annotate MoinMoin/auth/openidrp.py @ 3175:2a3a6cb34e45

pylint findings: fix some harmless stuff
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 03 Mar 2008 02:02:55 +0100
parents c25bc6e9ad61
children f42b05d07650
rev   line source
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
1 # -*- coding: iso-8859-1 -*-
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
2 """
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
3 MoinMoin - OpenID authorization
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
4
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
5 @copyright: 2007 MoinMoin:JohannesBerg
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
6 @license: GNU GPL, see COPYING for details.
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
7 """
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
8 from MoinMoin.util.moinoid import MoinOpenIDStore
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
9 from MoinMoin import user
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
10 from MoinMoin.auth import BaseAuth
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
11 from openid.consumer import consumer
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
12 from openid.yadis.discover import DiscoveryFailure
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
13 from openid.fetchers import HTTPFetchingError
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
14 from MoinMoin.widget import html
2421
059054049961 don't use parenthesised imports in openid code
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2302
diff changeset
15 from MoinMoin.auth import CancelLogin, ContinueLogin
059054049961 don't use parenthesised imports in openid code
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2302
diff changeset
16 from MoinMoin.auth import MultistageFormLogin, MultistageRedirectLogin
059054049961 don't use parenthesised imports in openid code
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2302
diff changeset
17 from MoinMoin.auth import get_multistage_continuation_url
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
18
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
19
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
20 class OpenIDAuth(BaseAuth):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
21 login_inputs = ['openid_identifier']
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
22 name = 'openid'
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
23 logout_possible = True
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
24
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
25 def __init__(self, modify_request=None,
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
26 update_user=None,
3140
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
27 create_user=None,
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
28 forced_service=None):
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
29 BaseAuth.__init__(self)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
30 self._modify_request = modify_request or (lambda x: None)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
31 self._update_user = update_user or (lambda i, u: None)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
32 self._create_user = create_user or (lambda i, u: None)
3140
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
33 self._forced_service = forced_service
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
34 if forced_service:
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
35 self.login_inputs = ['special_no_input']
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
36
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
37 def _handle_user_data(self, request, u):
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
38 create = not u
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
39 if create:
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
40 # pass in a created but unsaved user object
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
41 u = user.User(request, auth_method=self.name,
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
42 auth_username=request.session['openid.id'])
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
43 # invalid name
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
44 u.name = ''
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
45 u = self._create_user(request.session['openid.info'], u)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
46
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
47 if u:
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
48 self._update_user(request.session['openid.info'], u)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
49
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
50 # just in case the wiki admin screwed up
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
51 if (not user.isValidName(request, u.name) or
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
52 (create and user.getUserId(request, u.name))):
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
53 return None
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
54
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
55 if not hasattr(u, 'openids'):
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
56 u.openids = []
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
57 if not request.session['openid.id'] in u.openids:
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
58 u.openids.append(request.session['openid.id'])
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
59
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
60 u.save()
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
61
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
62 del request.session['openid.id']
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
63 del request.session['openid.info']
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
64
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
65 return u
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
66
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
67 def _get_account_name(self, request, form, msg=None):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
68 # now we need to ask the user for a new username
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
69 # that they want to use on this wiki
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
70 # XXX: request nickname from OP and suggest using it
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
71 # (if it isn't in use yet)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
72 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
73 form.append(html.INPUT(type='hidden', name='oidstage', value='2'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
74 table = html.TABLE(border='0')
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
75 form.append(table)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
76 td = html.TD(colspan=2)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
77 td.append(html.Raw(_("""Please choose an account name now.
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
78 If you choose an existing account name you will be asked for the
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
79 password and be able to associate the account with your OpenID.""")))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
80 table.append(html.TR().append(td))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
81 if msg:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
82 td = html.TD(colspan='2')
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
83 td.append(html.P().append(html.STRONG().append(html.Raw(msg))))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
84 table.append(html.TR().append(td))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
85 td1 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
86 td1.append(html.STRONG().append(html.Raw(_('Name'))))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
87 td2 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
88 td2.append(html.INPUT(type='text', name='username'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
89 table.append(html.TR().append(td1).append(td2))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
90 td1 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
91 td2 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
92 td2.append(html.INPUT(type='submit', name='submit',
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
93 value=_('Choose this name')))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
94 table.append(html.TR().append(td1).append(td2))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
95
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
96 def _associate_account(self, request, form, accountname, msg=None):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
97 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
98
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
99 form.append(html.INPUT(type='hidden', name='oidstage', value='3'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
100 table = html.TABLE(border='0')
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
101 form.append(table)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
102 td = html.TD(colspan=2)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
103 td.append(html.Raw(_("""The username you have chosen is already
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
104 taken. If it is your username, enter your password below to associate
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
105 the username with your OpenID. Otherwise, please choose a different
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
106 username and leave the password field blank.""")))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
107 table.append(html.TR().append(td))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
108 if msg:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
109 td.append(html.P().append(html.STRONG().append(html.Raw(msg))))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
110 td1 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
111 td1.append(html.STRONG().append(html.Raw(_('Name'))))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
112 td2 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
113 td2.append(html.INPUT(type='text', name='username', value=accountname))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
114 table.append(html.TR().append(td1).append(td2))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
115 td1 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
116 td1.append(html.STRONG().append(html.Raw(_('Password'))))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
117 td2 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
118 td2.append(html.INPUT(type='password', name='password'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
119 table.append(html.TR().append(td1).append(td2))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
120 td1 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
121 td2 = html.TD()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
122 td2.append(html.INPUT(type='submit', name='submit',
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
123 value=_('Associate this name')))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
124 table.append(html.TR().append(td1).append(td2))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
125
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
126 def _handle_verify_continuation(self, request):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
127 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
128 oidconsumer = consumer.Consumer(request.session,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
129 MoinOpenIDStore(request))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
130 query = {}
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
131 for key in request.form:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
132 query[key] = request.form[key][0]
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
133 return_to = get_multistage_continuation_url(request, self.name,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
134 {'oidstage': '1'})
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
135 info = oidconsumer.complete(query, return_to=return_to)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
136 if info.status == consumer.FAILURE:
3164
c25bc6e9ad61 i18n.getText: removing wrong (old) kw arguments from _() calls
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3140
diff changeset
137 return CancelLogin(_('OpenID error: %s.') % info.message)
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
138 elif info.status == consumer.CANCEL:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
139 return CancelLogin(_('Verification canceled.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
140 elif info.status == consumer.SUCCESS:
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
141 request.session['openid.id'] = info.identity_url
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
142 request.session['openid.info'] = info
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
143
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
144 # try to find user object
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
145 uid = user.getUserIdByOpenId(request, info.identity_url)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
146 if uid:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
147 u = user.User(request, id=uid, auth_method=self.name,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
148 auth_username=info.identity_url)
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
149 else:
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
150 u = None
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
151
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
152 # create or update the user according to the registration data
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
153 u = self._handle_user_data(request, u)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
154 if u:
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
155 return ContinueLogin(u)
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
156
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
157 # if no user found, then we need to ask for a username,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
158 # possibly associating an existing account.
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
159 request.session['openid.id'] = info.identity_url
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
160 return MultistageFormLogin(self._get_account_name)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
161 else:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
162 return CancelLogin(_('OpenID failure.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
163
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
164 def _handle_name_continuation(self, request):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
165 if not 'openid.id' in request.session:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
166 return CancelLogin(None)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
167
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
168 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
169 newname = request.form.get('username', [''])[0]
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
170 if not newname:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
171 return MultistageFormLogin(self._get_account_name)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
172 if not user.isValidName(request, newname):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
173 return MultistageFormLogin(self._get_account_name,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
174 _('This is not a valid username, choose a different one.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
175 uid = None
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
176 if newname:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
177 uid = user.getUserId(request, newname)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
178 if not uid:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
179 # we can create a new user with this name :)
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
180 u = user.User(request, auth_method=self.name,
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
181 auth_username=request.session['openid.id'])
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
182 u.name = newname
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
183 u = self._handle_user_data(request, u)
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
184 return ContinueLogin(u)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
185 # requested username already exists. if they know the password,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
186 # they can associate that account with the openid.
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
187 assoc = lambda req, form: self._associate_account(req, form, newname)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
188 return MultistageFormLogin(assoc)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
189
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
190 def _handle_associate_continuation(self, request):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
191 if not 'openid.id' in request.session:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
192 return CancelLogin()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
193
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
194 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
195 username = request.form.get('username', [''])[0]
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
196 password = request.form.get('password', [''])[0]
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
197 if not password:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
198 return self._handle_name_continuation(request)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
199 u = user.User(request, name=username, password=password,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
200 auth_method=self.name,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
201 auth_username=request.session['openid.id'])
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
202 if u.valid:
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
203 self._handle_user_data(request, u)
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
204 return ContinueLogin(u, _('Your account is now associated to your OpenID.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
205 else:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
206 msg = _('The password you entered is not valid.')
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
207 assoc = lambda req, form: self._associate_account(req, form, username, msg=msg)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
208 return MultistageFormLogin(assoc)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
209
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
210 def _handle_continuation(self, request):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
211 oidstage = request.form.get('oidstage', [0])[0]
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
212 if oidstage == '1':
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
213 return self._handle_verify_continuation(request)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
214 elif oidstage == '2':
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
215 return self._handle_name_continuation(request)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
216 elif oidstage == '3':
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
217 return self._handle_associate_continuation(request)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
218 return CancelLogin()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
219
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
220 def _openid_form(self, request, form, oidhtml):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
221 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
222 txt = _('OpenID verification requires that you click this button:')
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
223 # create JS to automatically submit the form if possible
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
224 submitjs = """<script type="text/javascript">
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
225 <!--//
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
226 document.getElementById("openid_message").submit();
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
227 //-->
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
228 </script>
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
229 """
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
230 return ''.join([txt, oidhtml, submitjs])
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
231
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
232 def login(self, request, user_obj, **kw):
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
233 continuation = kw.get('multistage')
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
234
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
235 if continuation:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
236 return self._handle_continuation(request)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
237
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
238 # openid is designed to work together with other auths
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
239 if user_obj and user_obj.valid:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
240 return ContinueLogin(user_obj)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
241
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
242 openid_id = kw.get('openid_identifier')
3140
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
243
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
244 # nothing entered? continue...
3140
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
245 if not self._forced_service and not openid_id:
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
246 return ContinueLogin(user_obj)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
247
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
248 _ = request.getText
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
249
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
250 # user entered something but the session can't be stored
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
251 if not request.session.is_stored:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
252 return ContinueLogin(user_obj,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
253 _('Anonymous sessions need to be enabled for OpenID login.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
254
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
255 oidconsumer = consumer.Consumer(request.session,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
256 MoinOpenIDStore(request))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
257
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
258 try:
3140
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
259 fserv = self._forced_service
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
260 if fserv:
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
261 if isinstance(fserv, str) or isinstance(fserv, unicode):
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
262 oidreq = oidconsumer.begin(fserv)
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
263 else:
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
264 oidreq = oidconsumer.beginWithoutDiscovery(fserv)
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
265 else:
232b1fcfadab OpenID RP: allow forcing a service for using OpenID as company-SSO
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3136
diff changeset
266 oidreq = oidconsumer.begin(openid_id)
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
267 except HTTPFetchingError:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
268 return ContinueLogin(None, _('Failed to resolve OpenID.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
269 except DiscoveryFailure:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
270 return ContinueLogin(None, _('OpenID discovery failure, not a valid OpenID.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
271 else:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
272 if oidreq is None:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
273 return ContinueLogin(None, _('No OpenID.'))
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
274
3136
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
275 self._modify_request(oidreq)
f272fc54b68d OpenID RP: allow modifying request, e.g. to configure attribute exchange
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3123
diff changeset
276
2299
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
277 return_to = get_multistage_continuation_url(request, self.name,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
278 {'oidstage': '1'})
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
279 trust_root = request.getBaseURL()
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
280 if oidreq.shouldSendRedirect():
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
281 redirect_url = oidreq.redirectURL(trust_root, return_to)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
282 return MultistageRedirectLogin(redirect_url)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
283 else:
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
284 form_html = oidreq.formMarkup(trust_root, return_to,
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
285 form_tag_attrs={'id': 'openid_message'})
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
286 mcall = lambda request, form:\
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
287 self._openid_form(request, form, form_html)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
288 ret = MultistageFormLogin(mcall)
39d11cf4af6c OpenID relying party (client) support
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
289 return ret
2302
1f449e482bcc allow auth methods to set the login hint below the input fields
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2299
diff changeset
290
1f449e482bcc allow auth methods to set the login hint below the input fields
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2299
diff changeset
291 def login_hint(self, request):
1f449e482bcc allow auth methods to set the login hint below the input fields
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2299
diff changeset
292 _ = request.getText
1f449e482bcc allow auth methods to set the login hint below the input fields
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2299
diff changeset
293 return _("If you do not have an account yet, you can still log in "
1f449e482bcc allow auth methods to set the login hint below the input fields
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2299
diff changeset
294 "with your OpenID and create one during login.")