Exemplo n.º 1
0
 def openid_url(self):
     """Return service provider URL.
     This base class is generic accepting a POST parameter that specifies
     provider URL."""
     if OPENID_ID_FIELD not in self.data:
         raise AuthMissingParameter(self, OPENID_ID_FIELD)
     return self.data[OPENID_ID_FIELD]
Exemplo n.º 2
0
    def auth_complete(self, *args, **kwargs):
        """Completes loging process, must return user instance"""
        if not 'assertion' in self.data:
            raise AuthMissingParameter(self, 'assertion')

        data = urlencode({
            'assertion': self.data['assertion'],
            'audience': self.request.get_host()
        })

        try:
            response = simplejson.load(
                dsa_urlopen(BROWSER_ID_SERVER, data=data))
        except ValueError:
            log('error',
                'Could not load user data from BrowserID.',
                exc_info=True)
        else:
            if response.get('status') == 'failure':
                log('debug', 'Authentication failed.')
                raise AuthFailed(self)

            kwargs.update({
                'auth': self,
                'response': response,
                self.AUTH_BACKEND.name: True
            })
            return authenticate(*args, **kwargs)
Exemplo n.º 3
0
 def validate_state(self):
     """Validate state value. Raises exception on error, returns state
     value if valid."""
     if not self.STATE_PARAMETER and not self.REDIRECT_STATE:
         return None
     state = self.request.session.get(self.AUTH_BACKEND.name + "_state")
     if state:
         request_state = self.data.get("state") or self.data.get("redirect_state")
         if not request_state:
             raise AuthMissingParameter(self, "state")
         elif not state:
             raise AuthStateMissing(self, "state")
         elif not constant_time_compare(request_state, state):
             raise AuthStateForbidden(self)
     return state
Exemplo n.º 4
0
 def openid_url(self):
     """Returns LiveJournal authentication URL"""
     if not self.data.get(LIVEJOURNAL_USER_FIELD):
         raise AuthMissingParameter(self, LIVEJOURNAL_USER_FIELD)
     return LIVEJOURNAL_URL % self.data[LIVEJOURNAL_USER_FIELD]