+
+ You need to login to this site before trying OpenId authentication again.
+
+
+
\ No newline at end of file
Added: trunk/pypi/tools/sql-migrate-20110905.sql
==============================================================================
--- (empty file)
+++ trunk/pypi/tools/sql-migrate-20110905.sql Mon Sep 5 03:36:47 2011
@@ -0,0 +1,8 @@
+CREATE TABLE openid_whitelist
+(
+ "name" text NOT NULL,
+ trust_root text NOT null,
+ created timestamp without time zone,
+ CONSTRAINT openid_whitelist__pkey PRIMARY KEY (name, trust_root)
+);
+ALTER TABLE openid_whitelist OWNER TO pgs_rw;
Modified: trunk/pypi/webui.py
==============================================================================
--- trunk/pypi/webui.py (original)
+++ trunk/pypi/webui.py Mon Sep 5 03:36:47 2011
@@ -26,6 +26,12 @@
from M2Crypto import EVP, DSA
urllib.URLopener.open_https = orig
+# OpenId provider imports
+OPENID_FILESTORE = '/tmp/openid-filestore'
+
+from openid.store.filestore import FileOpenIDStore
+from openid.server import server as OpenIDServer
+
# local imports
import store, config, versionpredicate, verify_filetype, rpc
import MailingLogger, openid2rp, gae
@@ -50,10 +56,14 @@
pass
class Redirect(Exception):
pass
+class RedirectFound(Exception):# 302
+ pass
class RedirectTemporary(Exception): # 307
pass
class FormError(Exception):
pass
+class OpenIDError(Exception):
+ pass
class MultipleReleases(Exception):
def __init__(self, releases):
@@ -208,6 +218,8 @@
self.loggedin = False # was a valid cookie sent?
self.usercookie = None
self.failed = None # error message if initialization already produced a failure
+ self.op_endpoint = "%s?:action=openid_endpoint" % (self.config.url,)
+ self.oid_server = OpenIDServer.Server(FileOpenIDStore(OPENID_FILESTORE), op_endpoint=self.op_endpoint)
# XMLRPC request or not?
if self.env.get('CONTENT_TYPE') != 'text/xml':
@@ -275,6 +287,10 @@
self.handler.send_response(301, 'Moved Permanently')
self.handler.send_header('Location', e.args[0])
self.handler.end_headers()
+ except RedirectFound, e:
+ self.handler.send_response(302, 'Found')
+ self.handler.send_header('Location', e.args[0])
+ self.handler.end_headers()
except RedirectTemporary, e:
# ask browser not to cache this redirect
self.handler.send_response(307, 'Temporary Redirect')
@@ -283,6 +299,9 @@
except FormError, message:
message = str(message)
self.fail(message, code=400, heading='Error processing form')
+ except OpenIDError, message:
+ message = str(message)
+ self.fail(message, code=400, heading='Error processing OpenID request')
except IOError, error:
# ignore broken pipe errors (client vanished on us)
if error.errno != 32: raise
@@ -543,7 +562,8 @@
password_reset role role_form list_classifiers login logout files
file_upload show_md5 doc_upload claim openid openid_return dropid
clear_auth addkey delkey lasthour json gae_file about delete_user
- rss_regen'''.split():
+ rss_regen openid_discovery openid_endpoint openid_decide_post
+ openid_user'''.split():
getattr(self, action)()
else:
#raise NotFound, 'Unknown action %s' % action
@@ -1328,7 +1348,7 @@
'platform bugtrack_url').split()
release = {'description_html': ''}
- bugtrack_url =''
+ bugtrack_url =''
for column in columns:
value = info[column]
if not info[column]: continue
@@ -1351,8 +1371,8 @@
elif column.startswith('cheesecake_'):
column = column[:-3]
value = self.store.get_cheesecake_index(int(value))
- elif column == 'bugtrack_url':
- bugtrack_url = value
+ elif column == 'bugtrack_url':
+ bugtrack_url = value
value = info[column]
release[column] = value
@@ -2918,3 +2938,164 @@
if p.returncode != 0:
raise FormError, "Key processing failed. Please contact the administrator. Detail: "+stdout
+ def openid_discovery(self):
+ """Return an XRDS document containing an OpenID provider endpoint URL."""
+ payload = '''