2
from djopenid import util
4
from django import http
5
from django.http import HttpResponseRedirect
7
from openid.consumer import consumer
8
from openid.consumer.discover import DiscoveryFailure
9
from openid import sreg
13
Return an OpenID store object fit for the currently-chosen
14
database backend, if any.
16
return util.getOpenIDStore('/tmp/djopenid_c_store', 'c_')
18
def getConsumer(request):
20
Get a Consumer object to perform OpenID authentication.
22
return consumer.Consumer(request.session, getOpenIDStore())
25
def startOpenID(request):
27
Start the OpenID authentication process. Renders an
28
authentication form and accepts its POST.
30
* Renders an error message if OpenID cannot be initiated
32
* Requests some Simple Registration data using the OpenID
33
library's Simple Registration machinery
35
* Generates the appropriate trust root and return URL values for
36
this application (tweak where appropriate)
38
* Generates the appropriate redirect based on the OpenID protocol
42
# Start OpenID authentication.
43
openid_url = request.POST['openid_url']
44
c = getConsumer(request)
48
auth_request = c.begin(openid_url)
49
except DiscoveryFailure, e:
50
# Some other protocol-level failure occurred.
51
error = "OpenID discovery error: %s" % (str(e),)
54
# Render the page with an error.
55
return 'consumer/index.html', {'error': error}
57
# Add Simple Registration request information. Some fields
58
# are optional, some are required. It's possible that the
59
# server doesn't support sreg or won't return any of the
61
sreg_request = sreg.SRegRequest(optional=['email', 'nickname'],
63
auth_request.addExtension(sreg_request)
65
# Compute the trust root and return URL values to build the
66
# redirect information.
67
trust_root = util.getTrustRoot(request)
68
return_to = trust_root + 'consumer/finish/'
70
# Send the browser to the server either by sending a redirect
71
# URL or by generating a POST form.
72
if auth_request.shouldSendRedirect():
73
url = auth_request.redirectURL(trust_root, return_to)
74
return HttpResponseRedirect(url)
76
# Beware: this renders a template whose content is a form
77
# and some javascript to submit it upon page load. Non-JS
78
# users will have to click the form submit button to
79
# initiate OpenID authentication.
80
form_id = 'openid_message'
81
form_html = auth_request.formMarkup(trust_root, return_to,
82
False, {'id': form_id})
83
return 'consumer/request_form.html', {'html': form_html}
85
return 'consumer/index.html', {}
88
def finishOpenID(request):
90
Finish the OpenID authentication process. Invoke the OpenID
91
library with the response from the OpenID server and render a page
97
c = getConsumer(request)
99
# Because the object containing the query parameters is a
100
# MultiValueDict and the OpenID library doesn't allow that,
101
# we'll convert it to a normal dict.
102
GET_data = util.normalDict(request.GET)
104
# Get a response object indicating the result of the OpenID
106
response = c.complete(GET_data)
108
# Get a Simple Registration response object if response
109
# information was included in the OpenID response.
111
if response.status == consumer.SUCCESS:
112
sreg_response = sreg.SRegResponse.fromSuccessResponse(response)
114
# Map different consumer status codes to template contexts.
117
{'message': 'OpenID authentication cancelled.'},
120
{'error': 'OpenID authentication failed.'},
123
{'url': response.identity_url,
124
'sreg': sreg_response.items(),},
127
result = results[response.status]
129
if isinstance(response, consumer.FailureResponse):
130
# In a real application, this information should be
131
# written to a log for debugging/tracking OpenID
132
# authentication failures. In general, the messages are
133
# not user-friendly, but intended for developers.
134
result['failure_reason'] = response.message
136
return 'consumer/index.html', result