Skip to content

Commit bc372f0

Browse files
author
tailor
committed
[project @ pape5.Response: Add is_openid1 flag to parseExtensionArgs API]
1 parent 008e8f7 commit bc372f0

File tree

2 files changed

+23
-17
lines changed

2 files changed

+23
-17
lines changed

openid/extensions/draft/pape5.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -366,16 +366,17 @@ def fromSuccessResponse(cls, success_response):
366366

367367
# PAPE requires that the args be signed.
368368
args = success_response.getSignedNS(self.ns_uri)
369+
is_openid1 = success_response.isOpenID1()
369370

370371
# Only try to construct a PAPE response if the arguments were
371372
# signed in the OpenID response. If not, return None.
372373
if args is not None:
373-
self.parseExtensionArgs(args)
374+
self.parseExtensionArgs(args, is_openid1)
374375
return self
375376
else:
376377
return None
377378

378-
def parseExtensionArgs(self, args, strict=False):
379+
def parseExtensionArgs(self, args, is_openid1, strict=False):
379380
"""Parse the provider authentication policy arguments into the
380381
internal state of this object
381382

openid/test/test_pape_draft5.py

Lines changed: 20 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -129,7 +129,7 @@ def test_parseExtensionArgsWithAuthLevels(self):
129129
}
130130

131131
# Check request object state
132-
self.req.parseExtensionArgs(request_args, False)
132+
self.req.parseExtensionArgs(request_args, is_openid1=False, strict=False)
133133

134134
expected_auth_levels = [uri, uri2]
135135

@@ -216,6 +216,9 @@ def __init__(self, message, signed_stuff):
216216
self.message = message
217217
self.signed_stuff = signed_stuff
218218

219+
def isOpenID1(self):
220+
return False
221+
219222
def getSignedNS(self, ns_uri):
220223
return self.signed_stuff
221224

@@ -282,34 +285,36 @@ def test_getExtensionArgs_error_auth_age(self):
282285
def test_parseExtensionArgs(self):
283286
args = {'auth_policies': 'http://foo http://bar',
284287
'auth_time': '1970-01-01T00:00:00Z'}
285-
self.resp.parseExtensionArgs(args)
288+
self.resp.parseExtensionArgs(args, is_openid1=False)
286289
self.failUnlessEqual('1970-01-01T00:00:00Z', self.resp.auth_time)
287290
self.failUnlessEqual(['http://foo','http://bar'],
288291
self.resp.auth_policies)
289292

290293
def test_parseExtensionArgs_valid_none(self):
291294
args = {'auth_policies': pape.AUTH_NONE}
292-
self.resp.parseExtensionArgs(args)
295+
self.resp.parseExtensionArgs(args, is_openid1=False)
293296
self.failUnlessEqual([], self.resp.auth_policies)
294297

295298
def test_parseExtensionArgs_old_none(self):
296299
args = {'auth_policies': 'none'}
297-
self.resp.parseExtensionArgs(args)
300+
self.resp.parseExtensionArgs(args, is_openid1=False)
298301
self.failUnlessEqual([], self.resp.auth_policies)
299302

300303
def test_parseExtensionArgs_old_none_strict(self):
301304
args = {'auth_policies': 'none'}
302-
self.failUnlessRaises(ValueError,
303-
self.resp.parseExtensionArgs, args, strict=True)
305+
self.failUnlessRaises(
306+
ValueError,
307+
self.resp.parseExtensionArgs, args, is_openid1=False, strict=True)
304308

305309
def test_parseExtensionArgs_empty(self):
306-
self.resp.parseExtensionArgs({})
310+
self.resp.parseExtensionArgs({}, is_openid1=False)
307311
self.failUnlessEqual(None, self.resp.auth_time)
308312
self.failUnlessEqual([], self.resp.auth_policies)
309313

310314
def test_parseExtensionArgs_empty_strict(self):
311-
self.failUnlessRaises(ValueError,
312-
self.resp.parseExtensionArgs, {}, strict=True)
315+
self.failUnlessRaises(
316+
ValueError,
317+
self.resp.parseExtensionArgs, {}, is_openid1=False, strict=True)
313318

314319
def test_parseExtensionArgs_ignore_superfluous_none(self):
315320
policies = [pape.AUTH_NONE, pape.AUTH_MULTI_FACTOR_PHYSICAL]
@@ -318,7 +323,7 @@ def test_parseExtensionArgs_ignore_superfluous_none(self):
318323
'auth_policies': ' '.join(policies),
319324
}
320325

321-
self.resp.parseExtensionArgs(args, strict=False)
326+
self.resp.parseExtensionArgs(args, is_openid1=False, strict=False)
322327

323328
self.assertEqual([pape.AUTH_MULTI_FACTOR_PHYSICAL],
324329
self.resp.auth_policies)
@@ -331,13 +336,13 @@ def test_parseExtensionArgs_none_strict(self):
331336
}
332337

333338
self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
334-
args, strict=True)
339+
args, is_openid1=False, strict=True)
335340

336341
def test_parseExtensionArgs_strict_bogus1(self):
337342
args = {'auth_policies': 'http://foo http://bar',
338343
'auth_time': 'yesterday'}
339344
self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
340-
args, True)
345+
args, is_openid1=False, strict=True)
341346

342347
def test_parseExtensionArgs_strict_no_namespace_decl_openid2(self):
343348
# Test the case where the namespace is not declared for an
@@ -347,14 +352,14 @@ def test_parseExtensionArgs_strict_no_namespace_decl_openid2(self):
347352
'auth_level.nist': 'some',
348353
}
349354
self.failUnlessRaises(ValueError, self.resp.parseExtensionArgs,
350-
args, True)
355+
args, is_openid1=False, strict=True)
351356

352357
def test_parseExtensionArgs_strict_good(self):
353358
args = {'auth_policies': 'http://foo http://bar',
354359
'auth_time': '1970-01-01T00:00:00Z',
355360
'auth_level.nist': '0',
356361
'auth_level.ns.nist': pape.LEVELS_NIST}
357-
self.resp.parseExtensionArgs(args, True)
362+
self.resp.parseExtensionArgs(args, is_openid1=False, strict=True)
358363
self.failUnlessEqual(['http://foo','http://bar'],
359364
self.resp.auth_policies)
360365
self.failUnlessEqual('1970-01-01T00:00:00Z', self.resp.auth_time)
@@ -364,7 +369,7 @@ def test_parseExtensionArgs_nostrict_bogus(self):
364369
args = {'auth_policies': 'http://foo http://bar',
365370
'auth_time': 'when the cows come home',
366371
'nist_auth_level': 'some'}
367-
self.resp.parseExtensionArgs(args)
372+
self.resp.parseExtensionArgs(args, is_openid1=False)
368373
self.failUnlessEqual(['http://foo','http://bar'],
369374
self.resp.auth_policies)
370375
self.failUnlessEqual(None, self.resp.auth_time)

0 commit comments

Comments
 (0)