[django_openid_auth] Upgrade to revision 74 from source repository

accounts/templates/registration/logout.html

@@ -6,7 +6,7 @@
 <h3>{{ title }}</h3>
 <p>{% blocktrans %}You have been successfully logged out.  You're coming back, right?{% endblocktrans %}</p>
 <p>
-<a href="{% url openid_login %}">{% trans "Log in again" %}</a>
+<a href="{% url openid-login %}">{% trans "Log in again" %}</a>
 </p>
 {% endblock %}
 

accounts/urls.py

@@ -36,9 +36,11 @@
         name='auth_logout'),
 
     # OpenID URLs
+    # names must not be altered because django_openid_auth has to reverse them
     url(r'^openid/login/$', django_openid_auth.views.login_begin,
-        {'template_name': 'openid/login.html'}, name='openid_login'),
-    url(r'^openid/complete/$', django_openid_auth.views.login_complete),
+        {'template_name': 'openid/login.html'}, name='openid-login'),
+    url(r'^openid/complete/$', django_openid_auth.views.login_complete,
+        name='openid-complete'),
     url(r'^openid/registration/$', openid_registration,
         name='openid_registration'),
 

lib/django_openid_auth/__init__.py

@@ -1,7 +1,7 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
 # Copyright (C) 2007 Simon Willison
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/admin.py

@@ -1,6 +1,6 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 # Copyright (C) 2010 Dave Walker
 #
 # Redistribution and use in source and binary forms, with or without

lib/django_openid_auth/auth.py

@@ -1,6 +1,6 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -183,7 +183,7 @@ def update_groups_from_teams(self, user, teams_response):
         for group in desired_groups - current_groups:
             user.groups.add(group)
 
-# to be used outside of the backend
+# kept outside of the class to make function usable outside of the backend
 def _extract_user_details(openid_response):
     email = fullname = first_name = last_name = nickname = None
     sreg_response = sreg.SRegResponse.fromSuccessResponse(openid_response)
@@ -196,6 +196,17 @@ def _extract_user_details(openid_response):
     # them in preference.
     fetch_response = ax.FetchResponse.fromSuccessResponse(openid_response)
     if fetch_response:
+        # The myOpenID provider advertises AX support, but uses
+        # attribute names from an obsolete draft of the
+        # specification.  We check for them first so the common
+        # names take precedence.
+        email = fetch_response.getSingle(
+            'http://schema.openid.net/contact/email', email)
+        fullname = fetch_response.getSingle(
+            'http://schema.openid.net/namePerson', fullname)
+        nickname = fetch_response.getSingle(
+            'http://schema.openid.net/namePerson/friendly', nickname)
+
         email = fetch_response.getSingle(
             'http://axschema.org/contact/email', email)
         fullname = fetch_response.getSingle(

lib/django_openid_auth/forms.py

@@ -1,7 +1,7 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
 # Copyright (C) 2007 Simon Willison
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/management/__init__.py

@@ -1,6 +1,6 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
-# Copyright (C) 2009 Canonical Ltd.
+# Copyright (C) 2009-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/management/commands/__init__.py

@@ -1,6 +1,6 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
-# Copyright (C) 2009 Canonical Ltd.
+# Copyright (C) 2009-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/management/commands/openid_cleanup.py

@@ -1,6 +1,6 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
-# Copyright (C) 2009 Canonical Ltd.
+# Copyright (C) 2009-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/models.py

@@ -1,7 +1,7 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
 # Copyright (C) 2007 Simon Willison
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -54,5 +54,5 @@ def __unicode__(self):
 
 class UserOpenID(models.Model):
     user = models.ForeignKey(User)
-    claimed_id = models.CharField(max_length=255, unique=True)
+    claimed_id = models.TextField(max_length=2047, unique=True)
     display_id = models.TextField(max_length=2047)

lib/django_openid_auth/store.py

@@ -1,7 +1,7 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
 # Copyright (C) 2007 Simon Willison
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/teams.py

@@ -1,6 +1,6 @@
 # Launchpad OpenID Teams Extension support for python-openid
 #
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions

lib/django_openid_auth/templates/openid/failure.html

@@ -2,12 +2,10 @@
   "http://www.w3.org/TR/html4/strict.dtd">
 <html>
 <head>
-  <title>OpenID failed</title>
+    <title>OpenID failed</title>
 </head>
 <body>
-<h1>OpenID failed</h1>
-
-<p>{{ message|escape }}</p>
-
+    <h1>OpenID failed</h1>
+    <p>{{ message|escape }}</p>
 </body>
-</html>
+</html>

lib/django_openid_auth/templates/openid/login.html

@@ -1,44 +1,43 @@
 {% load i18n %}
-
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
-  "http://www.w3.org/TR/html4/strict.dtd">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>
 <head>
 <title>Sign in with your OpenID</title>
 <style type="text/css">
 input.openid {
-  background: url({% url openid-logo %}) no-repeat; 
-  background-position: 0 50%;
-  padding-left: 16px;
+    background: url({% url openid-logo %}) no-repeat;
+    background-position: 0 50%;
+    padding-left: 16px;
 }
 </style>
 </head>
 <body>
 <h1>Sign in with your OpenID</h1>
 {% if form.errors %}
 <p class="errors">{% trans "Please correct errors below:" %}<br />
-	{% if form.openid_identifier.errors %} 
-		<span class="error">{{ form.openid_identifier.errors|join:", " }}</span>
-	{% endif %}
-	{% if form.next.errors %} 
-		<span class="error">{{ form.next.errors|join:", " }}</span>
-	{% endif %}
+    {% if form.openid_identifier.errors %}
+    <span class="error">{{ form.openid_identifier.errors|join:", " }}</span>
+    {% endif %}
+    {% if form.next.errors %}
+    <span class="error">{{ form.next.errors|join:", " }}</span>
+    {% endif %}
 </p>
 {% endif %}
 <form name="fopenid" action="{{ action }}" method="post">
-	<fieldset>
-		<legend>{% trans "Sign In Using Your OpenID" %}</legend>
+    {% csrf_token %}
+    <fieldset>
+        <legend>{% trans "Sign In Using Your OpenID" %}</legend>
         <div class="form-row">
             <label for="id_openid_identifier">{% trans "OpenID:" %}</label><br />
             {{ form.openid_identifier }}
         </div>
-        <div class="submit-row "><input name="bsignin" type="submit" value="{% trans "Sign in" %}"></div>
-
+        <div class="submit-row ">
+            <input name="bsignin" type="submit" value="{% trans "Sign in" %}">
+        </div>
  {% if next %}
-	<input type="hidden" name="next" value="{{ next }}" />
+        <input type="hidden" name="next" value="{{ next }}" />
  {% endif %}
-
-	</fieldset>
-</form>	
+    </fieldset>
+</form>
 </body>
 </html>

lib/django_openid_auth/urls.py

@@ -1,7 +1,7 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
 # Copyright (C) 2007 Simon Willison
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -30,7 +30,7 @@
 from django.conf.urls.defaults import *
 
 urlpatterns = patterns('django_openid_auth.views',
-    (r'^login/$', 'login_begin'),
-    (r'^complete/$', 'login_complete'),
+    url(r'^login/$', 'login_begin', name='openid-login'),
+    url(r'^complete/$', 'login_complete', name='openid-complete'),
     url(r'^logo.gif$', 'logo', name='openid-logo'),
 )

lib/django_openid_auth/views.py

@@ -1,7 +1,7 @@
 # django-openid-auth -  OpenID integration for django.contrib.auth
 #
 # Copyright (C) 2007 Simon Willison
-# Copyright (C) 2008-2009 Canonical Ltd.
+# Copyright (C) 2008-2010 Canonical Ltd.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -40,6 +40,7 @@
 from django.shortcuts import render_to_response
 from django.template import RequestContext
 from django.template.loader import render_to_string
+from django.views.decorators.csrf import csrf_exempt
 
 from openid.consumer.consumer import (
     Consumer, SUCCESS, CANCEL, FAILURE)
@@ -111,10 +112,11 @@ def render_openid_request(request, openid_request, return_to, trust_root=None):
         return HttpResponse(form_html, content_type='text/html;charset=UTF-8')
 
 
-def render_failure(request, message, status=403):
+def default_render_failure(request, message, status=403,
+                           template_name='openid/failure.html'):
     """Render an error page to the user."""
     data = render_to_string(
-        'openid/failure.html', dict(message=message),
+        template_name, dict(message=message),
         context_instance=RequestContext(request))
     return HttpResponse(data, status=status)
 
@@ -132,6 +134,9 @@ def parse_openid_response(request):
 
 
 def login_begin(request, template_name='openid/login.html',
+                login_complete_view='openid-complete',
+                form_class=OpenIDLoginForm,
+                render_failure=default_render_failure,
                 redirect_field_name=REDIRECT_FIELD_NAME):
     """Begin an OpenID login request, possibly asking for an identity URL."""
     redirect_to = request.REQUEST.get(redirect_field_name, '')
@@ -142,11 +147,11 @@ def login_begin(request, template_name='openid/login.html',
 
     if openid_url is None:
         if request.POST:
-            login_form = OpenIDLoginForm(data=request.POST)
+            login_form = form_class(data=request.POST)
             if login_form.is_valid():
                 openid_url = login_form.cleaned_data['openid_identifier']
         else:
-            login_form = OpenIDLoginForm()
+            login_form = form_class()
 
         # Invalid or no form data:
         if openid_url is None:
@@ -163,22 +168,31 @@ def login_begin(request, template_name='openid/login.html',
         return render_failure(
             request, "OpenID discovery error: %s" % (str(exc),), status=500)
 
-    # Request some user details.
-    fetch_request = ax.FetchRequest()
-    # We mark all the attributes as required, since Google ignores
-    # optional attributes.  We request both the full name and
-    # first/last components since some providers offer one but not
-    # the other.
-    for (attr, alias) in [
-        ('http://axschema.org/contact/email', 'email'),
-        ('http://axschema.org/namePerson', 'fullname'),
-        ('http://axschema.org/namePerson/first', 'firstname'),
-        ('http://axschema.org/namePerson/last', 'lastname'),
-        ('http://axschema.org/namePerson/friendly', 'nickname')]:
-        fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True))
-    openid_request.addExtension(fetch_request)
-    openid_request.addExtension(
-        sreg.SRegRequest(optional=['email', 'fullname', 'nickname']))
+    # Request some user details.  If the provider advertises support
+    # for attribute exchange, use that.
+    if openid_request.endpoint.supportsType(ax.AXMessage.ns_uri):
+        fetch_request = ax.FetchRequest()
+        # We mark all the attributes as required, since Google ignores
+        # optional attributes.  We request both the full name and
+        # first/last components since some providers offer one but not
+        # the other.
+        for (attr, alias) in [
+            ('http://axschema.org/contact/email', 'email'),
+            ('http://axschema.org/namePerson', 'fullname'),
+            ('http://axschema.org/namePerson/first', 'firstname'),
+            ('http://axschema.org/namePerson/last', 'lastname'),
+            ('http://axschema.org/namePerson/friendly', 'nickname'),
+            # The myOpenID provider advertises AX support, but uses
+            # attribute names from an obsolete draft of the
+            # specification.  We request them for compatibility.
+            ('http://schema.openid.net/contact/email', 'old_email'),
+            ('http://schema.openid.net/namePerson', 'old_fullname'),
+            ('http://schema.openid.net/namePerson/friendly', 'old_nickname')]:
+            fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True))
+        openid_request.addExtension(fetch_request)
+    else:
+        openid_request.addExtension(
+            sreg.SRegRequest(optional=['email', 'fullname', 'nickname']))
 
     # Request team info
     teams_mapping_auto = getattr(settings, 'OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO', False)
@@ -196,7 +210,7 @@ def login_begin(request, template_name='openid/login.html',
 
     # Construct the request completion URL, including the page we
     # should redirect to.
-    return_to = request.build_absolute_uri(reverse(login_complete))
+    return_to = request.build_absolute_uri(reverse(login_complete_view))
     if redirect_to:
         if '?' in return_to:
             return_to += '&'
@@ -207,7 +221,9 @@ def login_begin(request, template_name='openid/login.html',
     return render_openid_request(request, openid_request, return_to)
 
 
-def login_complete(request, redirect_field_name=REDIRECT_FIELD_NAME):
+@csrf_exempt
+def login_complete(request, redirect_field_name=REDIRECT_FIELD_NAME,
+                   render_failure=default_render_failure):
     redirect_to = request.REQUEST.get(redirect_field_name, '')
 
     openid_response = parse_openid_response(request)

templates/base.html

@@ -35,7 +35,7 @@ <h3>
                     </h3>
                     <p><a href="{% url preferences %}">{% trans "preferences" %}</a> / <a href="{% url django.contrib.auth.views.logout %}">{% trans "log out" %}</a></p>
                     {% else %}
-                    <p>{% trans "hello stranger! care to " %}<a href="{% url openid_login %}">{% trans "log in" %}</a>{% trans "?" %}</p>
+                    <p>{% trans "hello stranger! care to " %}<a href="{% url openid-login %}">{% trans "log in" %}</a>{% trans "?" %}</p>
                     <!--<p><small>{% trans "not a member yet?" %} <a href="{% url registration.views.register %}">{% trans "Sign up." %}</a></small></p>-->
                     {% endif %}
                 </td>