Class CheckIDRequest

Construct me.

These parameters are assigned directly as class attributes, see my class documentation for their descriptions.

Raises:

• MalformedReturnURL - When the return_to URL is not a URL.

Overrides: object.__init__

Construct me from an OpenID message.

Parameters:

• message (openid.message.Message) - An OpenID checkid_* request Message
• op_endpoint (str) - The endpoint URL of the server that this message was sent to.

Returns: CheckIDRequest

Raises:

• ProtocolError - When not all required parameters are present in the message.
• MalformedReturnURL - When the return_to URL is not a URL.
• UntrustedReturnURL - When the return_to URL is outside the trust_root.

Does the relying party publish the return_to URL for this response under the realm? It is up to the provider to set a policy for what kinds of realms should be allowed. This return_to URL verification reduces vulnerability to data-theft attacks based on open proxies, cross-site-scripting, or open redirectors.

This check should only be performed after making sure that the return_to URL matches the realm.

Returns: bool

True if the realm publishes a document with the return_to URL listed

Raises:

• openid.yadis.discover.DiscoveryFailure - if the realm URL does not support Yadis discovery (and so does not support the verification process).
• openid.fetchers.HTTPFetchingError - if the realm URL is not reachable. When this is the case, the RP may be hosted on the user's intranet.

Respond to this request.

Parameters:

• allow (bool) - Allow this user to claim this identity, and allow the consumer to have this information?
• server_url (str) - DEPRECATED. Passing op_endpoint to the Server constructor makes this optional.

  When an OpenID 1.x immediate mode request does not succeed, it gets back a URL where the request may be carried out in a not-so-immediate fashion. Pass my URL in here (the fully qualified address of this server's endpoint, i.e. http://example.com/server), and I will use it as a base for the URL for a new request.

  Optional for requests where CheckIDRequest.immediate is False or allow is True.

• identity (str or None) - The OP-local identifier to answer with. Only for use when the relying party requested identifier selection.
• claimed_id (str or None) - The claimed identifier to answer with, for use with identifier selection in the case where the claimed identifier and the OP-local identifier differ, i.e. when the claimed_id uses delegation.

  If identity is provided but this is not, claimed_id will default to the value of identity. When answering requests that did not ask for identifier selection, the response claimed_id will default to that of the request.

  This parameter is new in OpenID 2.0.

Returns: OpenIDResponse

Raises:

• NoReturnError - when I do not have a return_to.

Encode this request as a URL to GET.

Parameters:

• server_url (str) - The URL of the OpenID server to make this request of.

Returns: str

Raises:

• NoReturnError - when I do not have a return_to.

Get the URL to cancel this request.

Useful for creating a "Cancel" button on a web form so that operation can be carried out directly without another trip through the server.

(Except you probably want to make another trip through the server so that it knows that the user did make a decision. Or you could simulate this method by doing .answer(False).encodeToURL())

Returns: str

The return_to URL with openid.mode = cancel.

Raises:

• NoReturnError - when I do not have a return_to.

repr(x)

Overrides: object.__repr__

(inherited documentation)

assoc_handle

Type:

str

claimed_id

Type:

str

trust_root

Type:

str

namespace

Get Method:

_getNamespace(self)