openid/python-openid

Problem with response which contains both signed and unsigned fields

MarSoft opened this issue · 1 comments

MarSoft commented

When my OpenID provider gives me response containing both signed and unsigned fields, I get an error:

SuccessResponse.getSignedNS: (http://openid.net/srv/ax/1.0, mode) not signed.
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/flask/app.py", line 889, in __call__
    return self.wsgi_app(environ, start_response)
  File "/usr/lib/python2.7/site-packages/flask/app.py", line 879, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "/usr/lib/python2.7/site-packages/flask/app.py", line 876, in wsgi_app
    rv = self.dispatch_request()
  File "/usr/lib/python2.7/site-packages/flask/app.py", line 695, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/usr/lib/python2.7/site-packages/flaskext/openid.py", line 416, in decorated
    return self.after_login_func(OpenIDResponse(openid_response))
  File "/usr/lib/python2.7/site-packages/flaskext/openid.py", line 151, in __init__
    lookup = RegLookup(resp)
  File "/usr/lib/python2.7/site-packages/flaskext/openid.py", line 112, in __init__
    self.ax_resp = ax.FetchResponse.fromSuccessResponse(resp) or {}
  File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 711, in fromSuccessResponse
    self.parseExtensionArgs(ax_args)
  File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 686, in parseExtensionArgs
    super(FetchResponse, self).parseExtensionArgs(ax_args)
  File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 498, in parseExtensionArgs
    self._checkMode(ax_args)
  File "/usr/lib/python2.7/site-packages/openid/extensions/ax.py", line 80, in _checkMode
    mode = ax_args.get('mode')
AttributeError: 'NoneType' object has no attribute 'get'

From code and comments:
in openid.extensions.ax.FetchResponse.fromSuccessfulResponse():

 @param signed: Whether non-signed args should be
            processsed. If True (the default), only signed arguments
            will be processsed.
...
ax_args = success_response.extensionResponse(self.ns_uri, signed)

in openid.consumer.consumer.SuccessResponse.extensionResponse(self, namespace_uri, require_signed):

 @param require_signed: True if the arguments should be among
        those signed in the response, False if you don't care.

        If require_signed is True and the arguments are not signed,
        return None.

As we can see, FetchResponse.fromSuccessfulResponse() expects success_response.extensionResponse to return a dictionary containing signed fields only, but gets a None.
How can it be fixed?..