1 # Copyright (C) 2014 Ipsilon project Contributors, for license see COPYING
3 from ipsilon.util.data import Store, UNIQUE_DATA_TABLE, OPTIONS_TABLE
5 from openid import oidutil
6 from openid.association import Association
7 from openid.store.nonce import SKEW as NonceSKEW
8 from openid.store.interface import OpenIDStore as OpenIDStoreInterface
13 class OpenIDStore(Store, OpenIDStoreInterface):
14 def __init__(self, database_url):
15 Store.__init__(self, database_url=database_url)
17 def storeAssociation(self, server_url, assoc):
18 iden = '%s-%s' % (server_url, assoc.handle)
19 datum = {'secret': oidutil.toBase64(assoc.secret),
20 'issued': str(assoc.issued),
21 'lifetime': str(assoc.lifetime),
22 'assoc_type': assoc.assoc_type}
25 self.save_unique_data('association', data)
27 def getAssociation(self, server_url, handle=None):
28 iden = '%s-%s' % (server_url, handle)
29 data = self.get_unique_data('association', iden)
35 assoc = Association(handle,
36 oidutil.fromBase64(datum['secret']),
38 int(datum['lifetime']),
41 if assoc.expiresIn == 0:
42 self.del_unique_data('association', iden)
47 def removeAssociation(self, server_url, handle):
48 iden = '%s-%s' % (server_url, handle)
49 self.del_unique_data('association', iden)
51 def useNonce(self, server_url, timestamp, salt):
52 if abs(timestamp - time()) > NonceSKEW:
55 iden = '%s-%s-%s' % (server_url, timestamp, salt)
56 data = self.get_unique_data('nonce', iden)
59 # This server_url, timestamp, salt combination is already seen
62 datum = {'timestamp': timestamp}
64 self.save_unique_data('nonce', data)
69 res1 = self.cleanupNonces()
70 res2 = self.cleanupAssociations()
73 def cleanupNonces(self):
74 nonces = self.get_unique_data('nonce')
77 if nonces[iden]['timestamp'] < (time() - NonceSKEW):
79 self.del_unique_data('nonce', iden)
82 def cleanupAssociations(self):
83 assocs = self.get_unique_data('association')
86 if ((int(assocs[iden]['issued']) + int(assocs[iden]['lifetime']))
89 self.del_unique_data('association', iden)
92 def _initialize_schema(self):
93 q = self._query(self._db, 'association', UNIQUE_DATA_TABLE,
96 q._con.close() # pylint: disable=protected-access
97 q = self._query(self._db, 'openid_extensions', OPTIONS_TABLE,
100 q._con.close() # pylint: disable=protected-access
102 def _upgrade_schema(self, old_version):
104 # In schema version 2, we added indexes and primary keys
105 # pylint: disable=protected-access
106 table = self._query(self._db, 'association', UNIQUE_DATA_TABLE,
108 self._db.add_constraint(table.primary_key)
109 for index in table.indexes:
110 self._db.add_index(index)
111 table = self._query(self._db, 'openid_extensions', OPTIONS_TABLE,
113 self._db.add_constraint(table.primary_key)
114 for index in table.indexes:
115 self._db.add_index(index)
118 raise NotImplementedError()