From d1d283805513e7c975d62334dd8e333ac18db96e Mon Sep 17 00:00:00 2001 From: Mark Edgington Date: Sat, 8 Mar 2014 15:12:46 -0500 Subject: [PATCH 1/2] Allow using the SREG email as the authname (i.e. the trac SID). (issue #4) --- README.rst | 4 ++++ authopenid/authopenid.py | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/README.rst b/README.rst index f11e389..62538ac 100644 --- a/README.rst +++ b/README.rst @@ -217,6 +217,10 @@ from an example config file which lists all available options:: # Use SREG nickname as authname (default false) #use_nickname_as_authname = false + + # Use SREG email as authname (default false) -- overrides + # use_nickname_as_authname if both are set to true. + #use_email_as_authname = false # If you want username to be written as # "username_in_remote_system " use: diff --git a/authopenid/authopenid.py b/authopenid/authopenid.py index d21ce21..53de797 100644 --- a/authopenid/authopenid.py +++ b/authopenid/authopenid.py @@ -141,6 +141,9 @@ def trac_auth_cookie_lifetime(self): use_nickname_as_authname = BoolOption('openid', 'use_nickname_as_authname', False, """ Whether the nickname as retrieved by SReg is used as username""") + use_email_as_authname = BoolOption('openid', 'use_email_as_authname', False, + """ Whether the email-address as retrieved by SReg is used as username. When enabled, this option overrides the use_nickname_as_authname option.""") + trust_authname = BoolOption('openid', 'trust_authname', False, """WARNING: Only enable this if you know what this mean! This could make identity theft very easy if you do not control the OpenID provider! @@ -716,6 +719,8 @@ def _do_process(self, req): # New identity URL -> create new authname/user. if self.check_list and self.check_list_username: authname = cl_username + elif self.use_email_as_authname and email: + authname = email elif self.use_nickname_as_authname and nickname: authname = nickname elif session_attr.get('name'): From 0513c10356b5fd6e9175ae57bb36ac2c0a82e9ad Mon Sep 17 00:00:00 2001 From: Mark Edgington Date: Sat, 8 Mar 2014 19:53:16 -0500 Subject: [PATCH 2/2] bugfix: set new-user attributes even when trust_authname = true --- authopenid/authopenid.py | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/authopenid/authopenid.py b/authopenid/authopenid.py index 53de797..1b6621a 100644 --- a/authopenid/authopenid.py +++ b/authopenid/authopenid.py @@ -756,18 +756,19 @@ def authnames(base): if (no_session_exists and no_permissions_defined): # name is free :-) break - # Set attributes for new user on the - # current anonymous session. It will be promoted to - # the new authenticated session on the next request - # (by Session.__init__). - # - # NB: avoid dict.update here to ensure that - # DetachedSession.__getitem__ gets a chance to - # normalize values - for name, value in session_attr.items(): - req.session[name] = value - self.env.log.info("Created new user '%s' for " - "OpenID identifier %s", authname, info.identity_url) + + # Set attributes for new user on the + # current anonymous session. It will be promoted to + # the new authenticated session on the next request + # (by Session.__init__). + # + # NB: avoid dict.update here to ensure that + # DetachedSession.__getitem__ gets a chance to + # normalize values + for name, value in session_attr.items(): + req.session[name] = value + self.env.log.info("Created new user '%s' for " + "OpenID identifier %s", authname, info.identity_url) req.authname = authname