Process the form submission, initating OpenID verification.
00175 : """Process the form submission, initating OpenID verification. """ # First, make sure that the user entered something openid_url = request['query'].get('openid_url') if not openid_url: return self.render(request, 'Enter an identity URL to verify.', css_class='error', form_contents=openid_url) oidconsumer = self.oidconsumer # Then, ask the library to begin the authorization. # Here we find out the identity server that will verify the # user's identity, and get a token that allows us to # communicate securely with the identity server. status, info = oidconsumer.beginAuth(openid_url) # If the URL was unusable (either because of network # conditions, a server error, or that the response returned # was not an OpenID identity page), the library will return # an error code. Let the user know that that URL is unusable. if status in [consumer.HTTP_FAILURE, consumer.PARSE_ERROR]: if status == consumer.HTTP_FAILURE: fmt = 'Failed to retrieve <q>%s</q>' else: fmt = 'Could not find OpenID information in <q>%s</q>' message = fmt % (cgi.escape(openid_url),) self.render(request, message, css_class='error', form_contents=openid_url) elif status == consumer.SUCCESS: # The URL was a valid identity URL. Now we construct a URL # that will get us to process the server response. We will # need the token from the beginAuth call when processing # the response. A cookie or a session object could be used # to accomplish this, but for simplicity here we just add # it as a query parameter of the return-to URL. return_to = self.build_url(request, 'process', token=info.token) # Now ask the library for the URL to redirect the user to # his OpenID server. It is required for security that the # return_to URL must be under the specified trust_root. We # just use the base_url for this server as a trust root. redirect_url = oidconsumer.constructRedirect( info, return_to, trust_root=request['base_url']) # Send the redirect response return self.redirect(request, redirect_url) else: assert False, 'Not reached' def do_process(self, request):