def _openid_handler(pylons_obj, auth_type, auth_id): "Process login form to begin authentication process" url = pylons_obj.url session = pylons_obj.session response = pylons_obj.response oid_store = make_oid_store() login_type = auth_type openid_url = auth_id if login_type == 'google': openid_url = 'https://www.google.com/accounts/o8/id' elif login_type == 'aol': openid_url = 'http://openid.aol.com/' elif login_type == 'yahoo': openid_url = 'yahoo.com' oid_consumer = consumer.Consumer(session, oid_store) trust_root = url("main", qualified=True) return_to = url('verify', qualified=True) try: req = oid_consumer.begin(openid_url) except consumer.DiscoveryFailure: helpers.flash(u"Error in discovery",'error') session.save() redirect(url(on_failure)) else: if req is None: helpers.flash(u"No OpenID services found for %s" % openid_url,'error') session.save() redirect(url(on_failure)) else: sreg_request = sreg.SRegRequest(required=['nickname'], optional=['fullname', 'email']) req.addExtension(sreg_request) pape_request = pape.Request([pape.AUTH_PHISHING_RESISTANT]) req.addExtension(pape_request) if req.shouldSendRedirect(): redirect_url = req.redirectURL(trust_root, return_to) response.status_int = 302 response.headers['location'] = redirect_url return "" else: return req.htmlMarkup(realm=trust_root,return_to=return_to)
def _openid_handler(pylons_obj): from columns.model import User, meta session = pylons_obj.session url = pylons_obj.url g = pylons_obj.app_globals request = pylons_obj.request oid_store = make_oid_store() oid_consumer = consumer.Consumer(session, oid_store) info = oid_consumer.complete(request.params, url('verify', qualified=True)) sreg_resp = None pape_resp = None display_identifier = info.getDisplayIdentifier() if info.status == consumer.FAILURE and display_identifier: helpers.flash(u"Verification of %(display_identifier)s failed: %(message)s" % {'display_identifier':display_identifier,'message':info.message},'error') elif info.status == consumer.SUCCESS: sreg_resp = sreg.SRegResponse.fromSuccessResponse(info) #pape_resp = pape.Response.fromSuccessResponse(info) if info.endpoint.canonicalID: session['auth_oid'] = info.endpoint.canonicalID else: session['auth_oid'] = display_identifier try: return meta.Session.query(User).filter(User.open_id==unicode(session['auth_oid'])).one() except: return None elif info.status == consumer.CANCEL: helpers.flash(u'Verification cancelled','error') elif info.status == consumer.SETUP_NEEDED: setup_url = info.setup_url if setup_url: helpers.flash(u'<a href=%s>Setup needed</a>' % helpers.literal(setup_url),'error') else: helpers.flash(u'Setup needed','error') else: helpers.flash(u'Verification failed.') redirect(url("login"))