def _gettoken(self, environ):
"""Generates authentication tokens."""
user, path = environ["REMOTE_USER"], getpath(environ)
agent = environ["HTTP_USER_AGENT"]
raddr, server = environ["REMOTE_ADDR"], environ["SERVER_NAME"]
# Onetime secret
nonce = getsecret()
# Compute authentication token
authtoken = self.compute(user, raddr, server, path, agent, nonce)
# Compute token timeout
timeout = datetime.fromtimestamp(time.time() + self.timeout).ctime()
# Generate persistent token
token = base64.urlsafe_b64encode(authtoken + timeout.encode("hex"))
# Store onetime token info for future authentication
self.store[token] = {"user": user, "path": path, "nonce": nonce}
return token
def __call__(self, environ):
# Base URL
environ['openid.baseurl'] = geturl(environ, False, False)
# Query string
environ['openid.query'] = dict(cgi.parse_qsl(environ['QUERY_STRING']))
# Path
path = getpath(environ)
# Start verification
if path == '/verify':
return self.verify(environ)
# Process response
elif path == '/process':
return self.process(environ)
# Prompt for URL
else:
message = 'Enter an OpenID Identifier to verify.'
return self.response(message, environ)
