tipfy.ext.auth.openid ¶

This extension implements OpenID authentication with Attribute Exchange. Although App Engine has built-in OpenId support, this can be useful if you want to integrate multiple authentication systems (own auth, OAuth, Facebook or others) or have access to attributes not available in the built-in OpenId. You may want to access more attributes in apps made for the Google Apps Marketplace, for example.

Try our multi-auth demo (source here).

Example¶

You authenticate setting a RequestHandler that also extends the OpenIdMixin provided by the extension. The code is well commented to show you what is happening:

from tipfy import RequestHandler, Response, abort
from tipfy.ext.auth.openid import OpenIdMixin

class AuthenticationHandler(RequestHandler, OpenIdMixin):
    """This handler is executed to authenticate a user using OpenId."""
    def get(self, **kwargs):
        # The OpenId provider endpoint. We use Google's here.
        endpoint = 'https://www.google.com/accounts/o8/ud'

        if self.request.args.get('openid.mode', None):
            # If 'openid.mode' is in the URL, this may be a user redirected
            # after an authentication attempt. Try to get the user info and
            # set self._on_auth() as a callback. It will be called passing
            # a dictionary of user info or None if the auntentication is not
            # valid.
            return self.get_authenticated_user(self._on_auth,
                openid_endpoint=endpoint)

        # Redirect to the OpenId provider to authenticate the user.
        return self.authenticate_redirect(openid_endpoint=endpoint)

    def _on_auth(self, user):
        """This function was set as callback in get() to be executed after an
        authentication attempt. If the authentication is valid, user will be
        dictionary with user attributes, if the authentication is not valid
        it will be None.

        :param user:
            A dictionary with user attributes if the authentication is valid,
            or None.
        :return:
            A response object.
        """
        if not user:
            # Authentication failed.
            abort(403)

        # For this example, we just display the user atttributes. You should
        # use this information to set a user session to keep the user logged
        # in, then redirect to original page where the user was before
        # requesting authentication.
        return Response(str(user))

Extension Reference¶

Name: tipfy.ext.auth.openid
Author: Rodrigo Moraes, ported from tornado.auth
License: Apache Software License
Tags: authentication, users
URL: http://www.tipfy.org/wiki/extensions/auth/openid/
PyPi page: http://pypi.python.org/pypi/tipfy.ext.auth.openid/
Source code: http://code.google.com/p/tipfy-ext-auth-openid/
Issue tracker: http://code.google.com/p/tipfy-ext-auth-openid/issues/list

Version: latest
Edited by moraes on 7/21/10 5:44 PM
Save on Delicious | Submit to Reddit
History
Edit

tipfy.ext.auth.openid ¶

Example¶

Extension Reference¶

Table of contents

This page

This wiki