def _handle_verify_continuation(self, request): _ = request.getText oidconsumer = consumer.Consumer(request.session, MoinOpenIDStore(request)) query = {} for key in request.form: query[key] = request.form[key][0] current_url = get_multistage_continuation_url(request, self.name, {"oidstage": "1"}) info = oidconsumer.complete(query, current_url) if info.status == consumer.FAILURE: return CancelLogin(_("OpenID error: %s.") % info.message) elif info.status == consumer.CANCEL: return CancelLogin(_("Verification canceled.")) elif info.status == consumer.SUCCESS: request.session["openid.id"] = info.identity_url request.session["openid.info"] = info # try to find user object uid = user.getUserIdByOpenId(request, info.identity_url) if uid: u = user.User(request, id=uid, auth_method=self.name, auth_username=info.identity_url) else: u = None # create or update the user according to the registration data u = self._handle_user_data(request, u) if u: return ContinueLogin(u) # if no user found, then we need to ask for a username, # possibly associating an existing account. request.session["openid.id"] = info.identity_url return MultistageFormLogin(self._get_account_name) else: return CancelLogin(_("OpenID failure."))
def test_get_multistage_continuation_url(): test_url = get_multistage_continuation_url('test_auth_name', extra_fields={'password': '******', 'test_key': 'test_value'}) assert 'test_key=test_value' in test_url assert 'password=test_pass' in test_url assert 'stage=test_auth_name' in test_url assert 'login_submit=1' in test_url
def login(self, request, user_obj, **kw): continuation = kw.get('multistage') if continuation: return self._handle_continuation(request) # openid is designed to work together with other auths if user_obj and user_obj.valid: return ContinueLogin(user_obj) openid_id = kw.get('openid_identifier') # nothing entered? continue... if not self._forced_service and not openid_id: return ContinueLogin(user_obj) _ = request.getText # user entered something but the session can't be stored if not request.cfg.cookie_lifetime[0]: return ContinueLogin(user_obj, _('Anonymous sessions need to be enabled for OpenID login.')) oidconsumer = consumer.Consumer(request.session, MoinOpenIDStore(request)) try: fserv = self._forced_service if fserv: if isinstance(fserv, str) or isinstance(fserv, unicode): oidreq = oidconsumer.begin(fserv) else: oidreq = oidconsumer.beginWithoutDiscovery(fserv) else: oidreq = oidconsumer.begin(openid_id) except HTTPFetchingError: return ContinueLogin(None, _('Failed to resolve OpenID.')) except DiscoveryFailure: return ContinueLogin(None, _('OpenID discovery failure, not a valid OpenID.')) else: if oidreq is None: return ContinueLogin(None, _('No OpenID.')) self._modify_request(oidreq, request.cfg) return_to = get_multistage_continuation_url(request, self.name, {'oidstage': '1'}) trust_root = request.url_root if oidreq.shouldSendRedirect(): redirect_url = oidreq.redirectURL(trust_root, return_to) return MultistageRedirectLogin(redirect_url) else: form_html = oidreq.formMarkup(trust_root, return_to, form_tag_attrs={'id': 'openid_message'}) mcall = lambda request, form:\ self._openid_form(request, form, form_html) ret = MultistageFormLogin(mcall) return ret
def test_get_multistage_continuation_url(): test_url = get_multistage_continuation_url('test_auth_name', extra_fields={ 'password': '******', 'test_key': 'test_value' }) assert 'test_key=test_value' in test_url assert 'password=test_pass' in test_url assert 'stage=test_auth_name' in test_url assert 'login_submit=1' in test_url
def login(self, userobj, **kw): """ Handles an login request and continues to multistage continuation if necessary. """ continuation = kw.get('multistage') # process another subsequent step if continuation: return self._handleContinuation() openid = kw.get('openid') # no openid entered if not openid: return ContinueLogin(userobj) # we make a consumer object with an in-memory storage oid_consumer = consumer.Consumer(session, self.store) # we catch any possible openid-related exceptions try: oid_response = oid_consumer.begin(openid) except HTTPFetchingError: return ContinueLogin(None, _('Failed to resolve OpenID.')) except DiscoveryFailure: return ContinueLogin( None, _('OpenID discovery failure, not a valid OpenID.')) else: # we got no response from the service if oid_response is None: return ContinueLogin(None, _('No OpenID service at this URL.')) # site root and where to return after the redirect site_root = url_for('frontend.show_root', _external=True) return_to = get_multistage_continuation_url( self.name, {'oidstage': '1'}) # should we redirect the user? if oid_response.shouldSendRedirect(): redirect_url = oid_response.redirectURL(site_root, return_to) return MultistageRedirectLogin(redirect_url) else: # send a form form_html = oid_response.htmlMarkup( site_root, return_to, form_tag_attrs={'id': 'openid_message'}) # returns a MultistageFormLogin return MultistageFormLogin(form_html)
def _handle_verify_continuation(self, request): _ = request.getText oidconsumer = consumer.Consumer(request.session, MoinOpenIDStore(request)) query = {} for key in request.values.keys(): query[key] = request.values.get(key) current_url = get_multistage_continuation_url(request, self.name, {'oidstage': '1'}) info = oidconsumer.complete(query, current_url) if info.status == consumer.FAILURE: logging.debug(_("OpenID error: %s.") % info.message) return CancelLogin(_('OpenID error: %s.') % info.message) elif info.status == consumer.CANCEL: logging.debug(_("OpenID verification canceled.")) return CancelLogin(_('Verification canceled.')) elif info.status == consumer.SUCCESS: logging.debug(_("OpenID success. id: %s") % info.identity_url) request.session['openid.id'] = info.identity_url request.session['openid.info'] = info # try to find user object uid = user.getUserIdByOpenId(request, info.identity_url) if uid: u = user.User(request, id=uid, auth_method=self.name, auth_username=info.identity_url, auth_attribs=self.auth_attribs) else: u = None # create or update the user according to the registration data u = self._handle_user_data(request, u) if u: return ContinueLogin(u) # if no user found, then we need to ask for a username, # possibly associating an existing account. logging.debug("OpenID: No user found, prompting for username") #request.session['openid.id'] = info.identity_url return MultistageFormLogin(self._get_account_name) else: logging.debug(_("OpenID failure")) return CancelLogin(_('OpenID failure.'))
def login(self, userobj, **kw): """ Handles an login request and continues to multistage continuation if necessary. """ continuation = kw.get('multistage') # process another subsequent step if continuation: return self._handleContinuation() openid = kw.get('openid') # no openid entered if not openid: return ContinueLogin(userobj) # we make a consumer object with an in-memory storage oid_consumer = consumer.Consumer(session, self.store) # we catch any possible openid-related exceptions try: oid_response = oid_consumer.begin(openid) except HTTPFetchingError: return ContinueLogin(None, _('Failed to resolve OpenID.')) except DiscoveryFailure: return ContinueLogin(None, _('OpenID discovery failure, not a valid OpenID.')) else: # we got no response from the service if oid_response is None: return ContinueLogin(None, _('No OpenID service at this URL.')) # site root and where to return after the redirect site_root = url_for('frontend.show_root', _external=True) return_to = get_multistage_continuation_url(self.name, {'oidstage': '1'}) # should we redirect the user? if oid_response.shouldSendRedirect(): redirect_url = oid_response.redirectURL(site_root, return_to) return MultistageRedirectLogin(redirect_url) else: # send a form form_html = oid_response.htmlMarkup(site_root, return_to, form_tag_attrs={'id': 'openid_message'}) # returns a MultistageFormLogin return MultistageFormLogin(form_html)
def _handle_verify_continuation(self, request): _ = request.getText oidconsumer = consumer.Consumer(request.session, MoinOpenIDStore(request)) query = {} for key in request.values.keys(): query[key] = request.values.get(key) current_url = get_multistage_continuation_url(request, self.name, {'oidstage': '1'}) info = oidconsumer.complete(query, current_url) if info.status == consumer.FAILURE: logging.debug(_("OpenID error: %s.") % info.message) return CancelLogin(_('OpenID error: %s.') % info.message) elif info.status == consumer.CANCEL: logging.debug(_("OpenID verification canceled.")) return CancelLogin(_('Verification canceled.')) elif info.status == consumer.SUCCESS: logging.debug(_("OpenID success. id: %s") % info.identity_url) request.session['openid.id'] = info.identity_url request.session['openid.info'] = info # try to find user object uid = user.getUserIdByOpenId(request, info.identity_url) if uid: u = user.User(request, id=uid, auth_method=self.name, auth_username=info.identity_url, auth_attribs=self.auth_attribs) else: u = None # create or update the user according to the registration data u = self._handle_user_data(request, u) if u: return ContinueLogin(u) # if no user found, then we need to ask for a username, # possibly associating an existing account. logging.debug("OpenID: No user found, prompting for username") #request.session['openid.id'] = info.identity_url return MultistageFormLogin(self._get_account_name) else: logging.debug(_("OpenID failure")) return CancelLogin(_('OpenID failure.'))
def login(self, request, user_obj, **kw): continuation = kw.get('multistage') if continuation: return self._handle_continuation(request) # openid is designed to work together with other auths if user_obj and user_obj.valid: return ContinueLogin(user_obj) openid_id = kw.get('openid_identifier') # nothing entered? continue... if not self._forced_service and not openid_id: return ContinueLogin(user_obj) _ = request.getText # user entered something but the session can't be stored if not request.cfg.cookie_lifetime[0]: return ContinueLogin( user_obj, _('Anonymous sessions need to be enabled for OpenID login.')) oidconsumer = consumer.Consumer(request.session, MoinOpenIDStore(request)) try: fserv = self._forced_service if fserv: if isinstance(fserv, str) or isinstance(fserv, unicode): oidreq = oidconsumer.begin(fserv) else: oidreq = oidconsumer.beginWithoutDiscovery(fserv) else: oidreq = oidconsumer.begin(openid_id) except HTTPFetchingError: return ContinueLogin(None, _('Failed to resolve OpenID.')) except DiscoveryFailure: return ContinueLogin( None, _('OpenID discovery failure, not a valid OpenID.')) else: if oidreq is None: return ContinueLogin(None, _('No OpenID.')) self._modify_request(oidreq, request.cfg) return_to = get_multistage_continuation_url( request, self.name, {'oidstage': '1'}) trust_root = request.url_root if oidreq.shouldSendRedirect(): redirect_url = oidreq.redirectURL(trust_root, return_to) return MultistageRedirectLogin(redirect_url) else: form_html = oidreq.formMarkup( trust_root, return_to, form_tag_attrs={'id': 'openid_message'}) mcall = lambda request, form:\ self._openid_form(request, form, form_html) ret = MultistageFormLogin(mcall) return ret
def _handleContinuationVerify(self): """ Handles the first stage continuation. """ # the consumer object with an in-memory storage oid_consumer = consumer.Consumer(session, self.store) # a dict containing the parsed query string query = {} for key in request.values.keys(): query[key] = request.values.get(key) # the current url (w/o query string) url = get_multistage_continuation_url(self.name, {'oidstage': '1'}) # we get the info about the authentication oid_info = oid_consumer.complete(query, url) # the identity we've retrieved from the response if oid_info.status == consumer.FAILURE: # verification has failed # return an error message with description of error logging.debug("OpenIDError: {0}".format(oid_info.message)) error_message = _('OpenID Error') return CancelLogin(error_message) elif oid_info.status == consumer.CANCEL: logging.debug("OpenID verification cancelled.") # verification was cancelled # return error return CancelLogin(_('OpenID verification cancelled.')) elif oid_info.status == consumer.SUCCESS: logging.debug('OpenID success. id: {0}'.format( oid_info.identity_url)) # we get the provider's url # and the list of trusted providers trusted = self._trusted_providers server = oid_info.endpoint.server_url if server in trusted or not trusted: # the provider is trusted or all providers are trusted # we have successfully authenticated our openid # we get the user with this openid associated to him identity = oid_info.identity_url users = user.search_users(openid=identity) user_obj = users and user.User(users[0][ITEMID], trusted=self.trusted) # if the user actually exists if user_obj: # we get the authenticated user object # success! user_obj.auth_method = self.name return ContinueLogin(user_obj) # there is no user with this openid else: # redirect the user to registration return MultistageRedirectLogin( url_for('frontend.register', _external=True, openid_openid=identity, openid_submit='1')) # not trusted return ContinueLogin(None, _('This OpenID provider is not trusted.')) else: logging.debug("OpenID failure") # the auth failed miserably return CancelLogin(_('OpenID failure.'))
def _handleContinuationVerify(self): """ Handles the first stage continuation. """ # the consumer object with an in-memory storage oid_consumer = consumer.Consumer(session, self.store) # a dict containing the parsed query string query = {} for key in request.values.keys(): query[key] = request.values.get(key) # the current url (w/o query string) url = get_multistage_continuation_url(self.name, {'oidstage': '1'}) # we get the info about the authentication oid_info = oid_consumer.complete(query, url) # the identity we've retrieved from the response if oid_info.status == consumer.FAILURE: # verification has failed # return an error message with description of error logging.debug("OpenIDError: {0}".format(oid_info.message)) error_message = _('OpenID Error') return CancelLogin(error_message) elif oid_info.status == consumer.CANCEL: logging.debug("OpenID verification cancelled.") # verification was cancelled # return error return CancelLogin(_('OpenID verification cancelled.')) elif oid_info.status == consumer.SUCCESS: logging.debug('OpenID success. id: {0}'.format(oid_info.identity_url)) # we get the provider's url # and the list of trusted providers trusted = self._trusted_providers server = oid_info.endpoint.server_url if server in trusted or not trusted: # the provider is trusted or all providers are trusted # we have successfully authenticated our openid # we get the user with this openid associated to him identity = oid_info.identity_url users = user.search_users(openid=identity) user_obj = users and user.User(users[0][ITEMID], trusted=self.trusted) # if the user actually exists if user_obj: # we get the authenticated user object # success! user_obj.auth_method = self.name return ContinueLogin(user_obj) # there is no user with this openid else: # redirect the user to registration return MultistageRedirectLogin(url_for('frontend.register', _external=True, openid_openid=identity, openid_submit='1' )) # not trusted return ContinueLogin(None, _('This OpenID provider is not trusted.')) else: logging.debug("OpenID failure") # the auth failed miserably return CancelLogin(_('OpenID failure.'))