Starting with tag: [TAG attribute-exchange-revision-370 cygnus@janrain.com**20071016002702] [Fix typo in pape extension cygnus@janrain.com**20071016230044] [Update example consumer to request and display PAPE information cygnus@janrain.com**20071016230221] [Update sqlite store to try importing sqlite3 cygnus@janrain.com**20071016233640] [Update django consumer to ask for (and display) PAPE information cygnus@janrain.com**20071016233705] [Update django example consumer UI to let user select PAPE policy URIs to request cygnus@janrain.com**20071017175847] [Fix Message.getAliasedArg for ns.ALIAS arguments cygnus@janrain.com**20071017233218] [Allow explicit specification of default ports when matching realms Josh Hoyt **20071018000805] [Fix the ns_uri assignment to the PAPE response Josh Hoyt **20070626193050] [Message API: getAliasedArg now properly handles namespaces Josh Hoyt **20070626221437] [Add truthiness for PAPE request Josh Hoyt **20070627005653] [Add bool() to pape.Request.__nonzero__ Josh Hoyt **20070627011846 __nonzero__ won't use the truth value of its return value (it requires returning a bool) ] [Conflict resolution of some very old patches Josh Hoyt **20071018002109] [Fix blob encoding for newer versions of MySQLdb http://j3h.us/**20071018221140] [Be smarter about DB API exceptions http://j3h.us/**20071018221256 Python 2.5 has sqlite3 built-in, and we ran into a Python install that thus had sqlite3 and pysqlite2, which are really the same thing. The problem with this is that there's a good chance that we'll use the exception classes from the wrong module and so the except clauses won't actually trap any exceptions. The sqlite modules both use a DB API extension that helps us, putting the exception classes as attributes on the connection. psycopg2 does too. MySQLdb does not. This patch sorts it out, and also tries to tell the user earlier if something goes wrong. ] [Fix psycopg/psycopg2 exception handling in PostgreSQL store http://j3h.us/**20071018225020] [Make openid.yadis.xri.identifierScheme handle an empty string http://j3h.us/**20071018230413] [Fix #60 (passing return_to to consumer.complete() causes spurious failure when mode is not id_res) http://j3h.us/**20071105204019] [Add better logging for consumer http://j3h.us/**20071105204115 Log requests created with assoc handle or stateless Log responses received with assoc handle ] [Remove orphaned assignment statement http://j3h.us/**20071105204212] [Formatting http://j3h.us/**20071105204322] [Make setAllowedTypes make sure that the association types and session types are allowed by OpenID http://j3h.us/**20071105204814] [Add return_to to the complete() call for the Django OpenID consumer example http://j3h.us/**20071105205029] [Make return_to no longer optional for complete() calls to consumer http://j3h.us/**20071108235557 It's a MUST in the OpenID 2.0 spec to check it. This also happens to fix #65 ] [Fixes for consumer example dag@janrain.com**20071113004111] [message.Message.setArg: assert value is not None. Fixes #24. Kevin Turner **20071114015208 server.Server.CheckIDRequest.answer: do not add empty op_endpoint param to v1 messages. Fixes #25. ] [pape docstring fix dag@janrain.com**20071114214151] [enforce signed args for pape dag@janrain.com**20071114214250] [server.server: add ENCODE_HTML_FORM to docstrings Kevin Turner **20071114200844] [extensions.pape: update spec URL Kevin Turner **20071114211834] [openid.ax moved to openid.extensions.ax Kevin Turner **20071114212529] [makedoc: update python-openid URL Kevin Turner **20071114220545] [epydoc Kevin Turner **20071114220642] [epydoc, and add @since tags to new methods Kevin Turner **20071114220719] [extensions.ax: epydoc Kevin Turner **20071114220838] [extensions.pape: add @since Kevin Turner **20071114220915] [server: add @since tags and other epydoc cleanup Kevin Turner **20071114221037] [extensions.ax.FetchResponse: pass request through constructor, not through getExtensionArgs Kevin Turner **20071114225145 as the framework doesn't make it plausable to pass things in to getExtensionArgs. ] [openid.sreg moved to openid.extensions.sreg Kevin Turner **20071114234107] [extensions.ax.StoreRequest: move aliases parameter from getExtensionArgs to constructor Kevin Turner **20071114234614] [server.server: update urls and extension information Kevin Turner **20071114234707] [Added example script for just doing OpenID discovery http://j3h.us/**20071114235448] [server.server: upgrade notes Kevin Turner **20071115001242] [server.server: mention returnToVerified in the overview. Kevin Turner **20071115002054] [NEWS: update for 2.0.2 Kevin Turner **20071115003612] [djopenid/templates/server/idPage.html: split openid.server and openid2.provider to different elements Kevin Turner **20071115010836 because older ruby-openid fails to grok this one. ] [Set version number to 2.0.2 Kevin Turner **20071115014735] [setup.py: update openidenabled URLs Kevin Turner **20071115015757] [this is 2.1.0, not 2.0.2 Kevin Turner **20071115021105] [server.server.CheckIDRequest.returnToVerified: document raise of HTTPFetchingError, Kevin Turner **20071115031912 update djopenid example server to catch it. ] [Make discover example script prettier http://j3h.us/**20071115154621] [AX API: fromOpenIDRequest now takes a CheckIDRequest instead of a Message http://j3h.us/**20071115234751] [NEWS about AX api changes from 2.0.1 http://j3h.us/**20071116001142] [TAG release-2.1.0-rc1 http://j3h.us/**20071116010042] [Fix hostname-to-db-name scrubbing in store tests cygnus@cprogrammer.org**20071119195647] [Add display_identifier, getDisplayIdentifier to OpenIDServiceEndpoint cygnus@cprogrammer.org**20071119195747] [Set display_identifier in discoverXRI, add tests cygnus@cprogrammer.org**20071119195837] [Update example consumer to show display_identifier cygnus@cprogrammer.org**20071119195902] [Add SuccessResponse.getDisplayIdentifier() to avoid using endpoint attribute in user code cygnus@cprogrammer.org**20071119200600] [Move getDisplayIdentifier() to Response class cygnus@cprogrammer.org**20071119201002] [Update non-Django demo RP code to use getDisplayIdentifier() cygnus@cprogrammer.org**20071119201051] [Update Django demo RP code to use getDisplayIdentifier() cygnus@cprogrammer.org**20071119201110] [Update NEWS to mention getDisplayIdentifier change cygnus@cprogrammer.org**20071119201905] [Add display_identifier check to _checkService cygnus@cprogrammer.org**20071119202913] [Set version number to 2.1.0-rc1 Kevin Turner **20071127033037] [setup.py: set download_url to .tgz for pypi-based installers on broken pythons, see #75. Kevin Turner **20071127033217] [extensions.ax: docstring updates Kevin Turner **20071127033312] [Added extensions package to setup.py http://j3h.us/**20071127162929] [test_sreg: correct test method name Kevin Turner **20071201013606] [SRegRequestTest.test_parseExtensionArgs_empty: assert that this returns None. Kevin Turner **20071201013837] [test_ax: misc docstrings Kevin Turner **20071201025548] [extensions.ax: docstring tidy Kevin Turner **20071201031036] [extensions.ax.FetchResponse.fromSuccessResponse: return new instance, not None. Kevin Turner **20071201032053 also remove code duplicated from SuccessResponse.extensionResponse. ] [consumer.consumer.SuccessResponse.getSignedNS: log an attempt to get an unsigned value Kevin Turner **20071201032828] [[API] extensions.ax.FetchRequest.fromOpenIDRequest, FetchResponse.fromSuccessResponse: return None instead of raising AXError on non-AX messages. Kevin Turner **20071201033059 ax.NotAXMessage: new exception raised by parseExtensionArgs. ] [Set version number to 2.1.0-rc2 Kevin Turner **20071201050958] [TAG release-2.1.0-rc2 Kevin Turner **20071201051015] [Add sreg 1.0 and 1.1 URI variables to __all__ cygnus@janrain.com**20071205194633] [Add PAPE test module from ruby, update pape extension cygnus@janrain.com**20071205200049] [Update version strings cygnus@janrain.com**20071205215403] [TAG release-2.1.0 cygnus@janrain.com**20071205215429] [Correct the following error: Sam Ruby **20071204150841 NameError: global name 'cleanupAssociations' is not defined ] [NEWS: update specification (spec is final) Kevin Turner **20071208035420] [message.__all__: add registerNamespaceAlias Kevin Turner **20071210220055] [fetchers.Urllib2Fetcher: parameterize urlopen for #85 Kevin Turner **20071210222341] [TAG small fixes for 2.1 Kevin Turner **20071214190450] [MANIFEST.in: examples/ lacked discover and xml templates Kevin Turner **20071214215822] [setup.py: remove license (classifier specification is sufficient) and python 2.2 compat Kevin Turner **20071215000001] [setup.py: s/tgz/tar.gz/ because that is how distutils builds it Kevin Turner **20071215000102] [Set version number to 2.1.1 Kevin Turner **20071215001307] [TAG release-2.1.1 Kevin Turner **20071215001325] [Skip MySQLdb store test if connection to server fails http://j3h.us/**20080108174855] [whitespace http://j3h.us/**20080108174940] [Pass the OpenID Message to MalformedTrustRoot when instantiating it http://j3h.us/**20080108175034] [consumer.discover.OpenIDServiceEndpoint.getDisplayIdentifier: Don't include the fragment in display identifiers. Kevin Turner **20080108224138] [consumer.Response.getDisplayIdentifier: document more about use of Display Identifier vs Claimed Identifier. Kevin Turner **20080108232611] [contrib/openid-parse: debugging utility to grab OpenID messages from the clipboard and pretty-print them. Kevin Turner **20080112005112] [contrib/openid-parse: add a function looking for tamperdata POSTDATA Kevin Turner **20080130024338] [test_message: remove unused import Kevin Turner **20080206041827] [message: allow two values for OPENID1_NS. Kevin Turner **20080206044031 Talking about OPENID1_NS is always a little silly, because no such thing existed in the 1.x specifications; it's only in the 2.x spec that talks about how to interoperate with 1.x. OpenID 1.x messages do not, generally, include any openid.ns parameter at all. And there is no recognized difference between http://openid.net/signon/1.0 and http://openid.net/signon/1.1. So this patch doesn't make every effort to allow both values throughout; it just transforms one value into the other in what looks to be the one entry point for this parameter, Message.setOpenIDNamespace. Nor does this put us at risk of accidently swapping 1.x namespace values when we write messages, because the current policy of Message.toPostArgs is to not write 1.x namespaces at all, but leave them to the default implicit value. ] [whitespace normalization Kevin Turner **20080206050428] [message: raise an InvalidOpenIDNamespace error instead of a ValueError Kevin Turner **20080206050716] [server.Server.decode: catch InvalidOpenIDNamespace errors and cast to ProtocolError Kevin Turner **20080206050733] [test_server.TestProtocolError: test hasReturnTo() when message=None. Kevin Turner **20080212230544 We had a "if False is not None" in ProtocolError.hasReturnTo. ] [message: more testing of OpenID 1.x messages that include openid.ns. Kevin Turner **20080213220930 This fixes a KeyError triggered by some Drupal messages. ] [server.trustroot.TrustRoot.parse: don't return None if other types are passed in. Kevin Turner **20080214211232 If code is passing in funny values for this, I don't want silent failure. ] [test_server.TestCheckID: more test cases for missing trust_root/realm. Kevin Turner **20080214211320] [server..CheckIDRequest.fromMessage: handle empty string for trust_root Kevin Turner **20080216185338] [server..AssociationRequest.answer: include session_type in no-encryption assoc responses. Kevin Turner **20080219002927] [server.OpenIDResponse.toFormMarkup: grab return_to from the request, not the response fields. Kevin Turner **20080220192747 Not all responses (i.e. cancel, setup_needed) include a return_to field. ] [server..Decode.decode: make sure ProtocolError has a Message even after InvalidOpenIDNamespace. Kevin Turner **20080226023122] [server..Decoder.defaultDecoder: more readable error message Kevin Turner **20080226023236] [message.InvalidOpenIDNamespace: add __str__ Kevin Turner **20080226023332] [kvform: fix formatting in error messages Kevin Turner **20080229214349] [server..CheckIDRequest.fromMessage: raise ProtocolError if claimed_id is provided without identity Kevin Turner **20080319224416 as per spec assertion: "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent. ] [Update trust root parsing to reject more invalid inputs cygnus@janrain.com**20080324215554] [server.server: adding @raises to docstrings Kevin Turner **20080421195652] [kvform: use KVFormError, catch in server.Signatory.sign Kevin Turner **20080421195747] [isAbsoluteHTTPURL: stale, removed cygnus@janrain.com**20080519223403] [extensions.pape: if PAPE response arguments are not signed, return None from Request.fromSuccessResponse cygnus@janrain.com**20080519223949] [use ENGINE instead of TYPE when creating MySQL store tables dag@janrain.com**20080520185334] [non-django consumer example: encode sreg values UTF-8, set content-type appropriately dag@janrain.com**20080520212415] [Add stateless option to python example consumer dag@janrain.com**20080520215631] [pape extension: properly handle empty auth policies list dag@janrain.com**20080520215836] [encode argument values utf-8 in message.toPostArgs dag@janrain.com**20080520215958] [Don't add 'none' as a PAPE policy URI dag@janrain.com**20080520221157] [Fix message.getAliasedArg behavior for missing namespace with no default dag@janrain.com**20080521192603] [Update pape extension to use auth_time instead of auth_age dag@janrain.com**20080521213818] [store.sqlstore.SQLStore._execSQL: convert unicode args to str() to avoid postgresql api weirdness with unicode objects. Kevin Turner **20080521231532 Thanks to Marek Kuziel for tracking this down. ] [add implicit flag to namespaces not explicitly defined in message dag@janrain.com**20080522215451] [Add optional form_tag_attrs arg to server.OpenIDResponse.toFormMarkup dag@janrain.com**20080523002338] [Added toHTML methods in consumer and server where toFormMarkup appears dag@janrain.com**20080523190443] [Consumer._verifyDiscoveryResults: fall back to OpenID 1.0 type if 1.1 endpoint cannot be found cygnus@janrain.com**20080524010331] [CheckAuth: copy entire response, not just signed fields. Fixes missing namespace in check_authentication requests dag@janrain.com**20080526230218] [use failUnless instead of assertTrue (python 2.3 compatibility) dag@janrain.com**20080526233555] [update copyright dates to include 2008 chowells@janrain.com**20080527205704] [Update the example consumer to use the htmlMarkup method instead of the formMarkup method chowells@janrain.com**20080527230334] [Have the auto-submit html wrapper hide the continue button via javascript chowells@janrain.com**20080527230416] [message.fromPostArgs: use query.items() instead of iteritems(), fixes #161 (django is dumb) Kevin Turner **20080529183704] [add __all__ to __init__.py files, fixes #138 Kevin Turner **20080529211555] [fetchers: set Range header to 0-1MB, urllib2 fetcher only reads 1MB dag@janrain.com**20080529205212] [Enforce maximum response size in libcurl fetcher dag@janrain.com**20080529212945] [Normalize return_to before checking it dag@janrain.com**20080602233621] [Add one more trustroot testcase dag@janrain.com**20080603000551] [SReg.fromSuccessResponse: return None when no signed arguments found dag@janrain.com**20080603204612] [Include string begin and end in PAPE time validating regexp dag@janrain.com**20080603204713] [Add NOT NULL constraints to SQL store table construction code dag@janrain.com**20080603211842] [clarify documentation for URL argument to Consumer.complete; call it current_url instead of return_to dag@janrain.com**20080603215514] [Add AX.fromSuccessResponse test with data dag@janrain.com**20080603223034] [Add a few more parsehtml test cases dag@janrain.com**20080604224306] [Add an extra parsehtml testcase for missing close script tag dag@janrain.com**20080604231322] [Allow OP-driven id selection in example server dag@janrain.com**20080605190210] [README: Add /contribute/ URL Kevin Turner **20080604210313] [sqlstore: Add explicit field names in db_new_assoc SQL Kevin Turner **20080604210851] [Deprecate server.CheckIDRequest.namespace and stop using == OPENID1_NS anywhere in server Kevin Turner **20080605190345] [Message: allow setting namespace to OpenID 1.1 namespace Kevin Turner **20080605190915] [test_message: test that explicit OpenID 1.1 ns is included in output postargs Kevin Turner **20080605191430] [message.Message(): when constructed with an OpenID 1 namespace, mark namespace as implicit Kevin Turner **20080605204637 Message.setOpenIDNamespace: added an "implicit" argument ] [[API] sqlstore: Remove stale settings table SQL cygnus@janrain.com**20080605210454] [Add multisegment xrds test dag@janrain.com**20080605210311] [Condense changes since 2.1.1 release into CHANGES-2.2.0 cygnus@janrain.com**20080605224208] [Update CHANGES-2.2.0 cygnus@janrain.com**20080605234842] [Change __version__ to 2.2.0 cygnus@janrain.com**20080605235650] [Django demo RP: update PAPE spec link cygnus@janrain.com**20080606001727] [djopenid.consumer.views: don't die when sreg_response is None Kevin Turner **20080606185837] [server: add assert in CheckIDRequest.answer http://mike.glover.myopenid.com**20080606202900] [Do not send namespace aliases for extensions with OpenID 1 messages that we create cygnus@janrain.com**20080606211917 This makes the library compatible with the JanRain PHP 1.x library, since it did not handle arbitrary query keys with dots in them (PHP mangles . to _) ] [TAG release-2.2.0 cygnus@janrain.com**20080606225140] [Reject URIs with illegal characters in urinorm http://j3h.us/**20080610234222] [whitespace http://j3h.us/**20080610234251] [whitespace http://j3h.us/**20080610234309] [whitespace http://j3h.us/**20080610234314] [Better output for test failures for urinorm http://j3h.us/**20080610234330] [openid.server.trustroot._parseURL: fail to parse trust roots with non-ASCII characters in path or hostname cygnus@janrain.com**20080611180350] [Extension.getExtensionArgs: update docstring cygnus@janrain.com**20080611180431] [Move trustroot test data file to data/ directory cygnus@janrain.com**20080611182900] [Accept response code 206 from fetcher results. Fixes #260 Kevin Turner **20080611222807] [etxrd.getCanonicalID: case-insensitive comparsions, patch from =wil Kevin Turner **20080613175705 1. There should only be a single CanonicalID in each XRD (in the latest XRI resolution spec), so I made it use the first CID found instead of the last. 2. Use case-insensitive comparison when comparing CanonicalIDs. ] [Signatory.sign: EncodingError takes a response object, add an explanation attribute Kevin Turner **20080421212127] [openid.server.server.CheckIdRequest: change __str__ to __repr__ for better debugging output chowells@janrain.com**20080624213510] [server.trustroot._top_level_domains: updated Kevin Turner **20080625210015] [admin/gettlds.py: added script to get TLDs from IANA Kevin Turner **20080625210139] [More explicit message when no ElementTree library can be imported Kevin Turner **20080625213513] [Text-flow in README Kevin Turner **20080625215423] [Add 206 status check to openid.consumer.discover Kevin Turner **20080625215620] [TrustRoot.checkSanity: handle trust roots that do not parse gracefully Kevin Turner **20080625235919] [Set version number to 2.2.1 Kevin Turner **20080627224505] [TAG release-2.2.1 Kevin Turner **20080627224532] [whitespace http://mike.glover.myopenid.com**20080627214442] [Require at least one character in authority segment of trustroot dag@janrain.com**20080707215020] [Use reprs in TrustRoot repr string dag@janrain.com**20080707215114] [Provide the user_setup_url in the SetupNeededResponse even in OpenID 2 chowells@janrain.com**20080710230029] [Since we're generating a user_setup_url in openid 2 requests, we'd be better off doing it correctly chowells@janrain.com**20080711195247] [Django demo RP: if no pape auth policies are returned, say no PAPE response was returned cygnus@janrain.com**20080711214015] [whitespace normalization Kevin Turner **20080716222300] [CheckIDRequest.answer: normalize request.identity when comparing to answer identity value Kevin Turner **20080716223024] [server.CheckIDRequest.answer: respond with claimed_id from the request, not the passed in identity value. fixes bug introduced by last patch Kevin Turner **20080718200004] [server.EncodingError.__str__: fix missing self. Kevin Turner **20080718200230] [djopenid: add ax to consumer example Kevin Turner **20080723190133 Note: currently uses myopenid.com-compatible AX values, which are not up to date with axschema.org. ] [djopenid.consumer.views: correct ax bugs Kevin Turner **20080723205423] [test_discover.TestFetchException: don't try to test string exceptions in python 2.6 Kevin Turner **20080907222224] [extensions.pape: correct use of super() Kevin Turner **20080907222239] [Move PAPE extension into a draft extension module cygnus@janrain.com**20081013191732] [Start of PAPE draft 5 implementation cygnus@janrain.com**20081013191824] [runtests: DRY cygnus@janrain.com**20081013193702] [Use PAPE draft 5 as the default PAPE implementation cygnus@janrain.com**20081013193747] [pape5: Wrap long lines cygnus@janrain.com**20081013204841] [pape.Request.auth_levels => pape.Request.preferred_auth_level_types, and parsing cygnus@janrain.com**20081013205207] [pape.Request: for OpenID 1, do not require namespace URI definition for known auth levels cygnus@janrain.com**20081013210829] [pape5: Pull auth level alias management into a superclass of Request cygnus@janrain.com**20081013212204] [Docstrings cygnus@janrain.com**20081013212642] [pape5.Response: start using auth_level.XXX throughout to replace nist_auth_level cygnus@janrain.com**20081013215638] [test_pape_draft5: whitespace cygnus@janrain.com**20081013221151] [test_pape_draft5: in response tests use self.resp, not self.req cygnus@janrain.com**20081013221454] [pape5: support special "none" policy URI cygnus@janrain.com**20081013223425] [pape5.Response: Add is_openid1 flag to parseExtensionArgs API cygnus@janrain.com**20081013224154] [test_pape_draft5: test strict request auth age parsing failure cygnus@janrain.com**20081013231212] [pape5: test and handle missing namespace declarations cygnus@janrain.com**20081013231345] [Django demo server: send NIST auth level 0 PAPE response cygnus@janrain.com**20081013234335] [Django demo server: display information about PAPE request cygnus@janrain.com**20081013234835] [Remove range headers from requests dag@janrain.com**20081031231801] [python 2.3 does not have assertTrue Kevin Turner **20081031235629]