def begin(self, url): endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = 'oid' endpoint.server_url = 'http://localhost/' endpoint.type_uris = [OPENID_2_0_TYPE] auth_request = consumer.AuthRequest(endpoint, None) return auth_request
def v1endpoint(self, port): """Return an OpenID 1.1 OpenIDServiceEndpoint for the server.""" base = "http://%s:%s" % (socket.getfqdn('127.0.0.1'), port) ep = OpenIDServiceEndpoint() ep.claimed_id = base + "/id/bob" ep.server_url = base + "/openidserver" ep.type_uris = [OPENID_1_1_TYPE] return ep
def _verifyDiscoveryResultsOpenID2(self, resp_msg, endpoint): to_match = OpenIDServiceEndpoint() to_match.type_uris = [OPENID_2_0_TYPE] to_match.claimed_id = resp_msg.getArg(OPENID2_NS, 'claimed_id') to_match.local_id = resp_msg.getArg(OPENID2_NS, 'identity') # Raises a KeyError when the op_endpoint is not present to_match.server_url = resp_msg.getArg( OPENID2_NS, 'op_endpoint', no_default) # claimed_id and identifier must both be present or both # be absent if (to_match.claimed_id is None and to_match.local_id is not None): raise consumer.ProtocolError( 'openid.identity is present without openid.claimed_id') elif (to_match.claimed_id is not None and to_match.local_id is None): raise consumer.ProtocolError( 'openid.claimed_id is present without openid.identity') # This is a response without identifiers, so there's really no # checking that we can do, so return an endpoint that's for # the specified `openid.op_endpoint' elif to_match.claimed_id is None: return OpenIDServiceEndpoint.fromOPEndpointURL(to_match.server_url) # The claimed ID doesn't match, so we have to do discovery # again. This covers not using sessions, OP identifier # endpoints and responses that didn't match the original # request. if to_match.server_url.startswith(u'https://www.google.com/a/'): import urllib claimed_id = u'https://www.google.com/accounts/o8/user-xrds?uri=%s' % urllib.quote_plus(to_match.claimed_id) else: claimed_id = to_match.claimed_id if not endpoint: oidutil.log('No pre-discovered information supplied.') endpoint = self._discoverAndVerify(claimed_id, [to_match]) else: # The claimed ID matches, so we use the endpoint that we # discovered in initiation. This should be the most common # case. try: self._verifyDiscoverySingle(endpoint, to_match) except consumer.ProtocolError, e: oidutil.log( "Error attempting to use stored discovery information: " + str(e)) oidutil.log("Attempting discovery to verify endpoint") endpoint = self._discoverAndVerify( claimed_id, [to_match])
def make_openid_response(self, sreg_args=None, teams_args=None): endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = 'some-id' message = Message(OPENID2_NS) if sreg_args is not None: for key, value in sreg_args.items(): message.setArg(SREG_NS, key, value) if teams_args is not None: for key, value in teams_args.items(): message.setArg(TEAMS_NS, key, value) response = SuccessResponse( endpoint, message, signed_fields=message.toPostArgs().keys()) return response
def make_openid_response(self, sreg_args=None, teams_args=None): endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = 'some-id' message = Message(OPENID2_NS) if sreg_args is not None: for key, value in sreg_args.items(): message.setArg(SREG_NS, key, value) if teams_args is not None: for key, value in teams_args.items(): message.setArg(TEAMS_NS, key, value) response = SuccessResponse(endpoint, message, signed_fields=message.toPostArgs().keys()) return response
def make_endpoint(self, protocol_uri, claimed_id, local_id=None): """Create an endpoint for use with `Consumer.beginWithoutDiscovery`. :arg protocol_uri: The URI for the OpenID protocol version. This should be one of the OPENID_X_Y_TYPE constants. :arg claimed_id: The claimed identity URL for the endpoint. :arg local_id: The OP local identifier for the endpoint. If this argument is not provided, it defaults to claimed_id. """ msg = "Unexpected protocol URI: %s" % protocol_uri assert protocol_uri in OPENID_TYPES, msg endpoint = OpenIDServiceEndpoint() endpoint.type_uris = [protocol_uri] endpoint.server_url = self.base_openid_url endpoint.claimed_id = claimed_id endpoint.local_id = local_id or claimed_id return endpoint
def make_endpoint(protocol_uri, claimed_id, local_id=None): """Create an endpoint for use with `Consumer.beginWithoutDiscovery`. :arg protocol_uri: The URI for the OpenID protocol version. This should be one of the OPENID_X_Y_TYPE constants. :arg claimed_id: The claimed identity URL for the endpoint. :arg local_id: The OP local identifier for the endpoint. If this argument is not provided, it defaults to claimed_id. """ assert protocol_uri in [ OPENID_1_0_TYPE, OPENID_1_1_TYPE, OPENID_2_0_TYPE], ( "Unexpected protocol URI: %s" % protocol_uri) endpoint = OpenIDServiceEndpoint() endpoint.type_uris = [protocol_uri] endpoint.server_url = get_requested_server_url(claimed_id) endpoint.claimed_id = claimed_id endpoint.local_id = local_id or claimed_id return endpoint
def make_identifier_select_endpoint(self, protocol_uri): """Create an endpoint for use in OpenID identifier select mode. :arg protocol_uri: The URI for the OpenID protocol version. This should be one of the OPENID_X_Y_TYPE constants. If the OpenID 1.x protocol is selected, the endpoint will be suitable for use with Launchpad's non-standard identifier select workflow. """ msg = "Unexpected protocol URI: %s" % protocol_uri assert protocol_uri in OPENID_TYPES, msg endpoint = OpenIDServiceEndpoint() endpoint.server_url = self.base_openid_url if protocol_uri == OPENID_2_0_TYPE: endpoint.type_uris = [OPENID_IDP_2_0_TYPE] else: endpoint.type_uris = [protocol_uri] endpoint.claimed_id = IDENTIFIER_SELECT endpoint.local_id = IDENTIFIER_SELECT return endpoint
def _test_success(server_url, user_url, delegate_url, links, immediate=False): store = memstore.MemoryStore() if immediate: mode = 'checkid_immediate' else: mode = 'checkid_setup' endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = user_url endpoint.server_url = server_url endpoint.local_id = delegate_url endpoint.type_uris = [OPENID_1_1_TYPE] fetcher = TestFetcher(None, None, assocs[0]) fetchers.setDefaultFetcher(fetcher, wrap_exceptions=False) def run(): trust_root = consumer_url consumer = GenericConsumer(store) setConsumerSession(consumer) request = consumer.begin(endpoint) return_to = consumer_url m = request.getMessage(trust_root, return_to, immediate) redirect_url = request.redirectURL(trust_root, return_to, immediate) parsed = urlparse.urlparse(redirect_url) qs = parsed[4] q = parseQuery(qs) new_return_to = q['openid.return_to'] del q['openid.return_to'] assert q == { 'openid.mode':mode, 'openid.identity':delegate_url, 'openid.trust_root':trust_root, 'openid.assoc_handle':fetcher.assoc_handle, }, (q, user_url, delegate_url, mode) assert new_return_to.startswith(return_to) assert redirect_url.startswith(server_url) parsed = urlparse.urlparse(new_return_to) query = parseQuery(parsed[4]) query.update({ 'openid.mode':'id_res', 'openid.return_to':new_return_to, 'openid.identity':delegate_url, 'openid.assoc_handle':fetcher.assoc_handle, }) assoc = store.getAssociation(server_url, fetcher.assoc_handle) message = Message.fromPostArgs(query) message = assoc.signMessage(message) info = consumer.complete(message, request.endpoint, new_return_to) assert info.status == SUCCESS, info.message assert info.identity_url == user_url assert fetcher.num_assocs == 0 run() assert fetcher.num_assocs == 1 # Test that doing it again uses the existing association run() assert fetcher.num_assocs == 1 # Another association is created if we remove the existing one store.removeAssociation(server_url, fetcher.assoc_handle) run() assert fetcher.num_assocs == 2 # Test that doing it again uses the existing association run() assert fetcher.num_assocs == 2
def __init__(self, openid_namespace=OPENID2_NS): super(TestMessage, self).__init__(openid_namespace=openid_namespace) endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = make_claimed_id('some-id') endpoint.server_url = SERVER_URL self.endpoint = endpoint
def makeSuccessResponse(claimed_id, query): """Returns an OpenID success response with given arguments, all signed.""" endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = claimed_id signed_list = ['openid.' + k for k in query] return SuccessResponse(endpoint, Message.fromOpenIDArgs(query), signed_list)
def make_fake_openid_endpoint(self, claimed_id=None): endpoint = OpenIDServiceEndpoint() endpoint.claimed_id = claimed_id return endpoint