myOpenID's attribute exchange implementation uses non-standard attribute

names from an old draft of the specification. Ask for these attributes in addition to the standard ones to support that provider. Fixes bug #607553.

myOpenID's attribute exchange implementation uses non-standard attribute
names from an old draft of the specification. Ask for these attributes in addition to the standard ones to support that provider. Fixes bug #607553.
14a150a8 · James Henstridge · df06042c · 76a546ce · 14a150a8 · 14a150a8
Commit 14a150a8 authored Aug 10, 2010 by James Henstridge
Showing with 163 additions and 3 deletions

django_openid_auth/auth.py
+11 -0

django_openid_auth/tests/__init__.py
+1 -1

django_openid_auth/tests/test_auth.py
+133 -0

django_openid_auth/tests/test_views.py
+11 -1

django_openid_auth/views.py
+7 -1

No files found.
--- a/django_openid_auth/auth.py
+++ b/django_openid_auth/auth.py
@@ -102,6 +102,17 @@ class OpenIDBackend:
        # them in preference.
        fetch_response = ax.FetchResponse.fromSuccessResponse(openid_response)
        if fetch_response:
+            # The myOpenID provider advertises AX support, but uses
+            # attribute names from an obsolete draft of the
+            # specification.  We check for them first so the common
+            # names take precedence.
+            email = fetch_response.getSingle(
+                'http://schema.openid.net/contact/email', email)
+            fullname = fetch_response.getSingle(
+                'http://schema.openid.net/namePerson', fullname)
+            nickname = fetch_response.getSingle(
+                'http://schema.openid.net/namePerson/friendly', nickname)
+
            email = fetch_response.getSingle(
                'http://axschema.org/contact/email', email)
            fullname = fetch_response.getSingle(

--- a/django_openid_auth/tests/__init__.py
+++ b/django_openid_auth/tests/__init__.py
@@ -31,7 +31,7 @@ import unittest

 def suite():
    suite = unittest.TestSuite()
-    for name in ['test_store', 'test_views']:
+    for name in ['test_auth', 'test_store', 'test_views']:
        mod = __import__('%s.%s' % (__name__, name), {}, {}, ['suite'])
        suite.addTest(mod.suite())
    return suite
--- a/django_openid_auth/tests/test_auth.py
+++ b/django_openid_auth/tests/test_auth.py
+# django-openid-auth -  OpenID integration for django.contrib.auth
+#
+# Copyright (C) 2009 Canonical Ltd.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+import unittest
+
+from django.test import TestCase
+
+from django_openid_auth.auth import OpenIDBackend
+from openid.consumer.consumer import SuccessResponse
+from openid.consumer.discover import OpenIDServiceEndpoint
+from openid.message import Message, OPENID2_NS
+
+
+SREG_NS = "http://openid.net/sreg/1.0"
+AX_NS = "http://openid.net/srv/ax/1.0"
+
+class OpenIDBackendTests(TestCase):
+
+    def setUp(self):
+        super(OpenIDBackendTests, self).setUp()
+        self.backend = OpenIDBackend()
+
+    def test_extract_user_details_sreg(self):
+        endpoint = OpenIDServiceEndpoint()
+        message = Message(OPENID2_NS)
+        message.setArg(SREG_NS, "nickname", "someuser")
+        message.setArg(SREG_NS, "fullname", "Some User")
+        message.setArg(SREG_NS, "email", "foo@example.com")
+        response = SuccessResponse(
+            endpoint, message, signed_fields=message.toPostArgs().keys())
+
+        data = self.backend._extract_user_details(response)
+        self.assertEqual(data, {"nickname": "someuser",
+                                "first_name": "Some",
+                                "last_name": "User",
+                                "email": "foo@example.com"})
+
+    def test_extract_user_details_ax(self):
+        endpoint = OpenIDServiceEndpoint()
+        message = Message(OPENID2_NS)
+        attributes = [
+            ("nickname", "http://axschema.org/namePerson/friendly", "someuser"),
+            ("fullname", "http://axschema.org/namePerson", "Some User"),
+            ("email", "http://axschema.org/contact/email", "foo@example.com"),
+            ]
+        message.setArg(AX_NS, "mode", "fetch_response")
+        for (alias, uri, value) in attributes:
+            message.setArg(AX_NS, "type.%s" % alias, uri)
+            message.setArg(AX_NS, "value.%s" % alias, value)
+        response = SuccessResponse(
+            endpoint, message, signed_fields=message.toPostArgs().keys())
+
+        data = self.backend._extract_user_details(response)
+        self.assertEqual(data, {"nickname": "someuser",
+                                "first_name": "Some",
+                                "last_name": "User",
+                                "email": "foo@example.com"})
+
+    def test_extract_user_details_ax_split_name(self):
+        endpoint = OpenIDServiceEndpoint()
+        message = Message(OPENID2_NS)
+        attributes = [
+            ("nickname", "http://axschema.org/namePerson/friendly", "someuser"),
+            # Include this key too to show that the split data takes
+            # precedence.
+            ("fullname", "http://axschema.org/namePerson", "Bad Data"),
+            ("first", "http://axschema.org/namePerson/first", "Some"),
+            ("last", "http://axschema.org/namePerson/last", "User"),
+            ("email", "http://axschema.org/contact/email", "foo@example.com"),
+            ]
+        message.setArg(AX_NS, "mode", "fetch_response")
+        for (alias, uri, value) in attributes:
+            message.setArg(AX_NS, "type.%s" % alias, uri)
+            message.setArg(AX_NS, "value.%s" % alias, value)
+        response = SuccessResponse(
+            endpoint, message, signed_fields=message.toPostArgs().keys())
+
+        data = self.backend._extract_user_details(response)
+        self.assertEqual(data, {"nickname": "someuser",
+                                "first_name": "Some",
+                                "last_name": "User",
+                                "email": "foo@example.com"})
+
+    def test_extract_user_details_ax_broken_myopenid(self):
+        endpoint = OpenIDServiceEndpoint()
+        message = Message(OPENID2_NS)
+        attributes = [
+            ("nickname", "http://schema.openid.net/namePerson/friendly",
+             "someuser"),
+            ("fullname", "http://schema.openid.net/namePerson", "Some User"),
+            ("email", "http://schema.openid.net/contact/email",
+             "foo@example.com"),
+            ]
+        message.setArg(AX_NS, "mode", "fetch_response")
+        for (alias, uri, value) in attributes:
+            message.setArg(AX_NS, "type.%s" % alias, uri)
+            message.setArg(AX_NS, "value.%s" % alias, value)
+        response = SuccessResponse(
+            endpoint, message, signed_fields=message.toPostArgs().keys())
+
+        data = self.backend._extract_user_details(response)
+        self.assertEqual(data, {"nickname": "someuser",
+                                "first_name": "Some",
+                                "last_name": "User",
+                                "email": "foo@example.com"})
+
+def suite():
+    return unittest.TestLoader().loadTestsFromName(__name__)
--- a/django_openid_auth/tests/test_views.py
+++ b/django_openid_auth/tests/test_views.py
@@ -38,7 +38,7 @@ from openid.extensions import ax, sreg
 from openid.fetchers import (
    HTTPFetcher, HTTPFetchingError, HTTPResponse, setDefaultFetcher)
 from openid.oidutil import importElementTree
-from openid.server.server import BROWSER_REQUEST_MODES, Server
+from openid.server.server import BROWSER_REQUEST_MODES, ENCODE_URL, Server
 from openid.store.memstore import MemoryStore

 from django_openid_auth import teams
@@ -154,6 +154,9 @@ class RelyingPartyTests(TestCase):

    def complete(self, openid_response):
        """Complete an OpenID authentication request."""
+        # The server can generate either a redirect or a form post
+        # here.  For simplicity, force generation of a redirect.
+        openid_response.whichEncoding = lambda: ENCODE_URL
        webresponse = self.provider.server.encodeResponse(openid_response)
        self.assertEquals(webresponse.code, 302)
        redirect_to = webresponse.headers['location']
@@ -355,6 +358,13 @@ class RelyingPartyTests(TestCase):
                'http://axschema.org/namePerson/last'))
        self.assertTrue(fetch_request.has_key(
                'http://axschema.org/namePerson/friendly'))
+        # myOpenID compatibilty attributes:
+        self.assertTrue(fetch_request.has_key(
+                'http://schema.openid.net/contact/email'))
+        self.assertTrue(fetch_request.has_key(
+                'http://schema.openid.net/namePerson'))
+        self.assertTrue(fetch_request.has_key(
+                'http://schema.openid.net/namePerson/friendly'))

        # Build up a response including AX data.
        openid_response = openid_request.answer(True)

--- a/django_openid_auth/views.py
+++ b/django_openid_auth/views.py
@@ -177,7 +177,13 @@ def login_begin(request, template_name='openid/login.html',
            ('http://axschema.org/namePerson', 'fullname'),
            ('http://axschema.org/namePerson/first', 'firstname'),
            ('http://axschema.org/namePerson/last', 'lastname'),
-            ('http://axschema.org/namePerson/friendly', 'nickname')]:
+            ('http://axschema.org/namePerson/friendly', 'nickname'),
+            # The myOpenID provider advertises AX support, but uses
+            # attribute names from an obsolete draft of the
+            # specification.  We request them for compatibility.
+            ('http://schema.openid.net/contact/email', 'old_email'),
+            ('http://schema.openid.net/namePerson', 'old_fullname'),
+            ('http://schema.openid.net/namePerson/friendly', 'old_nickname')]:
            fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True))
        openid_request.addExtension(fetch_request)
    else: