1
# django-openid-auth - OpenID integration for django.contrib.auth
3
# Copyright (C) 2007 Simon Willison
4
# Copyright (C) 2008-2010 Canonical Ltd.
6
# Redistribution and use in source and binary forms, with or without
7
# modification, are permitted provided that the following conditions
10
# * Redistributions of source code must retain the above copyright
11
# notice, this list of conditions and the following disclaimer.
13
# * Redistributions in binary form must reproduce the above copyright
14
# notice, this list of conditions and the following disclaimer in the
15
# documentation and/or other materials provided with the distribution.
17
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
20
# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23
# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
25
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
27
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28
# POSSIBILITY OF SUCH DAMAGE.
33
from openid.association import Association as OIDAssociation
34
from openid.store.interface import OpenIDStore
35
from openid.store.nonce import SKEW
37
from django_openid_auth.models import Association, Nonce
40
class DjangoOpenIDStore(OpenIDStore):
42
self.max_nonce_age = 6 * 60 * 60 # Six hours
44
def storeAssociation(self, server_url, association):
46
assoc = Association.objects.get(
47
server_url=server_url, handle=association.handle)
48
except Association.DoesNotExist:
50
server_url=server_url,
51
handle=association.handle,
52
secret=base64.encodestring(association.secret),
53
issued=association.issued,
54
lifetime=association.lifetime,
55
assoc_type=association.assoc_type)
57
assoc.secret = base64.encodestring(association.secret)
58
assoc.issued = association.issued
59
assoc.lifetime = association.lifetime
60
assoc.assoc_type = association.assoc_type
63
def getAssociation(self, server_url, handle=None):
65
if handle is not None:
66
assocs = Association.objects.filter(
67
server_url=server_url, handle=handle)
69
assocs = Association.objects.filter(server_url=server_url)
73
association = OIDAssociation(
74
assoc.handle, base64.decodestring(assoc.secret), assoc.issued,
75
assoc.lifetime, assoc.assoc_type
77
if association.getExpiresIn() == 0:
80
associations.append((association.issued, association))
86
return associations[-1][1]
88
def removeAssociation(self, server_url, handle):
89
assocs = list(Association.objects.filter(
90
server_url=server_url, handle=handle))
91
assocs_exist = len(assocs) > 0
96
def useNonce(self, server_url, timestamp, salt):
97
if abs(timestamp - time.time()) > SKEW:
101
ononce = Nonce.objects.get(
102
server_url__exact=server_url,
103
timestamp__exact=timestamp,
105
except Nonce.DoesNotExist:
107
server_url=server_url,
115
def cleanupNonces(self, _now=None):
117
_now = int(time.time())
118
expired = Nonce.objects.filter(timestamp__lt=_now - SKEW)
119
count = expired.count()
124
def cleanupAssociations(self):
125
now = int(time.time())
126
expired = Association.objects.extra(
127
where=['issued + lifetime < %d' % now])
128
count = expired.count()