Back to index

moin  1.9.0~rc2
Public Member Functions | Public Attributes | Static Public Attributes | Private Member Functions | Private Attributes
MoinMoin.auth.openidrp.OpenIDAuth Class Reference
Inheritance diagram for MoinMoin.auth.openidrp.OpenIDAuth:
Inheritance graph
[legend]
Collaboration diagram for MoinMoin.auth.openidrp.OpenIDAuth:
Collaboration graph
[legend]

List of all members.

Public Member Functions

def __init__
def login
def login_hint
def request
def logout

Public Attributes

 login_inputs

Static Public Attributes

list login_inputs = ['openid_identifier']
string name = 'openid'
 logout_possible = True
tuple auth_attribs = ()

Private Member Functions

def _handle_user_data
def _get_account_name
def _get_account_name_inval_user
def _associate_account
def _handle_verify_continuation
def _handle_name_continuation
def _handle_associate_continuation
def _handle_continuation
def _openid_form

Private Attributes

 _modify_request
 _update_user
 _create_user
 _forced_service
 _idselector_com

Detailed Description

Definition at line 23 of file openidrp.py.


Constructor & Destructor Documentation

def MoinMoin.auth.openidrp.OpenIDAuth.__init__ (   self,
  modify_request = None,
  update_user = None,
  create_user = None,
  forced_service = None,
  idselector_com = None 
)

Definition at line 33 of file openidrp.py.

00033 
00034                        idselector_com=None):
00035         BaseAuth.__init__(self)
00036         self._modify_request = modify_request or (lambda x, c: None)
00037         self._update_user = update_user or (lambda i, u, c: None)
00038         self._create_user = create_user or (lambda i, u, c: None)
00039         self._forced_service = forced_service
00040         self._idselector_com = idselector_com
00041         if forced_service:
00042             self.login_inputs = ['special_no_input']


Member Function Documentation

def MoinMoin.auth.openidrp.OpenIDAuth._associate_account (   self,
  request,
  form,
  accountname,
  msg = None 
) [private]

Definition at line 109 of file openidrp.py.

00109 
00110     def _associate_account(self, request, form, accountname, msg=None):
00111         _ = request.getText
00112 
00113         form.append(html.INPUT(type='hidden', name='oidstage', value='3'))
00114         table = html.TABLE(border='0')
00115         form.append(table)
00116         td = html.TD(colspan=2)
00117         td.append(html.Raw(_("""The username you have chosen is already
00118 taken. If it is your username, enter your password below to associate
00119 the username with your OpenID. Otherwise, please choose a different
00120 username and leave the password field blank.""")))
00121         table.append(html.TR().append(td))
00122         if msg:
00123             td.append(html.P().append(html.STRONG().append(html.Raw(msg))))
00124         td1 = html.TD()
00125         td1.append(html.STRONG().append(html.Raw(_('Name'))))
00126         td2 = html.TD()
00127         td2.append(html.INPUT(type='text', name='username', value=accountname))
00128         table.append(html.TR().append(td1).append(td2))
00129         td1 = html.TD()
00130         td1.append(html.STRONG().append(html.Raw(_('Password'))))
00131         td2 = html.TD()
00132         td2.append(html.INPUT(type='password', name='password'))
00133         table.append(html.TR().append(td1).append(td2))
00134         td1 = html.TD()
00135         td2 = html.TD()
00136         td2.append(html.INPUT(type='submit', name='submit',
00137                               value=_('Associate this name')))
00138         table.append(html.TR().append(td1).append(td2))

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._get_account_name (   self,
  request,
  form,
  msg = None 
) [private]

Definition at line 74 of file openidrp.py.

00074 
00075     def _get_account_name(self, request, form, msg=None):
00076         # now we need to ask the user for a new username
00077         # that they want to use on this wiki
00078         # XXX: request nickname from OP and suggest using it
00079         # (if it isn't in use yet)
00080         logging.debug("running _get_account_name")
00081         _ = request.getText
00082         form.append(html.INPUT(type='hidden', name='oidstage', value='2'))
00083         table = html.TABLE(border='0')
00084         form.append(table)
00085         td = html.TD(colspan=2)
00086         td.append(html.Raw(_("""Please choose an account name now.
00087 If you choose an existing account name you will be asked for the
00088 password and be able to associate the account with your OpenID.""")))
00089         table.append(html.TR().append(td))
00090         if msg:
00091             td = html.TD(colspan='2')
00092             td.append(html.P().append(html.STRONG().append(html.Raw(msg))))
00093             table.append(html.TR().append(td))
00094         td1 = html.TD()
00095         td1.append(html.STRONG().append(html.Raw(_('Name'))))
00096         td2 = html.TD()
00097         td2.append(html.INPUT(type='text', name='username'))
00098         table.append(html.TR().append(td1).append(td2))
00099         td1 = html.TD()
00100         td2 = html.TD()
00101         td2.append(html.INPUT(type='submit', name='submit',
00102                               value=_('Choose this name')))
00103         table.append(html.TR().append(td1).append(td2))

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._get_account_name_inval_user (   self,
  request,
  form 
) [private]

Definition at line 104 of file openidrp.py.

00104 
00105     def _get_account_name_inval_user(self, request, form):
00106         _ = request.getText
00107         msg = _('This is not a valid username, choose a different one.')
00108         return self._get_account_name(request, form, msg=msg)

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 209 of file openidrp.py.

00209 
00210     def _handle_associate_continuation(self, request):
00211         if not 'openid.id' in request.session:
00212             return CancelLogin(_('No OpenID found in session.'))
00213 
00214         _ = request.getText
00215         username = request.form.get('username', '')
00216         password = request.form.get('password', '')
00217         if not password:
00218             return self._handle_name_continuation(request)
00219         u = user.User(request, name=username, password=password,
00220                       auth_method=self.name,
00221                       auth_username=request.session['openid.id'],
00222                       auth_attribs=self.auth_attribs)
00223         if u.valid:
00224             self._handle_user_data(request, u)
00225             return ContinueLogin(u, _('Your account is now associated to your OpenID.'))
00226         else:
00227             msg = _('The password you entered is not valid.')
00228             assoc = lambda req, form: self._associate_account(req, form, username, msg=msg)
00229             return MultistageFormLogin(assoc)

Here is the call graph for this function:

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._handle_continuation (   self,
  request 
) [private]

Definition at line 230 of file openidrp.py.

00230 
00231     def _handle_continuation(self, request):
00232         _ = request.getText
00233         oidstage = request.values.get('oidstage')
00234         if oidstage == '1':
00235             logging.debug('OpenID: handle verify continuation')
00236             return self._handle_verify_continuation(request)
00237         elif oidstage == '2':
00238             logging.debug('OpenID: handle name continuation')
00239             return self._handle_name_continuation(request)
00240         elif oidstage == '3':
00241             logging.debug('OpenID: handle associate continuation')
00242             return self._handle_associate_continuation(request)
00243         logging.debug('OpenID error: unknown continuation stage')
00244         return CancelLogin(_('OpenID error: unknown continuation stage'))

Here is the call graph for this function:

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._handle_name_continuation (   self,
  request 
) [private]

Definition at line 183 of file openidrp.py.

00183 
00184     def _handle_name_continuation(self, request):
00185         if not 'openid.id' in request.session:
00186             return CancelLogin(_('No OpenID found in session.'))
00187 
00188         _ = request.getText
00189         newname = request.form.get('username', '')
00190         if not newname:
00191             return MultistageFormLogin(self._get_account_name)
00192         if not user.isValidName(request, newname):
00193             return MultistageFormLogin(self._get_account_name_inval_user)
00194         uid = None
00195         if newname:
00196             uid = user.getUserId(request, newname)
00197         if not uid:
00198             # we can create a new user with this name :)
00199             u = user.User(request, auth_method=self.name,
00200                           auth_username=request.session['openid.id'],
00201                           auth_attribs=self.auth_attribs)
00202             u.name = newname
00203             u = self._handle_user_data(request, u)
00204             return ContinueLogin(u)
00205         # requested username already exists. if they know the password,
00206         # they can associate that account with the openid.
00207         assoc = lambda req, form: self._associate_account(req, form, newname)
00208         return MultistageFormLogin(assoc)

Here is the call graph for this function:

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._handle_user_data (   self,
  request,
  u 
) [private]

Definition at line 43 of file openidrp.py.

00043 
00044     def _handle_user_data(self, request, u):
00045         create = not u
00046         if create:
00047             # pass in a created but unsaved user object
00048             u = user.User(request, auth_method=self.name,
00049                           auth_username=request.session['openid.id'],
00050                           auth_attribs=self.auth_attribs)
00051             # invalid name
00052             u.name = ''
00053             u = self._create_user(request.session['openid.info'], u, request.cfg)
00054 
00055         if u:
00056             self._update_user(request.session['openid.info'], u, request.cfg)
00057 
00058             # just in case the wiki admin screwed up
00059             if (not user.isValidName(request, u.name) or
00060                 (create and user.getUserId(request, u.name))):
00061                 return None
00062 
00063             if not hasattr(u, 'openids'):
00064                 u.openids = []
00065             if not request.session['openid.id'] in u.openids:
00066                 u.openids.append(request.session['openid.id'])
00067 
00068             u.save()
00069 
00070             del request.session['openid.id']
00071             del request.session['openid.info']
00072 
00073         return u

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._handle_verify_continuation (   self,
  request 
) [private]

Definition at line 139 of file openidrp.py.

00139 
00140     def _handle_verify_continuation(self, request):
00141         _ = request.getText
00142         oidconsumer = consumer.Consumer(request.session,
00143                                         MoinOpenIDStore(request))
00144         query = {}
00145         for key in request.values.keys():
00146             query[key] = request.values.get(key)
00147         current_url = get_multistage_continuation_url(request, self.name,
00148                                                       {'oidstage': '1'})
00149         info = oidconsumer.complete(query, current_url)
00150         if info.status == consumer.FAILURE:
00151             logging.debug(_("OpenID error: %s.") % info.message)
00152             return CancelLogin(_('OpenID error: %s.') % info.message)
00153         elif info.status == consumer.CANCEL:
00154             logging.debug(_("OpenID verification canceled."))
00155             return CancelLogin(_('Verification canceled.'))
00156         elif info.status == consumer.SUCCESS:
00157             logging.debug(_("OpenID success. id: %s") % info.identity_url)
00158             request.session['openid.id'] = info.identity_url
00159             request.session['openid.info'] = info
00160 
00161             # try to find user object
00162             uid = user.getUserIdByOpenId(request, info.identity_url)
00163             if uid:
00164                 u = user.User(request, id=uid, auth_method=self.name,
00165                               auth_username=info.identity_url,
00166                               auth_attribs=self.auth_attribs)
00167             else:
00168                 u = None
00169 
00170             # create or update the user according to the registration data
00171             u = self._handle_user_data(request, u)
00172             if u:
00173                 return ContinueLogin(u)
00174 
00175             # if no user found, then we need to ask for a username,
00176             # possibly associating an existing account.
00177             logging.debug("OpenID: No user found, prompting for username")
00178             #request.session['openid.id'] = info.identity_url
00179             return MultistageFormLogin(self._get_account_name)
00180         else:
00181             logging.debug(_("OpenID failure"))
00182             return CancelLogin(_('OpenID failure.'))

Here is the call graph for this function:

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth._openid_form (   self,
  request,
  form,
  oidhtml 
) [private]

Definition at line 245 of file openidrp.py.

00245 
00246     def _openid_form(self, request, form, oidhtml):
00247         _ = request.getText
00248         txt = _('OpenID verification requires that you click this button:')
00249         # create JS to automatically submit the form if possible
00250         submitjs = """<script type="text/javascript">
00251 <!--//
00252 document.getElementById("openid_message").submit();
00253 //-->
00254 </script>
00255 """
00256         return ''.join([txt, oidhtml, submitjs])

Here is the caller graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth.login (   self,
  request,
  user_obj,
  kw 
)

Reimplemented from MoinMoin.auth.BaseAuth.

Definition at line 257 of file openidrp.py.

00257 
00258     def login(self, request, user_obj, **kw):
00259         continuation = kw.get('multistage')
00260 
00261         if continuation:
00262             return self._handle_continuation(request)
00263 
00264         # openid is designed to work together with other auths
00265         if user_obj and user_obj.valid:
00266             return ContinueLogin(user_obj)
00267 
00268         openid_id = kw.get('openid_identifier')
00269 
00270         # nothing entered? continue...
00271         if not self._forced_service and not openid_id:
00272             return ContinueLogin(user_obj)
00273 
00274         _ = request.getText
00275 
00276         # user entered something but the session can't be stored
00277         if not request.cfg.cookie_lifetime[0]:
00278             return ContinueLogin(user_obj,
00279                                  _('Anonymous sessions need to be enabled for OpenID login.'))
00280 
00281         oidconsumer = consumer.Consumer(request.session,
00282                                         MoinOpenIDStore(request))
00283 
00284         try:
00285             fserv = self._forced_service
00286             if fserv:
00287                 if isinstance(fserv, str) or isinstance(fserv, unicode):
00288                     oidreq = oidconsumer.begin(fserv)
00289                 else:
00290                     oidreq = oidconsumer.beginWithoutDiscovery(fserv)
00291             else:
00292                 oidreq = oidconsumer.begin(openid_id)
00293         except HTTPFetchingError:
00294             return ContinueLogin(None, _('Failed to resolve OpenID.'))
00295         except DiscoveryFailure:
00296             return ContinueLogin(None, _('OpenID discovery failure, not a valid OpenID.'))
00297         else:
00298             if oidreq is None:
00299                 return ContinueLogin(None, _('No OpenID.'))
00300 
00301             self._modify_request(oidreq, request.cfg)
00302 
00303             return_to = get_multistage_continuation_url(request, self.name,
00304                                                         {'oidstage': '1'})
00305             trust_root = request.url_root
00306             if oidreq.shouldSendRedirect():
00307                 redirect_url = oidreq.redirectURL(trust_root, return_to)
00308                 return MultistageRedirectLogin(redirect_url)
00309             else:
00310                 form_html = oidreq.formMarkup(trust_root, return_to,
00311                     form_tag_attrs={'id': 'openid_message'})
00312                 mcall = lambda request, form:\
00313                     self._openid_form(request, form, form_html)
00314                 ret = MultistageFormLogin(mcall)
00315                 return ret

Here is the call graph for this function:

def MoinMoin.auth.openidrp.OpenIDAuth.login_hint (   self,
  request 
)

Reimplemented from MoinMoin.auth.BaseAuth.

Definition at line 316 of file openidrp.py.

00316 
00317     def login_hint(self, request):
00318         _ = request.getText
00319         msg = u''
00320         if self._idselector_com:
00321             msg = self._idselector_com
00322         msg += _("If you do not have an account yet, you can still log in "
00323                  "with your OpenID and create one during login.")
00324         return msg
def MoinMoin.auth.BaseAuth.logout (   self,
  request,
  user_obj,
  kw 
) [inherited]

Reimplemented in MoinMoin.auth.cas.CASAuth, MoinMoin.auth.smb_mount.SMBMount, and MoinMoin.auth.log.AuthLog.

Definition at line 208 of file __init__.py.

00208 
00209     def logout(self, request, user_obj, **kw):
00210         if self.name and user_obj and user_obj.auth_method == self.name:
00211             logging.debug("%s: logout - invalidating user %r" % (self.name, user_obj.name))
00212             user_obj.valid = False
        return user_obj, True
def MoinMoin.auth.BaseAuth.request (   self,
  request,
  user_obj,
  kw 
) [inherited]

Member Data Documentation

Definition at line 37 of file openidrp.py.

Definition at line 38 of file openidrp.py.

Definition at line 39 of file openidrp.py.

Definition at line 35 of file openidrp.py.

Definition at line 36 of file openidrp.py.

Definition at line 27 of file openidrp.py.

list MoinMoin.auth.openidrp.OpenIDAuth.login_inputs = ['openid_identifier'] [static]

Reimplemented from MoinMoin.auth.BaseAuth.

Definition at line 24 of file openidrp.py.

Reimplemented from MoinMoin.auth.BaseAuth.

Definition at line 41 of file openidrp.py.

Reimplemented from MoinMoin.auth.BaseAuth.

Definition at line 26 of file openidrp.py.

string MoinMoin.auth.openidrp.OpenIDAuth.name = 'openid' [static]

Reimplemented from MoinMoin.auth.BaseAuth.

Definition at line 25 of file openidrp.py.


The documentation for this class was generated from the following file: