# HG changeset patch
# User Paul Boddie <paul@boddie.org.uk>
# Date 1259283527 -3600
# Node ID 8c014bfe6b68e678cc75ff4f51b83485caefb415
# Parent  127c9715df148fb48194dfe6d5609ed868dba0c8
Changed authentication tokens to use UTF-8, not ISO-8859-1 which was presumably
in use as a safe interpretation of bytes, but would not be appropriate as a
target encoding for Unicode objects.
Changed OpenID redirection to include the query string, although this should be
tested with the example resources.
Added HTML-level character set information for the OpenID identity examples,
although python-openid's HTML parsing doesn't respect the encoding, at least in
release 2.0.2.

diff -r 127c9715df14 -r 8c014bfe6b68 WebStack/Helpers/Auth.py
--- a/WebStack/Helpers/Auth.py	Wed Nov 25 20:12:52 2009 +0100
+++ b/WebStack/Helpers/Auth.py	Fri Nov 27 01:58:47 2009 +0100
@@ -205,7 +205,7 @@
 
     # NOTE: Using "safe" encoding to deal with Unicode plaintext.
 
-    return plaintext + ":" + md5.md5(plaintext.encode("iso-8859-1") + secret_key).hexdigest()
+    return plaintext + ":" + md5.md5(plaintext.encode("utf-8") + secret_key).hexdigest()
 
 # OpenID token verification.
 # NOTE: Add SHA256 usage for associations.
@@ -223,7 +223,7 @@
 
         # NOTE: Using "safe" encoding to deal with Unicode plaintext.
 
-        hash = hmac.new(secret_key, plaintext.encode("iso-8859-1"), sha1)
+        hash = hmac.new(secret_key, plaintext.encode("utf-8"), sha1)
         return base64.standard_b64encode(hash.digest())
 
     def check_openid_signature(fields, secret_key):
diff -r 127c9715df14 -r 8c014bfe6b68 WebStack/Resources/OpenIDLogin.py
--- a/WebStack/Resources/OpenIDLogin.py	Wed Nov 25 20:12:52 2009 +0100
+++ b/WebStack/Resources/OpenIDLogin.py	Fri Nov 27 01:58:47 2009 +0100
@@ -96,7 +96,11 @@
 
         # Build an URL for returning to the application.
 
-        url = trans.encode_url_without_query(fields["openid.return_to"][0]) + "?"
+        url = fields["openid.return_to"][0]
+        if "?" in url:
+            url += "&"
+        else:
+            url += "?"
 
         first = 1
         for name, value in fields.items():
diff -r 127c9715df14 -r 8c014bfe6b68 examples/Common/OpenIDLogin/__init__.py
--- a/examples/Common/OpenIDLogin/__init__.py	Wed Nov 25 20:12:52 2009 +0100
+++ b/examples/Common/OpenIDLogin/__init__.py	Fri Nov 27 01:58:47 2009 +0100
@@ -41,6 +41,7 @@
             StringResource("""
                 <html>
                   <head>
+                    <meta http-equiv="Content-Type" content="text/html; charset="iso-8859-1" />
                     <link rel="openid2.provider openid.server" href="%s/login" />
                     <link rel="openid2.local_id openid.delegate" href="badger" />
                     <title>Badger's Home Page</title>
@@ -54,6 +55,7 @@
             StringResource(u"""
                 <html>
                   <head>
+                    <meta http-equiv="Content-Type" content="text/html; charset="iso-8859-1" />
                     <link rel="openid2.provider openid.server" href="%s/login" />
                     <link rel="openid2.local_id openid.delegate" href="זרו" />
                     <title>Home Page for זרו</title>
@@ -67,6 +69,7 @@
             StringResource("""
                 <html>
                   <head>
+                    <meta http-equiv="Content-Type" content="text/html; charset="iso-8859-1" />
                     <link rel="openid2.provider openid.server" href="%s/login" />
                     <link rel="openid2.local_id openid.delegate" href="vole" />
                     <title>Vole's Home Page</title>