diff options
author | Michał Górny <mgorny@gentoo.org> | 2013-07-19 12:18:04 +0200 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2013-07-19 12:18:04 +0200 |
commit | 26e35994e405b4db3129ef835097dab125455a8f (patch) | |
tree | f7fc91910593f1f6096846c513b97d657e52b38c | |
parent | Do not use 'SRegRequest' in views. (diff) | |
download | identity.gentoo.org-26e35994e405b4db3129ef835097dab125455a8f.tar.gz identity.gentoo.org-26e35994e405b4db3129ef835097dab125455a8f.tar.bz2 identity.gentoo.org-26e35994e405b4db3129ef835097dab125455a8f.zip |
Support simple AX fetch request responses.
-rw-r--r-- | okupy/accounts/views.py | 40 |
1 files changed, 36 insertions, 4 deletions
diff --git a/okupy/accounts/views.py b/okupy/accounts/views.py index 522f0e4..2dfd748 100644 --- a/okupy/accounts/views.py +++ b/okupy/accounts/views.py @@ -14,6 +14,7 @@ from django.utils.html import format_html from django.views.decorators.csrf import csrf_exempt from edpwd import random_string +from openid.extensions.ax import FetchRequest, FetchResponse from openid.extensions.sreg import SRegRequest, SRegResponse from openid.server.server import (Server, ProtocolError, EncodingError, CheckIDRequest, ENCODE_URL, @@ -363,6 +364,21 @@ def user_page(request, username): }) +openid_ax_attribute_mapping = { + # http://web.archive.org/web/20110714025426/http://www.axschema.org/types/ + 'http://axschema.org/namePerson/friendly': 'nickname', + 'http://axschema.org/contact/email': 'email', + 'http://axschema.org/namePerson': 'fullname', + 'http://axschema.org/birthDate': 'dob', + 'http://axschema.org/person/gender': 'gender', + 'http://axschema.org/contact/postalCode/home': 'postcode', + 'http://axschema.org/contact/country/home': 'country', + 'http://axschema.org/pref/language': 'language', + 'http://axschema.org/pref/timezone': 'timezone', + + # TODO: provide further attributes +} + @login_required def openid_auth_site(request): try: @@ -374,7 +390,15 @@ def openid_auth_site(request): }, status=400) sreg = SRegRequest.fromOpenIDRequest(oreq) - if sreg.wereFieldsRequested(): + ax = FetchRequest.fromOpenIDRequest(oreq) + + sreg_fields = set(sreg.allRequestedFields()) + for uri in ax.requested_attributes: + k = openid_ax_attribute_mapping.get(uri) + if k: + sreg_fields.add(k) + + if sreg_fields: ldap_user = LDAPUser.objects.get(username=request.user.username) sreg_data = { 'nickname': ldap_user.username, @@ -392,7 +416,7 @@ def openid_auth_site(request): # nullify fields that were not requested for fn in form.cleaned_data: - if hasattr(attrs, fn) and fn not in sreg: + if hasattr(attrs, fn) and fn not in sreg_fields: setattr(attrs, fn, None) if 'accept' in request.POST: @@ -411,7 +435,15 @@ def openid_auth_site(request): reverse(user_page, args=(request.user.username,)))) sreg_resp = SRegResponse.extractResponse(sreg, sreg_data) + ax_resp = FetchResponse(ax) + + for uri in ax.requested_attributes: + k = openid_ax_attribute_mapping.get(uri) + if k and k in sreg_data: + ax_resp.addValue(uri, sreg_data[k]) + oresp.addExtension(sreg_resp) + oresp.addExtension(ax_resp) elif 'reject' in request.POST: oresp = oreq.answer(False) else: @@ -425,7 +457,7 @@ def openid_auth_site(request): form = SiteAuthForm() sreg_form = {} # Fill in lists for choices - for f in sreg.allRequestedFields(): + for f in sreg_fields: if f not in sreg_data: pass elif isinstance(sreg_data[f], list): @@ -454,7 +486,7 @@ def openid_auth_site(request): 'openid_request': oreq, 'return_to_valid': tr_valid, 'form': form, - 'sreg': sreg.allRequestedFields(), + 'sreg': sreg_fields, 'sreg_form': sreg_form, 'policy_url': sreg.policy_url, }) |