def run(request):
lang = choose_lang(request)
sid = request.args.get("sid")
consumer = Consumer({"sid": sid}, None)
href = Href(request.url)
url = href("../oid.py", {"sid": sid})
# try:
info = consumer.complete(request.args, url) # <-- It crashes here. (When using an OpenID from Yahoo!)
#print info.status
# except Exception as e:
# info = openid.consumer.consumer.Response()
# info.status = e
if info.status == CANCEL:
return Response(get_html("oid_failure", lang), 401, mimetype="text/html")
if info.status == SETUP_NEEDED:
html = get_html("oid_setup_needed", lang)
html = html.replace("<!-- URL -->", info.setup_url)
return Response(html, 423, mimetype="text/html")
if info.status == SUCCESS:
display_identifier = info.getDisplayIdentifier()
sregresp = SRegResponse.fromSuccessResponse(info)
realoid = display_identifier
if info.endpoint.canonicalID:
realoid = info.endpoint.canonicalID
try:
nickname = sregresp.data["nickname"]
except (AttributeError, KeyError):
nickname = ""
try:
email = sregresp.data["email"]
except (AttributeError, KeyError):
email = ""
con = SQLcon.con()
cur = con.cursor()
cur.execute("SELECT * FROM users WHERE openid=%s", (realoid,))
result = cur.fetchall()
if result.__len__() == 0:
cur.execute("INSERT INTO users (username, openid, email, first_login) VALUES (%s, %s, %s, true)", (nickname, realoid, email))
#log in
cur.execute("SELECT uid FROM users WHERE openid=%s", (realoid,))
result = cur.fetchall()
uid = result[0][0]
#print result
cur.execute("UPDATE sessions SET uid=%s WHERE sid=%s", (str(uid), sid))
cur.execute("UPDATE sessions SET oid=%s WHERE sid=%s", (realoid, sid))
con.close()
return Response(get_html("oid_success", lang), 200, mimetype="text/html")
#Something went wrong.
#TODO: More investigation.
return Response(get_html("oid_failure", lang), 500, mimetype="text/html")
def success_openid_login(request,
openid_response,
redirect_field_name=REDIRECT_FIELD_NAME):
"""
A view-helper to handle a successful OpenID authentication response. Note that this
doesn't mean we've found a matching user yet. That's what this method
does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the
``settings.AUTHENTICATION_BACKENDS`` list.
"""
#Get the OpenID URL
openid_url = openid_response.identity_url
sreg = SRegResponse.fromSuccessResponse(openid_response)
nickname = None
if sreg and sreg.has_key('nickname'):
nickname = sreg.get('nickname')
#Call the built in django auth function
#(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list)
user = authenticate(openid_url=openid_url, sreg=nickname)
if user:
#Log in the user with the built-in django function
auth_login(request, user)
#Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://" + request.get_host(), user)
#Do we not yet have any openids in the session?
if OPENIDS_SESSION_NAME not in request.session.keys():
request.session[OPENIDS_SESSION_NAME] = []
#Eliminate any duplicate openids in the session
request.session[OPENIDS_SESSION_NAME] = [
o for o in request.session[OPENIDS_SESSION_NAME]
if o.openid != openid_url
]
#Add this new openid to the list
request.session[OPENIDS_SESSION_NAME].append(
from_openid_response(openid_response))
#Get the page to redirect to
redirect = request.REQUEST.get(redirect_field_name, None)
if not redirect or not is_valid_redirect_url(redirect):
redirect = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect)
else:
#TODO: This should start the registration process
return failure_openid_login(
request, openid_url,
_("The OpenID doesn't match any registered user."))
def from_openid_response(openid_response):
issued = int(time.time())
openid = OpenID(openid_response.identity_url, issued, openid_response.signed_fields)
if getattr(settings, 'OPENID_PAPE', False):
openid.pape = PapeResponse.fromSuccessResponse(openid_response)
if getattr(settings, 'OPENID_SREG', False):
openid.sreg = SRegResponse.fromSuccessResponse(openid_response)
if getattr(settings, 'OPENID_AX', False):
openid.ax = AXFetchResponse.fromSuccessResponse(openid_response)
return openid
def from_openid_response(openid_response):
issued = int(time.time())
openid = OpenID(openid_response.identity_url, issued, openid_response.signed_fields)
if getattr(settings, 'OPENID_PAPE', False):
openid.pape = PapeResponse.fromSuccessResponse(openid_response)
if getattr(settings, 'OPENID_SREG', False):
openid.sreg = SRegResponse.fromSuccessResponse(openid_response)
if getattr(settings, 'OPENID_AX', False):
openid.ax = AXFetchResponse.fromSuccessResponse(openid_response)
return openid
def success_openid_login(request, openid_response, redirect_field_name=REDIRECT_FIELD_NAME):
"""
A view-helper to handle a successful OpenID authentication response. Note that this
doesn't mean we've found a matching user yet. That's what this method
does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the
``settings.AUTHENTICATION_BACKENDS`` list.
"""
#Get the OpenID URL
openid_url = openid_response.identity_url
sreg = SRegResponse.fromSuccessResponse(openid_response)
nickname = None
if sreg and sreg.has_key('nickname'):
nickname = sreg.get('nickname')
#Call the built in django auth function
#(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list)
user = authenticate(openid_url=openid_url, sreg=nickname)
if user:
#Log in the user with the built-in django function
auth_login(request, user)
#Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://"+request.get_host(), user)
#Do we not yet have any openids in the session?
if OPENIDS_SESSION_NAME not in request.session.keys():
request.session[OPENIDS_SESSION_NAME] = []
#Eliminate any duplicate openids in the session
request.session[OPENIDS_SESSION_NAME] = [o for o in request.session[OPENIDS_SESSION_NAME] if o.openid != openid_url]
#Add this new openid to the list
request.session[OPENIDS_SESSION_NAME].append(from_openid_response(openid_response))
#Get the page to redirect to
redirect = request.REQUEST.get(redirect_field_name, None)
if not redirect or not is_valid_redirect_url(redirect):
redirect = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect)
else:
#TODO: This should start the registration process
return failure_openid_login(request, openid_url, _("The OpenID doesn't match any registered user."))
def from_openid_response(openid_response):
issued = int(time.time())
return OpenID(
openid_response.identity_url, issued, openid_response.signed_fields,
SRegResponse.fromSuccessResponse(openid_response)
)
