From 0efe98eece9af222009fb90bed7c81aa380de0e3 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Wed, 19 Aug 2015 05:29:20 +0200
Subject: [PATCH] Fix transaction check

This fixes OpenID specification compliance, since the main
OpenID endpoint URL needs to serve a non-error result on
query, and the current code would error out.

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Rob Crittenden <rcritten@redhat.com>
---
 ipsilon/providers/openid/auth.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ipsilon/providers/openid/auth.py b/ipsilon/providers/openid/auth.py
index 64245f5..1ecbe43 100644
--- a/ipsilon/providers/openid/auth.py
+++ b/ipsilon/providers/openid/auth.py
@@ -26,7 +26,8 @@ class AuthenticateRequest(ProviderPageBase):
         try:
             # generate a new id or get current one
             self.trans = Transaction('openid', **kwargs)
-            if self.trans.cookie.value != self.trans.provider:
+            if (self.trans.cookie and
+                    self.trans.cookie.value != self.trans.provider):
                 self.debug('Invalid transaction, %s != %s' % (
                            self.trans.cookie.value, self.trans.provider))
         except Exception, e:  # pylint: disable=broad-except
-- 
2.20.1