Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[project @ pape5: test and handle missing namespace declarations]

  • Loading branch information...
commit 23e78e505e1f9826117ddac69d070c06668fc38a 1 parent cae1a1d
tailor authored
12 openid/extensions/draft/pape5.py
@@ -424,13 +424,17 @@ def parseExtensionArgs(self, args, is_openid1, strict=False):
424 424 try:
425 425 uri = args['auth_level.ns.%s' % (alias,)]
426 426 except KeyError:
  427 + if is_openid1:
  428 + uri = self._default_auth_level_aliases.get(alias)
  429 + else:
  430 + uri = None
  431 +
  432 + if uri is None:
427 433 if strict:
428 434 raise ValueError(
429 435 'Undefined auth level alias: %r' % (alias,))
430   - else:
431   - continue # Skip this auth level declaration
432   -
433   - self.setAuthLevel(uri, val, alias)
  436 + else:
  437 + self.setAuthLevel(uri, val, alias)
434 438
435 439 auth_time = args.get('auth_time')
436 440 if auth_time:
25 openid/test/test_pape_draft5.py
@@ -349,16 +349,35 @@ def test_parseExtensionArgs_strict_bogus1(self):
349 349 self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
350 350 args, is_openid1=False, strict=True)
351 351
  352 + def test_parseExtensionArgs_openid1_strict(self):
  353 + args = {'auth_level.nist': '0',
  354 + 'auth_policies': pape.AUTH_NONE,
  355 + }
  356 + self.resp.parseExtensionArgs(args, strict=True, is_openid1=True)
  357 + self.failUnlessEqual('0', self.resp.getAuthLevel(pape.LEVELS_NIST))
  358 + self.failUnlessEqual([], self.resp.auth_policies)
  359 +
352 360 def test_parseExtensionArgs_strict_no_namespace_decl_openid2(self):
353 361 # Test the case where the namespace is not declared for an
354 362 # auth level.
355   - args = {'auth_policies': 'http://foo http://bar',
356   - 'auth_time': '1970-01-01T00:00:00Z',
357   - 'auth_level.nist': 'some',
  363 + args = {'auth_policies': pape.AUTH_NONE,
  364 + 'auth_level.nist': '0',
358 365 }
359 366 self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
360 367 args, is_openid1=False, strict=True)
361 368
  369 + def test_parseExtensionArgs_nostrict_no_namespace_decl_openid2(self):
  370 + # Test the case where the namespace is not declared for an
  371 + # auth level.
  372 + args = {'auth_policies': pape.AUTH_NONE,
  373 + 'auth_level.nist': '0',
  374 + }
  375 + self.resp.parseExtensionArgs(args, is_openid1=False, strict=False)
  376 +
  377 + # There is no namespace declaration for this auth level.
  378 + self.failUnlessRaises(KeyError, self.resp.getAuthLevel,
  379 + pape.LEVELS_NIST)
  380 +
362 381 def test_parseExtensionArgs_strict_good(self):
363 382 args = {'auth_policies': 'http://foo http://bar',
364 383 'auth_time': '1970-01-01T00:00:00Z',

0 comments on commit 23e78e5

Please sign in to comment.
Something went wrong with that request. Please try again.