Logo Search packages:      
Sourcecode: paste version File versions  Download package

def paste::auth::open_id::AuthOpenIDHandler::do_verify (   self,
  request 
)

Process the form submission, initating OpenID verification.

Definition at line 175 of file open_id.py.

00175                                 :
        """Process the form submission, initating OpenID verification.
        """

        # First, make sure that the user entered something
        openid_url = request['query'].get('openid_url')
        if not openid_url:
            return self.render(request, 'Enter an identity URL to verify.',
                        css_class='error', form_contents=openid_url)

        oidconsumer = self.oidconsumer

        # Then, ask the library to begin the authorization.
        # Here we find out the identity server that will verify the
        # user's identity, and get a token that allows us to
        # communicate securely with the identity server.
        status, info = oidconsumer.beginAuth(openid_url)

        # If the URL was unusable (either because of network
        # conditions, a server error, or that the response returned
        # was not an OpenID identity page), the library will return
        # an error code. Let the user know that that URL is unusable.
        if status in [consumer.HTTP_FAILURE, consumer.PARSE_ERROR]:
            if status == consumer.HTTP_FAILURE:
                fmt = 'Failed to retrieve <q>%s</q>'
            else:
                fmt = 'Could not find OpenID information in <q>%s</q>'

            message = fmt % (cgi.escape(openid_url),)
            self.render(request, message, css_class='error', form_contents=openid_url)
        elif status == consumer.SUCCESS:
            # The URL was a valid identity URL. Now we construct a URL
            # that will get us to process the server response. We will
            # need the token from the beginAuth call when processing
            # the response. A cookie or a session object could be used
              # to accomplish this, but for simplicity here we just add
              # it as a query parameter of the return-to URL.
            return_to = self.build_url(request, 'process', token=info.token)

            # Now ask the library for the URL to redirect the user to
            # his OpenID server. It is required for security that the
            # return_to URL must be under the specified trust_root. We
            # just use the base_url for this server as a trust root.
            redirect_url = oidconsumer.constructRedirect(
                info, return_to, trust_root=request['base_url'])

            # Send the redirect response
            return self.redirect(request, redirect_url)
        else:
            assert False, 'Not reached'

    def do_process(self, request):


Generated by  Doxygen 1.6.0   Back to index