def begin(request,
confirmed=True,
redirect_to=None,
on_failure=None,
user_url=None,
template_name='openid_consumer/signin.html'):
on_failure = on_failure or default_on_failure
trust_root = getattr(settings, 'OPENID_TRUST_ROOT',
get_url_host(request) + '/')
# foo derbis.
redirect_to = redirect_to or getattr(
settings,
'OPENID_REDIRECT_TO',
# If not explicitly set, assume current URL with complete/ appended
get_full_url(request).split('?')[0] + 'complete/')
# In case they were lazy...
if not redirect_to.startswith('http://') or redirect_to.startswith(
'https://'):
redirect_to = get_url_host(request) + redirect_to
if request.GET.get('next') and is_valid_next_url(request.GET['next']):
if '?' in redirect_to:
join = '&'
else:
join = '?'
redirect_to += join + urlencode({'next': request.GET['next']})
if not user_url:
user_url = request.REQUEST.get('openid_url', None)
if not user_url:
request_path = request.path
if request.GET.get('next'):
request_path += '?' + urlencode({'next': request.GET['next']})
return render(template_name, {
'action': request_path,
}, RequestContext(request))
if xri.identifierScheme(user_url) == 'XRI' and getattr(
settings, 'OPENID_DISALLOW_INAMES', False):
return on_failure(request, _('i-names are not supported'))
consumer = Consumer(request.session, DjangoOpenIDStore())
try:
auth_request = consumer.begin(user_url)
except DiscoveryFailure:
return on_failure(request, _('The OpenID was invalid'))
sreg = getattr(settings, 'OPENID_SREG', False)
if sreg:
s = SRegRequest()
for sarg in sreg:
if sarg.lower().lstrip() == "policy_url":
s.policy_url = sreg[sarg]
else:
for v in sreg[sarg].split(','):
s.requestField(
field_name=v.lower().lstrip(),
required=(sarg.lower().lstrip() == "required"))
auth_request.addExtension(s)
pape = getattr(settings, 'OPENID_PAPE', False)
if pape:
if openid.__version__ <= '2.0.0' and openid.__version__ >= '2.1.0':
raise ImportError, 'For pape extension you need python-openid 2.1.0 or newer'
p = PapeRequest()
for parg in pape:
if parg.lower().strip() == 'policy_list':
for v in pape[parg].split(','):
p.addPolicyURI(v)
elif parg.lower().strip() == 'max_auth_age':
p.max_auth_age = pape[parg]
auth_request.addExtension(p)
ax = getattr(settings, 'OPENID_AX', [])
if ax:
axr = AXFetchRequest()
for i in ax:
axr.add(
AttrInfo(i['type_uri'], i['count'], i['required'], i['alias']))
auth_request.addExtension(axr)
redirect_url = auth_request.redirectURL(trust_root, redirect_to)
return HttpResponseRedirect(redirect_url)
def begin(request, redirect_to=None, on_failure=None, user_url=None, template_name='openid_consumer/signin.html'):
on_failure = on_failure or default_on_failure
trust_root = getattr(
settings, 'OPENID_TRUST_ROOT', get_url_host(request) + '/'
)
# foo derbis.
redirect_to = redirect_to or getattr(
settings, 'OPENID_REDIRECT_TO',
# If not explicitly set, assume current URL with complete/ appended
get_full_url(request).split('?')[0] + 'complete/'
)
# In case they were lazy...
if not redirect_to.startswith('http://') or redirect_to.startswith('https://'):
redirect_to = get_url_host(request) + redirect_to
if request.GET.get('next') and is_valid_next_url(request.GET['next']):
if '?' in redirect_to:
join = '&'
else:
join = '?'
redirect_to += join + urllib.urlencode({
'next': request.GET['next']
})
if not user_url:
user_url = request.REQUEST.get('openid_url', None)
if not user_url:
request_path = request.path
if request.GET.get('next'):
request_path += '?' + urllib.urlencode({
'next': request.GET['next']
})
return render(template_name, {
'action': request_path,
}, RequestContext(request))
if xri.identifierScheme(user_url) == 'XRI' and getattr(
settings, 'OPENID_DISALLOW_INAMES', False
):
return on_failure(request, _('i-names are not supported'))
consumer = Consumer(request.session, DjangoOpenIDStore())
try:
auth_request = consumer.begin(user_url)
except DiscoveryFailure:
return on_failure(request, _('The OpenID was invalid'))
sreg = getattr(settings, 'OPENID_SREG', False)
if sreg:
s = SRegRequest()
for sarg in sreg:
if sarg.lower().lstrip() == "policy_url":
s.policy_url = sreg[sarg]
else:
for v in sreg[sarg].split(','):
s.requestField(field_name=v.lower().lstrip(), required=(sarg.lower().lstrip() == "required"))
auth_request.addExtension(s)
pape = getattr(settings, 'OPENID_PAPE', False)
if pape:
if openid.__version__ <= '2.0.0' and openid.__version__ >= '2.1.0':
raise ImportError, 'For pape extension you need python-openid 2.1.0 or newer'
p = PapeRequest()
for parg in pape:
if parg.lower().strip() == 'policy_list':
for v in pape[parg].split(','):
p.addPolicyURI(v)
elif parg.lower().strip() == 'max_auth_age':
p.max_auth_age = pape[parg]
auth_request.addExtension(p)
ax = getattr(settings, 'OPENID_AX', [])
if ax:
axr = AXFetchRequest()
for i in ax:
axr.add(AttrInfo(i['type_uri'], i['count'], i['required'], i['alias']))
auth_request.addExtension(axr)
redirect_url = auth_request.redirectURL(trust_root, redirect_to)
return HttpResponseRedirect(redirect_url)
def begin(request, redirect_to=None, on_failure=None, user_url=None, template_name="openid_consumer/signin.html"):
on_failure = on_failure or default_on_failure
trust_root = getattr(settings, "OPENID_TRUST_ROOT", get_url_host(request) + "/")
# foo derbis.
redirect_to = redirect_to or getattr(
settings,
"OPENID_REDIRECT_TO",
# If not explicitly set, assume current URL with complete/ appended
get_full_url(request).split("?")[0] + "complete/",
)
# In case they were lazy...
if not (redirect_to.startswith("http://") or redirect_to.startswith("https://")):
redirect_to = get_url_host(request) + redirect_to
if request.GET.get("next") and is_valid_next_url(request.GET["next"]):
if "?" in redirect_to:
join = "&"
else:
join = "?"
redirect_to += join + urllib.urlencode({"next": request.GET["next"]})
if not user_url:
user_url = request.REQUEST.get("openid_url", None)
if not user_url:
request_path = request.path
if request.GET.get("next"):
request_path += "?" + urllib.urlencode({"next": request.GET["next"]})
return render(template_name, {"action": request_path}, RequestContext(request))
if xri.identifierScheme(user_url) == "XRI" and getattr(settings, "OPENID_DISALLOW_INAMES", False):
return on_failure(request, _("i-names are not supported"))
consumer = Consumer(request.session, DjangoOpenIDStore())
try:
auth_request = consumer.begin(user_url)
except DiscoveryFailure:
return on_failure(request, _("The OpenID was invalid"))
sreg = getattr(settings, "OPENID_SREG", False)
if sreg:
s = SRegRequest()
for sarg in sreg:
if sarg.lower().lstrip() == "policy_url":
s.policy_url = sreg[sarg]
else:
for v in sreg[sarg].split(","):
s.requestField(field_name=v.lower().lstrip(), required=(sarg.lower().lstrip() == "required"))
auth_request.addExtension(s)
pape = getattr(settings, "OPENID_PAPE", False)
if pape:
if openid.__version__ <= "2.0.0" and openid.__version__ >= "2.1.0":
raise (ImportError, "For pape extension you need python-openid 2.1.0 or newer")
p = PapeRequest()
for parg in pape:
if parg.lower().strip() == "policy_list":
for v in pape[parg].split(","):
p.addPolicyURI(v)
elif parg.lower().strip() == "max_auth_age":
p.max_auth_age = pape[parg]
auth_request.addExtension(p)
OPENID_AX_PROVIDER_MAP = getattr(settings, "OPENID_AX_PROVIDER_MAP", {})
openid_provider = "Google" if "google" in request.session.get("openid_provider", "") else "Default"
ax = OPENID_AX_PROVIDER_MAP.get(openid_provider)
if ax:
axr = AXFetchRequest()
for attr_name, attr_url in ax.items():
# axr.add(AttrInfo(i['type_uri'],
# i['count'], i['required'],
# i['alias']))
# setting all as required attrs
axr.add(AttrInfo(attr_url, required=True))
auth_request.addExtension(axr)
redirect_url = auth_request.redirectURL(trust_root, redirect_to)
return HttpResponseRedirect(redirect_url)