Problem with response which contains both signed and unsigned fields
MarSoft opened this issue · 1 comments
MarSoft commented
When my OpenID provider gives me response containing both signed and unsigned fields, I get an error:
SuccessResponse.getSignedNS: (http://openid.net/srv/ax/1.0, mode) not signed.
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/flask/app.py", line 889, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/lib/python2.7/site-packages/flask/app.py", line 879, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/usr/lib/python2.7/site-packages/flask/app.py", line 876, in wsgi_app
rv = self.dispatch_request()
File "/usr/lib/python2.7/site-packages/flask/app.py", line 695, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/lib/python2.7/site-packages/flaskext/openid.py", line 416, in decorated
return self.after_login_func(OpenIDResponse(openid_response))
File "/usr/lib/python2.7/site-packages/flaskext/openid.py", line 151, in __init__
lookup = RegLookup(resp)
File "/usr/lib/python2.7/site-packages/flaskext/openid.py", line 112, in __init__
self.ax_resp = ax.FetchResponse.fromSuccessResponse(resp) or {}
File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 711, in fromSuccessResponse
self.parseExtensionArgs(ax_args)
File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 686, in parseExtensionArgs
super(FetchResponse, self).parseExtensionArgs(ax_args)
File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 498, in parseExtensionArgs
self._checkMode(ax_args)
File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 80, in _checkMode
mode = ax_args.get('mode')
AttributeError: 'NoneType' object has no attribute 'get'
From code and comments:
in openid.extensions.ax.FetchResponse.fromSuccessfulResponse():
@param signed: Whether non-signed args should be
processsed. If True (the default), only signed arguments
will be processsed.
...
ax_args = success_response.extensionResponse(self.ns_uri, signed)
in openid.consumer.consumer.SuccessResponse.extensionResponse(self, namespace_uri, require_signed):
@param require_signed: True if the arguments should be among
those signed in the response, False if you don't care.
If require_signed is True and the arguments are not signed,
return None.
As we can see, FetchResponse.fromSuccessfulResponse() expects success_response.extensionResponse to return a dictionary containing signed fields only, but gets a None.
How can it be fixed?..