def begin(request, openid_url): request.session['request_referer'] = urlparse.urljoin(request.META.get('HTTP_REFERER', ''), '/') consumer = Consumer(request.session, DjangoOpenIDStore()) try: auth_request = consumer.begin(openid_url) except DiscoveryFailure: return on_failure(request, _('The OpenID was invalid')) s = SRegRequest() for sarg in OPENID_SREG: if sarg.lower().lstrip() == "policy_url": s.policy_url = OPENID_SREG[sarg] else: for v in OPENID_SREG[sarg].split(','): s.requestField(field_name=v.lower().lstrip(), required=(sarg.lower().lstrip() == "required")) auth_request.addExtension(s) axr = AXFetchRequest() for i in OPENID_AX: axr.add(AttrInfo(i['type_uri'], i['count'], i['required'], i['alias'])) auth_request.addExtension(axr) redirect_url = auth_request.redirectURL(get_trusted_root(request), request.build_absolute_uri(reverse("openid_complete"))) return HttpResponseRedirect(redirect_url)
def prepare_authentication_request(self, request, redirect_to): if not redirect_to.startswith('http://') or redirect_to.startswith( 'https://'): redirect_to = get_url_host(request) + redirect_to user_url = self.get_user_url(request) if xri.identifierScheme(user_url) == 'XRI' and getattr( settings, 'OPENID_DISALLOW_INAMES', False): raise InvalidAuthentication('i-names are not supported') consumer = Consumer(request.session, OsqaOpenIDStore()) try: auth_request = consumer.begin(user_url) except DiscoveryFailure: raise InvalidAuthentication( _('Sorry, but your input is not a valid OpenId')) sreg = getattr(self, 'sreg_attributes', False) if sreg: s = SRegRequest() for k, attr_dic in sreg.items(): if k == "policy_url": s.policy_url = attr_dic continue for attr_name in attr_dic.keys(): s.requestField(field_name=attr_name, required=(k == "required")) auth_request.addExtension(s) ax_schema = getattr(self, 'dataype2ax_schema', False) if ax_schema and request.session.get('force_email_request', True): axr = AXFetchRequest() for data_type, schema in ax_schema.items(): if isinstance(schema, tuple): axr.add(AttrInfo(schema[0], required=True, alias=schema[1])) else: axr.add(AttrInfo(schema, required=True, alias=data_type)) auth_request.addExtension(axr) trust_root = getattr(settings, 'OPENID_TRUST_ROOT', get_url_host(request) + '/') return auth_request.redirectURL(trust_root, redirect_to)
def prepare_authentication_request(self, request, redirect_to): if not redirect_to.startswith('http://') or redirect_to.startswith('https://'): redirect_to = get_url_host(request) + redirect_to user_url = self.get_user_url(request) if xri.identifierScheme(user_url) == 'XRI' and getattr( settings, 'OPENID_DISALLOW_INAMES', False ): raise InvalidAuthentication('i-names are not supported') consumer = Consumer(request.session, OsqaOpenIDStore()) try: auth_request = consumer.begin(user_url) except DiscoveryFailure: raise InvalidAuthentication(_('Sorry, but your input is not a valid OpenId')) sreg = getattr(self, 'sreg_attributes', False) if sreg: s = SRegRequest() for k, attr_dic in sreg.items(): if k == "policy_url": s.policy_url = attr_dic continue for attr_name in attr_dic.keys(): s.requestField(field_name=attr_name, required=(k == "required")) auth_request.addExtension(s) ax_schema = getattr(self, 'dataype2ax_schema', False) if ax_schema and request.session.get('force_email_request', True): axr = AXFetchRequest() for data_type, schema in ax_schema.items(): if isinstance(schema, tuple): axr.add(AttrInfo(schema[0], 1, True, schema[1])) else: axr.add(AttrInfo(schema, 1, True, data_type)) auth_request.addExtension(axr) trust_root = getattr( settings, 'OPENID_TRUST_ROOT', get_url_host(request) + '/' ) return auth_request.redirectURL(trust_root, redirect_to)