def init(self):
self.consumer = create_consumer(self.openid_session)
if not hasattr(self, 'form_result'):
return self._failure('', _("Invalid input."))
openid = self.form_result.get("openid")
try:
if not openid:
raise ValueError(_("No OpenID given!"))
authrequest = self.consumer.begin(openid)
if not c.user and not model.OpenID.find(openid):
axreq = ax.FetchRequest(h.base_url(c.instance,
path='/openid/update'))
axreq.add(ax.AttrInfo(AX_MAIL_SCHEMA, alias="email",
required=True))
authrequest.addExtension(axreq)
sreq = sreg.SRegRequest(required=['nickname'],
optional=['email'])
authrequest.addExtension(sreq)
redirecturl = authrequest.redirectURL(
h.base_url(c.instance, path='/'),
return_to=h.base_url(c.instance, path='/openid/verify'),
immediate=False)
session['openid_session'] = self.openid_session
session.save()
return redirect(redirecturl)
except HTTPFound:
raise
except Exception, e:
log.exception(e)
return self._failure(openid, str(e))
def init(self):
self.consumer = create_consumer(self.openid_session)
if not hasattr(self, 'form_result'):
return self._failure('', _("Invalid input."))
openid = self.form_result.get("openid")
try:
if not openid:
raise ValueError(_("No OpenID given!"))
authrequest = self.consumer.begin(openid)
if not c.user and not model.OpenID.find(openid):
axreq = ax.FetchRequest(h.base_url('/openid/update'))
axreq.add(ax.AttrInfo(AX_MAIL_SCHEMA, alias="email",
required=True))
authrequest.addExtension(axreq)
sreq = sreg.SRegRequest(required=['nickname'],
optional=['email'])
authrequest.addExtension(sreq)
redirecturl = authrequest.redirectURL(
h.base_url('/'),
return_to=h.base_url('/openid/verify'),
immediate=False)
session['openid_session'] = self.openid_session
session.save()
return redirect(redirecturl)
except HTTPFound:
raise
except Exception, e:
log.exception(e)
return self._failure(openid, str(e))
def init(self):
self.consumer = create_consumer(self.openid_session)
if not hasattr(self, "form_result"):
return self._failure("", _("Invalid input."))
openid = self.form_result.get("openid")
try:
if not openid:
raise ValueError(_("No OpenID given!"))
authrequest = self.consumer.begin(openid)
if not c.user and not model.OpenID.find(openid):
axreq = ax.FetchRequest(h.base_url("/openid/update", absolute=True))
axreq.add(ax.AttrInfo(get_ax_mail_schema(openid), alias="email", required=True))
authrequest.addExtension(axreq)
sreq = sreg.SRegRequest(required=["nickname"], optional=["email"])
authrequest.addExtension(sreq)
redirecturl = authrequest.redirectURL(
h.base_url("/", absolute=True), return_to=h.base_url("/openid/verify", absolute=True), immediate=False
)
self.set_session(self.openid_session)
session.save()
return redirect(redirecturl)
except HTTPFound:
raise
except Exception, e:
log.exception(e)
return self._failure(openid, str(e))
def verify(self):
self.consumer = create_consumer(self.openid_session)
info = self.consumer.complete(request.params,
h.base_url('/openid/verify'))
if not info.status == SUCCESS:
return self._failure(info.identity_url, _("OpenID login failed."))
email = None
user_name = None
# evaluate Simple Registration Extension data
srep = sreg.SRegResponse.fromSuccessResponse(info)
if srep:
if srep.get('nickname'):
user_name = srep.get('nickname').strip()
if srep.get('email'):
email = srep.get('email')
# evaluate Attribute Exchange data
# TBD: AXSCHEMA friendlyName
# TBD: SignedMembership
axrep = ax.FetchResponse.fromSuccessResponse(info)
if axrep:
try:
email = axrep.getSingle(AX_MAIL_SCHEMA) or email
except ValueError:
email = axrep.get(AX_MAIL_SCHEMA)[0]
except KeyError:
email = email
if 'openid_session' in session:
del session['openid_session']
oid = model.OpenID.find(info.identity_url)
if oid:
if c.user:
if oid.user == c.user:
return self._failure(info.identity_url,
_("You have already claimed this OpenID."))
else:
return self._failure(info.identity_url,
_("OpenID %s already belongs to %s.")
% (info.identity_url, oid.user.name))
else:
self._login(oid.user)
# returns
else:
if c.user:
oid = model.OpenID(unicode(info.identity_url), c.user)
model.meta.Session.add(oid)
model.meta.Session.commit()
redirect(h.entity_url(c.user, member='edit'))
else:
try:
forms.UniqueUsername(not_empty=True).to_python(user_name)
except:
session['openid_req'] = (info.identity_url, user_name,
email)
session.save()
redirect('/openid/username')
user = self._create(user_name, email, info.identity_url)
self._login(user)
return self._failure(info.identity_url,
_("Justin Case has entered the room."))
def verify(self):
if not openid_login_allowed():
ret_abort(_("OpenID login has been disabled on this installation"),
code=403)
self.consumer = create_consumer(self.openid_session)
info = self.consumer.complete(request.params,
h.base_url('/openid/verify',
absolute=True))
if not info.status == SUCCESS:
return self._failure(info.identity_url, _("OpenID login failed."))
email = None
user_name = None
# evaluate Simple Registration Extension data
srep = sreg.SRegResponse.fromSuccessResponse(info)
if srep:
if srep.get('nickname'):
user_name = srep.get('nickname').strip()
if srep.get('email'):
email = srep.get('email')
# evaluate Attribute Exchange data
# TBD: AXSCHEMA friendlyName
# TBD: SignedMembership
axrep = ax.FetchResponse.fromSuccessResponse(info)
if axrep:
ax_mail_schema = get_ax_mail_schema(info.identity_url)
try:
email = axrep.getSingle(ax_mail_schema) or email
except ValueError:
email = axrep.get(ax_mail_schema)[0]
except KeyError:
email = email
if 'openid_session' in session:
self.delete_session()
oid = model.OpenID.find(info.identity_url)
if oid:
if c.user:
if oid.user == c.user:
return self._failure(
info.identity_url,
_("You have already claimed this OpenID."))
else:
return self._failure(
info.identity_url,
_("OpenID %s already belongs to %s.")
% (info.identity_url, oid.user.name))
else:
self._login(oid.user)
# returns
else:
if c.user:
oid = model.OpenID(unicode(info.identity_url), c.user)
model.meta.Session.add(oid)
model.meta.Session.commit()
h.flash(_("Successfully added OpenID to user account."),
'success')
redirect(h.entity_url(c.user, member='edit'))
else:
if not h.allow_user_registration():
h.flash(_(
"OpenID %s doesn't belong to an existing user account "
"and user registration is disabled in this "
"installation." % info.identity_url
), 'warning')
redirect(h.base_url('/login'))
user_by_email = model.User.find_by_email(email)
if user_by_email is not None:
if is_trusted_provider(info.identity_url):
# A user with the email returned by the OpenID provider
# exists. As we trust the OpenID provider, we log in
# that account and assign the OpenID to this user.
oid = model.OpenID(unicode(info.identity_url),
user_by_email)
model.meta.Session.add(oid)
model.meta.Session.commit()
h.flash(_(
"Successfully added OpenID to user account."
), 'success')
self._login(user_by_email)
else:
# A user with the email returned by the OpenID provider
# exists. As we don't trust the OpenID provider, we
# demand that the user needs to login first.
#
# Note: We could store the successful OpenID
# authentication in the session and assign it after
# login. However probably more is gained if the
# list of trusted OpenID providers is extended.
h.flash(_(
"The email address %s which was returned by the "
"OpenID provider already belongs to a different "
"user account. Please login with that account "
"or use the forgot password functionality, and "
"add the OpenID in your user profile settings "
"afterwards. Sorry for the inconvenience." % email
), 'warning')
redirect(h.base_url('/login'))
try:
forms.UniqueUsername(not_empty=True).to_python(user_name)
formencode.All(validators.PlainText(not_empty=True),
forms.UniqueUsername(),
forms.ContainsChar())
except:
session['openid_req'] = (info.identity_url, user_name,
email)
session.save()
redirect(h.base_url('/openid/username'))
user = self._create(user_name, email, info.identity_url)
h.flash(_("Successfully created new user account %s" %
user_name), 'success')
self._login(user, register=True)
def verify(self):
self.consumer = create_consumer(self.openid_session)
info = self.consumer.complete(request.params,
h.base_url(c.instance,
path='/openid/verify'))
if not info.status == SUCCESS:
return self._failure(info.identity_url, _("OpenID login failed."))
email = None
user_name = None
# evaluate Simple Registration Extension data
srep = sreg.SRegResponse.fromSuccessResponse(info)
if srep:
if srep.get('nickname'):
user_name = srep.get('nickname').strip()
if srep.get('email'):
email = srep.get('email')
# evaluate Attribute Exchange data
# TBD: AXSCHEMA friendlyName
# TBD: SignedMembership
axrep = ax.FetchResponse.fromSuccessResponse(info)
if axrep:
try:
email = axrep.getSingle(AX_MAIL_SCHEMA) or email
except ValueError:
email = axrep.get(AX_MAIL_SCHEMA)[0]
except KeyError:
email = email
if 'openid_session' in session:
del session['openid_session']
oid = model.OpenID.find(info.identity_url)
if oid:
if c.user:
if oid.user == c.user:
return self._failure(info.identity_url,
_("You have already claimed this OpenID."))
else:
return self._failure(info.identity_url,
_("OpenID %s already belongs to %s.")
% (info.identity_url, oid.user.name))
else:
self._login(oid.user)
# returns
else:
if c.user:
oid = model.OpenID(unicode(info.identity_url), c.user)
model.meta.Session.add(oid)
model.meta.Session.commit()
redirect(h.entity_url(c.user, member='edit'))
else:
try:
forms.UniqueUsername(not_empty=True).to_python(user_name)
except:
session['openid_req'] = (info.identity_url, user_name,
email)
session.save()
redirect('/openid/username')
user = self._create(user_name, email, info.identity_url)
self._login(user)
return self._failure(info.identity_url,
_("Justin Case has entered the room."))
def verify(self):
if not openid_login_allowed():
ret_abort(_("OpenID login has been disabled on this installation"),
code=403)
self.consumer = create_consumer(self.openid_session)
info = self.consumer.complete(
request.params, h.base_url('/openid/verify', absolute=True))
if not info.status == SUCCESS:
return self._failure(info.identity_url, _("OpenID login failed."))
email = None
user_name = None
# evaluate Simple Registration Extension data
srep = sreg.SRegResponse.fromSuccessResponse(info)
if srep:
if srep.get('nickname'):
user_name = srep.get('nickname').strip()
if srep.get('email'):
email = srep.get('email')
# evaluate Attribute Exchange data
# TBD: AXSCHEMA friendlyName
# TBD: SignedMembership
axrep = ax.FetchResponse.fromSuccessResponse(info)
if axrep:
ax_mail_schema = get_ax_mail_schema(info.identity_url)
try:
email = axrep.getSingle(ax_mail_schema) or email
except ValueError:
email = axrep.get(ax_mail_schema)[0]
except KeyError:
email = email
if 'openid_session' in session:
self.delete_session()
oid = model.OpenID.find(info.identity_url)
if oid:
if c.user:
if oid.user == c.user:
return self._failure(
info.identity_url,
_("You have already claimed this OpenID."))
else:
return self._failure(
info.identity_url,
_("OpenID %s is already connected to an account.") %
(info.identity_url, oid.user.name))
else:
self._login(oid.user)
# returns
else:
if c.user:
oid = model.OpenID(unicode(info.identity_url), c.user)
model.meta.Session.add(oid)
model.meta.Session.commit()
h.flash(_("Successfully added OpenID to user account."),
'success')
redirect(h.entity_url(c.user, member='settings/login'))
else:
if not h.allow_user_registration():
h.flash(
_("OpenID %s doesn't belong to an existing user account "
"and user registration is disabled in this "
"installation." % info.identity_url), 'warning')
redirect(h.base_url('/login'))
user_by_email = model.User.find_by_email(email)
if user_by_email is not None:
if is_trusted_provider(info.identity_url):
# A user with the email returned by the OpenID provider
# exists. As we trust the OpenID provider, we log in
# that account and assign the OpenID to this user.
oid = model.OpenID(unicode(info.identity_url),
user_by_email)
model.meta.Session.add(oid)
model.meta.Session.commit()
h.flash(
_("Successfully added OpenID to user account."),
'success')
self._login(user_by_email)
else:
# A user with the email returned by the OpenID provider
# exists. As we don't trust the OpenID provider, we
# demand that the user needs to login first.
#
# Note: We could store the successful OpenID
# authentication in the session and assign it after
# login. However probably more is gained if the
# list of trusted OpenID providers is extended.
h.flash(
_("The email address %s which was returned by the "
"OpenID provider already belongs to a different "
"user account. Please login with that account "
"or use the forgot password functionality, and "
"add the OpenID in your user profile settings "
"afterwards. Sorry for the inconvenience." %
email), 'warning')
redirect(h.base_url('/login'))
try:
forms.UniqueUsername(not_empty=True).to_python(user_name)
formencode.All(validators.PlainText(not_empty=True),
forms.UniqueUsername(),
forms.ContainsChar())
except:
session['openid_req'] = (info.identity_url, user_name,
email)
session.save()
redirect(h.base_url('/openid/username'))
user = self._create(user_name, email, info.identity_url)
h.flash(
_("Successfully created new user account %s" % user_name),
'success')
self._login(user, register=True)