incubator-heraldry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ket...@apache.org
Subject svn commit: r493341 - in /incubator/heraldry/libraries/python/openid/trunk/openid: message.py test/test_message.py
Date Sat, 06 Jan 2007 05:23:19 GMT
Author: keturn
Date: Fri Jan  5 21:23:19 2007
New Revision: 493341

URL: http://svn.apache.org/viewvc?view=rev&rev=493341
Log:
[python-to-heraldry @ FIX #1621: Make dotted and protocol field ns aliases invalid]

Original author: cygnus@janrain.com
Date: 2006-12-20 21:59:46+00:00

Modified:
    incubator/heraldry/libraries/python/openid/trunk/openid/message.py
    incubator/heraldry/libraries/python/openid/trunk/openid/test/test_message.py

Modified: incubator/heraldry/libraries/python/openid/trunk/openid/message.py
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/python/openid/trunk/openid/message.py?view=diff&rev=493341&r1=493340&r2=493341
==============================================================================
--- incubator/heraldry/libraries/python/openid/trunk/openid/message.py (original)
+++ incubator/heraldry/libraries/python/openid/trunk/openid/message.py Fri Jan  5 21:23:19
2007
@@ -41,6 +41,14 @@
 # with "openid."
 BARE_NS = oidutil.Symbol('Bare namespace')
 
+# All OpenID protocol fields.  Used to check namespace aliases.
+OPENID_PROTOCOL_FIELDS = [
+    'ns', 'mode', 'error', 'return_to', 'contact', 'reference',
+    'signed', 'assoc_type', 'session_type', 'dh_modulus', 'dh_gen',
+    'dh_consumer_public', 'claimed_id', 'identity', 'realm',
+    'invalidate_handle', 'op_endpoint', 'response_nonce', 'sig',
+    ]
+
 class UndefinedOpenIDNamespace(ValueError):
     """Raised if the generic OpenID namespace is accessed when there
     is no OpenID namespace set for this message."""
@@ -426,6 +434,17 @@
     def addAlias(self, namespace_uri, desired_alias):
         """Add an alias from this namespace URI to the desired alias
         """
+        # Check that desired_alias is not an openid protocol field as
+        # per the spec.
+        assert desired_alias not in OPENID_PROTOCOL_FIELDS, \
+               "%r is not an allowed namespace alias" % (desired_alias,)
+
+        # Check that desired_alias does not contain a period as per
+        # the spec.
+        if type(desired_alias) in [str, unicode]:
+            assert '.' not in desired_alias, \
+                   "%r must not contain a dot" % (desired_alias,)
+
         # Check that there is not a namespace already defined for
         # the desired alias
         current_namespace_uri = self.alias_to_namespace.get(desired_alias)

Modified: incubator/heraldry/libraries/python/openid/trunk/openid/test/test_message.py
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/python/openid/trunk/openid/test/test_message.py?view=diff&rev=493341&r1=493340&r2=493341
==============================================================================
--- incubator/heraldry/libraries/python/openid/trunk/openid/test/test_message.py (original)
+++ incubator/heraldry/libraries/python/openid/trunk/openid/test/test_message.py Fri Jan 
5 21:23:19 2007
@@ -571,6 +571,20 @@
     def test_setArgNS3(self):
         self._test_setArgNS('urn:nothing-significant')
 
+    def test_badAlias(self):
+        """Make sure dotted aliases and OpenID protocol fields are not
+        allowed as namespace aliases."""
+
+        for f in message.OPENID_PROTOCOL_FIELDS + ['dotted.alias']:
+            args = {'openid.ns.%s' % f: 'blah',
+                    'openid.%s.foo' % f: 'test'}
+
+            # .fromPostArgs covers .fromPostArgs, .fromOpenIDArgs,
+            # ._fromOpenIDArgs, and .fromOpenIDArgs (since it calls
+            # .fromPostArgs).
+            self.failUnlessRaises(AssertionError, self.msg.fromPostArgs,
+                                  args)
+
     def _test_delArgNS(self, ns):
         key = 'Camper van Beethoven'
         value = 'David Lowery'



Mime
View raw message