| Server IP : 192.158.238.246 / Your IP : 18.216.1.197 Web Server : LiteSpeed System : Linux uniform.iwebfusion.net 4.18.0-553.27.1.lve.1.el8.x86_64 #1 SMP Wed Nov 20 15:58:00 UTC 2024 x86_64 User : jenniferflocom ( 1321) PHP Version : 8.1.32 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /opt/alt/python37/lib/python3.7/site-packages/paste/auth/__pycache__/ |
Upload File : |
B
����a�N�?������������������@���s����d�Z�dgZddlZddlZddlZddlZddlmZ�dd��Zddl m
Z
�ddl
m
Z
�dd l
mZ�G�d
d��de�ZeZdd
d�ZdS�)a���
OpenID Authentication (Consumer)
OpenID is a distributed authentication system for single sign-on originally
developed at/for LiveJournal.com.
http://openid.net/
URL. You can have multiple identities in the same way you can have multiple
URLs. All OpenID does is provide a way to prove that you own a URL (identity).
And it does this without passing around your password, your email address, or
anything you don't want it to. There's no profile exchange component at all:
your profiile is your identity URL, but recipients of your identity can then
learn more about you from any public, semantically interesting documents
linked thereunder (FOAF, RSS, Atom, vCARD, etc.).
``Note``: paste.auth.openid requires installation of the Python-OpenID
libraries::
http://www.openidenabled.com/
This module is based highly off the consumer.py that Python OpenID comes with.
Using the OpenID Middleware
===========================
Using the OpenID middleware is fairly easy, the most minimal example using the
basic login form thats included::
# Add to your wsgi app creation
from paste.auth import open_id
wsgi_app = open_id.middleware(wsgi_app, '/somewhere/to/store/openid/data')
You will now have the OpenID form available at /oid on your site. Logging in will
verify that the login worked.
A more complete login should involve having the OpenID middleware load your own
login page after verifying the OpenID URL so that you can retain the login
information in your webapp (session, cookies, etc.)::
wsgi_app = open_id.middleware(wsgi_app, '/somewhere/to/store/openid/data',
login_redirect='/your/login/code')
Your login code should then be configured to retrieve 'paste.auth.open_id' for
the users OpenID URL. If this key does not exist, the user has not logged in.
Once the login is retrieved, it should be saved in your webapp, and the user
should be redirected to wherever they would normally go after a successful
login.
�AuthOpenIDHandler�����N)�httpexceptionsc�������������C���s���t��|�d�}d|f�S�)N����z"%s")�cgi�escape)�s�qs��r ����C/opt/alt/python37/lib/python3.7/site-packages/paste/auth/open_id.py� quoteattrA���s����
r
���)� filestore)�consumer)�
appendArgsc���������������@���sl���e�Zd�ZdZd
dd�Zdd��Zd d
��Zd
d
��Zd
d��Zdd��Z dd��Z
dd��Z
d dd�Z
dd��Z
d
d
��ZdS�) r���zq
This middleware implements OpenID Consumer behavior to authenticate a
URL against an OpenID Server.
�/oidNFc�������������C���s>���t��|�}t�|�|�_||�_||�_||�_||�_||�_ ||�_
dS�)a���
Initialize the OpenID middleware
``app``
Your WSGI app to call
``data_store_path``
Directory to store crypto data in for use with OpenID servers.
``auth_prefix``
Location for authentication process/verification
``login_redirect``
Location to load after successful process of login
``catch_401``
If true, then any 401 responses will turn into open ID login
requirements.
``url_to_username``
A function called like ``url_to_username(environ, url)``, which should
return a string username. If not given, the URL will be the username.
N)
r
���ZFileOpenIDStorer
���ZOpenIDConsumer�
oidconsumer�app�
auth_prefix�data_store_path�login_redirect� catch_401�url_to_username)�selfr���r���r���r���r���r����storer ���r ���r
����__init__U���s����
zAuthOpenIDHandler.__init__c�������������C���s����|d���|�j�r�t||g�d�}tjj|ddd�|d<�t�|�jd|d��}t�|�|d<�ttj� |��|d<�|d�d �}|d
ks�|s�|��
|�S�|d
kr�|��
|�S�|d
kr�|��
|�S�|��
|�S�n
|�jr�|��||�S�|��||�S�d�S�)
N� PATH_INFO)�environ�start�bodyF)�with_path_info�with_query_string�base_url���
parsed_uri�query�����/z/verifyz/process)�
startswithr����dict�paste�request�
construct_url�re�sub�urlparseZparse_querystring�render� do_verify�
do_process� not_foundr����catch_401_app_callr���)r���r����start_responser)����pathr ���r ���r
����__call__y���s$����
zAuthOpenIDHandler.__call__c���������� ������sv���g��d���fdd� }|���||�}�rnz
t|��W�dt|d�rD|����X�tjj|ddd�}t�|�}|� |���S�|S�dS�)zV
Call the application, and redirect if the app returns a 401 response
Nc����������������s:���t�|��d�d��dkr*��d��dd��}|S���|�||�S�d�S�)Nr���i���c�������������S���s���d�S�)Nr ���)�vr ���r ���r
����
dummy_writer����s����z^AuthOpenIDHandler.catch_401_app_call.<locals>.replacement_start_response.<locals>.dummy_writer)�int�split�append)�status�headers�exc_infor7���)r3����was_401r ���r
����replacement_start_response����s
����
zHAuthOpenIDHandler.catch_401_app_call.<locals>.replacement_start_response�closeF)r
���r ���)N)
r����list�hasattrr@���r(���r)���r*���r���ZHTTPTemporaryRedirectZwsgi_application)r���r���r3���r?���Zapp_iterZ redir_url�excr ���)r3���r>���r
���r2�������s����
z$AuthOpenIDHandler.catch_401_app_callc�������
������C���s����|d���d�}|s$|�j|dd|d�S�|�j}|�|�\}}|tjtjgkr~|tjkrXd}nd}|t�|�f�}|�j||d|d�S�|tj kr�|�j
|d|j
d �}|j
|||d
�d
�} |��
|| �S�d
s�td
��dS�)zDProcess the form submission, initating OpenID verification.
r#����
openid_urlz Enter an identity URL to verify.�error)� css_class�
form_contentsz
Failed to retrieve <q>%s</q>z.Could not find OpenID information in <q>%s</q>�process)�tokenr ���)Z
trust_rootFz
Not reachedN)�getr.���r���Z beginAuthr
���Z
HTTP_FAILUREZ
PARSE_ERRORr���r����SUCCESS� build_urlrI���ZconstructRedirect�redirect�AssertionError)
r���r)���rD���r���r;����info�fmt�messageZ return_to�
redirect_urlr ���r ���r
���r/�������s$����
zAuthOpenIDHandler.do_verifyc�������
������C���s��|�j�}|d��dd�}|�||d��\}}d}d}|tjkrZ|rZ|}d}|t�|�f�} n�|tjkr�d}|r�|}|�jr�|��|d�|�}
n|}
d |d�kr�|d�d �|
��|�j s�d
}|t�|�f�} q�||d�d
<�|�j |d�d
<�|��
|d�|d
��S�q�d} nd} |��
|| ||�S�)z4Handle the redirect from the OpenID server.
r#���rI���r!���rE���NzVerification of %s failed.�alertr���zpaste.auth_tkt.set_userz�If you had supplied a login redirect path, you would have been redirected there. You have successfully verified %s as your identity.zpaste.auth.open_idr���r
���zVerification cancelledzVerification failed.)
r���rJ���Z
completeAuthr
����FAILUREr���r���rK���r���r���r���r.���)
r���r)���r���rI���r;���rO���rF���rD���rP���rQ����usernamer ���r ���r
���r0�������s6����
z
AuthOpenIDHandler.do_processc�������������K���s$���t��|d�|�jd�|��}t||�S�)z[Build a URL relative to the server base_url, with the given
query parameters added.r ���r%���)r-����urljoinr���r���)r���r)����actionr#����baser ���r ���r
���rL���!��s����zAuthOpenIDHandler.build_urlc�������������C���s$���dd|fg}|d�d|��d|�gS�)z9Send a redirect response to the given URL to the browser.)z
Content-typez
text/plainZLocationr
���z
302 REDIRECTzRedirecting to %sr ���)r���r)���rR����response_headersr ���r ���r
���rM���'��s����
zAuthOpenIDHandler.redirectc�������������C���s4���d}||d�f�}|d���d�}|�j||d|dd�S�)z3Render a page with a 404 return code and a message.z5The path <q>%s</q> was not understood by this server.r"���r#���rD���rE���z
404 Not Found)r;���)rJ���r.���)r���r)���rP����msgrD���r ���r ���r
���r1���.��s����zAuthOpenIDHandler.not_foundrS����200 OK�Python OpenID Consumerc�������������C���sl���dg}|d�t�|�|��|��||��|rX|d��d|f���|d��|��|d��d��|��||��|d�S�)zRender a page.)z
Content-typez text/htmlr
���r
���z<div class='%s'>z</div>)�str�
page_headerr:����
page_footer)r���r)���rQ���rF���rG���r;����titlerY���r ���r ���r
���r.���5��s����
zAuthOpenIDHandler.renderc�������������C���s���|d���d||f���dS�)zRender the page headerr
���aT��<html>
<head><title>%s</title></head>
<style type="text/css">
* {
font-family: verdana,sans-serif;
}
body {
width: 50em;
margin: 1em;
}
div {
padding: .5em;
}
table {
margin: none;
padding: none;
}
.alert {
border: 1px solid #e7dc2b;
background: #fff888;
}
.error {
border: 1px solid #ff0000;
background: #ffaaaa;
}
#verify-form {
border: 1px solid #777777;
background: #dddddd;
margin-top: 1em;
padding-bottom: 0em;
}
</style>
<body>
<h1>%s</h1>
<p>
This example consumer uses the <a
href="http://openid.schtuff.com/">Python OpenID</a> library. It
just verifies that the URL that you enter is your identity URL.
</p>
N)r:���)r���r)���r`���r ���r ���r
���r^���C��s����(z
AuthOpenIDHandler.page_headerc�������������C���s2���|sd}|d���dt|��|d��t|�f���dS�)zRender the page footerr!���r
���z� <div id="verify-form">
<form method="get" action=%s>
Identity URL:
<input type="text" name="openid_url" value=%s />
<input type="submit" value="Verify" />
</form>
</div>
</body>
</html>
ZverifyN)r:���r
���rL���)r���r)���rG���r ���r ���r
���r_���o��s����
z
AuthOpenIDHandler.page_footer)r���NFN)NrS���Nr[���r\���)�__name__�
__module__�
__qualname__�__doc__r���r5���r2���r/���r0���rL���rM���r1���r.���r^���r_���r ���r ���r ���r
���r���O���s
�����
"
3?�
,�/oidFc �������
������C���s|���ddl�m} �ddlm}
�| |�}|r8t|t�r8|
�|�}| |�}t|�|||||pRd�d�}
|rxddlm }
�|
j
|
||d�}
|
S�)Nr���)�asbool)�
import_string)r���r���r���r���r���)�auth_tkt)Z
logout_path)
Zpaste.deploy.convertersrf���Z
paste.utilrg����
isinstance�
basestringZ
eval_importr���Z
paste.authrh���Zmake_auth_tkt_middleware)
r���Z
global_confr���r���r���r���r���Zapply_auth_tktZauth_tkt_logout_pathrf���rg���Znew_apprh���r ���r ���r
����make_open_id_middleware���s
����
rk���)re���NFNFN)rd����__all__r���r-���r+���Z
paste.requestr(���r���r
���Z
openid.storer
���Zopenid.consumerr
���Zopenid.oidutilr����objectr���Z
middlewarerk���r ���r ���r ���r
����<module>6���s(���
��4�����