[cpif] r171 - in trunk: . backend frontend-web
svn at argo.es
svn at argo.es
Wed Jun 20 20:13:13 CEST 2007
Author: jcea
Date: Wed Jun 20 20:13:12 2007
New Revision: 171
Log:
Primeros pasos OpenID
Added:
trunk/frontend-web/url_LOGIN_OpenID.py
- copied, changed from r169, /trunk/frontend-web/url_login.py
Modified:
trunk/TODO
trunk/backend/database.py
trunk/backend/upgrade.py
trunk/frontend-web/globales.py
trunk/frontend-web/init.py
trunk/frontend-web/servidor_web.py
trunk/frontend-web/url_LOGIN.py
Modified: trunk/TODO
==============================================================================
--- trunk/TODO (original)
+++ trunk/TODO Wed Jun 20 20:13:12 2007
@@ -105,3 +105,16 @@
y/o han cambiado)
· Y la mas importante, falta mirar que IE no mande los estilos
al garete, aunque deberia funcionar ya que valida.
+
+- 20070620: Cuando hacemos backup de los usuarios, hacer
+ backup tambien de sus URLs OpenID, si las tienen. Probablemente
+ lo mas sencillo sea hacer un "pickle" directo a disco duro...
+
+- 20070620: FRONTAL WEB: El almacenamiento de sesiones OpenID
+ debe ser persistente, para evitar ataques "replay".
+
+- 20070520: FRONTAL WEB: Si no aceptamos accesos anonimos, no
+ nos funcionara la autenticacion OpenID, ya que siempre
+ nos mostrara la pagina de LOGIN, incluso cuando este llegando
+ la autentificacion.
+
Modified: trunk/backend/database.py
==============================================================================
--- trunk/backend/database.py (original)
+++ trunk/backend/database.py Wed Jun 20 20:13:12 2007
@@ -1,7 +1,7 @@
# $Id$
-VERSION_DB="2007061501"
+VERSION_DB="2007062001"
from globales import thread_len
@@ -91,6 +91,7 @@
def usuario_add(conn,nick,datos,clave=None) :
from durus.btree import BTree
from durus.persistent_dict import PersistentDict
+ from durus.persistent_set import PersistentSet
import time
root=conn.get_root()
@@ -118,6 +119,7 @@
"mensajes":BTree(),
"datos":datos,
"clave":clave,
+ "OpenID":PersistentSet(),
"cookie":None,
"nick":nick})
Modified: trunk/backend/upgrade.py
==============================================================================
--- trunk/backend/upgrade.py (original)
+++ trunk/backend/upgrade.py Wed Jun 20 20:13:12 2007
@@ -77,3 +77,13 @@
mensaje["texto"]=mensaje["texto"].replace("<br>","<br/>")
conn.commit()
+ if root["version del foro"]=="2007061501" :
+ print "Actualizando la base de datos: 2007061501 -> 2007062001"
+ root["version del foro"]="2007062001"
+ for usuario in root["usuarios"]["usuarios"].itervalues() :
+ usuario["OpenID"]=PersistentSet()
+ if "jcea" in root["usuarios"]["usuarios"] :
+ root["usuarios"]["usuarios"]["jcea"]["OpenID"].add("http://www.argo.es/~jcea/")
+ conn.commit()
+
+
Modified: trunk/frontend-web/globales.py
==============================================================================
--- trunk/frontend-web/globales.py (original)
+++ trunk/frontend-web/globales.py Wed Jun 20 20:13:12 2007
@@ -21,3 +21,6 @@
# Simultaneous HTTP connections
http_max_clients=16
+# OpenID Support
+openid_support=False
+
Modified: trunk/frontend-web/init.py
==============================================================================
--- trunk/frontend-web/init.py (original)
+++ trunk/frontend-web/init.py Wed Jun 20 20:13:12 2007
@@ -9,6 +9,9 @@
directorio_padre=os.path.split(os.getcwd())[0] # Directorio padre
sys.path.append(os.path.join(directorio_padre,"backend"))
+ if globales.openid_support :
+ import openid # Nos aseguramos de tener la libreria
+
for i in os.walk(directorio_padre) :
if i[0].endswith("durus-berkeleydbstorage") : continue
if i[2] :
Modified: trunk/frontend-web/servidor_web.py
==============================================================================
--- trunk/frontend-web/servidor_web.py (original)
+++ trunk/frontend-web/servidor_web.py Wed Jun 20 20:13:12 2007
@@ -49,7 +49,10 @@
else :
cookie=None
try :
- path=self.path.split("/")[1:]
+ path=self.path
+ q=path.find("?") # Aceptamos parametros "query" en la URL, necesarios para OpenID
+ if q>=0 : path=path[:q]
+ path=path.split("/")[1:]
if not (cookie or allow_anonymous) :
resultado=urls["LOGIN"](self,path,None)
else :
Modified: trunk/frontend-web/url_LOGIN.py
==============================================================================
--- trunk/frontend-web/url_LOGIN.py (original)
+++ trunk/frontend-web/url_LOGIN.py Wed Jun 20 20:13:12 2007
@@ -1,9 +1,9 @@
# $Id$
-from globales import monitor
+from globales import monitor,openid_support
def gestiona_url(handler,path,usuario) :
- if path[0]=="LOGIN":
+ if path[0]=="LOGIN" :
import cgi,database
path.pop(0)
try:
@@ -23,8 +23,40 @@
if cookie :
cookie="cpif_auth=%s; path=/;" %cookie
return (302,{"Set-Cookie":cookie,"Location":"/"+"/".join(path)},"")
+ elif openid_support :
+ def get_openid(url) :
+ if url!="http://www.argo.es/~jcea/" : return None
+ return True
+
+ if get_openid(usuario) :
+ from openid.consumer import consumer
+ from url_LOGIN_OpenID import sessions,sesion
+ servidor="http://"+handler.headers["host"]+"/"
+ oidconsumer=consumer.Consumer(sesion,sessions)
+ try :
+ request = oidconsumer.begin(usuario)
+ except consumer.DiscoveryFailure, exc:
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"Tenemos problemas con esa URL")
+ else :
+ if request is None :
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"No encontramos ningun servicio OpenID en esa URL")
+ if request.shouldSendRedirect() :
+ redirect_url = request.redirectURL(servidor,servidor+"LOGIN_OpenID",immediate=False)
+ return (302,{"Location":redirect_url},"")
+ else :
+ form_html = request.formMarkup(
+ servidor, servidor+"LOGIN_OpenID",
+ form_tag_attrs={'id':'openid_message'},
+ immediate=False)
+ return (200,{"Content-Type":"text/html; charset=utf-8"},
+"""<html><head><title>TransacciónOpenID transaction in progress</title></head>
+<body onload='document.getElementById("%s").submit()'>
+%s
+</body></html>
+"""%("openid_message",form_html))
# Si no hemos salido antes, hay un error...
import skins
pagina = skins.Skin(["login_err"] + path,usuario)
return (pagina.web())
+
Copied: trunk/frontend-web/url_LOGIN_OpenID.py (from r169, /trunk/frontend-web/url_login.py)
==============================================================================
--- /trunk/frontend-web/url_login.py (original)
+++ trunk/frontend-web/url_LOGIN_OpenID.py Wed Jun 20 20:13:12 2007
@@ -1,17 +1,40 @@
# $Id$
-from globales import monitor
+from globales import monitor,openid_support
+
+if openid_support :
+ from openid.store import memstore
+ sesion={"id":"PRUEBA"} # Debe ser el mismo objeto siempre. Estudiar esto
+ sessions=memstore.MemoryStore()
def gestiona_url(handler,path,usuario) :
- import skins
- pagina = skins.Skin(path,usuario)
- if usuario:
- pagina.load_url(['error'])
- d = {"page_title": "cpif - ERROR",
- "generic_message": "<h2>ERROR<H2>\r\nYa logueado</h2>"
- }
- else:
- d = {"page_title": "cpif - LOGIN"}
-
- pagina.load_dict(d)
- return(pagina.web())
+ global sessions,sesion
+
+ if not openid_support : return None
+
+ q=handler.path.find("?")
+ if q<0 : return (200,{"Content-Type":"text/plain; charset=utf-8"},"Peticion invalida")
+
+ try :
+ import urlparse,cgi
+ q={}
+ for k, v in cgi.parse_qsl(urlparse.urlparse(handler.path)[4]) :
+ q[k] = v.decode('utf-8')
+ except :
+ raise
+
+ from openid.consumer import consumer
+ oidconsumer=consumer.Consumer(sesion,sessions)
+ info=oidconsumer.complete(q)
+
+ if info.status==consumer.FAILURE and info.identity_url :
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"Verificacion fallida")
+ elif info.status==consumer.SUCCESS :
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"CORRECTO!!!!")
+ elif info.status==consumer.CANCEL :
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"Verificacion Cancelada")
+ elif info.status==consumer.SETUP_NEEDED :
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"Falta configuracion")
+ else :
+ return (200,{"Content-Type":"text/plain; charset=utf-8"},"Error desconocido")
+
More information about the cpif
mailing list