Example #1
0
def checkid_setup(registry, requestData, user=None):
	"""
	This method will validate and redirect a successful request to its
	return_to param. If the user isn't logged in, or doesn't have an account,
	we'll redirect to an internal page.
	
	@param registry: the current OpenID registry
	@type registry: L{OpenIDRegistry}
	
	@param requestData: the current request data
	@type requestData: L{OpenIDRequest}
	
	@param user: the current user
	@type user: L{txopenid.user.User}
	
	@return: association response
	@rtype: L{nevow.url.URL}
	"""
	if(user is not None):
		def _identity_state():
			return user.hasIdentity(requestData['openid.identity'])
		
		def _trust_state():
			 return user.trustsRoot(requestData['openid.trust_root'])
		
		if not(yield maybeDeferred(_identity_state)):
			return_to = util.appendQuery(OPENID_IDENTITY_URL, requestData)
		elif not(yield maybeDeferred(_trust_state)):
			return_to = util.appendQuery(OPENID_TRUST_URL, requestData)
		else:
			return_to = get_login_response(registry, requestData)
	else:
		return_to = util.appendQuery(OPENID_LOGIN_URL, requestData)
	
	returnValue(URL.fromString(return_to))
Example #2
0
	def approveIdent(self, requestData):
		"""
		Form support to approve specified identity.
		"""
		identity = requestData['openid.identity']
		
		existing_user_id = yield self.pool.getUserIdForIdentity(identity)
		if(existing_user_id):
			if(existing_user_id == self.user['id']):
				raise ValueError('You have already registered that identity.')
			else:
				raise ValueError('Another user has already registered that identity.')
		
		result = yield self.pool.saveUserIdentity(self.user, identity)
		
		if(requestData.get('openid.mode') not in (None, 'checkid_immediate')):
			for k, v in requestData.items():
				if not(k.startswith('openid.')):
					del requestData[k]
			
			return_to = util.appendQuery(protocol.OPENID_PROVIDER_URL, requestData)
			requestData.request.redirect(return_to)
			returnValue('')
		else:
			returnValue(None)
Example #3
0
	def renderHTTP(self, ctx):
		"""
		Login form processing, logged-in user and OpenID flow redirect.
		
		@see: L{nevow.inevow.IResource}
		"""
		request = inevow.IRequest(ctx)
		requestData = protocol.OpenIDRequest(request)
		
		log.msg('UserPage request: %r' % requestData)
		if(requestData.get('submit') == 'cancel'):
			return_to = requestData.get('openid.return_to', protocol.OPENID_LOGIN_URL)
			redirect = util.appendQuery(return_to, {'openid.mode':'cancel'})
			request.redirect(redirect)
			returnValue('')
		elif(requestData.get('submit') == 'login'):
			creds = credentials.UsernamePassword(requestData.get('username', ''),
												 requestData.get('password', ''))
		else:
			creds = session.getSessionCredentials(ctx)
		
		iface, user, logout = yield self.portal.login(creds, None, inevow.IResource)
		
		for k, v in requestData.items():
			if not(k.startswith('openid.')):
				del requestData[k]
		
		yield session.updateSession(self.pool, request, user)
		
		if(user):
			if('openid.mode' in requestData):
				redirect = util.appendQuery(protocol.OPENID_PROVIDER_URL, requestData)
				request.redirect(redirect)
				returnValue('')
			else:
				# This will happen if someone logs in directly, or is already logged in.
				request.redirect(protocol.OPENID_INFO_URL)
				returnValue('')
		
		result = yield maybeDeferred(super(LoginPage, self).renderHTTP, ctx)
		returnValue(result)
Example #4
0
	def approveRoot(self, requestData):
		"""
		Form support to approve specified root.
		"""
		root = requestData['openid.trust_root']
		result = yield self.pool.saveUserRoot(self.user, root)
		
		if(requestData.get('openid.mode') not in (None, 'checkid_immediate')):
			for k, v in requestData.items():
				if not(k.startswith('openid.')):
					del requestData[k]
			
			return_to = util.appendQuery(protocol.OPENID_PROVIDER_URL, requestData)
			requestData.request.redirect(return_to)
			returnValue('')
		else:
			returnValue(None)
Example #5
0
def get_login_response(registry, requestData):
	"""
	Convenience function to return a valid login response for the provided request.

	@param registry: the current OpenID registry
	@type registry: L{OpenIDRegistry}
	
	@param requestData: the current request data
	@type requestData: L{OpenIDRequest}
	
	@return: a response URL
	@rtype: str
	"""
	log.msg('[get_login_response] request: %r' % requestData)
	
	association = registry.initiate(requestData, 'openid.assoc_handle' in requestData)
	log.msg('[get_login_response] association: %r' % association)
	
	log.msg('[get_login_response] Using handle: %r' % association.handle)
	token_key = util.secret(association.handle)
	log.msg('[get_login_response] Found key: %r' % token_key)
	token_contents = util.kvstr(
		mode		= 'id_res',
		identity	= requestData['openid.identity'],
		return_to	= requestData['openid.return_to'],
	)
	
	return_dict = {
		'openid.mode'			: 'id_res',
		'openid.identity'		: requestData['openid.identity'],
		'openid.assoc_handle'	: association.handle,
		'openid.return_to'		: requestData['openid.return_to'],
		'openid.signed'			: 'identity,mode,return_to',
		'openid.sig'			: base64.b64encode(util.get_hmac(token_key, token_contents))
	}
	
	if(association.handle != requestData.get('openid.assoc_handle', association.handle)):
		log.msg("[get_login_response] Retrieved association handle doesn't match request: %r" % requestData['openid.assoc_handle'])
		return_dict['openid.invalidate_handle'] = requestData['openid.assoc_handle']
	
	return util.appendQuery(requestData['openid.return_to'], return_dict)
Example #6
0
	def _test_checkid_setup(self, setup_url, user):
		registry = TestRegistry(test_handle)
		result = yield protocol.checkid_setup(registry, TestRequest({
			'openid.mode'			: 'checkid_setup',
			'openid.identity'		: 'http://www.example.com/test',
			'openid.assoc_handle'	: test_handle,
			'openid.return_to'		: 'http://www.example.com/return',
			'openid.trust_root'		: 'http://www.example.com/trust',
		}), user=user)
		
		expecting_dict = {
			'openid.mode'			: 'checkid_setup',
			'openid.identity'		: 'http://www.example.com/test',
			'openid.assoc_handle'	: test_handle,
			'openid.return_to'		: 'http://www.example.com/return',
			'openid.trust_root'		: 'http://www.example.com/trust',
		}
		
		expecting = util.appendQuery(setup_url, expecting_dict)
		
		self.failUnless(isinstance(result, url.URL))
		self.failUnlessEqual(str(result), expecting)
Example #7
0
def checkid_immediate(registry, requestData, user=None):
	"""
	Validate the provided request.
	
	@param registry: the current OpenID registry
	@type registry: L{OpenIDRegistry}
	
	@param requestData: the current request data
	@type requestData: L{OpenIDRequest}
	
	@param user: the current user
	@type user: L{txopenid.user.User}
	
	@return: checkid response
	@rtype: L{nevow.url.URL}
	"""
	if(user is not None):
		def _identity_state():
			return user.hasIdentity(requestData['openid.identity'])
		
		def _trust_state():
			 return user.trustsRoot(requestData['openid.trust_root'])
		
		if not(yield maybeDeferred(_identity_state)):
			return_to = util.appendQuery(requestData['openid.return_to'], {
				'openid.mode':'id_res', 
				'openid.user_setup_url':util.appendQuery(OPENID_IDENTITY_URL, requestData),
			})
		elif not(yield maybeDeferred(_trust_state)):
			return_to = util.appendQuery(requestData['openid.return_to'], {
				'openid.mode':'id_res', 
				'openid.user_setup_url':util.appendQuery(OPENID_TRUST_URL, requestData),
			})
		else:
			return_to = get_login_response(registry, requestData)
	else:
		return_to = util.appendQuery(requestData['openid.return_to'], {
			'openid.mode':'id_res', 
			'openid.user_setup_url':util.appendQuery(OPENID_LOGIN_URL, requestData),
		})
	returnValue(URL.fromString(return_to))
Example #8
0
	def test_appendQuery_slash(self):
		return_to = 'http://www.example.com/some/path/'
		error = dict(error='some error occurred')
		expected = 'http://www.example.com/some/path/?error=some+error+occurred'
		got = util.appendQuery(return_to, error)
		self.failUnlessEqual(got, expected, "Got %r when expecting %r" % (got, expected))