openid.store.dumbstore.DumbStore

Package openid :: Package store :: Module dumbstore :: Class DumbStore

Type DumbStore

 object --+    
          |    
OpenIDStore --+
              |
             DumbStore

This is a store for use in the worst case, when you have no way of saving state on the consumer site. Using this store makes the consumer vulnerable to replay attacks (though only within the lifespan of the tokens), as it's unable to use nonces. Avoid using this store if it is at all possible.

Most of the methods of this class are implementation details. Users of this class need to worry only about the __init__ method.

Method Summary
	`__init__(self, secret_phrase)` Creates a new DumbStore instance.
`None`	`getAssociation(self, server_url, handle)` This implementation always returns `None`.
`str`	`getAuthKey(self)` This method returns the auth key generated by the constructor.
`bool`	`isDumb(self)` This store is a dumb mode store, so this method is overridden to return `True`.
`bool`	`removeAssociation(self, server_url, handle)` This implementation always returns `False`.
	`storeAssociation(self, server_url, association)` This implementation does nothing.
	`storeNonce(self, nonce)` This implementation does nothing.
`bool`	`useNonce(self, nonce)` In a system truly limited to dumb mode, nonces must all be accepted.
Inherited from `object`: `__delattr__`, `__getattribute__`, `__hash__`, `__new__`, `__reduce__`, `__reduce_ex__`, `__repr__`, `__setattr__`, `__str__`

Class Variable Summary
Inherited from `OpenIDStore`: `AUTH_KEY_LEN`

Method Details

init(self, secret_phrase)
(Constructor)

Creates a new DumbStore instance. For the security of the tokens generated by the library, this class attempts to at least have a secure implementation of getAuthKey.

When you create an instance of this class, pass in a secret phrase. The phrase is hashed with sha1 to make it the correct length and form for an auth key. That allows you to use a long string as the secret phrase, which means you can make it very difficult to guess.

Each DumbStore instance that is created for use by your consumer site needs to use the same secret_phrase.

Parameters:: secret_phrase - The phrase used to create the auth key returned by getAuthKey
(type=str)

Overrides:: __builtin__.object.__init__

getAssociation(self, server_url, handle=None)

This implementation always returns None.

Returns:: None
(type=None)

Overrides:: openid.store.interface.OpenIDStore.getAssociation

getAuthKey(self)

This method returns the auth key generated by the constructor.

Returns:: The auth key generated by the constructor.
(type=str)

Overrides:: openid.store.interface.OpenIDStore.getAuthKey

isDumb(self)

This store is a dumb mode store, so this method is overridden to return True.

Returns:: True
(type=bool)

Overrides:: openid.store.interface.OpenIDStore.isDumb

removeAssociation(self, server_url, handle)

This implementation always returns False.

Returns:: False
(type=bool)

Overrides:: openid.store.interface.OpenIDStore.removeAssociation

storeAssociation(self, server_url, association)

This implementation does nothing.

Overrides:: openid.store.interface.OpenIDStore.storeAssociation

storeNonce(self, nonce)

This implementation does nothing.

Overrides:: openid.store.interface.OpenIDStore.storeNonce

useNonce(self, nonce)

In a system truly limited to dumb mode, nonces must all be accepted. This therefore always returns True, which makes replay attacks feasible during the lifespan of the token.

Returns:: True
(type=bool)

Overrides:: openid.store.interface.OpenIDStore.useNonce

Generated by Epydoc 2.1 on Mon Jun 11 13:59:42 2007

http://epydoc.sf.net