def _verifyReturnToArgs(query):
"""Verify that the arguments in the return_to URL are present in this
response.
"""
message = Message.fromPostArgs(query)
return_to = message.getArg(OPENID_NS, 'return_to')
if return_to is None:
raise ProtocolError('Response has no return_to')
parsed_url = urlparse(return_to)
rt_query = parsed_url[4]
parsed_args = cgi.parse_qsl(rt_query)
for rt_key, rt_value in parsed_args:
try:
value = query[rt_key]
if rt_value != value:
format = ("parameter %s value %r does not match "
"return_to's value %r")
raise ProtocolError(format % (rt_key, value, rt_value))
except KeyError:
format = "return_to parameter %s absent from query %r"
raise ProtocolError(format % (rt_key, query))
# Make sure all non-OpenID arguments in the response are also
# in the signed return_to.
bare_args = message.getArgs(BARE_NS)
for pair in bare_args.iteritems():
if pair not in parsed_args:
raise ProtocolError("Parameter %s not in return_to URL" % (pair[0],))
评论列表
文章目录
