You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2014/02/14 20:29:48 UTC
git commit: [#7013] ticket:526 Remove OpenID support
Updated Branches:
refs/heads/master ea28b132a -> 70ff6094d
[#7013] ticket:526 Remove OpenID support
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/70ff6094
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/70ff6094
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/70ff6094
Branch: refs/heads/master
Commit: 70ff6094d3a7f6a1f9b0f26c2721216e51fb5176
Parents: ea28b13
Author: Aleksey 'LXj' Alekseyev <go...@gmail.com>
Authored: Fri Jan 31 22:18:01 2014 +0200
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Fri Feb 14 19:29:37 2014 +0000
----------------------------------------------------------------------
Allura/allura/controllers/auth.py | 104 +------------
.../ext/user_profile/templates/user_index.html | 10 --
Allura/allura/lib/app_globals.py | 10 --
Allura/allura/lib/oid_helper.py | 116 --------------
Allura/allura/model/__init__.py | 3 +-
Allura/allura/model/auth.py | 44 ------
Allura/allura/model/openid_model.py | 128 ---------------
Allura/allura/templates/bare_openid.html | 28 ----
Allura/allura/templates/claim_openid.html | 48 ------
Allura/allura/templates/login.html | 21 ---
Allura/allura/templates/setup_openid_user.html | 37 -----
Allura/allura/templates/user_prefs.html | 19 ---
Allura/allura/tests/functional/test_auth.py | 155 -------------------
.../tests/functional/test_user_profile.py | 1 -
Allura/allura/tests/model/test_auth.py | 35 -----
Allura/allura/tests/model/test_openid.py | 81 ----------
Allura/allura/tests/test_globals.py | 2 -
Allura/development.ini | 3 -
Allura/setup.py | 1 -
requirements-common.txt | 1 -
20 files changed, 3 insertions(+), 844 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index 2b93dc4..87e0c44 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -16,13 +16,11 @@
# under the License.
import logging
-import string
import os
-from urllib import urlencode
import datetime
import bson
-from tg import expose, session, flash, redirect, validate, config
+from tg import expose, flash, redirect, validate, config
from tg.decorators import with_trailing_slash
from pylons import tmpl_context as c, app_globals as g
from pylons import request, response
@@ -31,7 +29,6 @@ from webob import exc as wexc
import allura.tasks.repo_tasks
from allura import model as M
from allura.lib import validators as V
-from allura.lib.oid_helper import verify_oid, process_oid
from allura.lib.security import require_authenticated, has_access
from allura.lib import helpers as h
from allura.lib import plugin
@@ -48,21 +45,6 @@ from allura.controllers import BaseController
log = logging.getLogger(__name__)
-OID_PROVIDERS = [
- ('OpenID', '${username}'),
- ('Yahoo!', 'http://yahoo.com'),
- ('Google', 'https://www.google.com/accounts/o8/id'),
- ('MyOpenID', 'http://${username}.myopenid.com/'),
- ('LiveJournal', 'http://${username}.livejournal.com/'),
- ('Flickr', 'http://www.filckr.com/photos/${username}/'),
- ('Wordpress', 'http://${username}.wordpress.com/'),
- ('Blogger', 'http://${username}.blogspot.com/'),
- ('Vidoop', 'http://${username}.myvidoop.com/'),
- ('Verisign', 'http://${username}.pip.verisignlabs.com/'),
- ('ClaimID', 'http://openid.claimid.com/${username}/'),
- ('AOL', 'http://openid.aol.com/${username}/')]
-
-
class F(object):
login_form = LoginForm()
recover_password_change_form = forms.PasswordChangeBase()
@@ -114,47 +96,12 @@ class AuthController(BaseController):
else:
return_to = request.referer
c.form = F.login_form
- return dict(oid_providers=OID_PROVIDERS, return_to=return_to)
+ return dict(return_to=return_to)
@expose('jinja:allura:templates/login_fragment.html')
def login_fragment(self, *args, **kwargs):
return self.index(*args, **kwargs)
- @expose('jinja:allura:templates/custom_login.html')
- def login_verify_oid(self, provider, username, return_to=None):
- if provider:
- oid_url = string.Template(provider).safe_substitute(
- username=username)
- else:
- oid_url = username
- return verify_oid(oid_url, failure_redirect='.',
- return_to='login_process_oid?%s' % urlencode(
- dict(return_to=return_to)),
- title='OpenID Login',
- prompt='Click below to continue')
-
- @expose()
- def login_process_oid(self, **kw):
- oid_obj = process_oid(failure_redirect='.')
- c.user = oid_obj.claimed_by_user()
- session['userid'] = c.user._id
- session.save()
- if not c.user.username:
- flash('Please choose a user name, %s.'
- % c.user.get_pref('display_name'))
- redirect('setup_openid_user')
- redirect(kw.pop('return_to', '/'))
-
- @expose('jinja:allura:templates/bare_openid.html')
- def bare_openid(self, url=None):
- '''Called to notify the user that they must set up a 'real' (with
- username) account when they have a pure openid account'''
- return dict(location=url)
-
- @expose('jinja:allura:templates/setup_openid_user.html')
- def setup_openid_user(self):
- return dict()
-
@expose('jinja:allura:templates/create_account.html')
def create_account(self, **kw):
c.form = F.registration_form
@@ -269,47 +216,6 @@ To reset your password on %s, please visit the following URL:
redirect('/')
@expose()
- @require_post()
- def do_setup_openid_user(self, username=None, display_name=None):
- u = M.User.by_username(username)
- if u and username != c.user.username:
- flash('That username is already taken. Please choose another.',
- 'error')
- redirect('setup_openid_user')
- c.user.username = username
- c.user.set_pref('display_name', display_name)
- if u is None:
- n = M.Neighborhood.query.get(name='Users')
- n.register_project('u/' + username, user_project=True)
- flash('Your username has been set to %s.' % username)
- redirect('/')
-
- @expose('jinja:allura:templates/claim_openid.html')
- def claim_oid(self):
- return dict(oid_providers=OID_PROVIDERS)
-
- @expose('jinja:allura:templates/custom_login.html')
- def claim_verify_oid(self, provider, username):
- if provider:
- oid_url = string.Template(provider).safe_substitute(
- username=username)
- else:
- oid_url = username
- return verify_oid(oid_url, failure_redirect='claim_oid',
- return_to='claim_process_oid',
- title='Claim OpenID',
- prompt='Click below to continue')
-
- @expose()
- @require_post()
- def claim_process_oid(self, **kw):
- oid_obj = process_oid(failure_redirect='claim_oid')
- if c.user:
- c.user.claim_openid(oid_obj._id)
- flash('Claimed %s' % oid_obj._id)
- redirect('/auth/preferences/')
-
- @expose()
def logout(self):
plugin.AuthenticationProvider.get(request).logout()
redirect(config.get('auth.post_logout_url', '/'))
@@ -464,12 +370,6 @@ class PreferencesController(BaseController):
primary_addr = c.user.email_addresses[0]
if primary_addr:
c.user.set_pref('email_address', primary_addr)
- for i, (old_oid, data) in enumerate(zip(c.user.open_ids, oid or [])):
- obj = c.user.openid_object(old_oid)
- if data.get('delete') or not obj:
- del c.user.open_ids[i]
- if obj:
- obj.delete()
for k, v in preferences.iteritems():
if k == 'results_per_page':
v = int(v)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/ext/user_profile/templates/user_index.html
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/user_profile/templates/user_index.html b/Allura/allura/ext/user_profile/templates/user_index.html
index 77d8028..047c21e 100644
--- a/Allura/allura/ext/user_profile/templates/user_index.html
+++ b/Allura/allura/ext/user_profile/templates/user_index.html
@@ -274,16 +274,6 @@
{% endfor %}
</ul>
</div>
- <div class="openid-list grid-18">
- <b>OpenIDs</b>
- <ul>
- {% for openid in user.open_ids %}
- <li>
- <span class="openid">{{openid}}</span>
- </li>
- {% endfor %}
- </ul>
- </div>
{% endif %}
{% for section in sections %}
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/lib/app_globals.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/app_globals.py b/Allura/allura/lib/app_globals.py
index 3ac8499..0ebb370 100644
--- a/Allura/allura/lib/app_globals.py
+++ b/Allura/allura/lib/app_globals.py
@@ -172,8 +172,6 @@ class Globals(object):
# Setup Gravatar
self.gravatar = gravatar.url
- self.oid_store = M.OpenIdStore()
-
# Setup pygments
self.pygments_formatter = utils.LineAnchorCodeHtmlFormatter(
cssclass='codehilite',
@@ -557,14 +555,6 @@ class Globals(object):
return self.resource_manager.absurl(
'theme/%s/%s' % (theme_name, href))
- def oid_session(self):
- if 'openid_info' in session:
- return session['openid_info']
- else:
- session['openid_info'] = result = {}
- session.save()
- return result
-
def forge_static(self, resource):
base = config['static.url_base']
if base.startswith(':'):
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/lib/oid_helper.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/oid_helper.py b/Allura/allura/lib/oid_helper.py
deleted file mode 100644
index 8e41a1f..0000000
--- a/Allura/allura/lib/oid_helper.py
+++ /dev/null
@@ -1,116 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-import logging
-
-from pylons import app_globals as g
-from pylons import request
-from tg import flash, redirect, session, config
-from openid.consumer import consumer
-from allura import model as M
-
-log = logging.getLogger(__name__)
-
-# openid.oidutil outputs all logging to STDERR unless otherwise configured.
-# We follow the openid.oidutil instructions to install our own logging hook.
-from openid import oidutil
-oidutil.log = log.info
-
-
-def verify_oid(oid_url, failure_redirect=None, return_to=None,
- **kw):
- '''Step 1 of OID verification -- redirect to provider site'''
- log.info('Trying to login via %s', oid_url)
- realm = config.get('openid.realm', 'http://localhost:8080/')
- return_to = realm + 'auth/' + return_to
- oidconsumer = consumer.Consumer(g.oid_session(), g.oid_store)
- try:
- req = oidconsumer.begin(oid_url)
- except consumer.DiscoveryFailure, ex:
- log.exception('Error in openid login')
- flash(str(ex[0]), 'error')
- redirect(failure_redirect)
- if req is None: # pragma no cover
- flash('No openid services found for <code>%s</code>' % oid_url,
- 'error')
- redirect(failure_redirect)
- if req.shouldSendRedirect():
- redirect_url = req.redirectURL(
- realm, return_to, False)
- log.info('Redirecting to %r', redirect_url)
- session.save()
- redirect(redirect_url)
- else:
- return dict(kw, form=req.formMarkup(realm, return_to=return_to))
-
-
-def process_oid(failure_redirect=None):
- oidconsumer = consumer.Consumer(g.oid_session(), g.oid_store)
- info = oidconsumer.complete(request.params, request.url)
- display_identifier = info.getDisplayIdentifier() or info.identity_url
- if info.status == consumer.FAILURE and display_identifier:
- # In the case of failure, if info is non-None, it is the
- # URL that we were verifying. We include it in the error
- # message to help the user figure out what happened.
- fmt = "Verification of %s failed: %s"
- flash(fmt % (display_identifier, info.message), 'error')
- redirect(failure_redirect)
- elif info.status == consumer.SUCCESS:
- # Success means that the transaction completed without
- # error. If info is None, it means that the user cancelled
- # the verification.
- css_class = 'alert'
-
- # This is a successful verification attempt. If this
- # was a real application, we would do our login,
- # comment posting, etc. here.
- fmt = "You have successfully verified %s as your identity."
- message = fmt % display_identifier
- if info.endpoint.canonicalID:
- # You should authorize i-name users by their canonicalID,
- # rather than their more human-friendly identifiers. That
- # way their account with you is not compromised if their
- # i-name registration expires and is bought by someone else.
- message += (" This is an i-name, and its persistent ID is %s"
- % info.endpoint.canonicalID)
- flash(message, 'info')
- elif info.status == consumer.CANCEL:
- # cancelled
- message = 'Verification cancelled'
- flash(message, 'error')
- redirect(failure_redirect)
- elif info.status == consumer.SETUP_NEEDED:
- if info.setup_url:
- message = '<a href=%s>Setup needed</a>' % info.setup_url
- else:
- # This means auth didn't succeed, but you're welcome to try
- # non-immediate mode.
- message = 'Setup needed'
- flash(message, 'error')
- redirect(failure_redirect)
- else:
- # Either we don't understand the code or there is no
- # openid_url included with the error. Give a generic
- # failure message. The library should supply debug
- # information in a log.
- message = 'Verification failed.'
- flash(message, 'error')
- redirect(failure_redirect)
- session.save()
- oid_obj = M.OpenId.upsert(
- info.identity_url, display_identifier=display_identifier)
- return oid_obj
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/model/__init__.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/__init__.py b/Allura/allura/model/__init__.py
index 5c295d1..65a4561 100644
--- a/Allura/allura/model/__init__.py
+++ b/Allura/allura/model/__init__.py
@@ -25,9 +25,8 @@ from .index import ArtifactReference, Shortlink
from .artifact import Artifact, MovedArtifact, Message, VersionedArtifact, Snapshot, Feed, AwardFile, Award, AwardGrant, VotableArtifact
from .discuss import Discussion, Thread, PostHistory, Post, DiscussionAttachment
from .attachments import BaseAttachment
-from .auth import AuthGlobals, User, ProjectRole, OpenId, EmailAddress, ApiToken, ApiTicket, OldProjectRole
+from .auth import AuthGlobals, User, ProjectRole, EmailAddress, ApiToken, ApiTicket, OldProjectRole
from .auth import AuditLog, audit_log
-from .openid_model import OpenIdStore, OpenIdAssociation, OpenIdNonce
from .filesystem import File
from .notification import Notification, Mailbox
from .repository import Repository, RepositoryImplementation
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/model/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/auth.py b/Allura/allura/model/auth.py
index 54dcbc3..f9e3a4c 100644
--- a/Allura/allura/model/auth.py
+++ b/Allura/allura/model/auth.py
@@ -252,39 +252,6 @@ please visit the following URL:
text=text)
-class OpenId(MappedClass):
-
- class __mongometa__:
- name = 'openid'
- session = main_orm_session
-
- _id = FieldProperty(str)
- claimed_by_user_id = FieldProperty(S.ObjectId, if_missing=None)
- display_identifier = FieldProperty(str)
-
- @classmethod
- def upsert(cls, url, display_identifier):
- result = cls.query.get(_id=url)
- if not result:
- result = cls(
- _id=url,
- display_identifier=display_identifier)
- return result
-
- def claimed_by_user(self):
- if self.claimed_by_user_id:
- result = User.query.get(
- _id=self.claimed_by_user_id, disabled=False)
- else: # pragma no cover
- result = User.register(
- dict(username=None, password=None,
- display_name=self.display_identifier,
- open_ids=[self._id]),
- make_project=False)
- self.claimed_by_user_id = result._id
- return result
-
-
class AuthGlobals(MappedClass):
class __mongometa__:
@@ -329,7 +296,6 @@ class User(MappedClass, ActivityNode, ActivityObject):
_id = FieldProperty(S.ObjectId)
sfx_userid = FieldProperty(S.Deprecated)
username = FieldProperty(str)
- open_ids = FieldProperty([str])
email_addresses = FieldProperty([str])
password = FieldProperty(str)
projects = FieldProperty(S.Deprecated)
@@ -653,16 +619,6 @@ class User(MappedClass, ActivityNode, ActivityObject):
def address_object(self, addr):
return EmailAddress.query.get(_id=addr, claimed_by_user_id=self._id)
- def openid_object(self, oid):
- return OpenId.query.get(_id=oid, claimed_by_user_id=self._id)
-
- def claim_openid(self, oid_url):
- oid_obj = OpenId.upsert(oid_url, self.get_pref('display_name'))
- oid_obj.claimed_by_user_id = self._id
- if oid_url in self.open_ids:
- return
- self.open_ids.append(oid_url)
-
def claim_address(self, email_address):
addr = EmailAddress.canonical(email_address)
email_addr = EmailAddress.upsert(addr)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/model/openid_model.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/openid_model.py b/Allura/allura/model/openid_model.py
deleted file mode 100644
index 3a51954..0000000
--- a/Allura/allura/model/openid_model.py
+++ /dev/null
@@ -1,128 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-import time
-from copy import deepcopy
-from datetime import datetime, timedelta
-
-from openid.store import nonce
-from openid.association import Association
-
-from ming.orm import FieldProperty
-from ming.orm.declarative import MappedClass
-from .session import main_orm_session
-
-
-class OpenIdAssociation(MappedClass):
-
- class __mongometa__:
- name = 'oid_store_assoc'
- session = main_orm_session
-
- _id = FieldProperty(str) # server url
- assocs = FieldProperty([dict(
- key=str, value=str)])
-
- # Mimic openid.store.memstore.ServerAssocs
- def set_assoc(self, assoc):
- for a in self.assocs:
- if a['key'] == assoc.handle:
- a['value'] = assoc.serialize()
- return
- self.assocs.append(dict(key=assoc.handle, value=assoc.serialize()))
-
- def get_assoc(self, handle):
- for a in self.assocs:
- if a['key'] == handle:
- return Association.deserialize(a['value'])
- return None
-
- def remove_assoc(self, handle):
- old_len = len(self.assocs)
- self.assocs = [
- a for a in self.assocs
- if a['key'] != handle]
- return old_len != len(self.assocs)
-
- def best_assoc(self):
- best = None
- for assoc in self.assocs:
- assoc = Association.deserialize(assoc['value'])
- if best is None or best.issued < assoc.issued:
- best = assoc
- if best:
- return best
- else:
- return None
-
- def cleanup_assocs(self):
- old_len = len(self.assocs)
- self.assocs = [a for a in self.assocs
- if Association.deserialize(a['value']).getExpiresIn() != 0]
- new_len = len(self.assocs)
- return (old_len - new_len), new_len
-
-
-class OpenIdNonce(MappedClass):
-
- class __mongometa__:
- name = 'oid_store_nonce'
- session = main_orm_session
-
- _id = FieldProperty(str) # Nonce value
- timestamp = FieldProperty(datetime, if_missing=datetime.utcnow)
-
-
-class OpenIdStore(object):
-
- def _get_assocs(self, server_url):
- assoc = OpenIdAssociation.query.get(_id=server_url)
- if assoc is None:
- assoc = OpenIdAssociation(_id=server_url)
- return assoc
-
- def storeAssociation(self, server_url, association):
- assocs = self._get_assocs(server_url)
- assocs.set_assoc(deepcopy(association))
-
- def getAssociation(self, server_url, handle=None):
- assocs = self._get_assocs(server_url)
- if handle is None:
- return assocs.best_assoc()
- else:
- return assocs.get_assoc(handle)
-
- def removeAssociation(self, server_url, handle):
- assocs = self._get_assocs(server_url)
- return assocs.remove_assoc(handle)
-
- def useNonce(self, server_url, timestamp, salt):
- if abs(timestamp - time.time()) > nonce.SKEW:
- return False
- key = str((server_url, timestamp, salt))
- if OpenIdNonce.query.get(_id=key) is None:
- OpenIdNonce(_id=key)
- return True
- else:
- return False
-
- def cleanupNonces(self):
- now = datetime.utcnow()
- cutoff = now - timedelta(seconds=nonce.SKEW)
- num_removed = OpenIdNonce.query.remove(dict(
- timestamp={'$lt': cutoff}))
- return num_removed
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/templates/bare_openid.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/bare_openid.html b/Allura/allura/templates/bare_openid.html
deleted file mode 100644
index d30e796..0000000
--- a/Allura/allura/templates/bare_openid.html
+++ /dev/null
@@ -1,28 +0,0 @@
-{#-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--#}
-{% extends g.theme.master %}
-
-{% block title %}Setup a Full Account{% endblock %}
-
-{% block header %}Setup a Full Account{% endblock %}
-
-{% block content %}
-<p>You're using an OpenID account.
- For full access, please <a href="{{location}}">create a full account</a>.</p>
-{% endblock %}
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/templates/claim_openid.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/claim_openid.html b/Allura/allura/templates/claim_openid.html
deleted file mode 100644
index 4d61d1e..0000000
--- a/Allura/allura/templates/claim_openid.html
+++ /dev/null
@@ -1,48 +0,0 @@
-{#-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--#}
-{% set hide_left_bar = True %}
-{% extends g.theme.master %}
-
-{% block title %}OpenId Claim Form{% endblock %}
-
-{% block header %}OpenId Claim Form{% endblock %}
-
-{% block content %}
- <div id="loginform_oid">
- <form action="claim_verify_oid" method="post" class="loginfields">
- <label for="provider" class="grid-4">Provider</label>
- <div class="grid-18">
- <select id="provider" name="provider">
- {%- for label, url in oid_providers %}
- <option value="{{url}}">{{label}}</option>
- {%- endfor %}
- </select>
- </div>
- <label class="grid-4" for="username">Username:</label>
- <div class="grid-18">
- <input type="text" id="username" name="username" class="text"/>
- </div>
- <label class="grid-4"> </label>
- <div class="grid-18">
- <input type="submit" id="submit" value="Claim">
- </div>
- {{lib.csrf_token()}}
- </form>
- </div>
-{% endblock %}
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/templates/login.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/login.html b/Allura/allura/templates/login.html
index 9153679..4037878 100644
--- a/Allura/allura/templates/login.html
+++ b/Allura/allura/templates/login.html
@@ -29,25 +29,4 @@
{{ c.form.display(action='./do_login', value=dict(return_to=return_to)) }}
</div>
- <div class="clear"> </div>
-
- <div id="loginform_oid">
- <form action="/auth/login_verify_oid" method="post" class="loginfields">
- <input type="hidden" name="return_to" value="{{return_to}}"/>
- <h2><span>OpenID Login</span></h2>
- <label for="provider" class="grid-4">Provider</label>
- <div class="grid-18">
- <select id="provider" name="provider">
- {%- for label, url in oid_providers %}
- <option value="{{url}}">{{label}}</option>
- {%- endfor %}
- </select>
- </div>
- <label for="username_oid" class="grid-4">Username:</label>
- <div class="grid-18"><input type="text" id="username_oid" name="username"/></div>
- <label class="grid-4"> </label>
- <div class="grid-18"><input type="submit" id="submit_oid" value="Login"/></div>
- {{lib.csrf_token()}}
- </form>
- </div>
{% endblock %}
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/templates/setup_openid_user.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/setup_openid_user.html b/Allura/allura/templates/setup_openid_user.html
deleted file mode 100644
index 6496b8f..0000000
--- a/Allura/allura/templates/setup_openid_user.html
+++ /dev/null
@@ -1,37 +0,0 @@
-{#-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--#}
-{% extends g.theme.master %}
-
-{% block title %}Login Form{% endblock %}
-
-{% block header %}Choose Login Name{% endblock %}
-
-{% block content %}
- <div id="loginform">
- <form method="POST" action="do_setup_openid_user">
- <label for="username" class="grid-4">Login Name:</label>
- <div class="grid-18"><input type="text" id="username" name="username"/></div>
- <label for="display_name" class="grid-4">Displayed Name:</label>
- <div class="grid-18"><input type="text" id="display_name" name="display_name"/></div>
- <label class="grid-4"> </label>
- <div class="grid-18"><input type="submit" value="Setup Account"/></div>
- {{lib.csrf_token()}}
- </form>
- </div>
-{% endblock %}
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/templates/user_prefs.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/user_prefs.html b/Allura/allura/templates/user_prefs.html
index 66b6c99..97453cb 100644
--- a/Allura/allura/templates/user_prefs.html
+++ b/Allura/allura/templates/user_prefs.html
@@ -93,25 +93,6 @@
{{lib.submit_button('Claim Address', name='new_addr.claim')}}
</div>
- {% if c.user.open_ids %}
- <h3 class="grid-18">OpenIDs Claimed</h3>
- <table class="grid-18">
- <tr>
- <th>OpenID</th>
- <th></th>
- </tr>
- {% for oid in c.user.open_ids %}
- {% set obj = c.user.openid_object(oid) %}
- <tr>
- <td>{{oid}}</td>
- <td>{{lib.submit_button('Delete', 'oid-%s.delete' % loop.index0)}}</td>
- </tr>
- {% endfor %}
- </table>
- {% endif %}
- <div class="grid-18">
- <a href="/auth/claim_oid">Claim New OpenID</a>
- </div>
{% endif %}
<div class="grid-18">
{{lib.submit_button('Save Changes')}}
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index 865df9e..bd6a4e2 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -35,7 +35,6 @@ from allura.tests import TestController
from allura.tests import decorators as td
from allura import model as M
from ming.orm.ormsession import ThreadLocalORMSession, session
-from allura.lib import oid_helper
from tg import config
from mock import patch
from allura.lib import plugin
@@ -208,160 +207,6 @@ class TestAuth(TestController):
r = self.app.get('/auth/preferences/')
assert 'No API token generated' in r
- @mock.patch('allura.controllers.auth.verify_oid')
- def test_login_verify_oid_with_provider(self, verify_oid):
- verify_oid.return_value = dict()
- self.app.get('/auth/login_verify_oid', params=dict(
- provider='http://www.google.com/accounts/o8/id', username='rick446@usa.net'),
- status=200)
- verify_oid.assert_called_with('http://www.google.com/accounts/o8/id',
- failure_redirect='.',
- return_to='login_process_oid?return_to=None',
- title='OpenID Login',
- prompt='Click below to continue')
-
- @mock.patch('allura.controllers.auth.verify_oid')
- def test_login_verify_oid_without_provider(self, verify_oid):
- verify_oid.return_value = dict()
- self.app.get('/auth/login_verify_oid', params=dict(
- provider='', username='rick446@usa.net'),
- status=200)
- verify_oid.assert_called_with('rick446@usa.net',
- failure_redirect='.',
- return_to='login_process_oid?return_to=None',
- title='OpenID Login',
- prompt='Click below to continue')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_login_verify_oid_good_provider_no_redirect(self, Consumer):
- Consumer().begin().shouldSendRedirect.return_value = False
- Consumer().begin().formMarkup.return_value = "<!-- I'm a mock object! -->"
- result = self.app.get('/auth/login_verify_oid', params=dict(
- provider='http://www.google.com/accounts/o8/id', username='rick446@usa.net'),
- status=200)
- flash = self.webflash(result)
- assert_equal(flash, '')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_login_verify_oid_good_provider_redirect(self, Consumer):
- Consumer().begin().shouldSendRedirect.return_value = True
- Consumer().begin().redirectURL.return_value = 'http://some.url/'
- result = self.app.get('/auth/login_verify_oid', params=dict(
- provider='http://www.google.com/accounts/o8/id', username='rick446@usa.net'),
- status=302)
- assert_equal(result.headers['Location'], 'http://some.url/')
- flash = self.webflash(result)
- assert_equal(flash, '')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_login_verify_oid_bad_provider(self, Consumer):
- Consumer().begin.side_effect = oid_helper.consumer.DiscoveryFailure(
- 'bad', mock.Mock('response'))
- result = self.app.get('/auth/login_verify_oid', params=dict(
- provider='http://www.google.com/accounts/', username='rick446@usa.net'),
- status=302)
- flash = self.webflash(result)
- assert_equal(flash, '{"status": "error", "message": "bad"}')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_login_verify_oid_bad_provider2(self, Consumer):
- Consumer().begin.return_value = None
- result = self.app.get('/auth/login_verify_oid', params=dict(
- provider='http://www.google.com/accounts/', username='rick446@usa.net'),
- status=302)
- flash = self.webflash(result)
- assert_equal(
- flash, '{"status": "error", "message": "No openid services found for <code>http://www.google.com/accounts/</code>"}')
-
- @mock.patch('allura.controllers.auth.verify_oid')
- def test_claim_verify_oid_with_provider(self, verify_oid):
- verify_oid.return_value = dict()
- self.app.get('/auth/claim_verify_oid', params=dict(
- provider='http://www.google.com/accounts/o8/id', username='rick446@usa.net'),
- status=200)
- verify_oid.assert_called_with('http://www.google.com/accounts/o8/id',
- failure_redirect='claim_oid',
- return_to='claim_process_oid',
- title='Claim OpenID',
- prompt='Click below to continue')
-
- @mock.patch('allura.controllers.auth.verify_oid')
- def test_claim_verify_oid_without_provider(self, verify_oid):
- verify_oid.return_value = dict()
- self.app.get('/auth/claim_verify_oid', params=dict(
- provider='', username='rick446@usa.net'),
- status=200)
- verify_oid.assert_called_with('rick446@usa.net',
- failure_redirect='claim_oid',
- return_to='claim_process_oid',
- title='Claim OpenID',
- prompt='Click below to continue')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_claim_verify_oid_good_provider_no_redirect(self, Consumer):
- Consumer().begin().shouldSendRedirect.return_value = False
- Consumer().begin().formMarkup.return_value = "<!-- I'm a mock object! -->"
- result = self.app.get('/auth/claim_verify_oid', params=dict(
- provider='http://www.google.com/accounts/o8/id', username='rick446@usa.net'),
- status=200)
- flash = self.webflash(result)
- assert_equal(flash, '')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_claim_verify_oid_good_provider_redirect(self, Consumer):
- Consumer().begin().shouldSendRedirect.return_value = True
- Consumer().begin().redirectURL.return_value = 'http://some.url/'
- result = self.app.get('/auth/claim_verify_oid', params=dict(
- provider='http://www.google.com/accounts/o8/id', username='rick446@usa.net'),
- status=302)
- assert_equal(result.headers['Location'], 'http://some.url/')
- flash = self.webflash(result)
- assert_equal(flash, '')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_claim_verify_oid_bad_provider(self, Consumer):
- Consumer().begin.side_effect = oid_helper.consumer.DiscoveryFailure(
- 'bad', mock.Mock('response'))
- result = self.app.get('/auth/claim_verify_oid', params=dict(
- provider='http://www.google.com/accounts/', username='rick446@usa.net'),
- status=302)
- flash = self.webflash(result)
- assert_equal(flash, '{"status": "error", "message": "bad"}')
-
- @mock.patch('allura.lib.oid_helper.consumer.Consumer')
- def test_claim_verify_oid_bad_provider2(self, Consumer):
- Consumer().begin.return_value = None
- result = self.app.get('/auth/claim_verify_oid', params=dict(
- provider='http://www.google.com/accounts/', username='rick446@usa.net'),
- status=302)
- flash = self.webflash(result)
- assert_equal(
- flash, '{"status": "error", "message": "No openid services found for <code>http://www.google.com/accounts/</code>"}')
-
- def test_setup_openid_user_current_user(self):
- r = self.app.get('/auth/setup_openid_user')
- r = self.app.post('/auth/do_setup_openid_user', params=dict(
- username='test-admin', display_name='Test Admin'))
- flash = self.webflash(r)
- assert_equal(
- flash, '{"status": "ok", "message": "Your username has been set to test-admin."}')
-
- def test_setup_openid_user_taken_user(self):
- r = self.app.get('/auth/setup_openid_user')
- r = self.app.post('/auth/do_setup_openid_user', params=dict(
- username='test-user', display_name='Test User'))
- flash = self.webflash(r)
- assert_equal(
- flash, '{"status": "error", "message": "That username is already taken. Please choose another."}')
-
- def test_setup_openid_user_new_user(self):
- r = self.app.get('/auth/setup_openid_user')
- r = self.app.post('/auth/do_setup_openid_user', params=dict(
- username='test-alkajs', display_name='Test Alkajs'))
- flash = self.webflash(r)
- assert_equal(
- flash, '{"status": "ok", "message": "Your username has been set to test-alkajs."}')
-
def test_create_account(self):
r = self.app.get('/auth/create_account')
assert 'Create an Account' in r
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/tests/functional/test_user_profile.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_user_profile.py b/Allura/allura/tests/functional/test_user_profile.py
index 0dbbe77..a09bf83 100644
--- a/Allura/allura/tests/functional/test_user_profile.py
+++ b/Allura/allura/tests/functional/test_user_profile.py
@@ -30,7 +30,6 @@ class TestUserProfile(TestController):
def test_profile(self):
response = self.app.get('/u/test-admin/profile/')
assert '<h2 class="dark title">Test Admin' in response
- assert 'OpenIDs' in response
def test_wrong_profile(self):
self.app.get('/u/no-such-user/profile/', status=404)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/tests/model/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/model/test_auth.py b/Allura/allura/tests/model/test_auth.py
index 475b74a..1c76611 100644
--- a/Allura/allura/tests/model/test_auth.py
+++ b/Allura/allura/tests/model/test_auth.py
@@ -70,22 +70,6 @@ def test_email_address():
assert 'test@domain.net' in c.user.email_addresses
-@with_setup(setUp)
-def test_openid():
- oid = M.OpenId.upsert('http://google.com/accounts/1', 'My Google OID')
- oid.claimed_by_user_id = c.user._id
- ThreadLocalORMSession.flush_all()
- assert oid.claimed_by_user() is c.user
- assert M.OpenId.upsert(
- 'http://google.com/accounts/1', 'My Google OID') is oid
- ThreadLocalORMSession.flush_all()
- assert oid is c.user.openid_object(oid._id)
- c.user.claim_openid('http://google.com/accounts/2')
- oid2 = M.OpenId.upsert('http://google.com/accounts/2', 'My Google OID')
- assert oid2._id in c.user.open_ids
- ThreadLocalORMSession.flush_all()
-
-
@td.with_user_project('test-admin')
@with_setup(setUp)
def test_user():
@@ -155,16 +139,6 @@ def test_user_project_does_not_create_on_demand_for_anonymous_user():
@with_setup(setUp)
-def test_user_project_does_not_create_on_demand_for_openid_user():
- u = M.User.register({'username': ''}, make_project=False)
- ThreadLocalORMSession.flush_all()
- assert not u.private_project()
- assert not M.Project.query.get(shortname='u/')
- assert not M.Project.query.get(shortname='u/anonymous')
- assert not M.Project.query.get(shortname='u/*anonymous')
-
-
-@with_setup(setUp)
def test_project_role():
role = M.ProjectRole(project_id=c.project._id, name='test_role')
M.ProjectRole.by_user(c.user, upsert=True).roles.append(role._id)
@@ -216,15 +190,6 @@ def test_dup_api_token():
@with_setup(setUp)
-def test_openid_claimed_by_user():
- oid = M.OpenId.upsert('http://google.com/accounts/1', 'My Google OID')
- c.user.disabled = True
- oid.claimed_by_user_id = c.user._id
- ThreadLocalORMSession.flush_all()
- assert oid.claimed_by_user() is None
-
-
-@with_setup(setUp)
def test_email_address_claimed_by_user():
addr = M.EmailAddress(_id='test_admin@domain.net',
claimed_by_user_id=c.user._id)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/tests/model/test_openid.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/model/test_openid.py b/Allura/allura/tests/model/test_openid.py
deleted file mode 100644
index 30dcdb4..0000000
--- a/Allura/allura/tests/model/test_openid.py
+++ /dev/null
@@ -1,81 +0,0 @@
-# -*- coding: utf-8 -*-
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-"""
-Model tests for openid_model
-"""
-import time
-
-import mock
-from openid.association import Association
-
-from ming.orm.ormsession import ThreadLocalORMSession
-
-from alluratest.controller import setup_unit_test
-from allura import model as M
-from allura.lib import helpers as h
-
-
-def setUp():
- setup_unit_test()
- ThreadLocalORMSession.close_all()
- M.EmailAddress.query.remove({})
- M.OpenIdNonce.query.remove({})
- M.OpenIdAssociation.query.remove({})
- #conn = M.main_doc_session.bind.conn
-
-
-def test_oid_model():
- oid = M.OpenIdAssociation(_id='http://example.com')
- assoc = mock.Mock()
- assoc.handle = 'foo'
- assoc.serialize = lambda: 'bar'
- assoc.getExpiresIn = lambda: 0
- with h.push_config(Association,
- deserialize=staticmethod(lambda v: assoc)):
- oid.set_assoc(assoc)
- assert assoc == oid.get_assoc('foo')
- oid.set_assoc(assoc)
- oid.remove_assoc('foo')
- assert oid.get_assoc('foo') is None
- oid.set_assoc(assoc)
- assert oid.get_assoc('foo') is not None
- oid.cleanup_assocs()
- assert oid.get_assoc('foo') is None
-
-
-def test_oid_store():
- assoc = mock.Mock()
- assoc.handle = 'foo'
- assoc.serialize = lambda: 'bar'
- assoc.getExpiresIn = lambda: 0
- store = M.OpenIdStore()
- with h.push_config(Association,
- deserialize=staticmethod(lambda v: assoc)):
- store.storeAssociation('http://example.com', assoc)
- assert assoc == store.getAssociation('http://example.com', 'foo')
- assert assoc == store.getAssociation('http://example.com')
- store.removeAssociation('http://example.com', 'foo')
- t0 = time.time()
- assert store.useNonce('http://www.example.com', t0, 'abcd')
- ThreadLocalORMSession.flush_all()
- assert not store.useNonce('http://www.example.com', t0, 'abcd')
- assert not store.useNonce('http://www.example.com', t0 - 1e9, 'abcd')
- assert store.getAssociation('http://example.com') is None
- store.cleanupNonces()
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/allura/tests/test_globals.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/test_globals.py b/Allura/allura/tests/test_globals.py
index f6bc81d..704514b 100644
--- a/Allura/allura/tests/test_globals.py
+++ b/Allura/allura/tests/test_globals.py
@@ -65,8 +65,6 @@ def setup_with_tools():
@td.with_wiki
def test_app_globals():
- g.oid_session()
- g.oid_session()
with h.push_context('test', 'wiki', neighborhood='Projects'):
assert g.app_static(
'css/wiki.css') == '/nf/_static_/wiki/css/wiki.css', g.app_static('css/wiki.css')
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/development.ini
----------------------------------------------------------------------
diff --git a/Allura/development.ini b/Allura/development.ini
index 87d5d92..b663f19 100644
--- a/Allura/development.ini
+++ b/Allura/development.ini
@@ -207,9 +207,6 @@ amqp.enabled = false
# amqp.password = testpw
# amqp.vhost = testvhost
-# OpenID setup
-openid.realm = http://localhost:8080/
-
# SOLR setup
solr.server = http://localhost:8983/solr
# commit on every add/delete?
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/Allura/setup.py
----------------------------------------------------------------------
diff --git a/Allura/setup.py b/Allura/setup.py
index cfb4649..252328c 100644
--- a/Allura/setup.py
+++ b/Allura/setup.py
@@ -65,7 +65,6 @@ setup(
"pysolr",
"Markdown >= 2.0.3",
"Pygments >= 1.1.1",
- "python-openid >= 2.2.4",
"EasyWidgets >= 0.1.1",
"iso8601",
"chardet >= 1.0.1",
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/70ff6094/requirements-common.txt
----------------------------------------------------------------------
diff --git a/requirements-common.txt b/requirements-common.txt
index aea8ea1..3b8e47a 100644
--- a/requirements-common.txt
+++ b/requirements-common.txt
@@ -35,7 +35,6 @@ Pypeline==0.1dev
pysolr==2.1.0-beta
python-dateutil==1.5
python-magic==0.4.3
-python-openid==2.2.5
python-oembed==0.2.1
pytidylib==0.2.1
requests==2.0.0