def init_app(self, app): """ Constructor for the Flask application. """ self.app = app app.config.setdefault('FAS_OPENID_ENDPOINT', 'https://id.fedoraproject.org/openid/') app.config.setdefault('FAS_OPENID_CHECK_CERT', True) if not self.app.config['FAS_OPENID_CHECK_CERT']: setDefaultFetcher(Urllib2Fetcher()) # json_encoder is only available from flask 0.10 version = flask.__version__.split('.') assume_recent = False try: major = int(version[0]) minor = int(version[1]) except ValueError: # We'll assume we're using a recent enough flask as the packages # of old versions used sane version numbers. assume_recent = True if assume_recent or (major > 0 or minor >= 10): self.app.json_encoder = FASJSONEncoder @app.route('/_flask_fas_openid_handler/', methods=['GET', 'POST']) def flask_fas_openid_handler(): """ Endpoint for OpenID results. """ return self._handle_openid_request() app.before_request(self._check_session)
def __init__(self, openid_provider, check_certificate=True, **kwargs): unknown = [] self.permissions = {} for group in kwargs: self.permissions[group] = [] for perm in kwargs[group]: if perm in Authz.knownActions: self.permissions[group].append(perm) else: unknown.append(perm) self.openid_provider = openid_provider self.sessions = SessionManager() self.init_childs = False if not check_certificate: setDefaultFetcher(Urllib2Fetcher()) # This makes us get self.master as per baseweb.py:472 self.auth = self # This makes the login form be a link self.useHttpHeader = True self.httpLoginUrl = '/_openid_start/' if unknown != []: raise ValueError('Unknown authorization action(s) ' + ', '.join(unknown))
def set_default_openid_fetcher(): # Make sure we're using the same fetcher that we use in production, even # if pycurl is installed. fetcher = Urllib2Fetcher() if config.launchpad.enable_test_openid_provider: cafile = os.path.join(config.root, "configs/development/launchpad.crt") fetcher.urlopen = partial(urllib2.urlopen, cafile=cafile) setDefaultFetcher(fetcher)
def _init_app(self, app): app.config.setdefault('FAS_OPENID_ENDPOINT', 'http://id.fedoraproject.org/') app.config.setdefault('FAS_OPENID_CHECK_CERT', True) if not self.app.config['FAS_OPENID_CHECK_CERT']: setDefaultFetcher(Urllib2Fetcher()) @app.route('/_flask_fas_openid_handler/', methods=['GET', 'POST']) def flask_fas_openid_handler(): return self._handle_openid_request() app.before_request(self._check_session)
def _init_app(self, app): """ Constructor for the flask application. """ app.config.setdefault('FAS_OPENID_ENDPOINT', 'http://id.fedoraproject.org/') app.config.setdefault('FAS_OPENID_CHECK_CERT', True) if not self.app.config['FAS_OPENID_CHECK_CERT']: setDefaultFetcher(Urllib2Fetcher()) @app.route('/_flask_fas_openid_handler/', methods=['GET', 'POST']) def flask_fas_openid_handler(): """ Add endpoint handling the openid requests. """ return self._handle_openid_request() app.before_request(self._check_session)
def main(host, port, data_path, weak_ssl=False): # Instantiate OpenID consumer store and OpenID consumer. If you # were connecting to a database, you would create the database # connection and instantiate an appropriate store here. if data_path: store = filestore.FileOpenIDStore(data_path) else: store = memstore.MemoryStore() if weak_ssl: setDefaultFetcher(Urllib2Fetcher()) addr = (host, port) server = OpenIDHTTPServer(store, addr, OpenIDRequestHandler) print 'Server running at:' print server.base_url server.serve_forever()
def _initIdPValidation(self, idpWhitelistConfigFilePath): """Initialise M2Crypto based urllib2 HTTPS handler to enable SSL authentication of OpenID Providers""" if _M2CRYPTO_NOT_INSTALLED: raise ImportError("M2Crypto is required for SSL-based IdP " "validation but it is not installed.") log.info("Setting parameters for SSL Authentication of OpenID " "Provider ...") idPValidationDriver = SSLIdPValidationDriver( idpConfigFilePath=idpWhitelistConfigFilePath) # Force Python OpenID library to use Urllib2 fetcher instead of the # Curl based one otherwise the M2Crypto SSL handler will be ignored. setDefaultFetcher(Urllib2Fetcher()) log.debug("Setting the M2Crypto SSL handler ...") opener = urllib2.OpenerDirector() opener.add_handler(FlagHttpsOnlyHandler()) opener.add_handler(HTTPSHandler(idPValidationDriver.ctx)) urllib2.install_opener(opener)
import sys import cherrypy import os import pwd import ssl from openid.fetchers import setDefaultFetcher, Urllib2Fetcher from openid.consumer import consumer from openid.extensions import sreg, ax from openid_teams import teams sys.stdout = sys.stderr # This is an ugly hack to make python-openid not check the certs setDefaultFetcher(Urllib2Fetcher()) try: _create_unverified_https_context = ssl._create_unverified_context except AttributeError: pass else: ssl._create_default_https_context = _create_unverified_https_context class OpenIDApp(object): def index(self, extensions): self.extensions = extensions == 'YES' oidconsumer = consumer.Consumer(dict(), None) try: request = oidconsumer.begin('https://127.0.0.10:45080/idp1/') except Exception as ex: