From bb380b3d5ca425650bb86c1fef45d4ca9fde3b25 Mon Sep 17 00:00:00 2001 From: Eevee Date: Sun, 29 Nov 2009 19:30:15 -0800 Subject: [PATCH] Give something better than a 500 when OpenID discovery fails. --- floof/controllers/account.py | 15 ++++++++++++--- floof/public/layout.css | 5 ++++- floof/templates/account/login.mako | 5 ++++- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/floof/controllers/account.py b/floof/controllers/account.py index 71e73a0..2c94736 100644 --- a/floof/controllers/account.py +++ b/floof/controllers/account.py @@ -3,13 +3,15 @@ import logging from openid.consumer.consumer import Consumer from openid.extensions.sreg import SRegRequest, SRegResponse from openid.store.filestore import FileOpenIDStore +from openid.yadis.discover import DiscoveryFailure from sqlalchemy.orm.exc import NoResultFound -from pylons import request, response, session, tmpl_context as c, url, h -from pylons.controllers.util import abort, redirect +from pylons import request, response, session, tmpl_context as c, url +from pylons.controllers.util import abort, redirect, redirect_to from routes import url_for, request_config from floof.lib.base import BaseController, render +import floof.lib.helpers as h from floof.model.users import IdentityURL, User log = logging.getLogger(__name__) @@ -19,13 +21,20 @@ class AccountController(BaseController): openid_store = FileOpenIDStore('/var/tmp') def login(self): + c.bogus_identity_url = request.params.get('bogus_identity_url', None) return render('/account/login.mako') def login_begin(self): """Step one of logging in with OpenID; we redirect to the provider""" + identity_url = request.params['identity_url'] cons = Consumer(session=session, store=self.openid_store) - auth_request = cons.begin(request.params['identity_url']) + try: + auth_request = cons.begin(identity_url) + except DiscoveryFailure: + redirect_to(controller='account', action='login', + bogus_identity_url=identity_url) + sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender', 'country', 'language', 'timezone']) auth_request.addExtension(sreg_req) diff --git a/floof/public/layout.css b/floof/public/layout.css index e74974e..017379f 100644 --- a/floof/public/layout.css +++ b/floof/public/layout.css @@ -29,6 +29,9 @@ var { font-style: italic; background: #e8e8e8; } input[type='button'], input[type='submit'], input[type='reset'] { cursor: pointer; } +/* Misc. classes */ +.error { color: #c00000; font-weight: bold; } + /* General form layout */ dl.form { margin: 1em 0; padding-left: 1em; border-left: 0.5em solid gray; } dl.form dt { padding-bottom: 0.25em; font-style: italic; } @@ -46,7 +49,7 @@ dl.form dd { margin-bottom: 0.5em; } /* Login */ form#big-login { text-align: center; } form#big-login input { font-size: 2em; margin: 0 auto; } -form#big-login input#identity-url { width: 20em; padding-left: 16px; } +form#big-login input#identity-url { width: 20em; } dl#openid_examples { overflow: hidden /* new float context */; } dl#openid_examples > dt { float: left; clear: left; width: 15.5em; margin-right: 0.5em; text-align: right; color: #2457a0; } diff --git a/floof/templates/account/login.mako b/floof/templates/account/login.mako index d00593b..d58f6d4 100644 --- a/floof/templates/account/login.mako +++ b/floof/templates/account/login.mako @@ -4,8 +4,11 @@

You can log in or register with any OpenID.

+% if c.bogus_identity_url: +

This isn't a valid OpenID, sorry.

+% endif

- +

-- 2.7.4