本文整理汇总了Python中openid.server.trustroot.TrustRoot类的典型用法代码示例。如果您正苦于以下问题:Python TrustRoot类的具体用法?Python TrustRoot怎么用?Python TrustRoot使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了TrustRoot类的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: runTest
def runTest(self):
tr = TrustRoot.parse(self.tr)
match = tr.validateURL(self.rt)
if self.match:
assert match
else:
assert not match示例2: runTest
def runTest(self):
tr = TrustRoot.parse(self.case)
if self.sanity == 'sane':
assert tr.isSane(), self.case
elif self.sanity == 'insane':
assert not tr.isSane(), self.case
else:
assert tr is None, tr示例3: trustRootValid
def trustRootValid(self):
"""Is my return_to under my trust_root?
@returntype: bool
"""
if not self.trust_root:
return True
tr = TrustRoot.parse(self.trust_root)
if tr is None:
raise MalformedTrustRoot(None, self.trust_root)
return tr.validateURL(self.return_to)示例4: fromOpenIDRequest
def fromOpenIDRequest(cls, openid_request):
"""Extract a FetchRequest from an OpenID message
@param openid_request: The OpenID authentication request
containing the attribute fetch request
@type openid_request: C{L{openid.server.server.CheckIDRequest}}
@rtype: C{L{FetchRequest}} or C{None}
@returns: The FetchRequest extracted from the message or None, if
the message contained no AX extension.
@raises KeyError: if the AuthRequest is not consistent in its use
of namespace aliases.
@raises AXError: When parseExtensionArgs would raise same.
@see: L{parseExtensionArgs}
"""
message = openid_request.message
ax_args = message.getArgs(cls.ns_uri)
self = cls()
try:
self.parseExtensionArgs(ax_args)
except NotAXMessage as err:
return None
if self.update_url:
# Update URL must match the openid.realm of the underlying
# OpenID 2 message.
realm = message.getArg(OPENID_NS, 'realm',
message.getArg(OPENID_NS, 'return_to'))
if not realm:
raise AXError(
("Cannot validate update_url %r " + "against absent realm")
% (self.update_url, ))
tr = TrustRoot.parse(realm)
if not tr.validateURL(self.update_url):
raise AXError(
"Update URL %r failed validation against realm %r" %
(self.update_url, realm, ))
return self示例5: validate_trust_root
def validate_trust_root(openid_request):
"""
Only allow OpenID requests from valid trust roots
"""
trusted_roots = getattr(settings, 'OPENID_PROVIDER_TRUSTED_ROOT', None)
if not trusted_roots:
# not using trusted roots
return True
# don't allow empty trust roots
if (not hasattr(openid_request, 'trust_root') or
not openid_request.trust_root):
log.error('no trust_root')
return False
# ensure trust root parses cleanly (one wildcard, of form *.foo.com, etc.)
trust_root = TrustRoot.parse(openid_request.trust_root)
if not trust_root:
log.error('invalid trust_root')
return False
# don't allow empty return tos
if (not hasattr(openid_request, 'return_to') or
not openid_request.return_to):
log.error('empty return_to')
return False
# ensure return to is within trust root
if not trust_root.validateURL(openid_request.return_to):
log.error('invalid return_to')
return False
# check that the root matches the ones we trust
if not any(r for r in trusted_roots if fnmatch.fnmatch(trust_root, r)):
log.error('non-trusted root')
return False
return True示例6: __init__
def __init__(self, identity, return_to, trust_root=None, immediate=False,
assoc_handle=None):
"""Construct me.
These parameters are assigned directly as class attributes, see
my L{class documentation<CheckIDRequest>} for their descriptions.
@raises MalformedReturnURL: When the C{return_to} URL is not a URL.
"""
self.assoc_handle = assoc_handle
self.identity = identity
self.return_to = return_to
self.trust_root = trust_root or return_to
if immediate:
self.immediate = True
self.mode = "checkid_immediate"
else:
self.immediate = False
self.mode = "checkid_setup"
if not TrustRoot.parse(self.return_to):
raise MalformedReturnURL(None, self.return_to)
if not self.trustRootValid():
raise UntrustedReturnURL(None, self.return_to, self.trust_root)示例7: fromQuery
def fromQuery(klass, query):
"""Construct me from a web query.
@raises ProtocolError: When not all required parameters are present
in the query.
@raises MalformedReturnURL: When the C{return_to} URL is not a URL.
@raises UntrustedReturnURL: When the C{return_to} URL is outside
the C{trust_root}.
@param query: The query parameters as a dictionary with each
key mapping to one value.
@type query: dict
@returntype: L{CheckIDRequest}
"""
self = klass.__new__(klass)
mode = query[OPENID_PREFIX + 'mode']
if mode == "checkid_immediate":
self.immediate = True
self.mode = "checkid_immediate"
else:
self.immediate = False
self.mode = "checkid_setup"
required = [
'identity',
'return_to',
]
for field in required:
value = query.get(OPENID_PREFIX + field)
if not value:
raise ProtocolError(
query,
text="Missing required field %s from %r"
% (field, query))
setattr(self, field, value)
# There's a case for making self.trust_root be a TrustRoot
# here. But if TrustRoot isn't currently part of the "public" API,
# I'm not sure it's worth doing.
self.trust_root = query.get(OPENID_PREFIX + 'trust_root', self.return_to)
self.assoc_handle = query.get(OPENID_PREFIX + 'assoc_handle')
# Using TrustRoot.parse here is a bit misleading, as we're not
# parsing return_to as a trust root at all. However, valid URLs
# are valid trust roots, so we can use this to get an idea if it
# is a valid URL. Not all trust roots are valid return_to URLs,
# however (particularly ones with wildcards), so this is still a
# little sketchy.
if not TrustRoot.parse(self.return_to):
raise MalformedReturnURL(query, self.return_to)
# I first thought that checking to see if the return_to is within
# the trust_root is premature here, a logic-not-decoding thing. But
# it was argued that this is really part of data validation. A
# request with an invalid trust_root/return_to is broken regardless of
# application, right?
if not self.trustRootValid():
raise UntrustedReturnURL(query, self.return_to, self.trust_root)
return self示例8: _request_has_sane_trust_root
def _request_has_sane_trust_root(openid_request):
"""Return True if the RP's trust root looks sane."""
assert openid_request is not None, (
'Could not find the OpenID request')
trust_root = TrustRoot.parse(openid_request.trust_root)
return trust_root.isSane()