# The namespace for this extension
cla_uri = 'http://fedoraproject.org/specs/open_id/cla'
# Some predefined CLA uris
CLA_URI_FEDORA_CLICK = 'http://admin.fedoraproject.org/accounts/cla/click'
CLA_URI_FEDORA_DELL = 'http://admin.fedoraproject.org/accounts/cla/dell'
CLA_URI_FEDORA_DONE = 'http://admin.fedoraproject.org/accounts/cla/done'
CLA_URI_FEDORA_FEDORA = 'http://admin.fedoraproject.org/accounts/cla/fedora'
CLA_URI_FEDORA_FPCA = 'http://admin.fedoraproject.org/accounts/cla/fpca'
CLA_URI_FEDORA_IBM = 'http://admin.fedoraproject.org/accounts/cla/ibm'
CLA_URI_FEDORA_INTEL = 'http://admin.fedoraproject.org/accounts/cla/intel'
CLA_URI_FEDORA_REDHAT = 'http://admin.fedoraproject.org/accounts/cla/redhat'
try:
registerNamespaceAlias(cla_uri, 'cla')
except NamespaceAliasRegistrationError, e:
logging.exception('registerNamespaceAlias(%r, %r) failed: %s' % (cla_uri,
'cla', str(e),))
def supportsCLA(endpoint):
return endpoint.usesExtension(cla_uri)
class CLARequest(Extension):
ns_uri = 'http://fedoraproject.org/specs/open_id/cla'
ns_alias = 'cla'
def __init__(self, requested=None):
Extension.__init__(self)
self.requested = []
__all__ = [
'MacaroonRequest',
'MacaroonResponse',
]
from openid import oidutil
from openid.extension import Extension
from openid.message import (
NamespaceAliasRegistrationError,
registerNamespaceAlias,
)
MACAROON_NS = 'http://ns.login.ubuntu.com/2016/openid-macaroon'
try:
registerNamespaceAlias(MACAROON_NS, 'macaroon')
except NamespaceAliasRegistrationError as e:
oidutil.log('registerNamespaceAlias(%r, %r) failed: %s' %
(MACAROON_NS, 'macaroon', e))
def get_macaroon_ns(message):
"""Extract the macaroon namespace URI from the given OpenID message.
@param message: The OpenID message from which to parse the macaroon.
This may be a request or response message.
@type message: C{L{openid.message.Message}}
@returns: the macaroon namespace URI for the supplied message. The
message may be modified to define a macaroon namespace.
@rtype: C{str}
# URI used in the wild for Yadis documents advertising simple
# registration support
ns_uri_1_0 = 'http://openid.net/sreg/1.0'
# URI in the draft specification for simple registration 1.1
# <http://openid.net/specs/openid-simple-registration-extension-1_1-01.html>
ns_uri_1_1 = 'http://openid.net/extensions/sreg/1.1'
# This attribute will always hold the preferred URI to use when adding
# sreg support to an XRDS file or in an OpenID namespace declaration.
ns_uri = ns_uri_1_1
try:
registerNamespaceAlias(ns_uri_1_1, 'sreg')
except NamespaceAliasRegistrationError as e:
_LOGGER.exception('registerNamespaceAlias(%r, %r) failed: %s', ns_uri_1_1, 'sreg', e)
def supportsSReg(endpoint):
"""Does the given endpoint advertise support for simple
registration?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
@returns: Whether an sreg type was advertised by the endpoint
@rtype: bool
"""
return (endpoint.usesExtension(ns_uri_1_1) or endpoint.usesExtension(ns_uri_1_0))
# URI used in the wild for Yadis documents advertising simple
# registration support
ns_uri_1_0 = "http://openid.net/sreg/1.0"
# URI in the draft specification for simple registration 1.1
# <http://openid.net/specs/openid-simple-registration-extension-1_1-01.html>
ns_uri_1_1 = "http://openid.net/extensions/sreg/1.1"
# This attribute will always hold the preferred URI to use when adding
# sreg support to an XRDS file or in an OpenID namespace declaration.
ns_uri = ns_uri_1_1
try:
registerNamespaceAlias(ns_uri_1_1, "sreg")
except NamespaceAliasRegistrationError as e:
logger.exception("registerNamespaceAlias(%r, %r) failed: %s" % (
ns_uri_1_1,
"sreg",
str(e),
))
def supportsSReg(endpoint):
"""Does the given endpoint advertise support for simple
registration?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
# The namespace for this extension
cla_uri = 'http://fedoraproject.org/specs/open_id/cla'
# Some predefined CLA uris
CLA_URI_FEDORA_CLICK = 'http://admin.fedoraproject.org/accounts/cla/click'
CLA_URI_FEDORA_DELL = 'http://admin.fedoraproject.org/accounts/cla/dell'
CLA_URI_FEDORA_DONE = 'http://admin.fedoraproject.org/accounts/cla/done'
CLA_URI_FEDORA_FEDORA = 'http://admin.fedoraproject.org/accounts/cla/fedora'
CLA_URI_FEDORA_FPCA = 'http://admin.fedoraproject.org/accounts/cla/fpca'
CLA_URI_FEDORA_IBM = 'http://admin.fedoraproject.org/accounts/cla/ibm'
CLA_URI_FEDORA_INTEL = 'http://admin.fedoraproject.org/accounts/cla/intel'
CLA_URI_FEDORA_REDHAT = 'http://admin.fedoraproject.org/accounts/cla/redhat'
try:
registerNamespaceAlias(cla_uri, 'cla')
except NamespaceAliasRegistrationError as e:
logging.exception('registerNamespaceAlias(%r, %r) failed: %s' % (
cla_uri, 'cla', str(e),))
def supportsCLA(endpoint):
return endpoint.usesExtension(cla_uri)
class CLARequest(Extension):
ns_uri = 'http://fedoraproject.org/specs/open_id/cla'
ns_alias = 'cla'
def __init__(self, requested=None):
Extension.__init__(self)
# URI used in the wild for Yadis documents advertising simple
# registration support
ns_uri_1_0 = 'http://openid.net/sreg/1.0'
# URI in the draft specification for simple registration 1.1
# <http://openid.net/specs/openid-simple-registration-extension-1_1-01.html>
ns_uri_1_1 = 'http://openid.net/extensions/sreg/1.1'
# This attribute will always hold the preferred URI to use when adding
# sreg support to an XRDS file or in an OpenID namespace declaration.
ns_uri = ns_uri_1_1
try:
registerNamespaceAlias(ns_uri_1_1, 'sreg')
except NamespaceAliasRegistrationError, e:
logging.exception('registerNamespaceAlias(%r, %r) failed: %s' % (
ns_uri_1_1,
'sreg',
str(e),
))
def supportsSReg(endpoint):
"""Does the given endpoint advertise support for simple
registration?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
from base64 import urlsafe_b64encode
from os import urandom
import time
import hmac
import hashlib
from binascii import hexlify
from openid.message import registerNamespaceAlias, \
NamespaceAliasRegistrationError
from openid.extension import Extension
from openid import oidutil
ns_uri_ui_extension = 'http://pbs.org/openid/extensions/ui/1.0'
OPENID_UI_TYPE = 'http://pbs.org/openid/extensions/ui/1.0'
registerNamespaceAlias(ns_uri_ui_extension, 'ui')
ns_uri_signed = 'http://pbs.org/openid/extensions/signature_verification/1.0'
registerNamespaceAlias(ns_uri_signed, 'signature_verification')
"""
Custom extensions are defined here.
They are required by login.pbs.org for enhanced security and user experience.
"""
def make_token(length=32):
return urlsafe_b64encode(urandom(length)).strip("=")
class UIExtension(Extension):
ns_uri = ns_uri_ui_extension
from openid.message import (registerNamespaceAlias,
NamespaceAliasRegistrationError)
from openid.extension import Extension
from openid import oidutil
try:
basestring
except NameError:
# For Python 2.2
basestring = (str, unicode)
ns_uri = "http://specs.openid.net/extensions/oauth/1.0"
#
try:
registerNamespaceAlias(ns_uri, 'oauth')
except NamespaceAliasRegistrationError, e:
oidutil.log('registerNamespaceAlias(%r, %r) failed: %s' % (ns_uri,
'oauth', str(e),))
class OAuthRequest(Extension):
ns_alias = 'oauth'
def __init__(self, consumer=None, scope=None, oauth_ns_uri=ns_uri):
Extension.__init__(self)
self.consumer = consumer
self.scope = scope
self.ns_uri = oauth_ns_uri
def fromOpenIDRequest(cls, request):
except NameError:
# For Python 2.2
basestring = (str, unicode) #pylint:disable-msg=W0622
__all__ = [
'TeamsRequest',
'TeamsResponse',
'teams_uri',
'supportsTeams',
]
# The namespace for this extension
teams_uri = 'http://ns.launchpad.net/2007/openid-teams'
try:
registerNamespaceAlias(teams_uri, 'lp')
except NamespaceAliasRegistrationError, e:
logging.exception('registerNamespaceAlias(%r, %r) failed: %s' % (
teams_uri,
'teams',
str(e),
))
def supportsTeams(endpoint):
"""Does the given endpoint advertise support for team extension?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
@returns: Whether an teams extension type was advertised by the endpoint
basestring #pylint:disable-msg=W0104
except NameError:
# For Python 2.2
basestring = (str, unicode) #pylint:disable-msg=W0622
__all__ = [
'TeamsRequest',
'TeamsResponse',
'ns_uri',
'supportsTeams',
]
ns_uri = 'http://ns.launchpad.net/2007/openid-teams'
try:
registerNamespaceAlias(ns_uri, 'lp')
except NamespaceAliasRegistrationError, e:
oidutil.log('registerNamespaceAlias(%r, %r) failed: %s' % (ns_uri,
'lp', str(e),))
def supportsTeams(endpoint):
"""Does the given endpoint advertise support for Launchpad Teams?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
@returns: Whether an lp type was advertised by the endpoint
@rtype: bool
"""
return endpoint.usesExtension(ns_uri)
__all__ = [
'ns_uri',
'ns_uri_1_0',
'supported',
'Request',
'Response',
]
UI_MODE_CHECK_SESSION = 'x-has-session'
ns_uri_1_0 = 'http://specs.openid.net/extensions/ui/1.0'
ns_uri = ns_uri_1_0
try:
registerNamespaceAlias(ns_uri_1_0, 'ui')
except NamespaceAliasRegistrationError, e:
oidutil.log('registerNamespaceAlias(%r, %r) failed: %s' % (ns_uri_1_0,
'ui', str(e),))
def supported(endpoint):
return endpoint.usesExtension(ns_uri_1_0)
class Request(Extension):
ns_alias = 'ui'
def __init__(self, langs=None, ui_mode=None, check_session=None, icon=None,
ui_ns_uri=ns_uri):
"""Initialize an empty UI hinting request"""
Extension.__init__(self)
# For Python 2.2
basestring = (str, unicode) # pylint:disable-msg=W0622
__all__ = [
'TeamsRequest',
'TeamsResponse',
'teams_uri',
'supportsTeams',
]
# The namespace for this extension
teams_uri = 'http://ns.launchpad.net/2007/openid-teams'
try:
registerNamespaceAlias(teams_uri, 'lp')
except NamespaceAliasRegistrationError, e:
logging.exception('registerNamespaceAlias(%r, %r) failed: %s' % (
teams_uri, 'teams', str(e),))
def supportsTeams(endpoint):
"""Does the given endpoint advertise support for team extension?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
@returns: Whether an teams extension type was advertised by the endpoint
@rtype: bool
"""
return endpoint.usesExtension(teams_uri)
basestring #pylint:disable-msg=W0104
except NameError:
# For Python 2.2
basestring = (str, unicode) #pylint:disable-msg=W0622
__all__ = [
'TeamsRequest',
'TeamsResponse',
'ns_uri',
'supportsTeams',
]
ns_uri = 'http://ns.launchpad.net/2007/openid-teams'
try:
registerNamespaceAlias(ns_uri, 'lp')
except NamespaceAliasRegistrationError, e:
oidutil.log('registerNamespaceAlias(%r, %r) failed: %s' % (
ns_uri,
'lp',
str(e),
))
#==============================================================================
def supportsTeams(endpoint):
"""Does the given endpoint advertise support for Launchpad Teams?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
OpenIDRPConfig,
OpenIDRPSummary,
twofactor,
get_team_memberships_for_user,
)
from identityprovider.models.authtoken import create_token
from identityprovider.models.twofactor import is_twofactor_enabled
from identityprovider.teams import TeamsRequest
from identityprovider.views import utils
SITE_REQUIRES_VERIFIED = _(
'The site {rp_name} requires that you verify your email address before '
'accessing its contents.')
accept_xrds = decorator_from_middleware(XRDSMiddleware)
registerNamespaceAlias(LAUNCHPAD_TEAMS_NS, 'lp')
logger = logging.getLogger('sso')
# moved from views.i18n to be able to split django apps and
# avoid circular deps
def set_language_info(request, response, lang):
if lang not in settings.SUPPORTED_LANGUAGES:
lang = 'en'
if hasattr(request, 'session'):
request.session['django_language'] = lang
else:
response.set_cookie(settings.LANGUAGE_COOKIE_NAME, lang)
@csrf_exempt
from openid.message import registerNamespaceAlias, NamespaceAliasRegistrationError
from openid.extension import Extension
from openid import oidutil
try:
basestring # pylint:disable-msg=W0104
except NameError:
# For Python 2.2
basestring = (str, unicode) # pylint:disable-msg=W0622
__all__ = ["TeamsRequest", "TeamsResponse", "ns_uri", "supportsTeams"]
ns_uri = "http://ns.launchpad.net/2007/openid-teams"
try:
registerNamespaceAlias(ns_uri, "lp")
except NamespaceAliasRegistrationError, e:
oidutil.log("registerNamespaceAlias(%r, %r) failed: %s" % (ns_uri, "lp", str(e)))
def supportsTeams(endpoint):
"""Does the given endpoint advertise support for Launchpad Teams?
@param endpoint: The endpoint object as returned by OpenID discovery
@type endpoint: openid.consumer.discover.OpenIDEndpoint
@returns: Whether an lp type was advertised by the endpoint
@rtype: bool
"""
return endpoint.usesExtension(ns_uri)
