示例#1
0
文件: protocol.py 项目: iffy/txOpenID
	def __init__(self, requestData, assoc_type='HMAC-SHA1', handle=None):
		"""
		Create a new association with the provided requestData.
		"""
		if(handle):
			self.handle = handle
		else:
			self.handle = base64.b64encode(util.handle())
		
		self.assoc_type = assoc_type
		self.secret = util.secret(self.handle, assoc_type)
		self.created = time.time()
		self.expires_in = '86400'
		
		if(DH_SHA1_ENABLED and requestData.get('openid.session_type') == 'DH-SHA1'):
			self.dh_modulus = util.mklong(base64.b64decode(requestData['openid.dh_modulus']))
			self.dh_gen = util.mklong(base64.b64decode(requestData['openid.dh_gen']))
			self.dh_consumer_public = util.mklong(base64.b64decode(requestData['openid.dh_consumer_public']))
			self.dh_server_private = util.mkkey()
			self.dh_server_public = base64.b64encode(util.btwoc(pow(self.dh_gen, self.dh_server_private) % self.dh_modulus))
			self.dh_shared_secret = pow(self.dh_consumer_public, self.dh_server_private) % self.dh_modulus
			self.enc_mac_key = util.secret(util.btwoc(self.dh_shared_secret), 'HMAC-SHA1') ^ self.secret
		else:
			self.mac_key = base64.b64encode(self.secret)
示例#2
0
文件: protocol.py 项目: iffy/txOpenID
def get_login_response(registry, requestData):
	"""
	Convenience function to return a valid login response for the provided request.

	@param registry: the current OpenID registry
	@type registry: L{OpenIDRegistry}
	
	@param requestData: the current request data
	@type requestData: L{OpenIDRequest}
	
	@return: a response URL
	@rtype: str
	"""
	log.msg('[get_login_response] request: %r' % requestData)
	
	association = registry.initiate(requestData, 'openid.assoc_handle' in requestData)
	log.msg('[get_login_response] association: %r' % association)
	
	log.msg('[get_login_response] Using handle: %r' % association.handle)
	token_key = util.secret(association.handle)
	log.msg('[get_login_response] Found key: %r' % token_key)
	token_contents = util.kvstr(
		mode		= 'id_res',
		identity	= requestData['openid.identity'],
		return_to	= requestData['openid.return_to'],
	)
	
	return_dict = {
		'openid.mode'			: 'id_res',
		'openid.identity'		: requestData['openid.identity'],
		'openid.assoc_handle'	: association.handle,
		'openid.return_to'		: requestData['openid.return_to'],
		'openid.signed'			: 'identity,mode,return_to',
		'openid.sig'			: base64.b64encode(util.get_hmac(token_key, token_contents))
	}
	
	if(association.handle != requestData.get('openid.assoc_handle', association.handle)):
		log.msg("[get_login_response] Retrieved association handle doesn't match request: %r" % requestData['openid.assoc_handle'])
		return_dict['openid.invalidate_handle'] = requestData['openid.assoc_handle']
	
	return util.appendQuery(requestData['openid.return_to'], return_dict)
示例#3
0
	def test_secret_sha1(self):
		value = 'some string'
		expected = '\x8bE\xe4\xbd\x1cj\xcb\x88\xbe\xbfd\x07\xd1b\x05\xf5g\xe6*>'
		got = util.secret(value)
		self.failUnlessEqual(got, expected, "Got %r when expecting %r" % (got, expected))