another sample client

Clarke, Trevor tclarke at
Fri May 20 13:20:24 PDT 2005

I'm including a simple Python OpenID client. This is more of an example
then a usable, general-purpose client. It may be useful for someone not
familiar with javascript. It's also nice as it does not require a helper
script. It can be run as a cgi or from a commandline. It assumes that
you are using an LJ address as it screen scrapes the authorization form
and auto-submits to authorize-once. Have at it.




import cgi

from urllib import urlencode,quote_plus

from urllib2 import *

from urlparse import *

from HTMLParser import *

from sys import exit


### config



# this is the page to access after id verification has finished

# try pointing to print_vars.cgi or phpinfo();

return_to = ''


# this is the "root" of the above....this is what will

# be displayed by the id server when requesting authorization

trust_root = ''


# this is your id...try your livejournal

id = ''


# put a copy of your livejournal session cookie here

# so it knows you are logged on

# this is required as this script can be run from

# a command line

ljcookies = 'ljsession=ws:foobie:42:AB3qr33ScB'




print 'Content-type: text/html\r\n'

class IdPageParser(HTMLParser):

    id_server = None

    def handle_starttag(self, tag, attrs):

        if tag == 'link':

            attrs_dict = dict(attrs)

            if attrs_dict.get('rel') == 'openid.server':

                self.id_server = attrs_dict.get('href')


class AuthPageParser(HTMLParser):

    in_form = 0

    method = 'GET'

    args = {}

    def handle_starttag(self, tag, attrs):

        attrs = dict(attrs)

        if not self.in_form and tag == 'div' and attrs['id'] ==

            self.in_form  = 1

        if self.in_form:

            if tag == 'form':

                self.method = attrs['method']

            elif tag == 'input' and attrs['type'] == 'hidden':

                self.args[attrs['name']] = attrs['value']

            elif tag == 'input' and attrs['type'] == 'submit' and

== 'yes:once':

                self.args[attrs['name']] = attrs['value']


    def handle_endtag(self, tag):

        if self.in_form and tag == 'form':

            self.in_form = 0

print 'Opening ID document:',id,'<br/>'

parser = IdPageParser()



id_server = parser.id_server

if id_server == None:

    print 'No OpenID server specified!','<br/>'


print 'Got OpenID server:',id_server,'<br/>'


args = {'openid.return_to':return_to,




connector = '?'

if '?' in id_server:

    connector = '&'

rsp = urlopen(id_server+connector+urlencode(args))

rsp_url = urlparse(rsp.url)

qargs = cgi.parse_qs(rsp_url[4])


if 'openid.mode' in qargs:

    print 'Mode:',qargs['openid.mode'][0],'<br/>'



if 'openid.user_setup_url' in qargs:

    print 'Authentication Failed!','<br/>'

    req = Request(qargs['openid.user_setup_url'][0])


    print 'Attempting to authorize once.<br/>'

    rval = urlopen(req).read()

    parser = AuthPageParser()





        print '<hr>The following page was returned instead of an auth
request pa


        print '<iframe src="%s" width="100%%" height="50%%"/>' %




    print '<hr>',urlopen(req).read()




The print_vars.cgi program is:




# this just prints out the form values



import cgi

import cgitb; cgitb.enable()

from urllib import urlencode

from urllib2 import *

from urlparse import *

from HTMLParser import *

from sys import exit


print 'Content-type: text/html\r\n'


form = cgi.FieldStorage()

print "openid.mode = %s <br>" % form.getvalue('openid.mode')

print "openid.assert_identity = %s <br>" %

print "openid.sig = %s <br>" % form.getvalue('openid.sig')

print "openid.timestamp = %s <br>" % form.getvalue('openid.timestamp')



Trevor R.H. Clarke

tclarke at ball com <mailto:tclarke at> 

Ball Aerospace & Technologies Corp


-------------- next part --------------
An HTML attachment was scrubbed...

More information about the yadis mailing list