Class SessionNegotiator
source code
object --+
|
SessionNegotiator
A session negotiator controls the allowed and preferred association
types and association session types. Both the Consumer and Server use negotiators when creating
associations.
You can create and use negotiators if you:
-
Do not want to do Diffie-Hellman key exchange because you use
transport-layer encryption (e.g. SSL)
-
Want to use only SHA-256 associations
-
Do not want to support plain-text associations over a non-secure
channel
It is up to you to set a policy for what kinds of associations to
accept. By default, the library will make any kind of association that is
allowed in the OpenID 2.0 specification.
Use of negotiators in the library
When a consumer makes an association request, it calls getAllowedType to get the preferred association
type and association session type.
The server gets a request for a particular association/session type
and calls isAllowed to determine if it should create an
association. If it is supported, negotiation is complete. If it is not,
the server calls getAllowedType to get an allowed association
type to return to the consumer.
If the consumer gets an error response indicating that the requested
association/session type is not supported by the server that contains
an assocation/session type to try, it calls isAllowed to determine if it should try again
with the given combination of association/session type.
|
|
__init__(self,
allowed_types)
x.__init__(...) initializes x; see x.__class__.__doc__ for signature |
source code
|
|
|
|
|
|
|
setAllowedTypes(self,
allowed_types)
Set the allowed association types, checking to make sure each
combination is valid. |
source code
|
|
|
|
addAllowedType(self,
assoc_type,
session_type=None)
Add an association type and session type to the allowed types list. |
source code
|
|
|
|
isAllowed(self,
assoc_type,
session_type)
Is this combination of association type and session type allowed? |
source code
|
|
|
|
getAllowedType(self)
Get a pair of assocation type and session type that are supported |
source code
|
|
|
Inherited from object:
__delattr__,
__getattribute__,
__hash__,
__new__,
__reduce__,
__reduce_ex__,
__repr__,
__setattr__,
__str__
|
|
[(str, str)]
|
allowed_types
A list of association/session types that are allowed by the server.
|
|
Inherited from object:
__class__
|
__init__(self,
allowed_types)
(Constructor)
| source code
|
x.__init__(...) initializes x; see x.__class__.__doc__ for
signature
- Overrides:
object.__init__
- (inherited documentation)
|
addAllowedType(self,
assoc_type,
session_type=None)
| source code
|
Add an association type and session type to the allowed types list.
The assocation/session pairs are tried in the order that they are
added.
|
allowed_types
A list of association/session types that are allowed by the server. The
order of the pairs in this list determines preference. If an
association/session type comes earlier in the list, the library is more
likely to use that type.
- Type:
- [(str, str)]
|