another sample client

Clarke, Trevor tclarke at ball.com
Fri May 20 13:20:24 PDT 2005 

I'm including a simple Python OpenID client. This is more of an example
then a usable, general-purpose client. It may be useful for someone not
familiar with javascript. It's also nice as it does not require a helper
script. It can be run as a cgi or from a commandline. It assumes that
you are using an LJ address as it screen scrapes the authorization form
and auto-submits to authorize-once. Have at it.

 

#!/usr/bin/python

 

import cgi

from urllib import urlencode,quote_plus

from urllib2 import *

from urlparse import *

from HTMLParser import *

from sys import exit

 

### config

###

 

# this is the page to access after id verification has finished

# try pointing to print_vars.cgi or phpinfo();

return_to = 'http://www.foo.bar/openid/print_vars.cgi'

 

# this is the "root" of the above....this is what will

# be displayed by the id server when requesting authorization

trust_root = 'http://www.foo.bar/'

 

# this is your id...try your livejournal

id = 'http://www.livejournal.com/users/foobie/'

 

# put a copy of your livejournal session cookie here

# so it knows you are logged on

# this is required as this script can be run from

# a command line

ljcookies = 'ljsession=ws:foobie:42:AB3qr33ScB'

 

###

 

print 'Content-type: text/html\r\n'

class IdPageParser(HTMLParser):

    id_server = None

    def handle_starttag(self, tag, attrs):

        if tag == 'link':

            attrs_dict = dict(attrs)

            if attrs_dict.get('rel') == 'openid.server':

                self.id_server = attrs_dict.get('href')

 

class AuthPageParser(HTMLParser):

    in_form = 0

    method = 'GET'

    args = {}

    def handle_starttag(self, tag, attrs):

        attrs = dict(attrs)

        if not self.in_form and tag == 'div' and attrs['id'] ==
'Content':

            self.in_form  = 1

        if self.in_form:

            if tag == 'form':

                self.method = attrs['method']

            elif tag == 'input' and attrs['type'] == 'hidden':

                self.args[attrs['name']] = attrs['value']

            elif tag == 'input' and attrs['type'] == 'submit' and
attrs['name']

== 'yes:once':

                self.args[attrs['name']] = attrs['value']

 

    def handle_endtag(self, tag):

        if self.in_form and tag == 'form':

            self.in_form = 0

print 'Opening ID document:',id,'<br/>'

parser = IdPageParser()

parser.feed(urlopen(id).read())

parser.close()

id_server = parser.id_server

if id_server == None:

    print 'No OpenID server specified!','<br/>'

    exit(1)

print 'Got OpenID server:',id_server,'<br/>'

 

args = {'openid.return_to':return_to,

        'openid.trust_root':trust_root,

        'openid.is_identity':id,

        'openid.post_grant':'return'}

connector = '?'

if '?' in id_server:

    connector = '&'

rsp = urlopen(id_server+connector+urlencode(args))

rsp_url = urlparse(rsp.url)

qargs = cgi.parse_qs(rsp_url[4])

 

if 'openid.mode' in qargs:

    print 'Mode:',qargs['openid.mode'][0],'<br/>'

else:

    print rsp.read()

if 'openid.user_setup_url' in qargs:

    print 'Authentication Failed!','<br/>'

    req = Request(qargs['openid.user_setup_url'][0])

    req.add_header('Cookie',ljcookies)

    print 'Attempting to authorize once.<br/>'

    rval = urlopen(req).read()

    parser = AuthPageParser()

    try:

        parser.feed(rval)

        parser.close()

    except:

        print '<hr>The following page was returned instead of an auth
request pa

ge.<br>'

        print '<iframe src="%s" width="100%%" height="50%%"/>' %
qargs['openid.u

ser_setup_url'][0]

        exit(2)

    req.add_data(urlencode(parser.args))

    print '<hr>',urlopen(req).read()

 

 

 

The print_vars.cgi program is:

 

#!/usr/bin/python

 

# this just prints out the form values

#

 

import cgi

import cgitb; cgitb.enable()

from urllib import urlencode

from urllib2 import *

from urlparse import *

from HTMLParser import *

from sys import exit

 

print 'Content-type: text/html\r\n'

 

form = cgi.FieldStorage()

print "openid.mode = %s <br>" % form.getvalue('openid.mode')

print "openid.assert_identity = %s <br>" %
form.getvalue('openid.assert_identity')

print "openid.sig = %s <br>" % form.getvalue('openid.sig')

print "openid.timestamp = %s <br>" % form.getvalue('openid.timestamp')

 

------------------------------

Trevor R.H. Clarke

tclarke at ball com <mailto:tclarke at ball.com> 

Ball Aerospace & Technologies Corp

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/yadis/attachments/20050520/dfbce309/attachment.htm

More information about the yadis mailing list