def login(self, environ, start_response): req = Request(environ) set_template(environ, 'login.xslt') sess = environ['beaker.session'] params = {'base_uri': self.base_url} if not sess.get(self.ekey): sess[self.ekey] = {} sess.save() headers = [('Content-Type', 'application/xml')] if not (req.params.get('uname') or req.params.get('return_location')): message ='There must be a uname and return_location in the query string' raise HTTPBadRequest(detail=message) openid_url = req.params['uname'] sess[self.ekey]['return_location'] = req.params['return_location'] if not openid_url: # this seems better ... # raise HTTPBadRequest("need openid_url") params['message'] = "Don't leave your name blank." params['status'] = 'failure' set_params(environ, params) start_response('200 OK', headers) return [] consumer = self.get_consumer(sess[self.ekey]) try: request = consumer.begin(openid_url) except Exception, exc: params['message'] = 'Error in discovery: %s' % (cgi.escape(str(exc[0]))) params['status'] = 'failure' set_params(environ, params) start_response('200 OK', headers) return []
def verify(self): form_openid = unicode(request.params.get('openid_url')) consumer = openid.consumer.consumer.Consumer(session, None) try: oid_request = consumer.begin(form_openid) except openid.consumer.consumer.DiscoveryFailure, exception: c.errors.append(exception[0]) return render('/auth/login.mako')
def beginLogin(self): """Begins the login process.""" openid_url = self.request.get('openid') if not openid_url: self.openidError('Please enter an OpenID URL.') return try: consumer = self.get_consumer() auth_request = consumer.begin(openid_url) except discover.DiscoveryFailure, e: raise
def POST_auth(self): if getattr(c.user, "f2p", None) != "participated": abort(403) session = {} consumer = openid.consumer.consumer.Consumer(session, store=None) auth_request = consumer.begin(STEAM_AUTH_URL) post_login_url = self.make_post_login_url() url = auth_request.redirectURL(realm=g.origin, return_to=post_login_url) g.f2pcache.set("steam_session_%d" % c.user._id, session) g.log.debug("started steam auth for %s", c.user.name) return redirect_to(url)
def type_login_html(self): redirect = self.request.GET['redirect'] try: import openid.consumer.consumer except ImportError: return self.render_error("OpenID Error", "OpenID is not supported in this installation") trust_root = self.request.build_absolute_uri('/') full_redirect_path = '%s?redirect=%s' % (reverse('item_type_url', kwargs={'viewer': self.viewer_name, 'action': 'logincomplete'}), urlquote(redirect)) full_redirect_url = self.request.build_absolute_uri(full_redirect_path) user_url = self.request.POST['openid_url'] consumer = openid.consumer.consumer.Consumer(self.request.session, None) try: auth_request = consumer.begin(user_url) except openid.consumer.consumer.DiscoveryFailure: return self.render_error("OpenID Error", "Invalid OpenID URL") auth_request.addExtensionArg('sreg', 'optional', 'nickname,email,fullname') return HttpResponseRedirect(auth_request.redirectURL(trust_root, full_redirect_url))
def verify_path(self, environ, start_response): """Opid expects the OpenID identity url via a query string with key 'url'. You can optionally specify sucess and failure redirect paths with keys 'success' and 'failure'. Opid's return path will generate a redirect to the supplied success path on authentication, and the failure path if it encounters any problems. The default path for both is / Finally, Opid unauthenticates before authentication attempts. If you wish to disable this behavior, you can pass it a query of no_unauth=1.""" realm = self.realm or "%s://%s" % (environ['wsgi.url_scheme'], environ['HTTP_HOST']) openid_url = _enforce_single_q(environ, 'url') success_url = _enforce_single_q(environ, 'success', default='/') failure_url = _enforce_single_q(environ, 'failure', default='/') no_unauth = _enforce_single_q(environ, 'no_unauth', default=None) if no_unauth == '1': self.unauth(environ) with self.session_context(environ) as session: session['opid.realm'] = realm session['opid.openid_url'] = openid_url session['opid.success_url'] = success_url session['opid.failure_url'] = failure_url session['opid.session'] = {} consumer = openid.consumer.consumer.Consumer(session['opid.session'], self.store) authreq = consumer.begin(openid_url) if authreq.shouldSendRedirect(): redirect_url = authreq.redirectURL(realm, self._return_to(environ)) environ['opid.redirect_url'] = redirect_url return self.redirect_app(environ, start_response) else: return_form = authreq.formMarkup(realm, self._return_to(environ), form_tag_attrs={'id': 'opid_post'}) environ['opid.form_html'] = return_form return self.post_app(environ, start_response)
def getGoogleRequest(cls, consumer): """ URL provided by Google's federated login docs - http://code.google.com/apis/accounts/docs/OpenID.html#endpoint """ return consumer.begin("https://www.google.com/accounts/o8/id")