Home | Trees | Indices | Help |
|
---|
|
object --+ | interface.OpenIDStore --+ | DumbStore
This is a store for use in the worst case, when you have no way of saving state on the consumer site. Using this store makes the consumer vulnerable to replay attacks (though only within the lifespan of the tokens), as it's unable to use nonces. Avoid using this store if it is at all possible.
Most of the methods of this class are implementation details. Users of this class need to worry only about the__init__
method.
|
|||
__init__(self,
secret_phrase) Creates a new DumbStore instance. |
|||
NoneType
|
storeAssociation(self,
server_url,
association) This implementation does nothing. |
||
None
|
getAssociation(self,
server_url,
handle=None) This implementation always returns None .
|
||
bool
|
removeAssociation(self,
server_url,
handle) This implementation always returns False .
|
||
NoneType
|
storeNonce(self,
nonce) This implementation does nothing. |
||
bool
|
useNonce(self,
nonce) In a system truly limited to dumb mode, nonces must all be accepted. |
||
str
|
getAuthKey(self) This method returns the auth key generated by the constructor. |
||
bool
|
isDumb(self) This store is a dumb mode store, so this method is overridden to return True .
|
||
Inherited from |
|
|||
Inherited from |
|
|||
Inherited from |
|
Creates a new DumbStore instance. For the security of the tokens
generated by the library, this class attempts to at least have a secure
implementation of When you create an instance of this class, pass in a secret phrase. The phrase is hashed with sha1 to make it the correct length and form for an auth key. That allows you to use a long string as the secret phrase, which means you can make it very difficult to guess. EachDumbStore instance that is created for use by
your consumer site needs to use the same secret_phrase .
|
This implementation does nothing.
|
This implementation always returns None .
|
This implementation always returns False .
|
This implementation does nothing.
|
In a system truly limited to dumb mode, nonces must all be accepted. This therefore always returns True , which makes replay
attacks feasible during the lifespan of the token.
|
This method returns the auth key generated by the constructor.
|
This store is a dumb mode store, so this method is overridden to return True .
|
Home | Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0alpha3 on Fri Dec 8 13:26:20 2006 | http://epydoc.sourceforge.net |