def openid_server(request):
"""
This view is the actual OpenID server - running at the URL pointed to by
the <link rel="openid.server"> tag.
"""
server = Server(get_store(request),
op_endpoint=request.build_absolute_uri(
reverse('openid-provider-root')))
# Cancellation
if 'cancel' in request.REQUEST:
if 'OPENID_REQUEST' in request.session:
return oresponse_to_response(server,
request.session['OPENID_REQUEST'].answer(False))
else:
return HttpResponseRedirect('/')
# Clear AuthorizationInfo session var, if it is set
if request.session.get('AuthorizationInfo', None):
del request.session['AuthorizationInfo']
querydict = dict(request.REQUEST.items())
try:
orequest = server.decodeRequest(querydict)
except ProtocolError, why:
logger.error('Invalid OpenID message %s' % querydict)
return oresponse_to_response(server, why)
def openid_server(request):
"""
This view is the actual OpenID server - running at the URL pointed to by
the <link rel="openid.server"> tag.
"""
server = Server(get_store(request),
op_endpoint=request.build_absolute_uri(
reverse('openid-provider-root')))
# Cancellation
if 'cancel' in request.REQUEST:
if 'OPENID_REQUEST' in request.session:
return oresponse_to_response(server,
request.session['OPENID_REQUEST'].answer(False))
else:
return HttpResponseRedirect('/')
# Clear AuthorizationInfo session var, if it is set
if request.session.get('AuthorizationInfo', None):
del request.session['AuthorizationInfo']
querydict = dict(request.REQUEST.items())
try:
orequest = server.decodeRequest(querydict)
except ProtocolError, why:
logger.error('Invalid OpenID message %s' % querydict)
return oresponse_to_response(server, why)
else:
logger.info('No OpenID request redirecting to homepage')
return HttpResponseRedirect('/')
else:
logger.info('Received OpenID request: %s' % querydict)
sreg_request = SRegRequest.fromOpenIDRequest(orequest)
logger.debug('SREG request: %s' % sreg_request.__dict__)
if orequest.mode in ("checkid_immediate", "checkid_setup"):
# User is not logged
if not request.user.is_authenticated():
# Site does not want interaction
if orequest.immediate:
logger.debug('User not logged and checkid immediate request, \
returning OpenID failure')
return oresponse_to_response(server, orequest.answer(False))
else:
# Try to login
request.session['OPENID_REQUEST'] = orequest
logger.debug('User not logged and checkid request, \
redirecting to login page')
return redirect_to_login(request, nonce='1')
else:
identity = orequest.identity
if identity != IDENTIFIER_SELECT:
exploded = urlparse.urlparse(identity)
# Allows only /openid/<user_id>
if check_exploded(exploded, request):
# We only support directed identity
logger.debug('Invalid OpenID identity %s' % identity)
return oresponse_to_response(server, orequest.answer(False))
else:
logger.info('No OpenID request redirecting to homepage')
return HttpResponseRedirect('/')
else:
logger.info('Received OpenID request: %s' % querydict)
sreg_request = SRegRequest.fromOpenIDRequest(orequest)
logger.debug('SREG request: %s' % sreg_request.__dict__)
if orequest.mode in ("checkid_immediate", "checkid_setup"):
# User is not logged
if not request.user.is_authenticated():
# Site does not want interaction
if orequest.immediate:
logger.debug('User not logged and checkid immediate request, \
returning OpenID failure')
return oresponse_to_response(server, orequest.answer(False))
else:
# Try to login
request.session['OPENID_REQUEST'] = orequest
logger.debug('User not logged and checkid request, \
redirecting to login page')
return redirect_to_login(request, nonce='1')
else:
identity = orequest.identity
if identity != IDENTIFIER_SELECT:
exploded = urlparse.urlparse(identity)
# Allows only /openid/<user_id>
if check_exploded(exploded, request):
# We only support directed identity
logger.debug('Invalid OpenID identity %s' % identity)
return oresponse_to_response(server, orequest.answer(False))
