Permalink
Browse files

[project @ pape5.Response: Add is_openid1 flag to parseExtensionArgs …

…API]
  • Loading branch information...
1 parent 008e8f7 commit bc372f09b82cdc2fbe7ab4fa349bc2130c2b873f tailor committed Oct 13, 2008
Showing with 23 additions and 17 deletions.
  1. +3 −2 openid/extensions/draft/pape5.py
  2. +20 −15 openid/test/test_pape_draft5.py
@@ -366,16 +366,17 @@ def fromSuccessResponse(cls, success_response):
# PAPE requires that the args be signed.
args = success_response.getSignedNS(self.ns_uri)
+ is_openid1 = success_response.isOpenID1()
# Only try to construct a PAPE response if the arguments were
# signed in the OpenID response. If not, return None.
if args is not None:
- self.parseExtensionArgs(args)
+ self.parseExtensionArgs(args, is_openid1)
return self
else:
return None
- def parseExtensionArgs(self, args, strict=False):
+ def parseExtensionArgs(self, args, is_openid1, strict=False):
"""Parse the provider authentication policy arguments into the
internal state of this object
@@ -129,7 +129,7 @@ def test_parseExtensionArgsWithAuthLevels(self):
}
# Check request object state
- self.req.parseExtensionArgs(request_args, False)
+ self.req.parseExtensionArgs(request_args, is_openid1=False, strict=False)
expected_auth_levels = [uri, uri2]
@@ -216,6 +216,9 @@ def __init__(self, message, signed_stuff):
self.message = message
self.signed_stuff = signed_stuff
+ def isOpenID1(self):
+ return False
+
def getSignedNS(self, ns_uri):
return self.signed_stuff
@@ -282,34 +285,36 @@ def test_getExtensionArgs_error_auth_age(self):
def test_parseExtensionArgs(self):
args = {'auth_policies': 'http://foo http://bar',
'auth_time': '1970-01-01T00:00:00Z'}
- self.resp.parseExtensionArgs(args)
+ self.resp.parseExtensionArgs(args, is_openid1=False)
self.failUnlessEqual('1970-01-01T00:00:00Z', self.resp.auth_time)
self.failUnlessEqual(['http://foo','http://bar'],
self.resp.auth_policies)
def test_parseExtensionArgs_valid_none(self):
args = {'auth_policies': pape.AUTH_NONE}
- self.resp.parseExtensionArgs(args)
+ self.resp.parseExtensionArgs(args, is_openid1=False)
self.failUnlessEqual([], self.resp.auth_policies)
def test_parseExtensionArgs_old_none(self):
args = {'auth_policies': 'none'}
- self.resp.parseExtensionArgs(args)
+ self.resp.parseExtensionArgs(args, is_openid1=False)
self.failUnlessEqual([], self.resp.auth_policies)
def test_parseExtensionArgs_old_none_strict(self):
args = {'auth_policies': 'none'}
- self.failUnlessRaises(ValueError,
- self.resp.parseExtensionArgs, args, strict=True)
+ self.failUnlessRaises(
+ ValueError,
+ self.resp.parseExtensionArgs, args, is_openid1=False, strict=True)
def test_parseExtensionArgs_empty(self):
- self.resp.parseExtensionArgs({})
+ self.resp.parseExtensionArgs({}, is_openid1=False)
self.failUnlessEqual(None, self.resp.auth_time)
self.failUnlessEqual([], self.resp.auth_policies)
def test_parseExtensionArgs_empty_strict(self):
- self.failUnlessRaises(ValueError,
- self.resp.parseExtensionArgs, {}, strict=True)
+ self.failUnlessRaises(
+ ValueError,
+ self.resp.parseExtensionArgs, {}, is_openid1=False, strict=True)
def test_parseExtensionArgs_ignore_superfluous_none(self):
policies = [pape.AUTH_NONE, pape.AUTH_MULTI_FACTOR_PHYSICAL]
@@ -318,7 +323,7 @@ def test_parseExtensionArgs_ignore_superfluous_none(self):
'auth_policies': ' '.join(policies),
}
- self.resp.parseExtensionArgs(args, strict=False)
+ self.resp.parseExtensionArgs(args, is_openid1=False, strict=False)
self.assertEqual([pape.AUTH_MULTI_FACTOR_PHYSICAL],
self.resp.auth_policies)
@@ -331,13 +336,13 @@ def test_parseExtensionArgs_none_strict(self):
}
self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
- args, strict=True)
+ args, is_openid1=False, strict=True)
def test_parseExtensionArgs_strict_bogus1(self):
args = {'auth_policies': 'http://foo http://bar',
'auth_time': 'yesterday'}
self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
- args, True)
+ args, is_openid1=False, strict=True)
def test_parseExtensionArgs_strict_no_namespace_decl_openid2(self):
# Test the case where the namespace is not declared for an
@@ -347,14 +352,14 @@ def test_parseExtensionArgs_strict_no_namespace_decl_openid2(self):
'auth_level.nist': 'some',
}
self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
- args, True)
+ args, is_openid1=False, strict=True)
def test_parseExtensionArgs_strict_good(self):
args = {'auth_policies': 'http://foo http://bar',
'auth_time': '1970-01-01T00:00:00Z',
'auth_level.nist': '0',
'auth_level.ns.nist': pape.LEVELS_NIST}
- self.resp.parseExtensionArgs(args, True)
+ self.resp.parseExtensionArgs(args, is_openid1=False, strict=True)
self.failUnlessEqual(['http://foo','http://bar'],
self.resp.auth_policies)
self.failUnlessEqual('1970-01-01T00:00:00Z', self.resp.auth_time)
@@ -364,7 +369,7 @@ def test_parseExtensionArgs_nostrict_bogus(self):
args = {'auth_policies': 'http://foo http://bar',
'auth_time': 'when the cows come home',
'nist_auth_level': 'some'}
- self.resp.parseExtensionArgs(args)
+ self.resp.parseExtensionArgs(args, is_openid1=False)
self.failUnlessEqual(['http://foo','http://bar'],
self.resp.auth_policies)
self.failUnlessEqual(None, self.resp.auth_time)

0 comments on commit bc372f0

Please sign in to comment.