In case the callback_uri and the uri that called authenticate_redirect

author Ben Darnell <ben@bendarnell.com>

Sun, 14 Aug 2011 19:03:07 +0000 (12:03 -0700)

committer Ben Darnell <ben@bendarnell.com>

Sun, 14 Aug 2011 19:05:17 +0000 (12:05 -0700)
author Ben Darnell <ben@bendarnell.com>
Sun, 14 Aug 2011 19:03:07 +0000 (12:03 -0700)
committer Ben Darnell <ben@bendarnell.com>
Sun, 14 Aug 2011 19:05:17 +0000 (12:05 -0700)
diff --git a/tornado/auth.py b/tornado/auth.py

index cafe015f272db4de2a8a8702ba1dd1c2e9e323dc..720d5f32a73ae049cb6db08c1a782e2fc7657fda 100644 (file)
--- a/tornado/auth.py
+++ b/tornado/auth.py
@@ -107,7 +107,7 @@ class OpenIdMixin(object):
              "openid.identity":
                  "http://specs.openid.net/auth/2.0/identifier_select",
              "openid.return_to": url,
-            "openid.realm": self.request.protocol + "://" + self.request.host + "/",
+            "openid.realm": urlparse.urljoin(url, '/'),
              "openid.mode": "checkid_setup",
          }
          if ax_attrs:
diff --git a/website/sphinx/releases/next.rst b/website/sphinx/releases/next.rst

index 379950af8f90b3eb877af247fb29565cda933461..5df4f3bab0f3c79c81ef950834e5d155e2ae7986 100644 (file)
--- a/website/sphinx/releases/next.rst
+++ b/website/sphinx/releases/next.rst
@@ -101,3 +101,5 @@ Bug fixes
    instead of creeping later due to accumulated errors.
  * The template ``{% module %}`` directive now works even if applications
    use a template variable named ``modules``.
+* `~tornado.auth.OpenIDMixin` now uses the correct realm when the
+  callback URI is on a different domain.
author	Ben Darnell <ben@bendarnell.com>
	Sun, 14 Aug 2011 19:03:07 +0000 (12:03 -0700)
committer	Ben Darnell <ben@bendarnell.com>
	Sun, 14 Aug 2011 19:05:17 +0000 (12:05 -0700)
tornado/auth.py		patch \| blob \| blame \| history
website/sphinx/releases/next.rst		patch \| blob \| blame \| history