Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'master' into google

  • Loading branch information...
commit 03773fb96dff352bbda12538726dc5c46fe0316c 2 parents 789cc11 + 12efd78
@adieu authored
Showing with 78 additions and 26,335 deletions.
  1. +1 −2  NEWS
  2. +1 −1  NOTICE
  3. +1 −2  README
  4. 0  admin/builddiscover.py
  5. 0  admin/fixperms
  6. 0  admin/makechangelog
  7. 0  admin/pythonsource
  8. 0  admin/runtests
  9. 0  admin/setversion
  10. 0  admin/tagrelease
  11. +47 −0 contrib/associate
  12. +0 −40 darcs-ignore
  13. +1 −1  examples/README
  14. +2 −3 examples/consumer.py
  15. +1 −1  examples/djopenid/README
  16. +1 −2  examples/server.py
  17. +2 −2 openid/__init__.py
  18. +2 −2 openid/association.py
  19. +4 −5 openid/consumer/consumer.py
  20. +10 −0 openid/cryptutil.py
  21. +5 −1 openid/fetchers.py
  22. +0 −132 openid/oidUtil.py
  23. +0 −3  openid/yadis/__init__.py
  24. +0 −43 python-openid.tailor
  25. +0 −41 python/CHANGES-2.2.0
  26. +0 −202 python/LICENSE
  27. +0 −7 python/MANIFEST.in
  28. +0 −226 python/NEWS
  29. +0 −4 python/NOTICE
  30. +0 −69 python/README
  31. +0 −67 python/admin/builddiscover.py
  32. +0 −10 python/admin/fixperms
  33. +0 −47 python/admin/gettlds.py
  34. +0 −2  python/admin/makechangelog
  35. +0 −7 python/admin/makedoc
  36. +0 −2  python/admin/pythonsource
  37. +0 −204 python/admin/runtests
  38. +0 −7 python/admin/setversion
  39. +0 −13 python/admin/tagrelease
  40. +0 −96 python/background-associations.txt
  41. +0 −151 python/contrib/openid-parse
  42. +0 −170 python/contrib/upgrade-store-1.1-to-2.0
  43. +0 −40 python/darcs-ignore
  44. +0 −91 python/examples/README
  45. 0  python/examples/__init__.py
  46. +0 −508 python/examples/consumer.py
  47. +0 −46 python/examples/discover
  48. +0 −67 python/examples/djopenid/README
  49. 0  python/examples/djopenid/__init__.py
  50. 0  python/examples/djopenid/consumer/__init__.py
  51. +0 −3  python/examples/djopenid/consumer/models.py
  52. +0 −9 python/examples/djopenid/consumer/urls.py
  53. +0 −220 python/examples/djopenid/consumer/views.py
  54. +0 −11 python/examples/djopenid/manage.py
  55. 0  python/examples/djopenid/server/__init__.py
  56. +0 −3  python/examples/djopenid/server/models.py
  57. +0 −103 python/examples/djopenid/server/tests.py
  58. +0 −12 python/examples/djopenid/server/urls.py
  59. +0 −279 python/examples/djopenid/server/views.py
  60. +0 −84 python/examples/djopenid/settings.py
  61. +0 −127 python/examples/djopenid/templates/consumer/index.html
  62. +0 −5 python/examples/djopenid/templates/consumer/request_form.html
  63. +0 −28 python/examples/djopenid/templates/index.html
  64. +0 −15 python/examples/djopenid/templates/server/endpoint.html
  65. +0 −14 python/examples/djopenid/templates/server/idPage.html
  66. +0 −51 python/examples/djopenid/templates/server/index.html
  67. +0 −21 python/examples/djopenid/templates/server/pape_request_info.html
  68. +0 −51 python/examples/djopenid/templates/server/trust.html
  69. +0 −17 python/examples/djopenid/templates/xrds.xml
  70. +0 −8 python/examples/djopenid/urls.py
  71. +0 −147 python/examples/djopenid/util.py
  72. +0 −14 python/examples/djopenid/views.py
  73. +0 −722 python/examples/server.py
  74. +0 −55 python/openid/__init__.py
  75. +0 −555 python/openid/association.py
  76. +0 −6 python/openid/consumer/__init__.py
  77. +0 −1,901 python/openid/consumer/consumer.py
  78. +0 −470 python/openid/consumer/discover.py
  79. +0 −249 python/openid/consumer/html_parse.py
  80. +0 −220 python/openid/cryptutil.py
  81. +0 −42 python/openid/dh.py
  82. +0 −46 python/openid/extension.py
  83. +0 −5 python/openid/extensions/__init__.py
  84. +0 −774 python/openid/extensions/ax.py
  85. 0  python/openid/extensions/draft/__init__.py
  86. +0 −277 python/openid/extensions/draft/pape2.py
  87. +0 −473 python/openid/extensions/draft/pape5.py
  88. +0 −518 python/openid/extensions/sreg.py
  89. +0 −423 python/openid/fetchers.py
  90. +0 −123 python/openid/kvform.py
  91. +0 −631 python/openid/message.py
  92. +0 −190 python/openid/oidutil.py
  93. +0 −6 python/openid/server/__init__.py
  94. +0 −1,849 python/openid/server/server.py
  95. +0 −454 python/openid/server/trustroot.py
  96. +0 −7 python/openid/sreg.py
  97. +0 −8 python/openid/store/__init__.py
  98. +0 −426 python/openid/store/filestore.py
  99. +0 −197 python/openid/store/interface.py
  100. +0 −125 python/openid/store/memstore.py
  101. +0 −98 python/openid/store/nonce.py
  102. +0 −516 python/openid/store/sqlstore.py
  103. 0  python/openid/test/__init__.py
  104. +0 −108 python/openid/test/cryptutil.py
  105. +0 −118 python/openid/test/data/accept.txt
  106. +0 −14 python/openid/test/data/example-xrds.xml
  107. BIN  python/openid/test/data/openid-1.2-consumer-sqlitestore.db
  108. +0 −137 python/openid/test/data/test1-discover.txt
  109. +0 −152 python/openid/test/data/test1-parsehtml.txt
  110. +0 −11 python/openid/test/data/test_discover/openid.html
  111. +0 −11 python/openid/test/data/test_discover/openid2.html
  112. +0 −12 python/openid/test/data/test_discover/openid2_xrds.xml
  113. +0 −11 python/openid/test/data/test_discover/openid2_xrds_no_local_id.xml
  114. +0 −11 python/openid/test/data/test_discover/openid_1_and_2.html
  115. +0 −16 python/openid/test/data/test_discover/openid_1_and_2_xrds.xml
  116. +0 −17 python/openid/test/data/test_discover/openid_1_and_2_xrds_bad_delegate.xml
  117. +0 −12 python/openid/test/data/test_discover/openid_and_yadis.html
  118. +0 −10 python/openid/test/data/test_discover/openid_no_delegate.html
  119. +0 −12 python/openid/test/data/test_discover/yadis_0entries.xml
  120. +0 −15 python/openid/test/data/test_discover/yadis_2_bad_local_id.xml
  121. +0 −22 python/openid/test/data/test_discover/yadis_2entries_delegate.xml
  122. +0 −21 python/openid/test/data/test_discover/yadis_2entries_idp.xml
  123. +0 −14 python/openid/test/data/test_discover/yadis_another_delegate.xml
  124. +0 −12 python/openid/test/data/test_discover/yadis_idp.xml
  125. +0 −13 python/openid/test/data/test_discover/yadis_idp_delegate.xml
  126. +0 −11 python/openid/test/data/test_discover/yadis_no_delegate.xml
  127. +0 −12 python/openid/test/data/test_etxrd/README
  128. +0 −34 python/openid/test/data/test_etxrd/delegated-20060809-r1.xrds
  129. +0 −34 python/openid/test/data/test_etxrd/delegated-20060809-r2.xrds
  130. +0 −34 python/openid/test/data/test_etxrd/delegated-20060809.xrds
  131. +0 −7 python/openid/test/data/test_etxrd/no-xrd.xml
  132. +0 −2  python/openid/test/data/test_etxrd/not-xrds.xml
  133. +0 −34 python/openid/test/data/test_etxrd/prefixsometimes.xrds
  134. +0 −109 python/openid/test/data/test_etxrd/ref.xrds
  135. +0 −34 python/openid/test/data/test_etxrd/sometimesprefix.xrds
  136. +0 −25 python/openid/test/data/test_etxrd/spoof1.xrds
  137. +0 −25 python/openid/test/data/test_etxrd/spoof2.xrds
  138. +0 −37 python/openid/test/data/test_etxrd/spoof3.xrds
  139. +0 −9 python/openid/test/data/test_etxrd/status222.xrds
  140. +0 −58 python/openid/test/data/test_etxrd/subsegments.xrds
  141. +0 −39 python/openid/test/data/test_etxrd/valid-populated-xrds.xml
  142. +0 −150 python/openid/test/data/trustroot.txt
  143. +0 −47 python/openid/test/datadriven.py
  144. +0 −70 python/openid/test/dh.py
  145. +0 −29 python/openid/test/dhpriv
  146. +0 −125 python/openid/test/discoverdata.py
  147. +0 −174 python/openid/test/kvform.py
  148. +0 −109 python/openid/test/linkparse.py
  149. +0 −584 python/openid/test/linkparse.txt
  150. +0 −650 python/openid/test/n2b64
  151. +0 −176 python/openid/test/oidutil.py
  152. +0 −397 python/openid/test/storetest.py
  153. +0 −51 python/openid/test/support.py
  154. +0 −127 python/openid/test/test_accept.py
  155. +0 −183 python/openid/test/test_association.py
  156. +0 −340 python/openid/test/test_association_response.py
  157. +0 −206 python/openid/test/test_auth_request.py
  158. +0 −626 python/openid/test/test_ax.py
  159. +0 −2,097 python/openid/test/test_consumer.py
  160. +0 −783 python/openid/test/test_discover.py
  161. +0 −194 python/openid/test/test_etxrd.py
  162. +0 −185 python/openid/test/test_examples.py
  163. +0 −36 python/openid/test/test_extension.py
  164. +0 −285 python/openid/test/test_fetchers.py
  165. +0 −21 python/openid/test/test_htmldiscover.py
  166. +0 −998 python/openid/test/test_message.py
  167. +0 −271 python/openid/test/test_negotiation.py
  168. +0 −104 python/openid/test/test_nonce.py
  169. +0 −164 python/openid/test/test_openidyadis.py
  170. +0 −9 python/openid/test/test_pape.py
  171. +0 −217 python/openid/test/test_pape_draft2.py
  172. +0 −441 python/openid/test/test_pape_draft5.py
  173. +0 −82 python/openid/test/test_parsehtml.py
  174. +0 −246 python/openid/test/test_rpverify.py
Sorry, we could not display the entire diff because it was too big.
View
3  NEWS
@@ -133,8 +133,7 @@ Some advantages of Yadis support are:
* Easy interoperability for different identity services
-For more information about Yadis, see http://yadis.org/ or
-http://www.openidenabled.com/yadis/
+For more information about Yadis, see http://yadis.org/
Extension Support
-----------------
View
2  NOTICE
@@ -1,4 +1,4 @@
Python OpenID may be obtained from
-http://www.openidenabled.com/openid/libraries/python
+http://github.com/openid/python-openid
and we'd like to hear about how you're using this software.
Write to us at openid@janrain.com.
View
3  README
@@ -59,8 +59,7 @@ CONTACT
=======
Send bug reports, suggestions, comments, and questions to
-http://lists.openidenabled.com/mailman/listinfo/dev
-dev@lists.openidenabled.com.
+http://openid.net/developers/dev-mailing-lists/.
If you have a bugfix or feature you'd like to contribute, don't
hesitate to send it to us. For more detailed information on how to
View
0  admin/builddiscover.py 100644 → 100755
File mode changed
View
0  admin/fixperms 100644 → 100755
File mode changed
View
0  admin/makechangelog 100644 → 100755
File mode changed
View
0  admin/pythonsource 100644 → 100755
File mode changed
View
0  admin/runtests 100644 → 100755
File mode changed
View
0  admin/setversion 100644 → 100755
File mode changed
View
0  admin/tagrelease 100644 → 100755
File mode changed
View
47 contrib/associate
@@ -0,0 +1,47 @@
+#!/usr/bin/env python
+"""Make an OpenID Assocition request against an endpoint
+and print the results."""
+
+import sys
+
+from openid.store.memstore import MemoryStore
+from openid.consumer import consumer
+from openid.consumer.discover import OpenIDServiceEndpoint
+
+from datetime import datetime
+
+def verboseAssociation(assoc):
+ """A more verbose representation of an Association.
+ """
+ d = assoc.__dict__
+ issued_date = datetime.fromtimestamp(assoc.issued)
+ d['issued_iso'] = issued_date.isoformat()
+ fmt = """ Type: %(assoc_type)s
+ Handle: %(handle)s
+ Issued: %(issued)s [%(issued_iso)s]
+ Lifetime: %(lifetime)s
+ Secret: %(secret)r
+"""
+ return fmt % d
+
+def main():
+ if not sys.argv[1:]:
+ print "Usage: %s ENDPOINT_URL..." % (sys.argv[0],)
+ for endpoint_url in sys.argv[1:]:
+ print "Associating with", endpoint_url
+
+ # This makes it clear why j3h made AssociationManager when we
+ # did the ruby port. We can't invoke requestAssociation
+ # without these other trappings.
+ store = MemoryStore()
+ endpoint = OpenIDServiceEndpoint()
+ endpoint.server_url = endpoint_url
+ c = consumer.GenericConsumer(store)
+ auth_req = c.begin(endpoint)
+ if auth_req.assoc:
+ print verboseAssociation(auth_req.assoc)
+ else:
+ print " ...no association."
+
+if __name__ == '__main__':
+ main()
View
40 darcs-ignore
@@ -1,40 +0,0 @@
-# Boring file regexps:
-\.hi$
-\.o$
-\.o\.cmd$
-\.ko$
-\.ko\.cmd$
-\.mod\.c$
-(^|/)\.tmp_versions($|/)
-(^|/)CVS($|/)
-(^|/)RCS($|/)
-~$
-#(^|/)\.[^/]
-(^|/)_darcs($|/)
-\.bak$
-\.BAK$
-\.orig$
-(^|/)vssver\.scc$
-\.swp$
-(^|/)MT($|/)
-(^|/)\{arch\}($|/)
-(^|/).arch-ids($|/)
-(^|/),
-\.class$
-\.prof$
-(^|/)\.DS_Store$
-(^|/)BitKeeper($|/)
-(^|/)ChangeSet($|/)
-(^|/)\.svn($|/)
-\.py[co]$
-\#
-\.cvsignore$
-(^|/)Thumbs\.db$
-^doc/
-^MANIFEST$
-^CHANGELOG$
-^dist$
-(^|/)sstore$
-(^|/)cstore$
-^build$
-(^|/)_trial_temp($|/)
View
2  examples/README
@@ -88,4 +88,4 @@ Getting help
Please send bug reports, patches, and other feedback to
- dev@lists.openidenabled.com
+ http://openid.net/developers/dev-mailing-lists/
View
5 examples/consumer.py
@@ -30,8 +30,7 @@ def quoteattr(s):
PYTHONPATH environment variable).
For more information, see the README in the root of the library
-distribution or http://www.openidenabled.com/
-""")
+distribution.""")
sys.exit(1)
from openid.store import memstore
@@ -423,7 +422,7 @@ def pageHeader(self, title):
<h1>%s</h1>
<p>
This example consumer uses the <a href=
- "http://www.openidenabled.com/openid/libraries/python" >Python
+ "http://github.com/openid/python-openid" >Python
OpenID</a> library. It just verifies that the identifier that you enter
is your identifier.
</p>
View
2  examples/djopenid/README
@@ -64,4 +64,4 @@ CONTACT
Please send bug reports, patches, and other feedback to
- dev@lists.openidenabled.com
+ http://openid.net/developers/dev-mailing-lists/
View
3  examples/server.py
@@ -25,8 +25,7 @@ def quoteattr(s):
PYTHONPATH environment variable).
For more information, see the README in the root of the library
-distribution or http://www.openidenabled.com/
-""")
+distribution.""")
sys.exit(1)
from openid.extensions import sreg
View
4 openid/__init__.py
@@ -6,8 +6,8 @@
implementing an OpenID server, see the C{L{openid.server.server}}
module.
-@contact: U{dev@lists.openidenabled.com
- <http://lists.openidenabled.com/mailman/listinfo/dev>}
+@contact: U{http://openid.net/developers/dev-mailing-lists/
+ <http://openid.net/developers/dev-mailing-lists/}
@copyright: (C) 2005-2008 JanRain, Inc.
View
4 openid/association.py
@@ -527,12 +527,12 @@ def checkMessageSignature(self, message):
@raises ValueError: if the message has no signature or no signature
can be calculated for it.
- """
+ """
message_sig = message.getArg(OPENID_NS, 'sig')
if not message_sig:
raise ValueError("%s has no sig." % (message,))
calculated_sig = self.getMessageSignature(message)
- return calculated_sig == message_sig
+ return cryptutil.const_eq(calculated_sig, message_sig)
def _makePairs(self, message):
View
9 openid/consumer/consumer.py
@@ -133,7 +133,7 @@
Add an OpenID login field somewhere on your site. When an OpenID
is entered in that field and the form is submitted, it should make
- a request to the your site which includes that OpenID URL.
+ a request to your site which includes that OpenID URL.
First, the application should L{instantiate a Consumer<Consumer.__init__>}
with a session for per-user state and store for shared state.
@@ -165,14 +165,13 @@
the URL by the OpenID provider as the information necessary to
finish the request.
- Get an C{L{Consumer}} instance with the same session and store as
+ Get a C{L{Consumer}} instance with the same session and store as
before and call its C{L{complete<Consumer.complete>}} method,
passing in all the received query arguments.
There are multiple possible return types possible from that
- method. These indicate the whether or not the login was
- successful, and include any additional information appropriate for
- their type.
+ method. These indicate whether or not the login was successful,
+ and include any additional information appropriate for their type.
@var SUCCESS: constant used as the status for
L{SuccessResponse<openid.consumer.consumer.SuccessResponse>} objects.
View
10 openid/cryptutil.py
@@ -218,3 +218,13 @@ def randomString(length, chrs=None):
else:
n = len(chrs)
return ''.join([chrs[randrange(n)] for _ in xrange(length)])
+
+def const_eq(s1, s2):
+ if len(s1) != len(s2):
+ return False
+
+ result = True
+ for i in range(len(s1)):
+ result = result and (s1[i] == s2[i])
+
+ return result
View
6 openid/fetchers.py
@@ -249,7 +249,11 @@ def _parseHeaders(self, header_file):
header_file.seek(0)
# Remove the status line from the beginning of the input
- unused_http_status_line = header_file.readline()
+ unused_http_status_line = header_file.readline().lower ()
+ if unused_http_status_line.startswith('http/1.1 100 '):
+ unused_http_status_line = header_file.readline()
+ unused_http_status_line = header_file.readline()
+
lines = [line.strip() for line in header_file]
# and the blank line from the end
View
132 openid/oidUtil.py
@@ -1,132 +0,0 @@
-import binascii
-import sys
-import types
-
-from urllib import urlencode
-
-def log(message, level=0):
- sys.stderr.write(message)
- sys.stderr.write('\n')
-
-def appendArgs(url, args):
- if len(args) == 0:
- return url
-
- if '?' in url:
- sep = '&'
- else:
- sep = '?'
-
- return '%s%s%s' % (url, sep, urlencode(args))
-
-def toBase64(s):
- """Represent string s as base64, omitting newlines"""
- return binascii.b2a_base64(s)[:-1]
-
-def fromBase64(s):
- try:
- return binascii.a2b_base64(s)
- except binascii.Error:
- return ''
-
-def seqToKV(seq, strict=False):
- """Represent a sequence of pairs of strings as newline-terminated
- key:value pairs. The pairs are generated in the order given.
-
- @param seq: The pairs
- @type seq: [(str, str)]
-
- @return: A string representation of the sequence
- @rtype: str
- """
- def err(msg):
- formatted = 'seqToKV warning: %s: %r' % (msg, seq)
- if strict:
- raise ValueError(formatted)
- else:
- log(formatted)
-
- lines = []
- for k, v in seq:
- if not isinstance(k, types.StringType):
- err('Converting key to string: %r' % k)
- k = str(k)
-
- if '\n' in k:
- raise ValueError(
- 'Invalid input for seqToKV: key contains newline: %r' % (k,))
-
- if k.strip() != k:
- err('Key has whitespace at beginning or end: %r' % k)
-
- if not isinstance(v, types.StringType):
- err('Converting value to string: %r' % v)
- v = str(v)
-
- if '\n' in v:
- raise ValueError(
- 'Invalid input for seqToKV: value contains newline: %r' % (v,))
-
- if v.strip() != v:
- err('Value has whitespace at beginning or end: %r' % v)
-
- lines.append(k + ':' + v + '\n')
-
- return ''.join(lines)
-
-def kvToSeq(data, strict=False):
- """
-
- After one parse, seqToKV and kvToSeq are inverses, with no warnings:
- seq = kvToSeq(s)
-
- seqToKV(kvToSeq(seq)) == seq
- """
- def err(msg):
- formatted = 'kvToSeq warning: %s: %r' % (msg, data)
- if strict:
- raise ValueError(formatted)
- else:
- log(formatted)
-
- lines = data.split('\n')
- if lines[-1]:
- err('Does not end in a newline')
- else:
- del lines[-1]
-
- pairs = []
- line_num = 0
- for line in lines:
- line_num += 1
- pair = line.split(':', 1)
- if len(pair) == 2:
- k, v = pair
- k_s = k.strip()
- if k_s != k:
- fmt = ('In line %d, ignoring leading or trailing '
- 'whitespace in key %r')
- err(fmt % (line_num, k))
-
- if not k_s:
- err('In line %d, got empty key' % (line_num,))
-
- v_s = v.strip()
- if v_s != v:
- fmt = ('In line %d, ignoring leading or trailing '
- 'whitespace in value %r')
- err(fmt % (line_num, v))
-
- pairs.append((k_s, v_s))
- else:
- err('Line %d does not contain a colon' % line_num)
-
- return pairs
-
-def dictToKV(d):
- seq = d.items()
- seq.sort()
- return seqToKV(seq)
-
-def kvToDict(s):
- return dict(kvToSeq(s))
View
3  openid/yadis/__init__.py
@@ -1,7 +1,4 @@
-"""Yadis.
-@see: U{http://www.openidenabled.com/yadis}
-"""
__all__ = [
'constants',
View
43 python-openid.tailor
@@ -1,43 +0,0 @@
-[DEFAULT]
-verbose = True
-
-[project]
-target = git:target
-start-revision = INITIAL
-root-directory = /Users/lillialexis/Python_Tailor/python
-state-file = tailor.state
-source = darcs:source
-subdir = .
-
-[darcs:source]
-repository = ./python
-replace-badchars : {
- '\xc1': '&#193;',
- '\xc9': '&#201;',
- '\xcd': '&#205;',
- '\xd3': '&#211;',
- '\xd6': '&#214;',
- '\xd5': '&#336;',
- '\xda': '&#218;',
- '\xdc': '&#220;',
- '\xdb': '&#368;',
- '\xe1': '&#225;',
- '\xe9': '&#233;',
- '\xed': '&#237;',
- '\xf3': '&#243;',
- '\xf6': '&#246;',
- '\xf5': '&#337;',
- '\xfa': '&#250;',
- '\xfc': '&#252;',
- '\xfb': '&#369;',
- '\xf1': '&#241;',
- '\xdf': '&#223;',
- '\x1b': '&#046;',
- '\xe5': '&#229;'
- }
-
-
-
-[git:target]
-repository = ./python-openid
-
View
41 python/CHANGES-2.2.0
@@ -1,41 +0,0 @@
-
-* API changes
- * SQLStore implementations no longer create or use a 'settings'
- table
- * SRegResponse.fromSuccessResponse returns None when no signed
- arguments were found
- * Added functions to generate request/response HTML forms with
- auto-submission javascript
- * Consumer (relying party) API: AuthRequest.htmlMarkup
- * Server API: server.OpenIDResponse.toHTML
- * PAPE (Provider Authentication Policy Extension) module
- * Updated extension for specification draft 2
- * Request.fromSuccessResponse returns None if PAPE response
- arguments were not signed
-
-* New features
- * Demo server now supports OP-driven identifier selection
- * Demo consumer now has a "stateless" option
- * Fetchers now only read/request first megabyte of response
-
-* Bug fixes
- * NOT NULL constraints were added to SQLStore tables where
- appropriate
- * message.fromPostArgs: use query.items() instead of iteritems(),
- fixes #161 (Affects Django users)
- * check_authentication requests: copy entire response, not just
- signed fields. Fixes missing namespace in check_authentication
- requests
- * Consumer._verifyDiscoveryResults: fall back to OpenID 1.0 type if
- 1.1 endpoint cannot be found; fixes discovery verification bug for
- certain OpenID 1 identifiers
- * SQLStore._execSQL: convert unicode arguments to str to avoid
- postgresql api bug with unicode objects (Thanks to Marek Kuziel.)
- * MySQLStore: Use ENGINE instead of TYPE when creating tables
- * server.OpenIDResponse.toFormMarkup: Use return_to from the
- request, not the response fields (Not all responses (i.e. cancel,
- setup_needed) include a return_to field.)
- * server.AssociationRequest.answer: include session_type in
- no-encryption assoc responses
- * OpenIDServiceEndpoint.getDisplayIdentifier: Don't include the
- fragment in display identifiers.
View
202 python/LICENSE
@@ -1,202 +0,0 @@
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "[]"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright [yyyy] [name of copyright owner]
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
View
7 python/MANIFEST.in
@@ -1,7 +0,0 @@
-include LICENSE NOTICE CHANGELOG MANIFEST.in NEWS background-associations.txt
-graft admin
-graft contrib
-recursive-include examples README discover *.py *.html *.xml
-recursive-include openid/test *.txt dhpriv n2b64 *.py
-recursive-include openid/test/data *
-recursive-include doc *.css *.html
View
226 python/NEWS
@@ -1,226 +0,0 @@
-What's New in Python OpenID 2.1.0
-=================================
-
-This implementation of OpenID has been upgraded to support version 2.0
-of the OpenID Authentication specification.
-
-New in this version is:
-
- * Verification of relying party return_to addresses, to screen out RPs
- hiding behind open redirect relays. Server code can invoke this with
- the returnToVerified method on CheckIDRequest.
-
- * Helper module for the Provider Authentication Policy Extension (PAPE) in
- openid.extensions.pape.
-
- * Helper module for Attribute Exchange in openid.extensions.ax.
-
-Bugfixes:
-
- * Allow the use of lxml as an ElementTree implemenation.
-
- * Provide compatability with a wider range of versions for SQL stores.
-
-
-Upgrading from 2.0.1
---------------------
-
-The third argument to Consumer.complete() is required.
-
-The sreg module should be imported from openid.extensions.sreg instead of
-openid.sreg.
-
-The ax module should likewise be imported from openid.extensions.ax
-instead of openid.ax
-
-The openid.extensions.ax.FetchRequest.fromOpenIDRequest method now
-takes a CheckIDRequest object instead of a Message object
-
-The OpenID response (the result of Consumer.complete()) now has a
-getDisplayIdentifier() method which should be called instead of
-accessing response.identity_url. The value of getDisplayIdentifier()
-will be the XRI i-name if XRI is used. The value of
-response.identity_url SHOULD, however, be used as the application's
-database key for storing account information.
-
-What's New in Python OpenID 2.0
-===============================
-
-The big news here is compatibility with svn revision 313 of the OpenID 2.0
-draft specification.
-
-Highlights include:
-
- * Simple Registration support in a new module openid.sreg. (Those
- previously using SuccessResponse.extensionResponse are advised to
- look here.)
- * OpenID provider-driven identifier selection.
- * "Negotiators" allow you to define which association types to use.
- * Examples for Django.
-
-Dependencies
-------------
-
-Python 2.5 is now supported. Support for Python 2.2 discontinued.
-Seperate installation of yadis and urljr packages is no longer
-required; they have been included in this package.
-
-
-Upgrading from 1.1 or 1.2
--------------------------
-
-One of the additions to the OpenID protocol was a specified nonce
-format for one-way nonces. As a result, the nonce table in the store
-has changed. You'll need to run contrib/upgrade-store-1.1-to-2.0 to
-upgrade your store, or you'll encounter errors about the wrong number
-of columns in the oid_nonces table.
-
-If you've written your own custom store or code that interacts directly with it,
-you'll need to review the change notes in openid.store.interface.
-
-Consumers should now pass an additional parameter to Consumer.complete()
-to defend against return_to tampering.
-
-
-What's New in Python OpenID 1.1.2
-=================================
-
-i-name Support
---------------
-
-This version of the library allows the use of XRI as OpenID identifiers,
-allowing users to log in with their i-names. For full XRI compatibility,
-relying parties integrating this library should take note of the user's
-CanonicalID, as described in the "Identifying the End User" section of the
-OpenID 2.0 specification.
-
-Bug Fixes
----------
-
-A variety of bug fixes were included in this release, mostly relating to
-international issues such as dealing with other character sets, Unicode,
-incorrectly flagging certain Norwegian trust roots as suspect, and operation
-of the filesystem-backed store on exotic platforms.
-
-Dependencies
-------------
-
- * urljr 1.0.1
- * yadis 1.1.0
-
-
-What's New in Python OpenID 1.1.0
-=================================
-
-Version 1.1 of the Python OpenID library implements recent changes to
-the OpenID specification as well as making API changes that should
-make integration with applications easier.
-
-Yadis Support
--------------
-
-One of the major changes to OpenID since the last release has been the
-approval of Yadis discovery as the preferred way to specify the OpenID
-metadata for an identity URL instead of using <link> tags in
-HTML. This library does Yadis discovery, and if that fails, it falls
-back to old-style discovery.
-
-Some advantages of Yadis support are:
-
- * Support for fallback if your primary OpenID provider is not available
-
- * Support for load-balancing between OpenID servers
-
- * Easy interoperability for different identity services
-
-For more information about Yadis, see http://yadis.org/ or
-http://www.openidenabled.com/yadis/
-
-Extension Support
------------------
-
-OpenID also has formalized support for extensions. Extensions are a
-mechanism for transferring information from the consumer to the server
-and from the server to the consumer in the process of performing
-OpenID authentication. Extensions are implemented as additional
-namespaced query arguments that go along with standard OpenID requests
-and responses. This library provides a simple API for adding extension
-arguments to requests and extracting extension responses from replies.
-
-Dependencies
-------------
-
-These dependencies should be available from wherever you acquired the
-OpenID library.
-
- * urljr - The fetcher abstraction from the previous OpenID library
- has been extended and is also used for the Yadis library. Because
- the Yadis library is useful without the OpenID library, the HTTP
- fetching code has been rolled into its own package. Additionally,
- the library now has the concept of a default fetcher to make APIs
- simpler.
-
- * yadis - The Yadis library provides a general discovery layer that
- has been adopted by OpenID as well as other identity-related
- protocols. Most OpenID identity URLs will work without the Yadis
- library, but as time goes on, this library will be more and more
- important.
-
-Consumer API
-------------
-
-The consumer API has been changed for more natural use as well as to
-support extension arguments.
-
- * OpenIDConsumer(store, [fetcher], [immediate]) is now
- Consumer(session, store)
-
- - The session object is a dictionary-like object that should be
- tied to the requesting HTTP agent, for example, using a session
- ID cookie. It is used for Yadis fallback and holding the state
- of the OpenID transaction between the redirect to the server
- and the response. The values that are placed in the session are
- namespaced, so there should not be a conflict with other uses
- of the same session. The session namespace is an attribute of
- the Consumer object.
-
- - Because the consumer object now does session management, it is
- necessary to construct a new consumer object for every
- request. Creating consumer objects is light-weight.
-
- * OpenIDConsumer.beginAuth(user_url) is now Consumer.begin(user_url)
- and either returns an AuthRequest object or raises an
- exception. There is no more tuple unpacking or status codes.
-
- * OpenIDConsumer.constructRedirect(authreq, return_to, trust_root) is
- now AuthRequest.redirectURL(trust_root, return_to, [immediate]).
-
- * OpenIDConsumer.completeAuth(token, query) is now
- Consumer.complete(query). It no longer returns a tuple. Instead it
- returns an object that has a status code and additional information
- about the response. See the API documentation for more information.
-
-Server API
-----------
-
-The server API has been changed for greater extensibility. Instead
-of taking an "is_authorized" callback, processing happens in several
-stages, allowing you to insert extension data into the response
-before it is signed and returned. See the documentation for the
-openid.server.server module.
-
-Fetcher API
------------
-
- * fetcher was openid.consumer.fetchers.OpenIDHTTPFetcher, is now
- urljr.fetchers.HTTPFetcher. get() and post() have been replaced by
- fetch(), see urljr.fetchers for details.
-
-Upgrading from 1.0
-------------------
-
-The server changed the way it indexes associations in the store, so if
-you're upgrading a server installation, we recommend you clear the old
-records from your store when you do so. As a consequence, consumers
-will re-establish associations with your server a little sooner than
-they would have otherwise.
View
4 python/NOTICE
@@ -1,4 +0,0 @@
-Python OpenID may be obtained from
-http://www.openidenabled.com/openid/libraries/python
-and we'd like to hear about how you're using this software.
-Write to us at openid@janrain.com.
View
69 python/README
@@ -1,69 +0,0 @@
-This is the Python OpenID library.
-
-REQUIREMENTS
-============
-
- - Python 2.3, 2.4, or 2.5.
-
- - ElementTree. This is included in the Python 2.5 standard library,
- but users of earlier versions of Python may need to install it
- seperately.
-
- - pycrypto, if on Python 2.3 and without /dev/urandom, or on Python
- 2.3 or 2.4 and you want SHA256.
-
-
-INSTALLATION
-============
-
-To install the base library, just run the following command:
-
-python setup.py install
-
-To run setup.py you need the distutils module from the Python standard
-library; some distributions package this seperately in a "python-dev"
-package.
-
-
-GETTING STARTED
-===============
-
-The examples directory includes an example server and consumer
-implementation. See the README file in that directory for more
-information on running the examples.
-
-Library documentation is available in html form in the doc directory.
-
-
-LOGGING
-=======
-
-This library offers a logging hook that will record unexpected
-conditions that occur in library code. If a condition is recoverable,
-the library will recover and issue a log message. If it is not
-recoverable, the library will raise an exception. See the
-documentation for the openid.oidutil module for more on the logging
-hook.
-
-
-DOCUMENTATION
-=============
-
-The documentation in this library is in Epydoc format, which is
-detailed at:
-
- http://epydoc.sourceforge.net/
-
-
-CONTACT
-=======
-
-Send bug reports, suggestions, comments, and questions to
-http://lists.openidenabled.com/mailman/listinfo/dev
-dev@lists.openidenabled.com.
-
-If you have a bugfix or feature you'd like to contribute, don't
-hesitate to send it to us. For more detailed information on how to
-contribute, see
-
- http://openidenabled.com/contribute/
View
67 python/admin/builddiscover.py
@@ -1,67 +0,0 @@
-#!/usr/bin/env python
-import os.path
-import urlparse
-
-from openid.test import discoverdata
-
-manifest_header = """\
-# This file contains test cases for doing YADIS identity URL and
-# service discovery. For each case, there are three URLs. The first
-# URL is the user input. The second is the identity URL and the third
-# is the URL from which the XRDS document should be read.
-#
-# The file format is as follows:
-# User URL <tab> Identity URL <tab> XRDS URL <newline>
-#
-# blank lines and lines starting with # should be ignored.
-#
-# To use this test:
-#
-# 1. Run your discovery routine on the User URL.
-#
-# 2. Compare the identity URL returned by the discovery routine to the
-# identity URL on that line of the file. It must be an EXACT match.
-#
-# 3. Do a regular HTTP GET on the XRDS URL. Compare the content that
-# was returned by your discovery routine with the content returned
-# from that URL. It should also be an exact match.
-
-"""
-
-def buildDiscover(base_url, out_dir):
- """Convert all files in a directory to apache mod_asis files in
- another directory."""
- test_data = discoverdata.readTests(discoverdata.default_test_file)
-
- def writeTestFile(test_name):
- template = test_data[test_name]
-
- data = discoverdata.fillTemplate(
- test_name, template, base_url, discoverdata.example_xrds)
-
- out_file_name = os.path.join(out_dir, test_name)
- out_file = file(out_file_name, 'w')
- out_file.write(data)
-
- manifest = [manifest_header]
- for success, input_name, id_name, result_name in discoverdata.testlist:
- if not success:
- continue
- writeTestFile(input_name)
-
- input_url = urlparse.urljoin(base_url, input_name)
- id_url = urlparse.urljoin(base_url, id_name)
- result_url = urlparse.urljoin(base_url, result_name)
-
- manifest.append('\t'.join((input_url, id_url, result_url)))
- manifest.append('\n')
-
- manifest_file_name = os.path.join(out_dir, 'manifest.txt')
- manifest_file = file(manifest_file_name, 'w')
- for chunk in manifest:
- manifest_file.write(chunk)
- manifest_file.close()
-
-if __name__ == '__main__':
- import sys
- buildDiscover(*sys.argv[1:])
View
10 python/admin/fixperms
@@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-cat - <<EOF | xargs chmod +x
-admin/builddiscover.py
-admin/fixperms
-admin/makechangelog
-admin/pythonsource
-admin/runtests
-admin/setversion
-admin/tagrelease
-EOF
View
47 python/admin/gettlds.py
@@ -1,47 +0,0 @@
-"""
-Fetch the current TLD list from the IANA Web site, parse it, and print
-an expression suitable for direct insertion into each library's trust
-root validation module
-
-Usage:
- python gettlds.py (php|python|ruby)
-
-Then cut-n-paste.
-"""
-
-import urllib2
-
-import sys
-
-langs = {
- 'php': (r"'/\.(",
- "'", "|", "|' .",
- r")\.?$/'"),
- 'python': ("['",
- "'", "', '", "',",
- "']"),
- 'ruby': ("%w'",
- "", " ", "",
- "'"),
- }
-
-lang = sys.argv[1]
-prefix, line_prefix, separator, line_suffix, suffix = langs[lang]
-
-f = urllib2.urlopen('http://data.iana.org/TLD/tlds-alpha-by-domain.txt')
-tlds = []
-output_line = ""
-for input_line in f:
- if input_line.startswith('#'):
- continue
-
- tld = input_line.strip().lower()
- new_output_line = output_line + prefix + tld
- if len(new_output_line) > 60:
- print output_line + line_suffix
- output_line = line_prefix + tld
- else:
- output_line = new_output_line
- prefix = separator
-
-print output_line + suffix
View
2  python/admin/makechangelog
@@ -1,2 +0,0 @@
-#!/bin/bash
-darcs changes --from-tag '^release-' --summary > CHANGELOG
View
7 python/admin/makedoc
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-rm -rf doc/*
-epydoc --html --output doc/ --name "Python-OpenID" --top openid \
- --url "http://openidenabled.com/python-openid/" --inheritance listed \
- --no-private -v \
- $( find openid -name '*.py' -and -not -path 'openid/test*' )
View
2  python/admin/pythonsource
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-find ./openid/ \( \( -name _darcs -o -name .svn -o -name _trial_temp -o -name test -o -name admin -o -name examples \) -type d -prune -a -false \) -o \( ! -iname \*~ -a -type f \) -a \( ! -iname \*.pyc -a -type f \) -a -name \*.py
View
204 python/admin/runtests
@@ -1,204 +0,0 @@
-#!/usr/bin/env python
-import os.path, sys, warnings
-
-test_modules = [
- 'cryptutil',
- 'oidutil',
- 'dh',
- ]
-
-def fixpath():
- try:
- d = os.path.dirname(__file__)
- except NameError:
- d = os.path.dirname(sys.argv[0])
- parent = os.path.normpath(os.path.join(d, '..'))
- if parent not in sys.path:
- print "putting %s in sys.path" % (parent,)
- sys.path.insert(0, parent)
-
-def otherTests():
- failed = []
- for module_name in test_modules:
- print 'Testing %s...' % (module_name,) ,
- sys.stdout.flush()
- module_name = 'openid.test.' + module_name
- try:
- test_mod = __import__(module_name, {}, {}, [None])
- except ImportError:
- print 'Failed to import test %r' % (module_name,)
- failed.append(module_name)
- else:
- try:
- test_mod.test()
- except (SystemExit, KeyboardInterrupt):
- raise
- except:
- sys.excepthook(*sys.exc_info())
- failed.append(module_name)
- else:
- print 'Succeeded.'
-
-
- return failed
-
-def pyunitTests():
- import unittest
- pyunit_module_names = [
- 'server',
- 'consumer',
- 'message',
- 'symbol',
- 'etxrd',
- 'xri',
- 'xrires',
- 'association_response',
- 'auth_request',
- 'negotiation',
- 'verifydisco',
- 'sreg',
- 'ax',
- 'pape',
- 'pape_draft2',
- 'pape_draft5',
- 'rpverify',
- 'extension',
- ]
-
- pyunit_modules = [
- __import__('openid.test.test_%s' % (name,), {}, {}, ['unused'])
- for name in pyunit_module_names
- ]
-
- try:
- from openid.test import test_examples
- except ImportError, e:
- if 'twill' in str(e):
- warnings.warn("Could not import twill; skipping test_examples.")
- else:
- raise
- else:
- pyunit_modules.append(test_examples)
-
- # Some modules have data-driven tests, and they use custom methods
- # to build the test suite:
- custom_module_names = [
- 'kvform',
- 'linkparse',
- 'oidutil',
- 'storetest',
- 'test_accept',
- 'test_association',
- 'test_discover',
- 'test_fetchers',
- 'test_htmldiscover',
- 'test_nonce',
- 'test_openidyadis',
- 'test_parsehtml',
- 'test_urinorm',
- 'test_yadis_discover',
- 'trustroot',
- ]
-
- loader = unittest.TestLoader()
- s = unittest.TestSuite()
-
- for m in pyunit_modules:
- s.addTest(loader.loadTestsFromModule(m))
-
- for name in custom_module_names:
- m = __import__('openid.test.%s' % (name,), {}, {}, ['unused'])
- try:
- s.addTest(m.pyUnitTests())
- except AttributeError, ex:
- # because the AttributeError doesn't actually say which
- # object it was.
- print "Error loading tests from %s:" % (name,)
- raise
-
- runner = unittest.TextTestRunner() # verbosity=2)
-
- return runner.run(s)
-
-
-
-def splitDir(d, count):
- # in python2.4 and above, it's easier to spell this as
- # d.rsplit(os.sep, count)
- for i in xrange(count):
- d = os.path.dirname(d)
- return d
-
-
-
-def _import_djopenid():
- """Import djopenid from examples/
-
- It's not in sys.path, and I don't really want to put it in sys.path.
- """
- import types
- thisfile = os.path.abspath(sys.modules[__name__].__file__)
- topDir = splitDir(thisfile, 2)
- djdir = os.path.join(topDir, 'examples', 'djopenid')
-
- djinit = os.path.join(djdir, '__init__.py')
-
- djopenid = types.ModuleType('djopenid')
- execfile(djinit, djopenid.__dict__)
- djopenid.__file__ = djinit
-
- # __path__ is the magic that makes child modules of the djopenid package
- # importable. New feature in python 2.3, see PEP 302.
- djopenid.__path__ = [djdir]
- sys.modules['djopenid'] = djopenid
-
-
-
-def django_tests():
- """Runs tests from examples/djopenid.
-
- @returns: number of failed tests.
- """
- import os
- # Django uses this to find out where its settings are.
- os.environ['DJANGO_SETTINGS_MODULE'] = 'djopenid.settings'
-
- _import_djopenid()
-
- try:
- import django.test.simple
- except ImportError, e:
- warnings.warn("django.test.simple not found; "
- "django examples not tested.")
- return 0
- import djopenid.server.models, djopenid.consumer.models
- print "Testing Django examples:"
-
- # These tests do get put in to a pyunit test suite, so we could run them
- # with the other pyunit tests, but django also establishes a test database
- # for them, so we let it do that thing instead.
- return django.test.simple.run_tests([djopenid.server.models,
- djopenid.consumer.models])
-
-try:
- bool
-except NameError:
- def bool(x):
- return not not x
-
-def main():
- fixpath()
- other_failed = otherTests()
- pyunit_result = pyunitTests()
- django_failures = django_tests()
-
- if other_failed:
- print 'Failures:', ', '.join(other_failed)
-
- failed = (bool(other_failed) or
- bool(not pyunit_result.wasSuccessful()) or
- (django_failures > 0))
- return failed
-
-if __name__ == '__main__':
- sys.exit(main() and 1 or 0)
View
7 python/admin/setversion
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-cat <<EOF | \
- xargs sed -i 's/\[library version:[^]]*\]/[library version:'"$1"']/'
-setup.py
-openid/__init__.py
-EOF
View
13 python/admin/tagrelease
@@ -1,13 +0,0 @@
-#!/usr/bin/env bash
-VERSION="$1"
-VERSION_PATTERN='^[0-9]\+\.[0-9]\+\.[0-9]\+\(-[a-z0-9-]\+\)\?$'
-
-echo "$VERSION" | grep -e "$VERSION_PATTERN" 2>&1 >/dev/null || {
- echo "$VERSION"
- echo "Malformed version number. Expected X.X.X or X.X.X-name." 1>&2
- exit 1
-}
-
-cd $(dirname $(dirname $(readlink --canonicalize "$0")))
-./admin/setversion "$VERSION"
-darcs record -m 'Set version number to '"$VERSION" && darcs tag "release-$VERSION"
View
96 python/background-associations.txt
@@ -1,96 +0,0 @@
-Background association requests
-###############################
-
-This document describes how to make signing in with OpenID faster for
-users of your application by never making the users wait for an
-association to be made, but using associations when they're
-available. Most OpenID libraries and applications attempt to make
-associations during the discovery phase of the OpenID authentication
-request. Because association requests may have to do Diffie-Hellman
-key exchange, which is time consuming. Even if Diffie-Hellman key
-exchange is not used, the user still needs to wait for the association
-request.
-
-Setting up your application to make associations in the background
-==================================================================
-
-When making associations background, there are two components that
-need access to the OpenID association store: the consumer application
-and the background association fetcher. The consumer needs to be set
-up to record the server URL for any request for which an association
-does not exist or is expired instead of making a new association. The
-background fetcher looks at the server URL queue and makes
-associations for any server URLs that need them. After the
-associations are made, the consumer will use them until they expire
-again. While associations are expired or missing, the consumer will
-use stateless mode to complete authentications with the servers that
-need associations.
-
-The OpenID server endpoint URL queue
------------------------------------------------------------------
-
-You will have to set up a conduit between the consumer and the
-background association fetcher so that the background association
-fetcher knows what servers need associations. The background
-association fetcher will not fetch associations for servers that
-already have them, so the queue does not have to be very smart. It
-could be as simple as a file to which the server URLs are
-appended. Either way, the queue needs to be write-able by the consumer
-and readable by the background fetcher.
-
-Configuring the consumer
------------------------------------------------------------------
-
-Create a subclass of ``GenericConsumer`` that overrides
-``_negotiateAssociation`` so that it just records the server URL that
-needs an association::
-
- from openid.consumer.consumer import GenericConsumer, Consumer
-
- class LazyAssociationConsumer(GenericConsumer):
- needs_assoc_file = None
-
- def _negotiateAssociation(self, endpoint):
- # Do whatever you need to do here to send the server_url to
- # the queue. This example just appends it to a file.
- self.needs_assoc_file.write(endpoint.server_url + '\n')
- self.needs_assoc_file.flush()
-
-You could also store the whole endpoint object. When you instantiate
-the consumer, pass this generic consumer class to the controlling
-consumer::
-
- return Consumer(session, store, consumer_class=LazyAssociationConsumer)
-
-The background association fetcher
------------------------------------------------------------------
-
-The background association fetcher is just a script that should be
-added to ``cron`` or triggered periodically. If you are ambitious, you
-could make the background fetcher listen for inserts into the queue.
-
-The background fetcher needs to do something similar to the following::
-
- def refresh(consumer, endpoint):
- if consumer.store.getAssociation(endpoint.server_url):
- logging.info("We don't need to associate with %r", endpoint.server_url)
- return
-
- logging.info("Associating with %r", endpoint.server_url)
- now = time.time()
- assoc = consumer._negotiateAssociation(endpoint)
- if assoc:
- elapsed = time.time() - now
- logging.info('(%0.2f seconds) Associated with %r', elapsed,
- endpoint.server_url)
- consumer.store.storeAssociation(endpoint.server_url, assoc)
- else:
- logging.error('Failed to make an association with %r',
- endpoint.server_url)
-
-The code in this example logs the amount of time that the association
-request took. This is time that the user would have been waiting. The
-``consumer`` in this example is a standard consumer, not the
-``LazyAssociationConsumer`` that was defined in the section
-above. This is important, because the lazy consumer above will not
-actually make any associations.
View
151 python/contrib/openid-parse
@@ -1,151 +0,0 @@
-#!/usr/bin/env python
-"""Grab URLs from the clipboard, interpret the queries as OpenID, and print.
-
-In addition to URLs, I also scan for queries as they appear in httpd log files,
-with a pattern like 'GET /foo?bar=baz HTTP'.
-
-Requires the 'xsel' program to get the contents of the clipboard.
-"""
-
-from pprint import pformat
-from urlparse import urlsplit, urlunsplit
-import cgi, re, subprocess, sys
-
-from openid import message
-
-OPENID_SORT_ORDER = ['mode', 'identity', 'claimed_id']
-
-class NoQuery(Exception):
- def __init__(self, url):
- self.url = url
-
- def __str__(self):
- return "No query in url %s" % (self.url,)
-
-
-def getClipboard():
- xsel = subprocess.Popen(["xsel", "-o", "-b"], stdout=subprocess.PIPE)
- output = xsel.communicate()[0]
- return output
-
-
-def main():
- source = getClipboard()
- urls = find_urls(source)
-
- errors = []
- output = []
- queries = []
-
- queries.extend(queriesFromPostdata(source))
-
- for url in urls:
- try:
- queries.append(queryFromURL(url))
- except NoQuery, err:
- errors.append(err)
-
- queries.extend(queriesFromLogs(source))
-
- for where, query in queries:
- output.append('at %s:\n%s' % (where, openidFromQuery(query)))
-
- if output:
- print '\n\n'.join(output)
- elif errors:
- for err in errors:
- print err
-
-
-def queryFromURL(url):
- split_url = urlsplit(url)
- query = cgi.parse_qs(split_url[3])
-
- if not query:
- raise NoQuery(url)
-
- url_without_query = urlunsplit(split_url[:3] + (None, None))
-
- return (url_without_query, query)
-
-
-def openidFromQuery(query):
- try:
- msg = message.Message.fromPostArgs(unlistify(query))
- s = formatOpenIDMessage(msg)
- except Exception, err:
- # XXX - side effect.
- sys.stderr.write(str(err))
- s = pformat(query)
-
- return s
-
-
-def formatOpenIDMessage(msg):
- value_lists = {}
- for (ns_uri, ns_key), value in msg.args.items():
- l = value_lists.setdefault(ns_uri, {})
- l[ns_key] = value
-
- output = []
-
- for ns_uri, values in value_lists.items():
- ns_output = []
-
- alias = msg.namespaces.getAlias(ns_uri)
- if alias is message.NULL_NAMESPACE:
- alias = 'openid'
- ns_output.append(" %s <%s>" % (alias, ns_uri))
-
- for key in OPENID_SORT_ORDER:
- try:
- ns_output.append(" %s = %s" % (key, values.pop(key)))
- except KeyError:
- pass
-
- values = values.items()
- values.sort()
-
- for k, v in values:
- ns_output.append(" %s = %s" % (k, v))
-
- output.append('\n'.join(ns_output))
-
- return '\n\n'.join(output)
-
-
-def unlistify(d):
- return dict((i[0], i[1][0]) for i in d.items())
-
-
-def queriesFromLogs(s):
- qre = re.compile(r'GET (/.*)?\?(.+) HTTP')
-
- return [(match.group(1), cgi.parse_qs(match.group(2)))
- for match in qre.finditer(s)]
-
-def queriesFromPostdata(s):
- # This looks for query data in a line that starts POSTDATA=.
- # Tamperdata outputs such lines. If there's a 'Host=' in that block,
- # use that too, but don't require it.
- qre = re.compile(r'(?:^Host=(?P<host>.+?)$.*?)?^POSTDATA=(?P<query>.*)$',
- re.DOTALL | re.MULTILINE)
- return [(match.group('host') or 'POSTDATA',
- cgi.parse_qs(match.group('query'))) for match in qre.finditer(s)]
-
-def find_urls(s):
- # Regular expression borrowed from urlscan
- # by Daniel Burrows <dburrows@debian.org>, GPL.
- urlinternalpattern=r'[{}a-zA-Z/\-_0-9%?&.=:;+,#~]'
- urltrailingpattern=r'[{}a-zA-Z/\-_0-9%&=+#]'
- httpurlpattern = r'(?:https?://' + urlinternalpattern + r'*' + urltrailingpattern + r')'
- # Used to guess that blah.blah.blah.TLD is a URL.
- tlds=['biz', 'com', 'edu', 'info', 'org']
- guessedurlpattern=r'(?:[a-zA-Z0-9_\-%]+(?:\.[a-zA-Z0-9_\-%]+)*\.(?:' + '|'.join(tlds) + '))'
- urlre = re.compile(r'(?:<(?:URL:)?)?(' + httpurlpattern + '|' + guessedurlpattern + '|(?:mailto:[a-zA-Z0-9\-_]*@[0-9a-zA-Z_\-.]*[0-9a-zA-Z_\-]))>?')
-
- return [match.group(1) for match in urlre.finditer(s)]
-
-
-if __name__ == '__main__':
- main()
View
170 python/contrib/upgrade-store-1.1-to-2.0
@@ -1,170 +0,0 @@
-#!/usr/bin/env python
-# SQL Store Upgrade Script
-# for version 1.x to 2.0 of the OpenID library.
-# Doesn't depend on the openid library, so you can run this python
-# script to update databases for ruby or PHP as well.
-#
-# Testers note:
-#
-# A SQLite3 db with the 1.2 schema exists in
-# openid/test/data/openid-1.2-consumer-sqlitestore.db if you want something
-# to try upgrading.
-#
-# TODO:
-# * test data for mysql and postgresql.
-# * automated tests.
-
-import os
-import getpass
-import sys
-from optparse import OptionParser
-
-
-def askForPassword():
- return getpass.getpass("DB Password: ")
-
-def askForConfirmation(dbname,tablename):
- print """The table %s from the database %s will be dropped, and
- an empty table with the new nonce table schema will replace it."""%(
- tablename, dbname)
- return raw_input("Continue? ").lower().strip().startswith('y')
-
-def doSQLiteUpgrade(db_conn, nonce_table_name='oid_nonces'):
- cur = db_conn.cursor()
- cur.execute('DROP TABLE %s'%nonce_table_name)
- sql = """
- CREATE TABLE %s (
- server_url VARCHAR,
- timestamp INTEGER,
- salt CHAR(40),
- UNIQUE(server_url, timestamp, salt)
- );
- """%nonce_table_name
- cur.execute(sql)
- cur.close()
-
-def doMySQLUpgrade(db_conn, nonce_table_name='oid_nonces'):
- cur = db_conn.cursor()
- cur.execute('DROP TABLE %s'%nonce_table_name)
- sql = """
- CREATE TABLE %s (
- server_url BLOB,
- timestamp INTEGER,
- salt CHAR(40),
- PRIMARY KEY (server_url(255), timestamp, salt)
- )
- TYPE=InnoDB;
- """%nonce_table_name
- cur.execute(sql)
- cur.close()
-
-def doPostgreSQLUpgrade(db_conn, nonce_table_name='oid_nonces'):
- cur = db_conn.cursor()
- cur.execute('DROP TABLE %s'%nonce_table_name)
- sql = """
- CREATE TABLE %s (
- server_url VARCHAR(2047),
- timestamp INTEGER,
- salt CHAR(40),
- PRIMARY KEY (server_url, timestamp, salt)
- );
- """%nonce_table_name
- cur.execute(sql)
- cur.close()
- db_conn.commit()
-
-def main(argv=None):
- parser = OptionParser()
- parser.add_option("-u", "--user", dest="username",
- default=os.environ.get('USER'),
- help="User name to use to connect to the DB. "
- "Defaults to USER environment variable.")
- parser.add_option('-t', '--table', dest='tablename', default='oid_nonces',
- help='The name of the nonce table to drop and recreate. '
- ' Defaults to "oid_nonces", the default table name for '
- 'the openid stores.')
- parser.add_option('--mysql', dest='mysql_db_name',
- help='Upgrade a table from this MySQL database. '
- 'Requires username for database.')
- parser.add_option('--pg', '--postgresql', dest='postgres_db_name',
- help='Upgrade a table from this PostgreSQL database. '
- 'Requires username for database.')
- parser.add_option('--sqlite', dest='sqlite_db_name',
- help='Upgrade a table from this SQLite database file.')
- parser.add_option('--host', dest='db_host',
- default='localhost',
- help='Host on which to find MySQL or PostgreSQL DB.')
- (options, args) = parser.parse_args(argv)
-
- db_conn = None
-
- if options.sqlite_db_name:
- try:
- from pysqlite2 import dbapi2 as sqlite
- except ImportError:
- print "You must have pysqlite2 installed in your PYTHONPATH."
- return 1
- try:
- db_conn = sqlite.connect(options.sqlite_db_name)
- except Exception, e:
- print "Could not connect to SQLite database:", str(e)
- return 1
-
- if askForConfirmation(options.sqlite_db_name, options.tablename):
- doSQLiteUpgrade(db_conn, nonce_table_name=options.tablename)
-
- if options.postgres_db_name:
- if not options.username:
- print "A username is required to open a PostgreSQL Database."
- return 1
- password = askForPassword()
- try:
- import psycopg
- except ImportError:
- print "You need psycopg installed to update a postgres DB."
- return 1
-
- try:
- db_conn = psycopg.connect(database = options.postgres_db_name,
- user = options.username,
- host = options.db_host,
- password = password)
- except Exception, e:
- print "Could not connect to PostgreSQL database:", str(e)
- return 1
-
- if askForConfirmation(options.postgres_db_name, options.tablename):
- doPostgreSQLUpgrade(db_conn, nonce_table_name=options.tablename)
-
- if options.mysql_db_name:
- if not options.username:
- print "A username is required to open a MySQL Database."
- return 1
- password = askForPassword()
- try:
- import MySQLdb
- except ImportError:
- print "You must have MySQLdb installed to update a MySQL DB."
- return 1
-
- try:
- db_conn = MySQLdb.connect(options.db_host, options.username,
- password, options.mysql_db_name)
- except Exception, e:
- print "Could not connect to MySQL database:", str(e)
- return 1
-
- if askForConfirmation(options.mysql_db_name, options.tablename):
- doMySQLUpgrade(db_conn, nonce_table_name=options.tablename)
-
- if db_conn:
- db_conn.close()
- else:
- parser.print_help()
-
- return 0
-
-
-if __name__ == '__main__':
- retval = main()
- sys.exit(retval)
View
40 python/darcs-ignore
@@ -1,40 +0,0 @@
-# Boring file regexps:
-\.hi$
-\.o$
-\.o\.cmd$
-\.ko$
-\.ko\.cmd$
-\.mod\.c$
-(^|/)\.tmp_versions($|/)
-(^|/)CVS($|/)
-(^|/)RCS($|/)
-~$
-#(^|/)\.[^/]
-(^|/)_darcs($|/)
-\.bak$
-\.BAK$
-\.orig$
-(^|/)vssver\.scc$
-\.swp$
-(^|/)MT($|/)
-(^|/)\{arch\}($|/)
-(^|/).arch-ids($|/)
-(^|/),
-\.class$
-\.prof$
-(^|/)\.DS_Store$
-(^|/)BitKeeper($|/)
-(^|/)ChangeSet($|/)
-(^|/)\.svn($|/)
-\.py[co]$
-\#
-\.cvsignore$
-(^|/)Thumbs\.db$
-^doc/
-^MANIFEST$
-^CHANGELOG$
-^dist$
-(^|/)sstore$
-(^|/)cstore$
-^build$
-(^|/)_trial_temp($|/)
View
91 python/examples/README
@@ -1,91 +0,0 @@
-Python OpenID library example code
-==================================
-
-The examples directory contains working code illustrating the use of
-the library for performing OpenID authentication, both as a consumer
-and a server. There are two kinds of examples, one that can run
-without any external dependencies, and one that uses the Django Web
-framework. The examples do not illustrate how to use all of the
-features of the library, but they should be a good starting point to
-see how to use this library with your code.
-
-Both the Django libraries and the BaseHTTPServer examples require that
-the OpenID library is installed or that it has been added to Python's
-search path (PYTHONPATH environment variable or sys.path).
-
-The Django example is probably a good place to start reading the
-code. There is little that is Django-specific about the OpenID logic
-in the example, and it should be easy to port to any framework. To run
-the django examples, see the README file in the djopenid subdirectory.
-
-The other examples use Python's built-in BaseHTTPServer and have a
-good deal of ad-hoc dispatching and rendering code mixed in
-
-Using the BaseHTTPServer examples
-=================================
-
-This directory contains a working server and consumer that use this
-OpenID library. They are both written using python's standard
-BaseHTTPServer.
-
-
-To run the example system:
-
-1. Make sure you've installed the library, as explained in the
- installation instructions.
-
-2. Start the consumer server:
-
- python consumer.py --port 8001
-
-
-3. In another terminal, start the identity server:
-
- python server.py --port 8000
-
- (Hit Ctrl-C in either server's window to stop that server.)
-
-
-4. Open your web broswer, and go to the consumer server:
-
- http://localhost:8001/
-
- Note that all pages the consumer server shows will have "Python OpenID
- Consumer Example" across the top.
-
-
-5. Enter an identity url managed by the sample identity server:
-
- http://localhost:8000/id/bob
-
-
-6. The browser will be redirected to the sample server, which will be
- requesting that you log in to proceed. Enter the username for the
- identity URL into the login box:
-
- bob
-
- Note that all pages the identity server shows will have "Python
- OpenID Server Example" across the top.
-
-
-7. After you log in as bob, the server example will ask you if you
- want to allow http://localhost:8001/ to know your identity. Say
- yes.
-
-
-8. You should end up back on the consumer site, at a page indicating
- you've logged in successfully.
-
-
-That's a basic OpenID login procedure. You can continue through it,
-playing with variations to see how they work. The python code is
-intended to be a straightforward example of how to use the python
-OpenID library to function as either an identity server or consumer.
-
-Getting help
-============
-
-Please send bug reports, patches, and other feedback to
-
- dev@lists.openidenabled.com
View
0  python/examples/__init__.py
No changes.
View
508 python/examples/consumer.py
@@ -1,508 +0,0 @@
-#!/usr/bin/env python
-"""
-Simple example for an OpenID consumer.
-
-Once you understand this example you'll know the basics of OpenID
-and using the Python OpenID library. You can then move on to more
-robust examples, and integrating OpenID into your application.
-"""
-__copyright__ = 'Copyright 2005-2008, Janrain, Inc.'
-
-from Cookie import SimpleCookie
-import cgi
-import urlparse
-import cgitb
-import sys
-
-def quoteattr(s):
- qs = cgi.escape(s, 1)
- return '"%s"' % (qs,)
-
-from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
-
-try:
- import openid
-except ImportError:
- sys.stderr.write("""
-Failed to import the OpenID library. In order to use this example, you
-must either install the library (see INSTALL in the root of the
-distribution) or else add the library to python's import path (the
-PYTHONPATH environment variable).
-
-For more information, see the README in the root of the library
-distribution or http://www.openidenabled.com/
-""")
- sys.exit(1)
-
-from openid.store import memstore
-from openid.store import filestore
-from openid.consumer import consumer
-from openid.oidutil import appendArgs
-from openid.cryptutil import randomString
-from openid.fetchers import setDefaultFetcher, Urllib2Fetcher
-from openid.extensions import pape, sreg
-
-# Used with an OpenID provider affiliate program.
-OPENID_PROVIDER_NAME = 'MyOpenID'
-OPENID_PROVIDER_URL ='https://www.myopenid.com/affiliate_signup?affiliate_id=39'
-
-
-class OpenIDHTTPServer(HTTPServer):
- """http server that contains a reference to an OpenID consumer and
- knows its base URL.
- """
- def __init__(self, store, *args, **kwargs):
- HTTPServer.__init__(self, *args, **kwargs)
- self.sessions = {}
- self.store = store
-
- if self.server_port != 80:
- self.base_url = ('http://%s:%s/' %
- (self.server_name, self.server_port))
- else:
- self.base_url = 'http://%s/' % (self.server_name,)
-
-class OpenIDRequestHandler(BaseHTTPRequestHandler):
- """Request handler that knows how to verify an OpenID identity."""
- SESSION_COOKIE_NAME = 'pyoidconsexsid'
-
- session = None
-
- def getConsumer(self, stateless=False):
- if stateless:
- store = None
- else:
- store = self.server.store
- return consumer.Consumer(self.getSession(), store)
-
- def getSession(self):
- """Return the existing session or a new session"""
- if self.session is not None:
- return self.session
-
- # Get value of cookie header that was sent
- cookie_str = self.headers.get('Cookie')
- if cookie_str:
- cookie_obj = SimpleCookie(cookie_str)
- sid_morsel = cookie_obj.get(self.SESSION_COOKIE_NAME, None)
- if sid_morsel is not None:
- sid = sid_morsel.value
- else:
- sid = None
- else:
- sid = None
-
- # If a session id was not set, create a new one
- if sid is None:
- sid = randomString(16, '0123456789abcdef')
- session = None
- else:
- session = self.server.sessions.get(sid)
-
- # If no session exists for this session ID, create one
- if session is None:
- session = self.server.sessions[sid] = {}
-
- session['id'] = sid
- self.session = session
- return session
-
- def setSessionCookie(self):
- sid = self.getSession()['id']
- session_cookie = '%s=%s;' % (self.SESSION_COOKIE_NAME, sid)
- self.send_header('Set-Cookie', session_cookie)
-
- def do_GET(self):
- """Dispatching logic. There are three paths defined:
-
- / - Display an empty form asking for an identity URL to
- verify
- /verify - Handle form submission, initiating OpenID verification
- /process - Handle a redirect from an OpenID server
-
- Any other path gets a 404 response. This function also parses
- the query parameters.
-
- If an exception occurs in this function, a traceback is
- written to the requesting browser.
- """
- try:
- self.parsed_uri = urlparse.urlparse(self.path)
- self.query = {}
- for k, v in cgi.parse_qsl(self.parsed_uri[4]):
- self.query[k] = v.decode('utf-8')
-
- path = self.parsed_uri[2]
- if path == '/':
- self.render()
- elif path == '/verify':
- self.doVerify()
- elif path == '/process':
- self.doProcess()
- elif path == '/affiliate':