Google Git
Sign in
apache / airflow-flask-openid-fork / 5d75649c832a0ba283a0fe43b115cb917c078d9a^! / .
commit5d75649c832a0ba283a0fe43b115cb917c078d9a[log] [tgz]
authorPatrick Uiterwijk <puiterwijk@redhat.com>Tue Dec 02 21:15:03 2014 +0100
committerPatrick Uiterwijk <puiterwijk@redhat.com>Fri Dec 05 11:16:25 2014 -0500
tree6ff41b55b55e6f36d43f29b1f07ee748495260e0
parent1a1fc96599ee0a8482704dc07649d79f10cf9c98 [diff]
Added support for immediate mode requests. [Patrick Uiterwijk]

diff --git a/ChangeLog b/ChangeLog
index a09909f..34dc3ca 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,3 +1,12 @@
+1.2.5 (2014-12-??)
+------------------
+
+New
+~~~
+
+- Added support for immediate mode requests. [Patrick Uiterwijk]
+
+
 1.2.4 (2014-10-24)
 ------------------
 

diff --git a/flask_openid.py b/flask_openid.py
index 571af21..9696066 100644
--- a/flask_openid.py
+++ b/flask_openid.py

@@ -506,8 +506,8 @@
                 self.signal_error(u'OpenID authentication failure. Mesage: %s'
                     % openid_response.message)
             elif openid_response.status == SETUP_NEEDED:
-                # We should never get here since we do checkid_setup always
-                self.signal_error(u'OpenID setup was needed??')
+                # Unless immediate=True, we should never get here
+                self.signal_error(u'OpenID setup was needed')
             else:
                 # We should also never get here, as this should be exhaustive
                 self.signal_error(u'OpenID authentication weird state: %s' %
@@ -515,7 +515,8 @@
             return redirect(self.get_current_url())
         return decorated
 
-    def try_login(self, identity_url, ask_for=None, ask_for_optional=None, extensions=None):
+    def try_login(self, identity_url, ask_for=None, ask_for_optional=None,
+                  extensions=None, immediate=False):
         """This tries to login with the given identity URL.  This function
         must be called from the login_handler.  The `ask_for` and
         `ask_for_optional`parameter can be a set of values to be asked
@@ -533,6 +534,13 @@
         that should be passed on with the request. If you use this, please make
         sure to pass the Response classes of these extensions when initializing
         OpenID.
+
+        `immediate` can be used to indicate this request should be a so-called
+        checkid_immediate request, resulting in the provider not showing any UI.
+        Note that this adds a new possible response: SetupNeeded, which is the
+        server saying it doesn't have enough information yet to authorized or
+        reject the authentication (probably, the user needs to sign in or
+        approve the trust root).
         """
         if ask_for and __debug__:
             for key in ask_for:
@@ -558,4 +566,5 @@
         else:
             trust_root = request.host_url
         return redirect(auth_request.redirectURL(trust_root,
-                                                 self.get_success_url()))
+                                                 self.get_success_url(),
+                                                 immediate=immediate))