Mercurial > moin > 1.9
changeset 3136:f272fc54b68d
OpenID RP: allow modifying request, e.g. to configure attribute exchange
| author | Johannes Berg <johannes AT sipsolutions DOT net> |
|---|---|
| date | Wed, 27 Feb 2008 15:10:14 +0100 |
| parents | c32e054f6f83 |
| children | ee546a8aaa8f |
| files | MoinMoin/auth/openidrp.py |
| diffstat | 1 files changed, 54 insertions(+), 12 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/auth/openidrp.py Wed Feb 27 15:03:16 2008 +0100 +++ b/MoinMoin/auth/openidrp.py Wed Feb 27 15:10:14 2008 +0100 @@ -17,11 +17,50 @@ from MoinMoin.auth import MultistageFormLogin, MultistageRedirectLogin from MoinMoin.auth import get_multistage_continuation_url + class OpenIDAuth(BaseAuth): login_inputs = ['openid_identifier'] name = 'openid' logout_possible = True + def __init__(self, modify_request=None, + update_user=None, + create_user=None): + BaseAuth.__init__(self) + self._modify_request = modify_request or (lambda x: None) + self._update_user = update_user or (lambda i, u: None) + self._create_user = create_user or (lambda i, u: None) + + def _handle_user_data(self, request, u): + create = not u + if create: + # pass in a created but unsaved user object + u = user.User(request, auth_method=self.name, + auth_username=request.session['openid.id']) + # invalid name + u.name = '' + u = self._create_user(request.session['openid.info'], u) + + if u: + self._update_user(request.session['openid.info'], u) + + # just in case the wiki admin screwed up + if (not user.isValidName(request, u.name) or + (create and user.getUserId(request, u.name))): + return None + + if not hasattr(u, 'openids'): + u.openids = [] + if not request.session['openid.id'] in u.openids: + u.openids.append(request.session['openid.id']) + + u.save() + + del request.session['openid.id'] + del request.session['openid.info'] + + return u + def _get_account_name(self, request, form, msg=None): # now we need to ask the user for a new username # that they want to use on this wiki @@ -96,12 +135,22 @@ elif info.status == consumer.CANCEL: return CancelLogin(_('Verification canceled.')) elif info.status == consumer.SUCCESS: + request.session['openid.id'] = info.identity_url + request.session['openid.info'] = info + # try to find user object uid = user.getUserIdByOpenId(request, info.identity_url) if uid: u = user.User(request, id=uid, auth_method=self.name, auth_username=info.identity_url) + else: + u = None + + # create or update the user according to the registration data + u = self._handle_user_data(request, u) + if u: return ContinueLogin(u) + # if no user found, then we need to ask for a username, # possibly associating an existing account. request.session['openid.id'] = info.identity_url @@ -125,13 +174,10 @@ uid = user.getUserId(request, newname) if not uid: # we can create a new user with this name :) - u = user.User(request, id=uid, auth_method=self.name, + u = user.User(request, auth_method=self.name, auth_username=request.session['openid.id']) u.name = newname - u.openids = [request.session['openid.id']] - u.aliasname = request.session['openid.id'] - del request.session['openid.id'] - u.save() + u = self._handle_user_data(request, u) return ContinueLogin(u) # requested username already exists. if they know the password, # they can associate that account with the openid. @@ -151,13 +197,7 @@ auth_method=self.name, auth_username=request.session['openid.id']) if u.valid: - if not hasattr(u, 'openids'): - u.openids = [] - u.openids.append(request.session['openid.id']) - if not u.aliasname: - u.aliasname = request.session['openid.id'] - u.save() - del request.session['openid.id'] + self._handle_user_data(request, u) return ContinueLogin(u, _('Your account is now associated to your OpenID.')) else: msg = _('The password you entered is not valid.') @@ -221,6 +261,8 @@ if oidreq is None: return ContinueLogin(None, _('No OpenID.')) + self._modify_request(oidreq) + return_to = get_multistage_continuation_url(request, self.name, {'oidstage': '1'}) trust_root = request.getBaseURL()