Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Authentication using any OpenID with Tipfy

Tags:

python

openid

google-app-engine

tipfy

I am developing the authentication part of my app and I've run into issues with coding authentication using OpenID.

I've looked at the Tipfy example code, but it seems written under the assumption that the OpenID provider is hard-coded to google.

I would like the user to be able to provide any OpenID they desire (isn't that the point?).

Does anyone have any example code that shows a user logging in using a user-supplied OpenID?

like image 347
Noah McIlraith Avatar asked Jan 31 '11 13:01

Noah McIlraith

2 Answers

Does Tipfy allow any OpenID authentication?

If you want to authenticate any OpenID Url with Tipfy, you can't do it out of the box.
One main reason is because Tipfy does not have any discovery mechanism to retrieve the OpenID Endpoint from a given OpenID user url.

What Tipfy is missing?

Tipfy does not allow the point b. of the following workflow :
a. user submits foo.blogspot.com
b. the framework retrieves foo.blogspot.com getting the OpenId endpoint from the html page:

<link rel="openid.server" href="http://www.blogger.com/openid-server.g" />

c. the framework redirects the user to the remote login page.

What Tipfy really offers?

The Tipfy openid extension* simply offers the OpenIdMixin that is just a base class useful for building OpenID support to a specific platform (Google for example).
Indeed, GoogleMixin class extends OpenIdMixin:

class GoogleMixin(OpenIdMixin, OAuthMixin):
    """A :class:`tipfy.RequestHandler` mixin that implements Google OpenId /
    OAuth authentication.

and it has the Google OpenID endpoint hard-corded:

_OPENID_ENDPOINT = 'https://www.google.com/accounts/o8/ud'

The name OpenIdMixin is a little bit misleading near other classes names like GoogleMixin, FriendFeedMixin, FaceBookMixin etc. etc; the docstring should be more clear to specify that the class should just be extended as a base class and not used directly.

What do you need to support any OpenID url in your application using Tipfy?

You should use the same consumer userland library that Google App Engine has adopted to offer OpenID support; here the source code and here a live example.

In the specific, have a closer look to openid.consumer.consumer.py file and how the XRDS/OpenID discovery happens; I think that with some work, you should be able to integrate this part into Tipfy OpenIdMixin.

* the OpenID code is ported from tornado.auth

like image 126
systempuntoout Avatar answered Nov 10 '22 01:11

systempuntoout

That code is just an example. You just need to allow the user to specify their OpenID provider's endpoint URL via a form, and get the value from the POST. It's just a string.

like image 22
Daniel Roseman Avatar answered Nov 10 '22 01:11

Daniel Roseman
Sign in to Comment

Related questions

How to resize svg image file using librsvg Python binding
Python Subprocess - Redirect stdout/err to two places
Profiling a python multiprocessing pool
module reimported if imported from different path
Safely executing user-submitted python code on the server
Is Google App Engine right for me?
setup.py: installing just a pth file?
Python: slicing a very large binary file
How to filter a query by property of user profile in Django?
How do I delete a foreign key constraint in SQLAlchemy?
Get document DOCTYPE with BeautifulSoup
Running py.test from emacs
How can I accomplish file uploads in twisted.web that don't suck?
Method for dry runs?
Need to restart python in Terminal every time a change is made to script
How to build a computationally intensive webservice?
How to optimize operations on large (75,000 items) sets of booleans in Python?
How to add functions
Python - how to read path file/folder from server
Vim : Moving Through Code

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!