# HG changeset patch
# User Rowan Kerr <rowan@stasis.org>
# Date 1243364633 14400
# Node ID 97d38e72528793564b9677c3a028dbbc472f414c
# Parent  73f4fbb892b13e777e6a8c076a03a01f1c96c8c7
Force janrain_nonce at end of URL when asking for username input during the OpenID multiform sequence

diff -r 73f4fbb892b1 -r 97d38e725287 MoinMoin/auth/__init__.py
--- a/MoinMoin/auth/__init__.py	Tue May 26 10:43:36 2009 -0400
+++ b/MoinMoin/auth/__init__.py	Tue May 26 15:03:53 2009 -0400
@@ -158,8 +158,10 @@
               'stage': auth_name}
     fields.update(extra_fields)
     if request.page:
+        logging.debug("request.page.url: " + request.page.url(request, querystr=fields))
         return request.page.url(request, querystr=fields)
     else:
+        logging.debug("request.abs_href: " + request.abs_href(**fields))
         return request.abs_href(**fields)
 
 class LoginReturn(object):
diff -r 73f4fbb892b1 -r 97d38e725287 MoinMoin/auth/openidrp.py
--- a/MoinMoin/auth/openidrp.py	Tue May 26 10:43:36 2009 -0400
+++ b/MoinMoin/auth/openidrp.py	Tue May 26 15:03:53 2009 -0400
@@ -18,7 +18,7 @@
 from MoinMoin.auth import CancelLogin, ContinueLogin
 from MoinMoin.auth import MultistageFormLogin, MultistageRedirectLogin
 from MoinMoin.auth import get_multistage_continuation_url
-
+from werkzeug.utils import url_encode
 
 class OpenIDAuth(BaseAuth):
     login_inputs = ['openid_identifier']
@@ -140,10 +140,14 @@
                                         MoinOpenIDStore(request))
         query = {}
         for key in request.values.keys():
-            #logging.debug(key + "=" + request.values.get(key))
             query[key] = request.values.get(key)
         current_url = get_multistage_continuation_url(request, self.name,
                                                       {'oidstage': '1'})
+                                                      # 'janrain_nonce': request.values.get('janrain_nonce')})
+        # Because the order of dict keys cannot be guaranteed, this last param must
+        # be appended in string form to make sure order of URL prams matches
+        # between current_url and the OpenID return_to value.
+        current_url += u'&' + url_encode({'janrain_nonce': request.values.get('janrain_nonce')})
         info = oidconsumer.complete(query, current_url)
         if info.status == consumer.FAILURE:
             logging.debug(_("OpenID error: %s.") % info.message)