Commits

Show all
Author Commit Message Labels Comments Date
troeger
Fixing Django 1.7 compatibility bug
Martin von Löwis
Do not drop blank values.
Martin von Löwis
Added tag 1.12 for changeset bc00f6f8f998
Martin von Löwis
Bump version numbers.
Tags
1.12
Martin von Löwis
merged
Martin von Löwis
Fix formatting.
Martin von Löwis
Added tag 1.11 for changeset a1b5cc3a7593
Martin von Löwis
Release 1.11.
Tags
1.11
Martin von Löwis
Mark verify_signature_directly as internal function.
Martin von Löwis
Document the verify function.
Martin von Löwis
Extend nonce lifetime to 5 minutes.
Peter Troeger
Removing assoc handle fetching, since this is now handled by validate and might even lead to a KeyError here ,,,
Peter Troeger
Switch to usage of verify(), adding discovery cache
Martin von Löwis
Work around missing getcode in 2.5.
Martin von Löwis
Parse port number out of URL.
Martin von Löwis
Drop bytes literal.
Martin von Löwis
Work around 2.6 limitation.
Martin von Löwis
Add error numbers.
Martin von Löwis
Check nonce presence for OpenID 2.
Martin von Löwis
Redo verification procedure, in openid2rp.verify.
Martin von Löwis
Drop usage of cookies.
Martin von Löwis
Put openid1 parameter in return_to URL for OpenID 1.1 providers.
Martin von Löwis
Fix exception for defaultdict.
Martin von Löwis
Streamline session handling.
ja...@nottheoilrig.com
Update demo app to reuse associations.
ja...@nottheoilrig.com
Prevent a malicious user who controls an OP-local identifier from impersonating claimed identifiers that the OP is authorized to make assertions about, but that the user doesn't control.
ja...@nottheoilrig.com
ja...@nottheoilrig.com
Add 1.1 compatibility: RP MUST keep track of what claimed identifier was used to discover the OP-local identifier, for example by keeping it in session state.
ja...@nottheoilrig.com
Cache discovered OP endpoint URL to avoid repeating discovery when verifying assertions. When verifying assertions, OP endpoint URL is used to get an association if one is stored, and to perform direct verification otherwise.
ja...@nottheoilrig.com
Extend demo app to demonstrate direct verification. Use discovered OP endpoint URL to perform direct verification.
  1. Prev
  2. Next