def openid_url(self):
"""Return service provider URL.
This base class is generic accepting a POST parameter that specifies
provider URL."""
if OPENID_ID_FIELD not in self.data:
raise AuthMissingParameter(self, OPENID_ID_FIELD)
return self.data[OPENID_ID_FIELD]
def auth_complete(self, *args, **kwargs):
"""Completes loging process, must return user instance"""
if not 'assertion' in self.data:
raise AuthMissingParameter(self, 'assertion')
data = urlencode({
'assertion': self.data['assertion'],
'audience': self.request.get_host()
})
try:
response = simplejson.load(urlopen(BROWSER_ID_SERVER, data=data))
except ValueError:
log('error', 'Could not load user data from BrowserID.',
exc_info=True)
else:
if response.get('status') == 'failure':
log('debug', 'Authentication failed.')
raise AuthFailed(self)
kwargs.update({
'auth': self,
'response': response,
self.AUTH_BACKEND.name: True
})
return authenticate(*args, **kwargs)
def validate_state(self):
"""Validate state value. Raises exception on error, returns state
value if valid."""
state = self.request.session.get(self.AUTH_BACKEND.name + '_state')
request_state = self.data.get('state') or \
self.data.get('redirect_state')
if not request_state:
raise AuthMissingParameter(self, 'state')
elif not state:
raise AuthStateMissing(self, 'state')
elif not constant_time_compare(request_state, state):
raise AuthStateForbidden(self)
return state
def openid_url(self):
"""Returns LiveJournal authentication URL"""
if not self.data.get(LIVEJOURNAL_USER_FIELD):
raise AuthMissingParameter(self, LIVEJOURNAL_USER_FIELD)
return LIVEJOURNAL_URL % self.data[LIVEJOURNAL_USER_FIELD]