1.1 --- a/WebStack/Resources/OpenIDInitiation.py Tue Jul 07 01:12:55 2009 +0200
1.2 +++ b/WebStack/Resources/OpenIDInitiation.py Wed Nov 25 20:12:52 2009 +0100
1.3 @@ -76,10 +76,18 @@
1.4 if identity.startswith("xri://"):
1.5 identity = openid[6:]
1.6
1.7 + # Detect empty identifiers.
1.8 +
1.9 + if not identity:
1.10 + return None, None, None
1.11 +
1.12 # NOTE: Not yet discovering XRI providers.
1.13
1.14 - if identity[0] in ("=", "@", "+", "$", "!", "("):
1.15 + elif identity[0] in ("=", "@", "+", "$", "!", "("):
1.16 pass
1.17 +
1.18 + # Handle URL-based identifiers.
1.19 +
1.20 else:
1.21 if not identity.startswith("http"):
1.22 identity = "http://" + identity
2.1 --- a/WebStack/Resources/OpenIDRedirect.py Tue Jul 07 01:12:55 2009 +0200
2.2 +++ b/WebStack/Resources/OpenIDRedirect.py Wed Nov 25 20:12:52 2009 +0100
2.3 @@ -90,7 +90,7 @@
2.4 otherwise.
2.5
2.6 If the optional 'verify' parameter is specified as a true value, perform
2.7 - verification on any
2.8 + verification on any incoming OpenID credentials.
2.9 """
2.10
2.11 # If requested, attempt to verify OpenID assertions.
2.12 @@ -107,7 +107,7 @@
2.13 self.test_signature(trans, fields) and \
2.14 self.test_replay(fields):
2.15
2.16 - self.set_token(trans, fields["openid.identity"][0])
2.17 + self.set_token(trans, fields["openid.claimed_id"][0])
2.18 return 1
2.19
2.20 # Incomplete assertion.
2.21 @@ -140,7 +140,8 @@
2.22
2.23 # NOTE: Currently, this is not strict enough.
2.24
2.25 - return fields["openid.return_to"][0].startswith(self.app_url)
2.26 + return fields.has_key("openid.return_to") and \
2.27 + fields["openid.return_to"][0].startswith(self.app_url)
2.28
2.29 def test_signature(self, trans, fields):
2.30
3.1 --- a/examples/Common/OpenIDLogin/__init__.py Tue Jul 07 01:12:55 2009 +0200
3.2 +++ b/examples/Common/OpenIDLogin/__init__.py Wed Nov 25 20:12:52 2009 +0100
3.3 @@ -20,10 +20,13 @@
3.4 app_url=app_url,
3.5 authenticator=Authenticator(
3.6 credentials=(
3.7 - # Local identifier, username, password
3.8 - ((deployment_url + "/badger", "badger"), "abc"),
3.9 - ((deployment_url + "/vole", "vole"), "xyz"),
3.10 - ((deployment_url + u"/זרו", u"זרו"), u"ֶ״ֵ"),
3.11 + # Local identifier, username, password
3.12 + (( "badger", "badger"), "abc"),
3.13 + (( "vole", "vole"), "xyz"),
3.14 + ((u"זרו", u"זרו"), u"ֶ״ֵ"),
3.15 + (( "badger2", "badger"), "abc"),
3.16 + (( "vole2", "vole"), "xyz"),
3.17 + ((u"זרו2", u"זרו"), u"ֶ״ֵ"),
3.18 )
3.19 )
3.20 )
3.21 @@ -39,40 +42,74 @@
3.22 <html>
3.23 <head>
3.24 <link rel="openid2.provider openid.server" href="%s/login" />
3.25 - <link rel="openid2.local_id openid.delegate" href="%s/badger" />
3.26 + <link rel="openid2.local_id openid.delegate" href="badger" />
3.27 <title>Badger's Home Page</title>
3.28 </head>
3.29 <body>
3.30 <p>Home page for the OpenID authenticated user, <code>badger</code>.</p>
3.31 </body>
3.32 </html>
3.33 - """ % (deployment_url, deployment_url), ContentType("text/html")),
3.34 + """ % deployment_url, ContentType("text/html")),
3.35 u"זרו" :
3.36 StringResource(u"""
3.37 <html>
3.38 <head>
3.39 <link rel="openid2.provider openid.server" href="%s/login" />
3.40 - <link rel="openid2.local_id openid.delegate" href="%s/זרו" />
3.41 + <link rel="openid2.local_id openid.delegate" href="זרו" />
3.42 <title>Home Page for זרו</title>
3.43 </head>
3.44 <body>
3.45 <p>Home page for the OpenID authenticated user, <code>זרו</code>.</p>
3.46 </body>
3.47 </html>
3.48 - """ % (deployment_url, deployment_url), ContentType("text/html", "iso-8859-1")),
3.49 + """ % deployment_url, ContentType("text/html", "iso-8859-1")),
3.50 "vole" :
3.51 StringResource("""
3.52 <html>
3.53 <head>
3.54 <link rel="openid2.provider openid.server" href="%s/login" />
3.55 - <link rel="openid2.local_id openid.delegate" href="%s/vole" />
3.56 + <link rel="openid2.local_id openid.delegate" href="vole" />
3.57 <title>Vole's Home Page</title>
3.58 </head>
3.59 <body>
3.60 <p>Home page for the OpenID authenticated user, <code>vole</code>.</p>
3.61 </body>
3.62 </html>
3.63 - """ % (deployment_url, deployment_url), ContentType("text/html"))
3.64 + """ % deployment_url, ContentType("text/html")),
3.65 +
3.66 + # OpenID 2.0 resources.
3.67 + # See: http://docs.oasis-open.org/xri/2.0/specs/cd02/xri-resolution-V2.0-cd-02.html#_Ref129424065
3.68 + # ("3.3 Media Types for XRI Resolution")
3.69 + # See: http://openid.net/specs/openid-authentication-2_0.html#discovery
3.70 + # ("7.3. Discovery")
3.71 +
3.72 + "badger2" :
3.73 + StringResource("""
3.74 + <?xml version="1.0"?>
3.75 + <Service xmlns="xri://$xrd*($v*2.0)">
3.76 + <Type>http://specs.openid.net/auth/2.0/signon</Type>
3.77 + <URI>%s/login</URI>
3.78 + <LocalID>badger2</LocalID>
3.79 + </Service>
3.80 + """ % deployment_url, ContentType("application/xrd+xml")),
3.81 + u"זרו2" :
3.82 + StringResource(u"""
3.83 + <?xml version="1.0" encoding="iso-8859-1"?>
3.84 + <Service xmlns="xri://$xrd*($v*2.0)">
3.85 + <Type>http://specs.openid.net/auth/2.0/signon</Type>
3.86 + <URI>%s/login</URI>
3.87 + <LocalID>זרו2</LocalID>
3.88 + </Service>
3.89 + """ % deployment_url, ContentType("application/xrd+xml", "iso-8859-1")),
3.90 + "vole2" :
3.91 + StringResource("""
3.92 + <?xml version="1.0"?>
3.93 + <Service xmlns="xri://$xrd*($v*2.0)">
3.94 + <Type>http://specs.openid.net/auth/2.0/signon</Type>
3.95 + <URI>%s/login</URI>
3.96 + <LocalID>vole2</LocalID>
3.97 + </Service>
3.98 + """ % deployment_url, ContentType("application/xrd+xml")),
3.99 })
3.100
3.101 # vim: tabstop=4 expandtab shiftwidth=4