From c7471b276d17170db038327609e23139d3c55997 Mon Sep 17 00:00:00 2001 From: Jeremy Carbaugh Date: Fri, 2 Nov 2012 16:22:41 -0400 Subject: [PATCH] remove some dev logging and change how secure is handled --- webfinger.py | 52 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 33 insertions(+), 19 deletions(-) diff --git a/webfinger.py b/webfinger.py index 2af6dd7..d19fa79 100644 --- a/webfinger.py +++ b/webfinger.py @@ -63,53 +63,62 @@ class WebFingerClient(object): headers={'User-Agent': 'python-webfinger'}) def rd(self, url, raw=False): - + """ Load resource at given URL and attempt to parse either XRD or JRD + based on HTTP response Content-Type header. + """ resp = self._session.get(url) content = resp.content - return content if raw else rd.loads(content, resp.headers.get('Content-Type')) def hostmeta(self, secure=True): + """ Load host-meta resource from WebFinger provider. + Defaults to a secure (SSL) connection unless secure=False. + """ protocol = "https" if secure else "http" - logger.debug("hostmeta() protocol:%s" % protocol) - + # use unofficial endpoint, if enabled if not self._official and self._host in UNOFFICIAL_ENDPOINTS: host = UNOFFICIAL_ENDPOINTS[self._host] else: host = self._host - logger.debug("hostmeta() host:%s" % host) - + # create full host-meta URL hostmeta_url = "%s://%s/.well-known/host-meta" % (protocol, host) - logger.debug("hostmeta() loading:%s.json" % hostmeta_url) - resp = self._session.get("%s.json" % hostmeta_url) # attempt JRD + # attempt to load from host-meta.json resource + resp = self._session.get("%s.json" % hostmeta_url) + if resp.status_code == 404: - logger.debug("hostmeta() loading:%s" % hostmeta_url) + # on failure, load from RFC 6415 host-meta resource resp = self._session.get(hostmeta_url, headers={"Accept": "application/json"}) # fall back to XRD if resp.status_code != 200: + # raise error if request was not successful raise WebFingerException("host-meta not found") - logger.debug("hostmeta() content_type:%s" % resp.headers.get('Content-Type')) - + # load XRD or JRD based on HTTP response Content-Type header return rd.loads(resp.content, resp.headers.get('Content-Type')) def finger(self, username, rel=None): + """ Perform a WebFinger query based on the given username. + The `rel` parameter, if specified, will be passed to the provider, + but be aware that providers are not required to implement the + rel filter. + """ try: - hm = self.hostmeta() - secure = True + hm = self.hostmeta() # attempt SSL host-meta retrieval except (requests.RequestException, requests.HTTPError): - hm = self.hostmeta(secure=False) - secure = False + hm = self.hostmeta(secure=False) # on failure, attempt non-SSL + if hm is None: + raise WebFingerException("Unable to load or parse host-meta") + + # find template for LRDD document template = hm.find_link(WEBFINGER_TYPES, attr='template') + secure = template.startswith('https://') - if not template.startswith('https://'): - secure = False rd_url = template.replace('{uri}', urllib.quote_plus('acct:%s@%s' % (username, self._host))) @@ -118,9 +127,14 @@ class WebFingerClient(object): def finger(identifier, rel=None, timeout=None, official=False): - if identifier.startswith('acct:'): - (acct, identifier) = identifier.split(':', 1) + """ Shortcut method for invoking WebFingerClient. + """ + + if ":" in identifier: + (scheme, identifier) = identifier.split(':', 1) + (username, host) = identifier.split('@') + client = WebFingerClient(host, timeout=timeout, official=official) return client.finger(username, rel=rel)