def server(request): """ Respond to requests for the server's primary web page. """ return render( request, "server/index.html", {"user_url": reverse("server:idPage"), "server_xrds_url": getViewURL(request, idpXrds)}, )
def processTrustResult(request): """ Handle the result of a trust decision and respond to the RP accordingly. """ # Get the request from the session so we can construct the # appropriate response. openid_request = getRequest(request) # The identifier that this server can vouch for response_identity = getViewURL(request, idPage) # If the decision was to allow the verification, respond # accordingly. allowed = "allow" in request.POST # Generate a response with the appropriate answer. openid_response = openid_request.answer(allowed, identity=response_identity) # Send Simple Registration data in the response, if appropriate. if allowed: sreg_data = { "fullname": "Example User", "nickname": "example", "dob": "1970-01-01", "email": "*****@*****.**", "gender": "F", "postcode": "12345", "country": "ES", "language": "eu", "timezone": "America/New_York", } sreg_req = sreg.SRegRequest.fromOpenIDRequest(openid_request) sreg_resp = sreg.SRegResponse.extractResponse(sreg_req, sreg_data) openid_response.addExtension(sreg_resp) pape_response = pape.Response() pape_response.setAuthLevel(pape.LEVELS_NIST, 0) openid_response.addExtension(pape_response) return displayResponse(request, openid_response)
def test_unreachableRealm(self): self.request = dummyRequest() id_url = util.getViewURL(self.request, views.idPage) # Set up the OpenID request we're responding to. op_endpoint = 'http://127.0.0.1:8080/endpoint' message = Message.fromPostArgs({ 'openid.mode': 'checkid_setup', 'openid.identity': id_url, 'openid.return_to': 'http://unreachable.invalid/%s' % (self.id(),), 'openid.sreg.required': 'postcode', }) self.openid_request = CheckIDRequest.fromMessage(message, op_endpoint) views.setRequest(self.request, self.openid_request) response = views.showDecidePage(self.request, self.openid_request) self.failUnless('trust_root_valid is Unreachable' in response.content, response)
def handleCheckIDRequest(request, openid_request): """ Handle checkid_* requests. Get input from the user to find out whether she trusts the RP involved. Possibly, get intput about what Simple Registration information, if any, to send in the response. """ # If the request was an IDP-driven identifier selection request # (i.e., the IDP URL was entered at the RP), then return the # default identity URL for this server. In a full-featured # provider, there could be interaction with the user to determine # what URL should be sent. if not openid_request.idSelect(): id_url = getViewURL(request, idPage) # Confirm that this server can actually vouch for that # identifier if id_url != openid_request.identity: # Return an error response error_response = ProtocolError( openid_request.message, "This server cannot verify the URL %r" % (openid_request.identity,) ) return displayResponse(request, error_response) if openid_request.immediate: # Always respond with 'cancel' to immediate mode requests # because we don't track information about a logged-in user. # If we did, then the answer would depend on whether that user # had trusted the request's trust root and whether the user is # even logged in. openid_response = openid_request.answer(False) return displayResponse(request, openid_response) else: # Store the incoming request object in the session so we can # get to it later. setRequest(request, openid_request) return showDecidePage(request, openid_request)
def trustPage(request): """ Display the trust page template, which allows the user to decide whether to approve the OpenID verification. """ return render(request, "server/trust.html", {"trust_handler_url": getViewURL(request, processTrustResult)})
def idPage(request): """ Serve the identity page for OpenID URLs. """ return render(request, "server/idPage.html", {"server_url": getViewURL(request, endpoint)})
def idpXrds(request): """ Respond to requests for the IDP's XRDS document, which is used in IDP-driven identifier selection. """ return util.renderXRDS(request, [OPENID_IDP_2_0_TYPE], [getViewURL(request, endpoint)])
def getServer(request): """ Get a Server object to perform OpenID authentication. """ return Server(getOpenIDStore(), getViewURL(request, endpoint))
try: # Stringify because template's ifequal can only compare to strings. trust_root_valid = verifyReturnTo(trust_root, return_to) and "Valid" or "Invalid" except DiscoveryFailure, err: trust_root_valid = "DISCOVERY_FAILED" except HTTPFetchingError, err: trust_root_valid = "Unreachable" pape_request = pape.Request.fromOpenIDRequest(openid_request) return render( request, "server/trust.html", { "trust_root": trust_root, "trust_handler_url": getViewURL(request, processTrustResult), "trust_root_valid": trust_root_valid, "pape_request": pape_request, }, ) def processTrustResult(request): """ Handle the result of a trust decision and respond to the RP accordingly. """ # Get the request from the session so we can construct the # appropriate response. openid_request = getRequest(request)