Class Consumer

Initialize a Consumer instance.

You should create a new instance of the Consumer object with every HTTP request that handles OpenID transactions.

Parameters:

• session - See the session instance variable
• store (openid.store.interface.OpenIDStore) - an object that implements the interface in openid.store.interface.OpenIDStore. Several implementations are provided, to cover common database environments.

Overrides: object.__init__

Start the OpenID authentication process. See steps 1-2 in the overview at the top of this file.

Parameters:

• user_url (unicode) - Identity URL given by the user. This method performs a textual transformation of the URL to try and make sure it is normalized. For example, a user_url of example.com will be normalized to http://example.com/ normalizing and resolving any redirects the server might issue.
• anonymous (bool) - Whether to make an anonymous request of the OpenID provider. Such a request does not ask for an authorization assertion for an OpenID identifier, but may be used with extensions to pass other data. e.g. "I don't care who you are, but I'd like to know your time zone."

Returns: AuthRequest

An object containing the discovered information will be returned, with a method for building a redirect URL to the server, as described in step 3 of the overview. This object may also be used to add extension arguments to the request, using its addExtensionArg method.

Raises:

• openid.consumer.discover.DiscoveryFailure - when I fail to find an OpenID server for this URL. If the yadis package is available, openid.consumer.discover.DiscoveryFailure is an alias for yadis.discover.DiscoveryFailure.

Start OpenID verification without doing OpenID server discovery. This method is used internally by Consumer.begin after discovery is performed, and exists to provide an interface for library users needing to perform their own discovery.

Parameters:

• service (OpenIDServiceEndpoint) - an OpenID service endpoint descriptor. This object and factories for it are found in the openid.consumer.discover module.

Returns: AuthRequest

an OpenID authentication request object.

Called to interpret the server's response to an OpenID request. It is called in step 4 of the flow described in the consumer overview.

Parameters:

• query - A dictionary of the query parameters for this HTTP request.
• current_url - The URL used to invoke the application. Extract the URL from your application's web request framework and specify it here to have it checked against the openid.return_to value in the response. If the return_to URL check fails, the status of the completion will be FAILURE.

Returns:

a subclass of Response. The type of response is indicated by the status attribute, which will be one of SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.

Set the order in which association types/sessions should be attempted. For instance, to only allow HMAC-SHA256 associations created with a DH-SHA256 association session:

>>> consumer.setAssociationPreference([('HMAC-SHA256', 'DH-SHA256')])

Any association type/association type pair that is not in this list will not be attempted at all.

Parameters:

• association_preferences ([(str, str)]) - The list of allowed (association type, association session type) pairs that should be allowed for this consumer to use, in order from most preferred to least preferred.

Returns:

None

session_key_prefix

Value:

'_openid_consumer_'

session