incubator-heraldry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ket...@apache.org
Subject svn commit: r493377 - in /incubator/heraldry/libraries/python/openid/trunk/openid: consumer/consumer.py test/test_consumer.py
Date Sat, 06 Jan 2007 05:26:15 GMT
Author: keturn
Date: Fri Jan  5 21:26:14 2007
New Revision: 493377

URL: http://svn.apache.org/viewvc?view=rev&rev=493377
Log:
[python-to-heraldry @ Differentiate nonce handling for OpenID 1 and 2 relying parties]

Original author: Josh Hoyt <josh@janrain.com>
Date: 2006-12-27 00:33:44+00:00

Modified:
    incubator/heraldry/libraries/python/openid/trunk/openid/consumer/consumer.py
    incubator/heraldry/libraries/python/openid/trunk/openid/test/test_consumer.py

Modified: incubator/heraldry/libraries/python/openid/trunk/openid/consumer/consumer.py
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/python/openid/trunk/openid/consumer/consumer.py?view=diff&rev=493377&r1=493376&r2=493377
==============================================================================
--- incubator/heraldry/libraries/python/openid/trunk/openid/consumer/consumer.py (original)
+++ incubator/heraldry/libraries/python/openid/trunk/openid/consumer/consumer.py Fri Jan 
5 21:26:14 2007
@@ -488,19 +488,23 @@
     def _checkNonce(self, server_url, response):
         nonce = response.getNonce()
         if nonce is None:
-            # Assume that this is an OpenID 1.X response and
-            # use/extract the nonce that we generated.
-            return_to = response.getReturnTo()
-            parsed_url = urlparse(return_to)
-            query = parsed_url[4]
-            for k, v in cgi.parse_qsl(query):
-                if k == 'nonce':
-                    server_url = '' # came from us
-                    nonce = v
-                    break
+            if response.isOpenID1():
+                # Assume that this is an OpenID 1.X response and
+                # use/extract the nonce that we generated.
+                return_to = response.getReturnTo()
+                parsed_url = urlparse(return_to)
+                query = parsed_url[4]
+                for k, v in cgi.parse_qsl(query):
+                    if k == 'nonce':
+                        server_url = '' # came from us
+                        nonce = v
+                        break
+                else:
+                    msg = 'Nonce missing from return_to: %r' % (
+                        response.getReturnTo())
+                    return FailureResponse(response.endpoint, msg)
             else:
-                msg = 'Nonce missing from return_to: %r' % (
-                    response.getReturnTo())
+                msg = 'Nonce missing from response'
                 return FailureResponse(response.endpoint, msg)
 
         # The nonce matches the signed nonce in the openid.return_to
@@ -1235,6 +1239,9 @@
         if signed_fields is None:
             signed_fields = []
         self.signed_fields = signed_fields
+
+    def isOpenID1(self):
+        return self.message.isOpenID1()
 
     def isSigned(self, ns_uri, ns_key):
         """Return whether a particular key is signed, regardless of

Modified: incubator/heraldry/libraries/python/openid/trunk/openid/test/test_consumer.py
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/python/openid/trunk/openid/test/test_consumer.py?view=diff&rev=493377&r1=493376&r2=493377
==============================================================================
--- incubator/heraldry/libraries/python/openid/trunk/openid/test/test_consumer.py (original)
+++ incubator/heraldry/libraries/python/openid/trunk/openid/test/test_consumer.py Fri Jan
 5 21:26:14 2007
@@ -659,6 +659,16 @@
         self.failUnlessEqual(ret.status, SUCCESS)
         self.failUnlessEqual(ret.identity_url, self.consumer_id)
 
+    def test_consumerNonceOpenID2(self):
+        """OpenID 2 does not use consumer-generated nonce"""
+        self.return_to = 'http://rt.unittest/?nonce=%s' % (mkNonce(),)
+        self.response = mkSuccess(self.endpoint,
+                                  {'return_to': self.return_to,
+                                   'ns':OPENID2_NS})
+        ret = self.consumer._checkNonce(None, self.response)
+        self.failUnlessEqual(ret.status, FAILURE)
+        self.failUnless(ret.message.startswith('Nonce missing from response'))
+
     def test_serverNonce(self):
         """use server-generated nonce"""
         self.response = mkSuccess(self.endpoint,



Mime
View raw message