~ubuntuone-pqm-team/canonical-identity-provider/trunk

« back to all changes in this revision

Viewing changes to doctests/stories/openid/per-version/referer-cookie.txt

Committer: Danny Tamez
Date: 2010-04-21 15:29:24 UTC
Revision ID: danny.tamez@canonical.com-20100421152924-lq1m92tstk2iz75a

Canonical SSO Provider (Open Source) - Initial Commit

files added:

LICENSE

__init__.py

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/pycompat

debian/rules

doctests

doctests/openidhelpers.py

doctests/runner.py

doctests/setup.py

doctests/stories

doctests/stories/api-authentications.txt

doctests/stories/api-workflows.txt

doctests/stories/branded-rp.txt

doctests/stories/openid

doctests/stories/openid/_read-only-mode.txt

doctests/stories/openid/basics.txt

doctests/stories/openid/copyright.txt

doctests/stories/openid/delegated-identity.txt

doctests/stories/openid/directed-identity.txt

doctests/stories/openid/discovery.txt

doctests/stories/openid/insane-trust-root.txt

doctests/stories/openid/max-auth-age.txt

doctests/stories/openid/mismatched-trust-root.txt

doctests/stories/openid/offsite-form-post.txt

doctests/stories/openid/per-version

doctests/stories/openid/per-version/logout-during-login.txt

doctests/stories/openid/per-version/openid-teams-private-membership.txt

doctests/stories/openid/per-version/openid-teams.txt

doctests/stories/openid/per-version/referer-cookie.txt

doctests/stories/openid/per-version/restricted-sreg.txt

doctests/stories/openid/per-version/sso-auto-authorize.txt

doctests/stories/openid/per-version/sso-workflow-authorize.txt

doctests/stories/openid/per-version/sso-workflow-complete.txt

doctests/stories/openid/per-version/sso-workflow-login.txt

doctests/stories/openid/per-version/sso-workflow-register.txt

doctests/stories/openid/per-version/sso-workflow-reset-password.txt

doctests/stories/openid/per-version/sso-workflow-switch-user.txt

doctests/stories/openid/per-version/switch-user-twice.txt

doctests/stories/openid/pre-authorization.txt

doctests/stories/sso-server

doctests/stories/sso-server/_edit-emails.txt

doctests/stories/sso-server/home-page.txt

doctests/stories/sso-server/rate-limit.txt

doctests/stories/sso-server/standalone-login.txt

doctests/utils.py

identityprovider

identityprovider/__init__.py

identityprovider/admin.py

identityprovider/auth.py

identityprovider/backend

identityprovider/backend/__init__.py

identityprovider/backend/base.py

identityprovider/backend/old

identityprovider/backend/old/__init__.py

identityprovider/backend/old/base.py

identityprovider/branding.py

identityprovider/const.py

identityprovider/context_processors.py

identityprovider/decorators.py

identityprovider/fields.py

identityprovider/forms.py

identityprovider/locale

identityprovider/locale/de

identityprovider/locale/de/LC_MESSAGES

identityprovider/locale/de/LC_MESSAGES/django.mo

identityprovider/locale/de/LC_MESSAGES/django.po

identityprovider/locale/es_AR

identityprovider/locale/es_AR/LC_MESSAGES

identityprovider/locale/es_AR/LC_MESSAGES/django.mo

identityprovider/locale/es_AR/LC_MESSAGES/django.po

identityprovider/locale/he

identityprovider/locale/he/LC_MESSAGES

identityprovider/locale/he/LC_MESSAGES/django.mo

identityprovider/locale/he/LC_MESSAGES/django.po

identityprovider/locale/hu

identityprovider/locale/hu/LC_MESSAGES

identityprovider/locale/hu/LC_MESSAGES/django.mo

identityprovider/locale/hu/LC_MESSAGES/django.po

identityprovider/locale/pl

identityprovider/locale/pl/LC_MESSAGES

identityprovider/locale/pl/LC_MESSAGES/django.mo

identityprovider/locale/pl/LC_MESSAGES/django.po

identityprovider/locale/sw

identityprovider/locale/sw/LC_MESSAGES

identityprovider/locale/sw/LC_MESSAGES/django.po

identityprovider/management

identityprovider/management/__init__.py

identityprovider/management/commands

identityprovider/management/commands/__init__.py

identityprovider/management/commands/readonly.py

identityprovider/management/commands/sqlcachedflush.py

identityprovider/management/commands/sqlcachedloaddata.py

identityprovider/media

identityprovider/media/blue-fade-to-grey.gif

identityprovider/media/body-bg.png

identityprovider/media/btn-alt-cap.png

identityprovider/media/btn-alt.png

identityprovider/media/btn-cap.png

identityprovider/media/btn.png

identityprovider/media/error-large.png

identityprovider/media/error.png

identityprovider/media/help-large.gif

identityprovider/media/info-large.png

identityprovider/media/launchpad

identityprovider/media/launchpad/favicon.ico

identityprovider/media/launchpad/styles.css

identityprovider/media/logo.png

identityprovider/media/logout-bar-bg.gif

identityprovider/media/passwordhint.js

identityprovider/media/reset.css

identityprovider/media/tick-large.png

identityprovider/media/tooltip-tail.gif

identityprovider/media/trash-icon.gif

identityprovider/media/ubuntu

identityprovider/media/ubuntu-sso-logo.png

identityprovider/media/ubuntu/favicon.ico

identityprovider/media/ubuntu/styles.css

identityprovider/media/warning-large.png

identityprovider/middleware

identityprovider/middleware/__init__.py

identityprovider/middleware/csrf.py

identityprovider/middleware/dbfailover.py

identityprovider/middleware/exception.py

identityprovider/middleware/useraccount.py

identityprovider/middleware/xrds.py

identityprovider/models

identityprovider/models/__init__.py

identityprovider/models/account.py

identityprovider/models/api.py

identityprovider/models/authtoken.py

identityprovider/models/captcha.py

identityprovider/models/const.py

identityprovider/models/emailaddress.py

identityprovider/models/fixtures

identityprovider/models/fixtures/lp_account.json

identityprovider/models/fixtures/lp_accountpassword.json

identityprovider/models/fixtures/lp_emailaddress_noperson.json

identityprovider/models/fixtures/multiple_associations.json

identityprovider/models/fixtures/test.json

identityprovider/models/metamodels.py

identityprovider/models/oauthtoken.py

identityprovider/models/openidmodels.py

identityprovider/models/person.py

identityprovider/models/sql

identityprovider/models/sql/account.identityprovider.backend.sql

identityprovider/models/team.py

identityprovider/readonly.py

identityprovider/signed.py

identityprovider/teams.py

identityprovider/templates

identityprovider/templates/404.html

identityprovider/templates/500.html

identityprovider/templates/account

identityprovider/templates/account/confirm_new_email.html

identityprovider/templates/account/deactivated.html

identityprovider/templates/account/delete_email.html

identityprovider/templates/account/edit-emails.html

identityprovider/templates/account/edit.html

identityprovider/templates/account/new_email.html

identityprovider/templates/admin

identityprovider/templates/admin/readonly.html

identityprovider/templates/admin/readonly.txt

identityprovider/templates/admin/readonly_confirm.html

identityprovider/templates/consumer

identityprovider/templates/consumer/index.html

identityprovider/templates/consumer/request_form.html

identityprovider/templates/decide.html

identityprovider/templates/email

identityprovider/templates/email/email-validation-token.txt

identityprovider/templates/email/forgottenpassword.txt

identityprovider/templates/email/impersonate-warning.txt

identityprovider/templates/email/newuser.txt

identityprovider/templates/email/validate-email.txt

identityprovider/templates/invalid_identifier.html

identityprovider/templates/launchpad

identityprovider/templates/launchpad/base.html

identityprovider/templates/launchpad/registration

identityprovider/templates/launchpad/registration/login.html

identityprovider/templates/limitexceeded.html

identityprovider/templates/openidapplication-xrds.xml

identityprovider/templates/person-xrds.xml

identityprovider/templates/person.html

identityprovider/templates/preauth_fail.html

identityprovider/templates/readonly.html

identityprovider/templates/registration

identityprovider/templates/registration/bad_token.html

identityprovider/templates/registration/confirm_new_account.html

identityprovider/templates/registration/email_sent.html

identityprovider/templates/registration/forgot_password.html

identityprovider/templates/registration/logout.html

identityprovider/templates/registration/new_account.html

identityprovider/templates/registration/reset_password.html

identityprovider/templates/registration/token.html

identityprovider/templates/server_info.html

identityprovider/templates/set_language.html

identityprovider/templates/static

identityprovider/templates/static/description.html

identityprovider/templates/static/faq.html

identityprovider/templates/twocols.html

identityprovider/templates/ubuntu

identityprovider/templates/ubuntu/base.html

identityprovider/templates/ubuntu/registration

identityprovider/templates/ubuntu/registration/login.html

identityprovider/templates/untrusted.html

identityprovider/templates/widgets

identityprovider/templates/widgets/last_auth_sites.html

identityprovider/templates/widgets/launchpad

identityprovider/templates/widgets/launchpad/logout-button.html

identityprovider/templates/widgets/recaptcha.html

identityprovider/templates/widgets/trusted_rp.html

identityprovider/templates/widgets/ubuntu

identityprovider/templates/widgets/ubuntu/logout-button.html

identityprovider/templates/widgets/unknown_rp.html

identityprovider/tests

identityprovider/tests/__init__.py

identityprovider/tests/mockdb.py

identityprovider/tests/test_admin.py

identityprovider/tests/test_auth.py

identityprovider/tests/test_captcha.py

identityprovider/tests/test_command_readonly.py

identityprovider/tests/test_dbfailover.py

identityprovider/tests/test_fields.py

identityprovider/tests/test_forms.py

identityprovider/tests/test_loginservice.py

identityprovider/tests/test_middleware.py

identityprovider/tests/test_models_account.py

identityprovider/tests/test_models_authtoken.py

identityprovider/tests/test_models_oauthtoken.py

identityprovider/tests/test_models_openidmodels.py

identityprovider/tests/test_readonly.py

identityprovider/tests/test_signed.py

identityprovider/tests/test_static.py

identityprovider/tests/test_utils.py

identityprovider/tests/test_views_account.py

identityprovider/tests/test_views_consumer.py

identityprovider/tests/test_views_server.py

identityprovider/tests/test_views_ui.py

identityprovider/tests/test_views_utils.py

identityprovider/tests/test_widgets.py

identityprovider/tests/test_xrds.py

identityprovider/tests/utils.py

identityprovider/urls.py

identityprovider/utils.py

identityprovider/views

identityprovider/views/__init__.py

identityprovider/views/account.py

identityprovider/views/consumer.py

identityprovider/views/errors.py

identityprovider/views/readonly.py

identityprovider/views/server.py

identityprovider/views/testing.py

identityprovider/views/ui.py

identityprovider/views/utils.py

identityprovider/webservice

identityprovider/webservice/__init__.py

identityprovider/webservice/forms.py

identityprovider/webservice/interfaces.py

identityprovider/webservice/models.py

identityprovider/webservice/site.zcml

identityprovider/widgets.py

identityprovider/wsgi.py

mockservice

mockservice/api-authentications.txt

mockservice/api-workflows.txt

mockservice/mockserver.py

mockservice/wadl.xml

offline_pages

offline_pages/offline-maintenance-lp-haproxy.html

offline_pages/offline-maintenance-lp.html

offline_pages/offline-maintenance-sso-haproxy.html

offline_pages/offline-maintenance-sso.html

offline_pages/offline-unplanned-lp-haproxy.html

offline_pages/offline-unplanned-lp.html

offline_pages/offline-unplanned-sso-haproxy.html

offline_pages/offline-unplanned-sso.html

po/django

po/django/de.po

po/django/django.pot

po/django/es.po

po/django/he.po

po/django/hu.po

po/django/pl.po

scripts

scripts/test

setup.py

third-party

third-party/django

third-party/django-openid

third-party/django-openid/LICENSE

third-party/django/LICENSE

third-party/mock

third-party/mock/LICENSE

third-party/python-openid

third-party/python-openid/LICENSE

third-party/python-openid/NOTICE

wsgi_test_server.py

wsgiserver.py

Show diffs side-by-side

added added

removed removed

GNU Affero General Public License version 3 (see the file LICENSE).

= Recording the Referer in a Cookie =

In order to maintain reasonable quality of service for important RPs,

we need some way that the load balancer can categorise connections by

the RP they originate from.

The first request in the OpenID authentication process can easily be

categorised by looking at the "Referer" request header, but that can't

be done for subsequent requests (whose "Referer" header will point at

the OpenID provider).

To solve this problem, we set a cookie at the beginning of the

authentication request containing the referer value. The load

balancer can then use this to classify the subsequent requests.

First we'll set up our OpenID consumer:

>>> from openid.consumer.consumer import Consumer

>>> from openid.fetchers import setDefaultFetcher

>>> from openid.store.memstore import MemoryStore

>>> from canonical.signon.testing.openidhelpers import (

... make_identifier_select_endpoint, PublisherFetcher)

>>> setDefaultFetcher(PublisherFetcher())

>>> openid_store = MemoryStore()

>>> consumer = Consumer(session={}, store=openid_store)

Now when we start the OpenID authentication request, the "Referer"

header gets saved into a cookie. The cookie has no expiry date set,

so will not last beyond the current web browser session.

>>> request = consumer.beginWithoutDiscovery(

... make_identifier_select_endpoint(PROTOCOL_URI))

>>> browser.addHeader('Referer', 'http://example.com/referer')

>>> browser.open(request.redirectURL(

... 'http://launchpad.dev/', 'http://launchpad.dev/+openid-consumer'))

>>> print browser.cookies['openid_referer']

"http://example.com/referer"

== Cleanup ==

>>> setDefaultFetcher(None)

Older »