Browse files

use success response to find out identity, not request params

This fixes the bug breaking delegated identity logins: the
openid.claimed_id parameter was missing, replaced with
openid1_claimed_id - a parameter specific to python-openid.

Instead of using request.GET.get('openid.claimed_id'), use
client.result.identity_url: since the python-openid library
probably knows best anyway!
  • Loading branch information...
1 parent 7936539 commit b2fb261d7d6c9d138005d49182a7717668e0ed10 Zellyn Hunter committed with Apr 23, 2010
Showing with 6 additions and 5 deletions.
  1. +6 −5 socialregistration/views.py
View
11 socialregistration/views.py
@@ -11,7 +11,7 @@
from django.shortcuts import render_to_response
from django.utils.translation import gettext as _
from django.http import HttpResponseRedirect
-from django.views.decorators.csrf import csrf_protect
+from django.views.decorators.csrf import csrf_protect
from django.contrib.auth.models import User
from django.contrib.auth import login, authenticate, logout as auth_logout
@@ -353,21 +353,22 @@ def openid_callback(request, template='socialregistration/openid.html',
)
if client.is_valid():
+ identity = client.result.identity_url
if request.user.is_authenticated():
# Handling already logged in users just connecting their accounts
try:
- profile = OpenIDProfile.objects.get(identity=request.GET.get('openid.claimed_id'))
+ profile = OpenIDProfile.objects.get(identity=identity)
except OpenIDProfile.DoesNotExist: # There can only be one profile with the same identity
profile = OpenIDProfile.objects.create(user=request.user,
- identity=request.GET.get('openid.claimed_id'))
+ identity=identity)
return HttpResponseRedirect(_get_next(request))
- user = authenticate(identity=request.GET.get('openid.claimed_id'))
+ user = authenticate(identity=identity)
if user is None:
request.session['socialregistration_user'] = User()
request.session['socialregistration_profile'] = OpenIDProfile(
- identity=request.GET.get('openid.claimed_id')
+ identity=identity
)
return HttpResponseRedirect(reverse('socialregistration_setup'))

0 comments on commit b2fb261

Please sign in to comment.