incubator-heraldry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ket...@apache.org
Subject svn commit: r493412 - /incubator/heraldry/libraries/python/openid/trunk/openid/test/test_server.py
Date Sat, 06 Jan 2007 05:28:53 GMT
Author: keturn
Date: Fri Jan  5 21:28:52 2007
New Revision: 493412

URL: http://svn.apache.org/viewvc?view=rev&rev=493412
Log:
[python-to-heraldry @ test.test_server.TestCheckAuth.test_replay: docstring, fixes #1582.]

Original author: Kevin Turner <kevin@janrain.com>
Date: 2006-12-16 02:01:16+00:00

Modified:
    incubator/heraldry/libraries/python/openid/trunk/openid/test/test_server.py

Modified: incubator/heraldry/libraries/python/openid/trunk/openid/test/test_server.py
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/python/openid/trunk/openid/test/test_server.py?view=diff&rev=493412&r1=493411&r2=493412
==============================================================================
--- incubator/heraldry/libraries/python/openid/trunk/openid/test/test_server.py (original)
+++ incubator/heraldry/libraries/python/openid/trunk/openid/test/test_server.py Fri Jan  5
21:28:52 2007
@@ -815,6 +815,18 @@
                              {'is_valid': 'false'})
 
     def test_replay(self):
+        """Don't validate the same response twice.
+
+        From "Checking the Nonce"::
+        
+            When using "check_authentication", the OP MUST ensure that an
+            assertion has not yet been accepted with the same value for
+            "openid.response_nonce".
+
+        In this implementation, the assoc_handle is only valid once.  And
+        nonces are a signed component of the message, so they can't be used
+        with another handle without breaking the sig.
+        """
         r = self.request.answer(self.signatory)
         r = self.request.answer(self.signatory)
         self.failUnlessEqual(r.fields.getArgs(OPENID_NS),



Mime
View raw message