From aaf1dd614acde834d5afa1f6d8651960a758ec45 Mon Sep 17 00:00:00 2001 From: Radu Ioan Fericean Date: Wed, 14 Jan 2015 14:16:42 +0200 Subject: [PATCH] fix issuer comparison the issuer looks like gmail.login.persona.org and the expected value was login.persona.org --- gluon/contrib/login_methods/browserid_account.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gluon/contrib/login_methods/browserid_account.py b/gluon/contrib/login_methods/browserid_account.py index 8214276f..5698f746 100644 --- a/gluon/contrib/login_methods/browserid_account.py +++ b/gluon/contrib/login_methods/browserid_account.py @@ -73,7 +73,7 @@ class BrowserID(object): auth_info_json = fetch(self.verify_url, data=verify_data) j = json.loads(auth_info_json) epoch_time = int(time.time() * 1000) # we need 13 digit epoch time - if j["status"] == "okay" and j["audience"] == audience and j['issuer'] == issuer and j['expires'] >= epoch_time: + if j["status"] == "okay" and j["audience"] == audience and j['issuer'].endswith(issuer) and j['expires'] >= epoch_time: return dict(email=j['email']) elif self.on_login_failure: #print "status: ", j["status"]=="okay", j["status"]