Handle OpenID consumers that don't support YADIS for return_to verification.

1 files changed, 9 insertions, 2 deletions

diff --git a/quoins/openid_controllers.py b/quoins/openid_controllers.py
index 2d15c7e..8b1619f 100644
--- a/quoins/openid_controllers.py
+++ b/quoins/openid_controllers.py
@@ -51,6 +51,7 @@ class DecideController(object):
         session.save()
 
         d = dict(openid = self.oid_controller,
+                 oid_return_verified = request.environ['oid_return_verified'],
                  oid_request = oid_request,
                  required = sr_required,
                  optional = sr_optional,
@@ -174,11 +175,17 @@ class OpenIDController(TGController):
         oid_request = oserver.decodeRequest(request.params)
         request.environ['oid_request']=oid_request
 
+        request.environ['oid_return_verified']='not verified'
         if oid_request.mode in ['checkid_immediate', 'checkid_setup']:
             if hasattr(oid_request, 'returnToVerified'):
-                if not (oid_request.trustRootValid()
-                        and oid_request.returnToVerified()):
+                if not oid_request.trustRootValid():
                     raise Exception("Not trusted")
+                try:
+                    if not oid_request.returnToVerified():
+                        raise Exception("Not trusted")
+                    request.environ['oid_return_verified']='verified'
+                except:
+                    pass
             else:
                 if not (oid_request.trustRootValid()):
                     raise Exception("Not trusted")