def _allAssocs(self): all_associations = [] association_filenames = map( lambda filename: os.path.join(self.association_dir, filename), os.listdir(self.association_dir)) for association_filename in association_filenames: try: association_file = file(association_filename, 'rb') except IOError, why: if why.errno == ENOENT: oidutil.log("%s disappeared during %s._allAssocs" % ( association_filename, self.__class__.__name__)) else: raise else: try: assoc_s = association_file.read() finally: association_file.close() # Remove expired or corrupted associations try: association = Association.deserialize(assoc_s) except ValueError: _removeIfPresent(association_filename) else: all_associations.append( (association_filename, association))
def discoverXRI(iname): endpoints = [] iname = normalizeXRI(iname) try: canonicalID, services = xrires.ProxyResolver().query( iname, OpenIDServiceEndpoint.openid_type_uris) if canonicalID is None: raise XRDSError('No CanonicalID found for XRI %r' % (iname, )) flt = filters.mkFilter(OpenIDServiceEndpoint) for service_element in services: endpoints.extend(flt.getServiceEndpoints(iname, service_element)) except XRDSError: oidutil.log('xrds error on ' + iname) for endpoint in endpoints: # Is there a way to pass this through the filter to the endpoint # constructor instead of tacking it on after? endpoint.canonicalID = canonicalID endpoint.claimed_id = canonicalID endpoint.display_identifier = iname # FIXME: returned xri should probably be in some normal form return iname, getOPOrUserServices(endpoints)
def _allAssocs(self): all_associations = [] association_filenames = map( lambda filename: os.path.join(self.association_dir, filename), os.listdir(self.association_dir)) for association_filename in association_filenames: try: association_file = file(association_filename, 'rb') except IOError, why: if why.errno == ENOENT: oidutil.log( "%s disappeared during %s._allAssocs" % (association_filename, self.__class__.__name__)) else: raise else: try: assoc_s = association_file.read() finally: association_file.close() # Remove expired or corrupted associations try: association = Association.deserialize(assoc_s) except ValueError: _removeIfPresent(association_filename) else: all_associations.append( (association_filename, association))
def verifyReturnTo(realm_str, return_to, _vrfy=getAllowedReturnURLs): """Verify that a return_to URL is valid for the given realm. This function builds a discovery URL, performs Yadis discovery on it, makes sure that the URL does not redirect, parses out the return_to URLs, and finally checks to see if the current return_to URL matches the return_to. @raises DiscoveryFailure: When Yadis discovery fails @returns: True if the return_to URL is valid for the realm @since: 2.1.0 """ realm = TrustRoot.parse(realm_str) if realm is None: # The realm does not parse as a URL pattern return False try: allowable_urls = _vrfy(realm.buildDiscoveryURL()) except RealmVerificationRedirected, err: oidutil.log(str(err)) return False
def discoverXRI(iname): endpoints = [] iname = normalizeXRI(iname) try: canonicalID, services = xrires.ProxyResolver().query(iname, OpenIDServiceEndpoint.openid_type_uris) if canonicalID is None: raise XRDSError("No CanonicalID found for XRI %r" % (iname,)) flt = filters.mkFilter(OpenIDServiceEndpoint) for service_element in services: endpoints.extend(flt.getServiceEndpoints(iname, service_element)) except XRDSError: oidutil.log("xrds error on " + iname) for endpoint in endpoints: # Is there a way to pass this through the filter to the endpoint # constructor instead of tacking it on after? endpoint.canonicalID = canonicalID endpoint.claimed_id = canonicalID endpoint.display_identifier = iname # FIXME: returned xri should probably be in some normal form return iname, getOPOrUserServices(endpoints)
def verifyReturnTo(realm_str, return_to, _vrfy=getAllowedReturnURLs): """Verify that a return_to URL is valid for the given realm. This function builds a discovery URL, performs Yadis discovery on it, makes sure that the URL does not redirect, parses out the return_to URLs, and finally checks to see if the current return_to URL matches the return_to. @raises DiscoveryFailure: When Yadis discovery fails @returns: True if the return_to URL is valid for the realm @since: 2.1.0 """ realm = TrustRoot.parse(realm_str) if realm is None: # The realm does not parse as a URL pattern return False try: allowable_urls = _vrfy(realm.buildDiscoveryURL()) except RealmVerificationRedirected, err: oidutil.log(str(err)) return False if returnToMatches(allowable_urls, return_to): return True else: oidutil.log("Failed to validate return_to %r for realm %r, was not " "in %s" % (return_to, realm_str, allowable_urls)) return False
def err(msg): formatted = 'kvToSeq warning: %s: %r' % (msg, data) if strict: raise KVFormError(formatted) else: oidutil.log(formatted)
def err(msg): formatted = 'seqToKV warning: %s: %r' % (msg, seq) if strict: raise KVFormError(formatted) else: oidutil.log(formatted)
# URI used in the wild for Yadis documents advertising simple # registration support ns_uri_1_0 = 'http://openid.net/sreg/1.0' # URI in the draft specification for simple registration 1.1 # <http://openid.net/specs/openid-simple-registration-extension-1_1-01.html> ns_uri_1_1 = 'http://openid.net/extensions/sreg/1.1' # This attribute will always hold the preferred URI to use when adding # sreg support to an XRDS file or in an OpenID namespace declaration. ns_uri = ns_uri_1_1 try: registerNamespaceAlias(ns_uri_1_1, 'sreg') except NamespaceAliasRegistrationError, e: oidutil.log('registerNamespaceAlias(%r, %r) failed: %s' % (ns_uri_1_1, 'sreg', str(e),)) def supportsSReg(endpoint): """Does the given endpoint advertise support for simple registration? @param endpoint: The endpoint object as returned by OpenID discovery @type endpoint: openid.consumer.discover.OpenIDEndpoint @returns: Whether an sreg type was advertised by the endpoint @rtype: bool """ return (endpoint.usesExtension(ns_uri_1_1) or endpoint.usesExtension(ns_uri_1_0)) class SRegNamespaceError(ValueError):