1.1 --- a/WebStack/Resources/OpenIDRedirect.py Sun Feb 03 19:58:01 2008 +0000
1.2 +++ b/WebStack/Resources/OpenIDRedirect.py Sun Feb 03 20:00:03 2008 +0000
1.3 @@ -49,7 +49,7 @@
1.4 # fields.get("openid.ns", [None])[0] == self.openid_ns
1.5
1.6 if self.authenticator.authenticate(trans, verify=1):
1.7 - trans.redirect(fields["openid.return_to"][0])
1.8 + trans.redirect(trans.encode_url_without_query(fields["openid.return_to"][0]))
1.9
1.10 # Otherwise, handle the usual parameters and request details.
1.11
1.12 @@ -102,7 +102,7 @@
1.13 # Test the details of the assertion.
1.14
1.15 if self.test_url(fields) and \
1.16 - self.test_signature(fields) and \
1.17 + self.test_signature(trans, fields) and \
1.18 self.test_replay(fields):
1.19
1.20 self.set_token(trans, fields["openid.identity"][0])
1.21 @@ -140,7 +140,7 @@
1.22
1.23 return fields["openid.return_to"][0].startswith(self.app_url)
1.24
1.25 - def test_signature(self, fields):
1.26 + def test_signature(self, trans, fields):
1.27
1.28 """
1.29 See:
1.30 @@ -164,13 +164,13 @@
1.31 # from the OpenID provider.
1.32
1.33 else:
1.34 - return self.test_signature_direct(fields)
1.35 + return self.test_signature_direct(trans, fields)
1.36
1.37 # Without a handle, no signature verification can occur.
1.38
1.39 return 0
1.40
1.41 - def test_signature_direct(self, fields):
1.42 + def test_signature_direct(self, trans, fields):
1.43
1.44 """
1.45 See:
1.46 @@ -179,12 +179,12 @@
1.47
1.48 # Make a POST request using the "openid." fields.
1.49
1.50 - d = {}
1.51 + d = []
1.52 for name, values in fields.items():
1.53 if name.startswith("openid.") and name != "openid.mode":
1.54 - d[name] = values[0]
1.55 - d["openid.mode"] = "check_authentication"
1.56 - data = urllib.urlencode(d)
1.57 + d.append("%s=%s" % (name, trans.encode_path(values[0])))
1.58 + d.append("%s=%s" % ("openid.mode", "check_authentication"))
1.59 + data = "&".join(d)
1.60
1.61 # Send a POST request to the OpenID provider, reading the response and
1.62 # testing for certain fields and values.