[cpif] r172 - in trunk/frontend-web: . skins/default
svn at argo.es
svn at argo.es
Wed Jun 20 22:11:36 CEST 2007
Author: jcea
Date: Wed Jun 20 22:11:34 2007
New Revision: 172
Log:
Mas OpenID...
Modified:
trunk/frontend-web/skins/default/form_login.html
trunk/frontend-web/skins/default/form_login_err.html
trunk/frontend-web/url_LOGIN.py
trunk/frontend-web/url_LOGIN_OpenID.py
Modified: trunk/frontend-web/skins/default/form_login.html
==============================================================================
--- trunk/frontend-web/skins/default/form_login.html (original)
+++ trunk/frontend-web/skins/default/form_login.html Wed Jun 20 22:11:34 2007
@@ -2,6 +2,7 @@
<form action="%(link_form_login)s" method="post" enctype="multipart/form-data">
<label for="usuario">Usuario: </td><td><input type="text" name="usuario" size="25" value="" /></label><br />
<label for="password">Clave: </td><td><input type="password" name="clave" size="25" value="" /></label><br />
+ <label for="OpenID">OpenID: </td><td><input type="text" name="OpenID" size="65" value="" /></label><br />
<input class="form-element" type="submit" name="submit" value="Log In"/>
</form>
</div>
Modified: trunk/frontend-web/skins/default/form_login_err.html
==============================================================================
--- trunk/frontend-web/skins/default/form_login_err.html (original)
+++ trunk/frontend-web/skins/default/form_login_err.html Wed Jun 20 22:11:34 2007
@@ -3,6 +3,7 @@
<form action="%(link_form_login)s" method="post" enctype="multipart/form-data">
<label for="usuario">Usuario: </td><td><input type="text" name="usuario" size="25" value="" /></label><br />
<label for="password">Clave: </td><td><input type="password" name="clave" size="25" value="" /></label><br />
+ <label for="OpenID">OpenID: </td><td><input type="text" name="OpenID" size="65" value="" /></label><br />
<input class="form-element" type="submit" name="submit" value="Log In"/>
</form>
</div>
Modified: trunk/frontend-web/url_LOGIN.py
==============================================================================
--- trunk/frontend-web/url_LOGIN.py (original)
+++ trunk/frontend-web/url_LOGIN.py Wed Jun 20 22:11:34 2007
@@ -13,6 +13,7 @@
return (302,{"Location":"/404"},"")
usuario_form=cuerpo.getfirst("usuario")
clave_form=cuerpo.getfirst("clave")
+ OpenID_form=cuerpo.getfirst("OpenID")
if usuario_form and clave_form :
@monitor
def login(conn,usuario,clave) :
@@ -23,29 +24,37 @@
if cookie :
cookie="cpif_auth=%s; path=/;" %cookie
return (302,{"Set-Cookie":cookie,"Location":"/"+"/".join(path)},"")
- elif openid_support :
- def get_openid(url) :
- if url!="http://www.argo.es/~jcea/" : return None
- return True
+ elif openid_support and usuario_form and OpenID_form:
+ @monitor
+ def get_openid(conn,usuario,OpenID) :
+ OpenIDs=conn.get_root()["usuarios"]["usuarios"].get(usuario)
+ if not OpenIDs : return None
+ OpenIDs=OpenIDs["OpenID"]
+ if OpenID in OpenIDs : return True
+ if OpenID[-1]=="/" :
+ return OpenID[:-1] in OpenIDs
+ else :
+ return OpenID+"/" in OpenIDs
- if get_openid(usuario) :
+ if get_openid(usuario_form,OpenID_form) :
from openid.consumer import consumer
- from url_LOGIN_OpenID import sessions,sesion
+ from url_LOGIN_OpenID import sessions,create_new_state
servidor="http://"+handler.headers["host"]+"/"
+ rnd,sesion=create_new_state(usuario_form)
oidconsumer=consumer.Consumer(sesion,sessions)
try :
- request = oidconsumer.begin(usuario)
+ request = oidconsumer.begin(OpenID_form)
except consumer.DiscoveryFailure, exc:
return (200,{"Content-Type":"text/plain; charset=utf-8"},"Tenemos problemas con esa URL")
else :
if request is None :
return (200,{"Content-Type":"text/plain; charset=utf-8"},"No encontramos ningun servicio OpenID en esa URL")
if request.shouldSendRedirect() :
- redirect_url = request.redirectURL(servidor,servidor+"LOGIN_OpenID",immediate=False)
+ redirect_url = request.redirectURL(servidor,servidor+"LOGIN_OpenID/%d" %rnd,immediate=False)
return (302,{"Location":redirect_url},"")
else :
form_html = request.formMarkup(
- servidor, servidor+"LOGIN_OpenID",
+ servidor, servidor+"LOGIN_OpenID/%d" %rnd,
form_tag_attrs={'id':'openid_message'},
immediate=False)
return (200,{"Content-Type":"text/html; charset=utf-8"},
Modified: trunk/frontend-web/url_LOGIN_OpenID.py
==============================================================================
--- trunk/frontend-web/url_LOGIN_OpenID.py (original)
+++ trunk/frontend-web/url_LOGIN_OpenID.py Wed Jun 20 22:11:34 2007
@@ -4,13 +4,60 @@
if openid_support :
from openid.store import memstore
- sesion={"id":"PRUEBA"} # Debe ser el mismo objeto siempre. Estudiar esto
+ import sys
sessions=memstore.MemoryStore()
+ state={}
+ expire_state=[]
+ import threading
+ mutex=threading.Lock()
+
+def create_new_state(usuario) :
+ import sys,random,time
+ global state,expire_state,mutex
+ ts=time.time()
+ mutex.acquire()
+ try :
+ if len(expire_state)>256 : # Numero maximo de sesiones simultaneas
+ del state[expire_state.pop(0)[1]]
+ rnd=random.randint(0,sys.maxint)
+ while rnd in state :
+ rnd=random.randint(0,sys.maxint)
+ expiracion=ts+15*60
+ st={"expiracion":expiracion,"usuario":usuario}
+ state[rnd]=st
+ expire_state.append((expiracion,rnd))
+ while expire_state[0][0]<ts :
+ del state[expire_state.pop(0)[1]]
+ return (rnd,st)
+ finally :
+ mutex.release()
+
+def pop_state(st) :
+ global state,expire_state,mutex
+ import bisect
+ mutex.acquire()
+ try :
+ v=state.get(st)
+ if v :
+ del state[st]
+ expire_state.pop(bisect.bisect_left(expire_state,v["expiracion"])) # Esto no deberia fallar nunca...
+ return v
+ finally :
+ mutex.release()
+
def gestiona_url(handler,path,usuario) :
- global sessions,sesion
+ global sessions
if not openid_support : return None
+ if len(path)!=2 : return None
+
+ try :
+ st=int(path[1])
+ except :
+ return None
+
+ st=pop_state(st)
q=handler.path.find("?")
if q<0 : return (200,{"Content-Type":"text/plain; charset=utf-8"},"Peticion invalida")
@@ -24,9 +71,10 @@
raise
from openid.consumer import consumer
- oidconsumer=consumer.Consumer(sesion,sessions)
+ oidconsumer=consumer.Consumer(st,sessions)
info=oidconsumer.complete(q)
+ print "XXX",st
if info.status==consumer.FAILURE and info.identity_url :
return (200,{"Content-Type":"text/plain; charset=utf-8"},"Verificacion fallida")
elif info.status==consumer.SUCCESS :
More information about the cpif
mailing list