Ignore:
Timestamp:
04/01/10 11:22:32 (10 years ago)
Author:
pjkersha
Message:

User selection of OpenID Provider AX attributes completed: OpenIDProviderMiddleware.do_allow now correctly reviews and updates the response returned to the RP checking user selection of AX parameters POST'ed from the decide page.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/__init__.py

    r6244 r6246  
    8383  
    8484# Place here to avoid circular import error with IdentityMapping class      
    85 from ndg.security.server.wsgi.openid.provider.authninterface import \ 
    86     AbstractAuthNInterface, AuthNInterfaceError 
    87 from ndg.security.server.wsgi.openid.provider.axinterface import AXInterface,\ 
    88     MissingRequiredAttrs, AXInterfaceReloginRequired 
     85from ndg.security.server.wsgi.openid.provider.authninterface import ( 
     86    AbstractAuthNInterface, AuthNInterfaceError) 
     87from ndg.security.server.wsgi.openid.provider.axinterface import (AXInterface, 
     88    MissingRequiredAttrs, AXInterfaceReloginRequired) 
    8989 
    9090 
     
    9595    doesn't apply to attributes that are optional""" 
    9696 
     97 
    9798class OpenIDProviderReloginRequired(AXInterfaceReloginRequired): 
    9899    pass 
     
    103104class OpenIDProviderMiddlewareError(Exception): 
    104105    """OpenID Provider WSGI Middleware Error""" 
     106 
    105107 
    106108class OpenIDProviderConfigError(OpenIDProviderMiddlewareError): 
     
    670672             
    671673            # Check for POST'ed user explicit setting of AX parameters 
    672             userAXSettings = [] 
    673             for fieldName in self.query: 
    674                 if fieldName.startswith('ax.'): 
    675                     userAXSettings.append(self.query[fieldName]) 
    676              
    677             if userAXSettings: 
    678                 # Get all the content namespaced as AX type 
    679                 axArgs = self.oidResponse.fields.getArgs(ax.AXMessage.ns_uri) 
    680                  
    681                 # Add to access object for convenient access based on type URI 
    682                 axFetchResponse = ax.FetchResponse() 
    683                 axFetchResponse.parseExtensionArgs(axArgs) 
    684                 for i in axFetchResponse.data.keys(): 
    685                     if i not in userAXSettings: 
    686                         del axFetchResponse.data[i] 
     674            self._applyUserAXSelections() 
    687675                     
    688676            return self._displayResponse(self.oidResponse) 
     
    704692                                          'administrator.', 
    705693                                          code=400) 
    706  
     694             
     695    def _applyUserAXSelections(self): 
     696        """Helper for do_allow method - process the query response checking  
     697        user Attribute Exchange settings deleting optional attributes if the  
     698        user has deselected them from the decide interface.  All mandatory 
     699        attributes will be returned regardless if the user submitted and called  
     700        do_allow() 
     701        """ 
     702         
     703        # Process decide page AX POST'ed items 
     704        userAXSettings = {} 
     705        for fieldName in self.query: 
     706            if fieldName.startswith('ax.'): 
     707                alias = fieldName.rsplit('ax.', 1)[-1] 
     708                userAXSettings[alias] = self.query[fieldName] 
     709         
     710        # Apply user selections to the response 
     711        if userAXSettings: 
     712            # Get all the content namespaced as AX type 
     713            axArgs = self.oidResponse.fields.getArgs(ax.AXMessage.ns_uri) 
     714            for i in axArgs.keys(): 
     715                # Parse alias name but note not all keys are alias and so will 
     716                # not use the '.' delimiter 
     717                keyParts = i.split('.') 
     718                if len(keyParts) > 1 and not keyParts[1] in userAXSettings: 
     719                    self.oidResponse.fields.delArg(ax.AXMessage.ns_uri, i) 
     720                     
    707721    def do_login(self, environ, start_response, **kw): 
    708722        """Display Login form 
Note: See TracChangeset for help on using the changeset viewer.