consumer(session['openid_session'],
FileOpenIDStore('/tmp/'))
try:
auth_request = openid_consumer.begin(OPENID_ENDPOINT)
except DiscoveryFailure, df:
return render_template("500.html", error=df)
def _default_store_factory(self):
"""Default store factory that creates a filesystem store from
the configuration.
"""
app = self.app if self.app is not None else current_app
if 'OPENID_FS_STORE_PATH' not in app.config:
self.init_app(app)
from warnings import warn
warn(DeprecationWarning('init_app not called for this '
'application. This is deprecated functionality'))
path = app.config['OPENID_FS_STORE_PATH'] or self.fs_store_path
if path is None:
path = os.path.join(tempfile.gettempdir(), 'flask-openid')
return FileOpenIDStore(path)
def openid(request):
# NECESSARIAMENTE OS 3 TRECHOS DE CÓDIGO DEVEM ESTAR NESSA MESMA URL POIS O CONSUMIDOR FAZ A VERIFICACAO
# SE A URL QUE O RESPONDER EH A MESMA URL A QUAL ELE FEZ REQUISICAO, ENTAO OS RENDERS ABAIXO NAO PODEM TROCAR DE URL
endpoint_url = 'http://' + request.environ['HTTP_HOST'] + '/openid'
oidserver = server.Server(
FileOpenIDStore('/tmp/openid_session_store_server'), endpoint_url)
# TRECHO 1
# NESSE TRECHO DE CODIGO SE CRIA A ASSOCIACAO NECESSARIA NA PRIMEIRA INTERACAO COM O SERVIDOR
# ESTA ASSOCIACAO COMPOE O PARAMETRO ASSOC_HANDLE NO PRIMEIRO FORM MONTADO PELO CONSUMIDOR
if 'openid.mode' in request.POST:
if request.POST['openid.mode'] in [
'associate', 'check_authentication'
]:
oidrequest = oidserver.decodeRequest(request.POST)
oidresponse = oidserver.handleRequest(oidrequest)
webresponse = oidserver.encodeResponse(oidresponse)
return HttpResponse(webresponse.body)
# TRECHO 2
# CASO O USUARIO NAO ESTEJA LOGADO RENDERIZA A TELA DE LOGIN
# DEPOIS REDIRECIONA DE VOLTA PARA ESSA MESMA URL QUE A TRATA NOVAMENTE
if not request.session.get('username', False):
request.session['save_post'] = request.POST
return render(request, 'login.html', {'next': '/openid'})
# TRECHO 3
# NESSE TRECHO DE CODIGO O SERVIDOR ASSOCIA DADOS DO USUÁRIO NO OBJETO RESPONSE E MANDA AO CONSUMIDOR
if request.session.get('save_post', False):
saved_post_data = request.session['save_post']
del request.session['save_post']
else:
saved_post_data = request.POST
openid_request = oidserver.decodeRequest(saved_post_data)
openid_response = openid_request.answer(True, identity=None)
# addSRegResponse(openid_request, openid_response, request) # PROTOCOLO SREG
addAttributeExchangeResponse(openid_request, openid_response, request)
webresponse = oidserver.encodeResponse(openid_response)
# MONTA A URL COM QUERY STRING PARA REDIRECIONAR OS DADOS PARA O CONSUMIDOR
location = None
for header, value in webresponse.headers.iteritems():
if header == 'location':
location = value
return redirect(location)
def __init__(self, config):
self.config = config # Saves the config because Page needs it
self.encoder = json.JSONEncoder()
# The full URL of this openid server
if hasattr(config, 'server_url'):
self.base_path = '%s/' % config.server_url
else:
self.base_path = '%s/' % cherrypy.url()
# Now instantiates the OpenID Store (used for nonces and associations)
if config.store == 'filestore':
store = FileOpenIDStore(config.store_path)
elif config.store == 'dbstore':
store = DBOidStore(config.store_source)
else:
store = MemoryStore()
# Now instantiates the OpenID server
self.openid = server.Server(store, self.base_path + 'openidserver')
# Record how to get user details out...
factory = WMFactory('oid_factory')
self.userstore = factory.loadObject(config.users_store.object,
config.users_store)
# List of remote sites allowed to request auth/authz to this server
self.truststore = factory.loadObject(config.trust_store.object,
config.trust_store)
# This is a thread safe object to display web pages/forms related to
# the oid server. I put it on a separate class to avoid blowing
# the main class with html code.
self.webpages = OidServerWebPages()
# *** Should enable cherrypy session somewhere... sorry
cherrypy.config.update({
'tools.sessions.on': True,
'tools.sessions.storage_type': 'ram',
#'tools.sessions.storage_type': "file",
#'tools.sessions.storage_path': "/tmp/oidserver-sessions",
'tools.sessions.timeout': 60,
'tools.sessions.name': 'oidserver_sid'
})
# Instantiate OpenID consumer store and OpenID consumer. If you
# were connecting to a database, you would create the database
# connection and instantiate an appropriate store here.
from openid.store.filestore import FileOpenIDStore
# Tornado always passes arguments as lists (which is a good thing).
# The OpenID library expects single values (which is naive). This
# class makes it work.
class TornadoArgumentDecoder(server.Decoder):
def decode(self, arguments):
q = {}
for key, values in arguments .items():
q[key] = values[0]
return server.Decoder.decode(self, q)
store = FileOpenIDStore("openid_data")
SERVER_ENDPOINT = server_config.external_base_url + '/openid'
USER_ID_PATH_PREFIX = "/openid/"
USER_ID_BASE = server_config.external_base_url + USER_ID_PATH_PREFIX + "%s"
OpenIDServer = server.Server(store, SERVER_ENDPOINT)
OpenIDServer.decoder = TornadoArgumentDecoder(OpenIDServer)
def quoteattr(s):
"""Helper function to escape and quote a value for inclusion in HTML.
>>> quoteattr("a b < > & c d")
'"a b < > & c d"'
"""
import urllib
from openid.consumer.consumer import Consumer
from openid.consumer.consumer import CANCEL, FAILURE, SUCCESS
from openid.extensions.sreg import SRegRequest, SRegResponse
from openid.extensions.draft.pape5 import Request as PAPERequest, Response as PAPEResponse
from openid.store.filestore import FileOpenIDStore
from openid.yadis.discover import DiscoveryFailure
from urllib2 import HTTPError, URLError
from floof.lib.webfinger import finger
from floof.lib.stash import key_from_request
log = logging.getLogger(__name__)
openid_store = FileOpenIDStore('/var/tmp')
class OpenIDError(RuntimeError):
pass
FAKE_WEBFINGER_DOMAINS = {
# Google does support webfinger, but only if you have a vanity Google
# Profile URL, which doesn't seem to exist for Google+ users, and is
# totally different from the thing below anyway. ???????
'gmail.com': 'https://www.google.com/accounts/o8/id',
#'yahoo.com': 'http://me.yahoo.com/',
'aol.com': 'http://openid.aol.com/{0}',
'steamcommunity.com': 'http://steamcommunity.com/openid/',
'livejournal.com': 'http://{0}.livejournal.com',
'wordpress.com': 'http://{0}.wordpress.com/',
'blogger.com': 'http://{0}.blogger.com/',
def create_store(self):
"""Creates the filesystem store"""
return FileOpenIDStore(self.store_path)
def openid_server(req):
"""
This view is the actual OpenID server - running at the URL pointed to by
the <link rel="openid.server"> tag.
"""
host = get_base_uri(req)
try:
# if we have django_openid_auth in applications directory
# then we can use DjangoOpenIDStore
from django_openid_auth.store import DjangoOpenIDStore
store = DjangoOpenIDStore()
except:
# otherwise use FileOpenIDStore
OPENID_FILESTORE = '/tmp/openid-filestore'
from openid.store.filestore import FileOpenIDStore
store = FileOpenIDStore(OPENID_FILESTORE)
server = Server(store,
op_endpoint="%s%s" %
(host, reverse('openid-provider-root')))
# Clear AuthorizationInfo session var, if it is set
if req.session.get('AuthorizationInfo', None):
del req.session['AuthorizationInfo']
querydict = dict(req.REQUEST.items())
try:
orequest = server.decodeRequest(querydict)
except:
L.exception("Request decode failed")
orequest = None
if not orequest:
orequest = req.session.get('OPENID_REQUEST', None)
if not orequest:
# not request, render info page:
return render_to_response('openid_provider/server.html', {
'host': host,
},
context_instance=RequestContext(req))
else:
# remove session stored data:
del req.session['OPENID_REQUEST']
if orequest.mode in ("checkid_immediate", "checkid_setup"):
if not req.user.is_authenticated():
return landing_page(req, orequest)
openid = openid_is_authorized(req, orequest.identity,
orequest.trust_root)
if openid is not None:
oresponse = orequest.answer(
True,
identity="%s%s" %
(host, reverse('openid-provider-identity',
args=[openid.openid])))
sreg_data = {'nickname': req.user.username}
sreg_req = sreg.SRegRequest.fromOpenIDRequest(orequest)
sreg_resp = sreg.SRegResponse.extractResponse(sreg_req, sreg_data)
oresponse.addExtension(sreg_resp)
elif orequest.immediate:
raise Exception('checkid_immediate mode not supported')
else:
req.session['OPENID_REQUEST'] = orequest
return HttpResponseRedirect(reverse('openid-provider-decide'))
else:
oresponse = server.handleRequest(orequest)
webresponse = server.encodeResponse(oresponse)
return django_response(webresponse)
def getOpenIDStore(filestore_path, table_prefix):
"""
Returns an OpenID association store object based on the database
engine chosen for this Django application.
* If no database engine is chosen, a filesystem-based store will
be used whose path is filestore_path.
* If a database engine is chosen, a store object for that database
type will be returned.
* If the chosen engine is not supported by the OpenID library,
raise ImproperlyConfigured.
* If a database store is used, this will create the tables
necessary to use it. The table names will be prefixed with
table_prefix. DO NOT use the same table prefix for both an
OpenID consumer and an OpenID server in the same database.
The result of this function should be passed to the Consumer
constructor as the store parameter.
"""
db_engine = settings.DATABASES["default"]["ENGINE"]
if not db_engine:
return FileOpenIDStore(filestore_path)
# get the suffix
db_engine = db_engine.split(".")[-1]
# Possible side-effect: create a database connection if one isn't
# already open.
connection.cursor()
# Create table names to specify for SQL-backed stores.
tablenames = {
"associations_table": table_prefix + "openid_associations",
"nonces_table": table_prefix + "openid_nonces",
}
types = {
"postgresql": sqlstore.PostgreSQLStore,
"postgresql_psycopg2": sqlstore.PostgreSQLStore,
"mysql": sqlstore.MySQLStore,
"sqlite3": sqlstore.SQLiteStore,
}
try:
s = types[db_engine](connection.connection, **tablenames)
except KeyError:
raise ImproperlyConfigured(
"Database engine %s not supported by OpenID library" %
(db_engine, ))
try:
s.createTables()
except (SystemExit, KeyboardInterrupt, MemoryError) as e:
raise e
except:
# XXX This is not the Right Way to do this, but because the
# underlying database implementation might differ in behavior
# at this point, we can't reliably catch the right
# exception(s) here. Ideally, the SQL store in the OpenID
# library would catch exceptions that it expects and fail
# silently, but that could be bad, too. More ideally, the SQL
# store would not attempt to create tables it knows already
# exists.
pass
return s
def get_consumer(session):
if not settings.OPENID_STORE_ROOT:
raise Exception('OPENID_STORE_ROOT is not set')
return Consumer(session, FileOpenIDStore(settings.OPENID_STORE_ROOT))
try:
from openid.store.filestore import FileOpenIDStore
from openid.server import server as OpenIDServer
from openid.message import Message
from openid import sreg
except ImportError, e:
msg = ('Could not find the JanRain OpenId libraries in:\n' +
'\n'.join(sys.path))
data['openid_error'] = msg
return False
# initialize the OpenID server
global oidserver
if not oidserver:
try:
store = FileOpenIDStore(config['datadir'])
endpoint = config.get('openid_trigger', DEFAULT_TRIGGER)
oidserver = OpenIDServer.Server(store, endpoint)
except Exception:
exception = traceback.format_exception(*sys.exc_info())
msg = 'Error initializing OpenID server:\n' + '\n'.join(exception)
data['openid_error'] = msg
return False
return True
def verify_installation(request):
if not request.getConfiguration().has_key('openid_password'):
print 'The openid_password config variable is not set.'
return False
],
"sort_order": 0,
}
except:
# silently fail if any of the settings aren't set
pass
########################################
class UserCancelledAuthentication(Exception):
pass
from openid.store.filestore import FileOpenIDStore
openid_store = FileOpenIDStore("/tmp/openid")
def openid2_get_redirect(request, provider, callback, scope, mode):
xrds = urllib.urlopen(providers[provider]["xrds"])
if xrds.getcode() != 200:
raise Exception("OpenID Failed: Invalid response from " +
providers[provider]["displayname"] +
" on obtaining a XRDS information: " + xrds.read())
xrds = xrds.read()
from openid.consumer.consumer import Consumer
from openid.consumer.discover import OpenIDServiceEndpoint
service = OpenIDServiceEndpoint.fromXRDS(providers[provider]["xrds"],
xrds)[0]
class AccountsController(BaseController):
openid_store = FileOpenIDStore('/var/tmp')
def _bail(self, reason):
# Used for bailing on a login attempt; reshows the login page
c.error = reason
c.attempted_openid = request.params.get('openid_identifier', '')
return render('/users/login.mako')
def login(self):
c.error = None
c.attempted_openid = None
return render('/users/login.mako')
def login_begin(self):
"""Step one of logging in with OpenID; we redirect to the provider"""
cons = Consumer(session=session, store=self.openid_store)
try:
openid_url = request.params['openid_identifier']
except KeyError:
return self._bail("Gotta enter an OpenID to log in.")
try:
auth_request = cons.begin(openid_url)
except DiscoveryFailure:
return self._bail(
"Can't connect to '{0}'. You sure it's an OpenID?".format(
openid_url))
sreg_req = SRegRequest(optional=[
'nickname', 'email', 'dob', 'gender', 'country', 'language',
'timezone'
])
auth_request.addExtension(sreg_req)
host = request.headers['host']
protocol = request_config().protocol
return_url = url(host=host,
controller='accounts',
action='login_finish')
new_url = auth_request.redirectURL(return_to=return_url,
realm=protocol + '://' + host)
redirect(new_url)
def login_finish(self):
"""Step two of logging in; the OpenID provider redirects back here."""
cons = Consumer(session=session, store=self.openid_store)
host = request.headers['host']
return_url = url(host=host,
controller='accounts',
action='login_finish')
res = cons.complete(request.params, return_url)
if res.status == CANCEL:
# I guess.. just.. back to the homepage?
h.flash(u"""Login canceled.""", icon='user-silhouette')
redirect(url('/'))
elif res.status != SUCCESS:
return 'Error! %s' % res.message
try:
# Grab an existing user record, if one exists
q = meta.Session.query(users_model.User) \
.filter(users_model.User.openids.any(openid=res.identity_url))
user = q.one()
except NoResultFound:
# Try to pull a name out of the SReg response
sreg_res = SRegResponse.fromSuccessResponse(res)
try:
username = sreg_res['nickname']
except (KeyError, TypeError):
# KeyError if sreg has no nickname; TypeError if sreg is None
username = '******'
# Create db records
user = users_model.User(name=username)
meta.Session.add(user)
openid = users_model.OpenID(openid=res.identity_url)
user.openids.append(openid)
meta.Session.commit()
# Remember who's logged in, and we're good to go
session['user_id'] = user.id
session.save()
h.flash(u"""Hello, {0}!""".format(user.name), icon='user')
redirect(url('/'), code=303)
@authenticate_form
def logout(self):
"""Logs the user out."""
if 'user_id' in session:
del session['user_id']
session.save()
h.flash(u"""Logged out.""", icon='user-silhouette')
redirect(url('/'), code=303)
def cgi_main():
logger.html_mode()
global config
cgi_request = CGIParser()
response = CGIResponse()
# Load configuration
config_file = ConfigManager.find_config_file()
if not config_file:
logger.error("No configuration file found")
response.type = "no_config"
response.output(None)
return
else:
try:
config = ConfigManager(config_file)
except configparser.ParsingError as e:
logger.error("Unable to parse config file: {0}".format(err))
response.error = "Error parsing poit configuration file"
if config:
# Make sure an endpoint is set
endpoint = config.get_option("server", "endpoint")
if not endpoint:
endpoint = cgi_request.self_uri(https=config.force_https())
config.set_option("server", "endpoint", endpoint, save=False)
logger.debug("Endpoint: " + endpoint)
ostore = FileOpenIDStore(os.path.expanduser(config.get_option("server", "session_dir")))
oserver = OpenIDServer(ostore, endpoint)
logger.debug("Initialized server")
else:
# Stilll need to create a OpenIDServer to parse the request
ostore = MemoryStore()
oserver = OpenIDServer(ostore, "")
logger.debug("Initialized dummy server")
# Decode request
try:
request = oserver.decodeRequest(cgi_request.openid)
except server.ProtocolError as err:
logger.warn("Not an OpenID request: " + str(err))
request = None
session = Session(cgi_request)
# Redirect to HTTPS if required
if (not session.is_secure()) and config.force_https() and ((not request) or type(request) == CheckIDRequest):
response.redirect_url = "{endpoint}?{fields}".format(
endpoint=re.sub("^http:", "https:", endpoint), fields=urllib.urlencode(cgi_request.openid)
)
response.output(session)
return
action = PoitAction.from_request(cgi_request.post)
logger.debug("Action: " + str(action))
if action and action.type == "authenticate" and not session.authenticated:
session.authenticated = True
if request:
handle_openid(session, oserver, request, response, action)
else:
handle_normal(session, response, action)
config.save()
ostore.cleanup()
response.output(session)
from werkzeug.exceptions import BadRequestKeyError
from openid.extensions import sreg
from openid.server import server
from openid.store.filestore import FileOpenIDStore
PROJECT_ROOT = os.path.dirname(os.path.realpath(__file__))
with open(os.path.join(PROJECT_ROOT, 'config.yml'), 'r') as fh:
config = yaml.load(fh.read())
app = Flask(__name__,
static_folder=os.path.join(PROJECT_ROOT, 'static'),
static_url_path='/static')
app.secret_key = os.environ.get('SESSION_KEY')
store = FileOpenIDStore('sstore')
if 'SERVER_NAME' in os.environ:
base_url = os.environ['SERVER_NAME']
else:
port = os.environ.get('PORT', '5000')
base_url = 'http://localhost:' + port + '/'
oidserver = server.Server(store, base_url + 'openidserver')
if 'error_emails' in config and not app.debug:
email_config = config['error_emails']
if 'EMAIL_PASSWORD' in os.environ:
credentials = (os.environ['EMAIL_USERNAME'],
os.environ['EMAIL_PASSWORD'])
else:
credentials = None
def getOpenIDStore(filestore_path, table_prefix):
"""
Returns an OpenID association store object based on the database
engine chosen for this Django application.
* If no database engine is chosen, a filesystem-based store will
be used whose path is filestore_path.
* If a database engine is chosen, a store object for that database
type will be returned.
* If the chosen engine is not supported by the OpenID library,
raise ImproperlyConfigured.
* If a database store is used, this will create the tables
necessary to use it. The table names will be prefixed with
table_prefix. DO NOT use the same table prefix for both an
OpenID consumer and an OpenID server in the same database.
The result of this function should be passed to the Consumer
constructor as the store parameter.
"""
if not settings.DATABASES.get('default', {'ENGINE': None}).get('ENGINE'):
return FileOpenIDStore(filestore_path)
# Possible side-effect: create a database connection if one isn't
# already open.
connection.cursor()
# Create table names to specify for SQL-backed stores.
tablenames = {
'associations_table': table_prefix + 'openid_associations',
'nonces_table': table_prefix + 'openid_nonces',
}
types = {
'django.db.backends.postgresql': sqlstore.PostgreSQLStore,
'django.db.backends.mysql': sqlstore.MySQLStore,
'django.db.backends.sqlite3': sqlstore.SQLiteStore,
}
engine = settings.DATABASES.get('default', {'ENGINE': None}).get('ENGINE')
try:
s = types[engine](connection.connection, **tablenames)
except KeyError:
raise ImproperlyConfigured(
"Database engine %s not supported by OpenID library" % engine)
try:
s.createTables()
except Exception:
# XXX This is not the Right Way to do this, but because the
# underlying database implementation might differ in behavior
# at this point, we can't reliably catch the right
# exception(s) here. Ideally, the SQL store in the OpenID
# library would catch exceptions that it expects and fail
# silently, but that could be bad, too. More ideally, the SQL
# store would not attempt to create tables it knows already
# exists.
pass
return s
def __init__(self):
store_loc = os.path.join(os.path.dirname(__file__), 'openid store')
self.store = FileOpenIDStore(store_loc)
self.openid = server.Server(self.store, self.endpoint_url)
def get_consumer(session):
if not settings.SCIPIO_STORE_ROOT:
raise OpenIdSetupError('SCIPIO_STORE_ROOT is not set')
return Consumer(session, FileOpenIDStore(settings.SCIPIO_STORE_ROOT))
"sort_order": 0,
}
except:
# silently fail if any of the settings aren't set
pass
########################################
class UserCancelledAuthentication(Exception):
pass
try:
from openid.store.filestore import FileOpenIDStore
openid_store = FileOpenIDStore(
getattr(settings, "OPENID_TEMP_FOLDER", "/tmp/openid"))
except ImportError:
# allow for this library to not be installed
pass
def openid2_get_redirect(request, provider, callback, scope, mode):
xrds = urllib.request.urlopen(providers[provider]["xrds"])
if xrds.getcode() != 200:
raise Exception("OpenID Failed: Invalid response from " +
providers[provider]["displayname"] +
" on obtaining a XRDS information: " + xrds.read())
xrds = xrds.read()
from openid.consumer.consumer import Consumer
from openid.consumer.discover import OpenIDServiceEndpoint
MY_HOST = 'icardea-server.lksdom21.lks.local'
try:
from mod_wsgi import version
# Running as wsgi application!
# we assume that this wsgi application has been already "mounted"
# in the '/idp' sub dir in the Apache configuration file.
server_base_url = 'https://%s/idp' % (MY_HOST,)
idp_app = app
idp_app.catchall = False
except:
PORT = 4545
server_base_url = 'https://%s/idp' % (MY_HOST, )
idp_app = bottle.default_app.push()
idp_app.mount(app, '/idp')
oserver = server.Server(FileOpenIDStore(os.path.join(APP_HOME, "openid_sessions")),
server_base_url + '/openidserver')
session_opts = {
'session.type': 'dbm',
'session.cookie_expires': 3600,
'session.data_dir': os.path.join(APP_HOME, 'sessions'),
'session.key': 'icardea_idp_sid',
'session.secret': COOKIE_SECRET,
'session.auto': True
}
application = SessionMiddleware(idp_app, session_opts)
def run_standalone_server():
print """=======================================================
iCARDEA OpenID Provider is about to launch...
It will %s contact the Windows Domain Controller and Active Directory
payments = [{"37336240": ["e27c8af05d7b1b2a3af83cfed01fa76c"]}]
payments1 = [{"37336240": ["e27c8af05d7b1b2a3af83cfed01fa76c"]},{"1111": ["2222"]}]
received_soc_user = {'uid':'uid', 'first_name':'first_name', 'last_name':'last_name'}
user_doc = {'_id':'pc_user','models':['1','2'],'pc_key':base36.gen_id(), 'payments':payments}
stored_soc_user_doc_res = {'rows':[{'doc':{'_id':'some_id','models':['3','4'],'pc_key':base36.gen_id(), 'payments':payments1}}]}
res.mergeUsers(stored_soc_user_doc_res, received_soc_user, user_doc, TestRequest())
import tempfile
from openid.consumer.consumer import Consumer, SUCCESS, DiscoveryFailure
from openid.store.filestore import FileOpenIDStore
from openid.extensions import ax
STORAGE = FileOpenIDStore(tempfile.gettempdir())
ROOT = 'http://buildpc.ru'
RETURN_TO = ROOT+'/openid'
AXINFO = {
'email': 'http://axschema.org/contact/email',
'nickname': 'http://axschema.org/namePerson/friendly',
'namePerson':'http://axschema.org/namePerson'
}
REDIRECTED_USERS = {}
PASSED_USERS = {}
class OpenId(Resource):
def render_GET(self, request):
janrain_nonce = request.args.get('janrain_nonce', [None])[0]
