Changeset 7122


Ignore:
Timestamp:
29/06/10 13:39:34 (9 years ago)
Author:
pjkersha
Message:

task 10: OpenID Provider HTML/Javascript response incompatible with OpenID4Java

  • 1.5.6 release fixes this issue by checking the response at the OpenID Provider before it's submitted and adding the Javascript only if a HTML form is contained.
Location:
TI12-security/branches/ndg-security-1.5.x
Files:
7 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/branches/ndg-security-1.5.x/ndg_security/setup.py

    r6925 r7122  
    4242setup( 
    4343    name =                      'ndg_security', 
    44     version =                   '1.5.5', 
     44    version =                   '1.5.6', 
    4545    description =               'NERC DataGrid Security Utilities', 
    4646    long_description =          _longDescription, 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_client/setup.py

    r6925 r7122  
    4444setup( 
    4545    name =                      'ndg_security_client', 
    46     version =                   '1.5.5', 
     46    version =                   '1.5.6', 
    4747    description =               'NERC DataGrid Security Client side interface', 
    4848    long_description =          _longDescription, 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_common/setup.py

    r6925 r7122  
    6969setup( 
    7070    name =                      'ndg_security_common', 
    71     version =                   '1.5.5', 
     71    version =                   '1.5.6', 
    7272    description =           'NERC DataGrid Security package containing common ' 
    7373                            'utilities used by both server and client ' 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_server/ndg/security/server/wsgi/openid/provider/__init__.py

    r7119 r7122  
    128128    @type: defPaths: dict 
    129129     
     130    @cvar FORM_MATCH_TEXT: if the response from the server starts with this 
     131    text (i.e. it's a HTML form), return the response wrapped in a Javascript/ 
     132    HTML wrapper which selects from submit onload.  This avoids the button 
     133    appearing on screen and the user having to click on it. 
     134    @type FORM_MATCH_TEXT: string 
     135     
    130136    @cvar FORM_RESP_WRAPPER_TMPL: If the response to the Relying Party is too  
    131137    long it's rendered as form with the POST method instead of query arguments  
     
    135141    @type FORM_RESP_WRAPPER_TMPL: basestring""" 
    136142     
     143    FORM_MATCH_TEXT = '<form' 
    137144    FORM_RESP_WRAPPER_TMPL = """<html> 
    138145    <head> 
     
    13401347        # give consistent answers.  Testing based on body content should work 
    13411348        # OK 
    1342 #        if webresponse.body: 
    1343         if oidResponse.renderAsForm(): 
     1349        if webresponse.body.startswith( 
     1350                                    OpenIDProviderMiddleware.FORM_MATCH_TEXT): 
     1351#        if oidResponse.renderAsForm(): 
    13441352            # Wrap in HTML with Javascript OnLoad to submit the form 
    13451353            # automatically without user intervention 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_server/setup.py

    r6925 r7122  
    6464setup( 
    6565    name =                      'ndg_security_server', 
    66     version =                   '1.5.5', 
     66    version =                   '1.5.6', 
    6767    description =               'Server side components for running NERC DataGrid ' 
    6868                            'Security Services', 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_test/ndg/security/test/integration/pylonsapp/authn/beaker/sessions/container_file/d/dd/dd3f4f49141c6bd2a839ffeb2badb28e.cache

    r7121 r7122  
    77S'https://localhost:7443/openid/philip.kershaw' 
    88p5 
    9 sS'_accessed_time' 
     9sS'openid.ax' 
    1010p6 
    11 F1277811997.112184 
     11(dp7 
     12S'username' 
     13p8 
     14(tsS'city' 
     15p9 
     16(tsS'uuid' 
     17p10 
     18(tsS'firstname' 
     19p11 
     20(S'Philip' 
     21tp12 
     22sS'middlename' 
     23p13 
     24(tsS'country' 
     25p14 
     26(tsS'email' 
     27p15 
     28(S'pjk@somewhere.ac.uk' 
     29tp16 
     30sS'state' 
     31p17 
     32(tsS'lastname' 
     33p18 
     34(S'Kershaw' 
     35tp19 
     36sS'organization' 
     37p20 
     38(tsS'gateway' 
     39p21 
     40(tssS'sessionManagerURI' 
     41p22 
     42NsS'sessionId' 
     43p23 
     44NsS'_accessed_time' 
     45p24 
     46F1277815004.138315 
    1247sS'_creation_time' 
    13 p7 
     48p25 
    1449F1277811962.9224689 
    1550ss. 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_test/setup.py

    r6925 r7122  
    2020setup( 
    2121    name =                      'ndg_security_test', 
    22     version =                   '1.5.5', 
     22    version =                   '1.5.6', 
    2323    description =               'NERC DataGrid Security Unit tests', 
    2424    long_description =          'Unit tests client - server side', 
Note: See TracChangeset for help on using the changeset viewer.