Package openid :: Package server :: Module trustroot

Module trustroot

This module contains the TrustRoot class, which helps handle trust root checking. This module is used by the openid.server.server module, but it is also available to server implementers who wish to use it for additional trust root checking.

It also implements relying party return_to URL verification, based on the realm.

Classes
	TrustRoot This class represents an OpenID trust root.

Functions

returnToMatches(allowed_return_to_urls, return_to)
Is the return_to URL under one of the supplied allowed return_to URLs?

source code

verifyReturnTo(realm_str, return_to, _vrfy=<function getAllowedReturnURLs at 0x11d6130>)
Verify that a return_to URL is valid for the given realm.

source code

Variables
	RP_RETURN_TO_URL_TYPE = `'http://specs.openid.net/auth/2.0/retu...`

Function Details

returnToMatches(allowed_return_to_urls, return_to)

source code

Is the return_to URL under one of the supplied allowed return_to URLs?

Since: 2.1.0

verifyReturnTo(realm_str, return_to, _vrfy=<function getAllowedReturnURLs at 0x11d6130>)

source code

Verify that a return_to URL is valid for the given realm.

This function builds a discovery URL, performs Yadis discovery on it, makes sure that the URL does not redirect, parses out the return_to URLs, and finally checks to see if the current return_to URL matches the return_to.

Returns:

True if the return_to URL is valid for the realm

Raises:

DiscoveryFailure - When Yadis discovery fails

Since: 2.1.0

Variables Details

RP_RETURN_TO_URL_TYPE

Value:

'http://specs.openid.net/auth/2.0/return_to'