/usr/share/pyshared/gluon/contrib/login_methods/browserid_account.py is in python-gluon 1.99.7-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 | #!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
BrowserID Authentication for web2py
developed by Madhukar R Pai (Copyright © 2011)
Email <madspai@gmail.com>
License : LGPL
thanks and credits to the web2py community
This custom authenticator allows web2py to authenticate using browserid (https://browserid.org/)
BrowserID is a project by Mozilla Labs (http://mozillalabs.com/)
to Know how browserid works please visit http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in
bottom line BrowserID provides a free, secure, de-centralized, easy to use(for users and developers) login solution.
You can use any email id as your login id. Browserid just verifys the email id and lets you login with that id.
credits for the doPost jquery function - itsadok (http://stackoverflow.com/users/7581/itsadok)
"""
import time
from gluon import *
from gluon.storage import Storage
from gluon.tools import fetch
import gluon.contrib.simplejson as json
class BrowserID(object):
"""
from gluon.contrib.login_methods.browserid_account import BrowserID
auth.settings.login_form = BrowserID(request,
audience = "http://127.0.0.1:8000"
assertion_post_url = "http://127.0.0.1:8000/%s/default/user/login" % request.application)
"""
def __init__(self,
request,
audience = "",
assertion_post_url = "",
prompt = "BrowserID Login",
issuer = "browserid.org",
verify_url = "https://browserid.org/verify",
browserid_js = "https://browserid.org/include.js",
browserid_button = "https://browserid.org/i/sign_in_red.png",
crypto_js = "https://crypto-js.googlecode.com/files/2.2.0-crypto-md5.js",
on_login_failure = None,
):
self.request = request
self.audience = audience
self.assertion_post_url = assertion_post_url
self.prompt = prompt
self.issuer = issuer
self.verify_url = verify_url
self.browserid_js = browserid_js
self.browserid_button = browserid_button
self.crypto_js = crypto_js
self.on_login_failure = on_login_failure
self.asertion_js = """
(function($){$.extend({doPost:function(url,params){var $form=$("<form method='POST'>").attr("action",url);
$.each(params,function(name,value){$("<input type='hidden'>").attr("name",name).attr("value",value).appendTo($form)});
$form.appendTo("body");$form.submit()}})})(jQuery);
function gotVerifiedEmail(assertion){if(assertion !== null){$.doPost('%s',{'assertion':assertion});}}""" % self.assertion_post_url
def get_user(self):
request = self.request
if request.vars.assertion:
audience = self.audience
issuer = self.issuer
assertion = XML(request.vars.assertion,sanitize=True)
verify_data = {'assertion':assertion,'audience':audience}
auth_info_json = fetch(self.verify_url,data=verify_data)
j = json.loads(auth_info_json)
epoch_time = int(time.time()*1000) # we need 13 digit epoch time
if j["status"] == "okay" and j["audience"] == audience and j['issuer'] == issuer and j['expires'] >= epoch_time:
return dict(email = j['email'])
elif self.on_login_failure:
redirect('http://google.com')
else:
redirect('http://google.com')
return None
def login_form(self):
request = self.request
onclick = "javascript:navigator.id.getVerifiedEmail(gotVerifiedEmail) ; return false"
form = DIV(SCRIPT(_src=self.browserid_js,_type="text/javascript"),
SCRIPT(_src=self.crypto_js,_type="text/javascript"),
A(IMG(_src=self.browserid_button,_alt=self.prompt),_href="#",_onclick=onclick,_class="browserid",_title="Login With BrowserID"),
SCRIPT(self.asertion_js))
return form
|