def get(self, request): """ This function initializes the authentication process It builds a challenge which is sent to the client """ # Creates a new nonce associated to this session nonce = Nonce() nonce.save() # Gets the callback uri callback_uri = self.get_callback_uri(request) # Builds the challenge (bitid uri) bitid_uri = bitid.build_uri(callback_uri, nonce.nid) # Gets the qrcode uri qrcode = bitid.qrcode(bitid_uri) context = { "callback_uri": callback_uri, "bitid_uri": bitid_uri, "qrcode": qrcode } return render(request, self.template_name, context)
def get(self, request): """ This function initializes the authentication process It builds a challenge which is sent to the client """ # Creates a new nonce associated to this session sid = request.session._get_or_create_session_key() nonce = Nonce(sid=sid) nonce.save() # Gets the callback uri callback_uri = self.get_callback_uri(request) # Builds the challenge (bitid uri) bitid_uri = bitid.build_uri(callback_uri, nonce.nid) # Gets the qrcode uri qrcode = bitid.qrcode(bitid_uri) context = { "callback_uri": callback_uri, "bitid_uri": bitid_uri, "qrcode": qrcode } return render(request, self.template_name, context)
def useNonce(self, server_url, timestamp, salt): if abs(timestamp - time.time()) > oid_nonce.SKEW: return False try: nonce = Nonce( server_url=server_url, timestamp=timestamp, salt=salt) nonce.save() except: raise else: return 1
def useNonce(self, server_url, timestamp, salt): if abs(timestamp - time.time()) > SKEW: return False try: ononce = Nonce.objects.get(server_url__exact=server_url, timestamp__exact=timestamp, salt__exact=salt) except Nonce.DoesNotExist: ononce = Nonce(server_url=server_url, timestamp=timestamp, salt=salt) ononce.save() return True return False
def useNonce(self, server_url, timestamp, salt): if abs(timestamp - time.time()) > openid_store.nonce.SKEW: return False query = [Q(server_url__exact=server_url), Q(timestamp__exact=timestamp), Q(salt__exact=salt)] try: ononce = Nonce.objects.get(reduce(operator.and_, query)) except Nonce.DoesNotExist: ononce = Nonce(server_url=server_url, timestamp=timestamp, salt=salt) ononce.save() return True ononce.delete() return False
def useNonce(self, server_url, timestamp, salt): """Called when using a nonce. This method should return True if the nonce has not been used before, and store it for a while to make sure nobody tries to use the same value again. If the nonce has already been used or the timestamp is not current, return False. You may use openid.store.nonce.SKEW for your timestamp window. @param server_url: The URL of the server from which the nonce originated. @param timestamp: The time that the nonce was created (to the nearest second), in seconds since January 1 1970 UTC. @param salt: A random string that makes two nonces from the same server issued during the same second unique. @return: Whether or not the nonce was valid. """ """ is timestamp current """ if abs(timestamp - time.time()) > SKEW: return False """ delete expired nonces """ self.cleanupNonces() """ filter to find nonce """ nonces = Nonce.objects.filter(server_url=server_url, timestamp=datetime.fromtimestamp(timestamp), salt=salt) """ if nonce was successfully saved return that nonce is valid """ if nonces.count() == 0: nonce = Nonce(server_url=server_url, timestamp=datetime.fromtimestamp(timestamp), salt=salt) nonce.save() return True else: return False
def useNonce(self, server_url, timestamp, salt): if abs(timestamp - time.time()) > openid_store.nonce.SKEW: return False query = [ Q(server_url__exact=server_url), Q(timestamp__exact=timestamp), Q(salt__exact=salt), ] try: ononce = Nonce.objects.get(reduce(operator.and_, query)) except Nonce.DoesNotExist: ononce = Nonce(server_url=server_url, timestamp=timestamp, salt=salt) ononce.save() return True ononce.delete() return False
def registration(request, attribute_set='default', template_name='openid/registration_form.html', form_class=OpenIDLoginForm): """ Try to submit all the registration attributes for mojeID registration""" registration_url = getattr(settings, 'MOJEID_REGISTRATION_URL', MOJEID_REGISTRATION_URL) # Realm should be always something like 'https://example.org/openid/' realm = getattr(settings, 'MOJEID_REALM', request.build_absolute_uri(reverse(top))) user = OpenIDBackend.get_user_from_request(request) user_id = user.pk if user else None # Create Nonce nonce = Nonce(server_url=realm, user_id=user_id) nonce.save() fields = [] attributes = [x for x in get_attributes(attribute_set) if x.type == 'attribute'] # Append attributes to creation request if user is valid if user: for attribute in attributes: form_attr = attribute.registration_form_attrs_html(user_id) if form_attr: fields.append(form_attr) # Render the redirection template return render_to_response( template_name, { 'fields': fields, 'action': registration_url, 'realm': realm, 'nonce': nonce.registration_nonce, }, context_instance=RequestContext(request) )