From 2f980479a5ce91c963f44c34e3546afcb909f5b6 Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Mon, 2 Jul 2018 14:26:09 +0200
Subject: [PATCH 01/10] Add tools, first interface, no functionality yet

---
 config.py                         |  1 +
 ivatar/tools/forms.py             | 64 +++++++++++++++++++++++++++++++
 ivatar/tools/templates/check.html | 21 ++++++++++
 ivatar/tools/urls.py              | 11 ++++++
 ivatar/tools/views.py             | 29 ++++++++++++++
 ivatar/urls.py                    |  1 +
 6 files changed, 127 insertions(+)
 create mode 100644 ivatar/tools/forms.py
 create mode 100644 ivatar/tools/templates/check.html
 create mode 100644 ivatar/tools/urls.py
 create mode 100644 ivatar/tools/views.py

diff --git a/config.py b/config.py
index 45ac71b..e24b1f7 100644
--- a/config.py
+++ b/config.py
@@ -25,6 +25,7 @@ INSTALLED_APPS.extend([
     'anymail',
     'ivatar',
     'ivatar.ivataraccount',
+    'ivatar.tools',
 ])
 
 from ivatar.settings import MIDDLEWARE  # noqa
diff --git a/ivatar/tools/forms.py b/ivatar/tools/forms.py
new file mode 100644
index 0000000..f09ed12
--- /dev/null
+++ b/ivatar/tools/forms.py
@@ -0,0 +1,64 @@
+'''
+Classes for our ivatar.tools.forms
+'''
+from django import forms
+from django.utils.translation import ugettext_lazy as _
+from django.core.exceptions import ValidationError
+
+
+class CheckDomainForm(forms.Form):
+    '''
+    Form handling domain check
+    '''
+    can_distribute = forms.TextInput(
+        attrs={
+            'label': _('Domain'),
+            'required': True,
+            'error_messages': {
+                'required':
+                _('Cannot check without a domain name.')
+            }
+        }
+    )
+
+
+class CheckForm(forms.Form):
+    '''
+    Form handling check
+    '''
+    mail = forms.EmailField(
+        label=_('E-Mail'),
+        required=False,
+        error_messages={
+            'required':
+            _('Cannot check without a domain name.')
+        })
+
+    openid = forms.CharField(
+        label=_('OpenID'),
+        required=False,
+        error_messages={
+            'required':
+            _('Cannot check without an openid name.')
+        })
+
+    size = forms.IntegerField(
+        label=_('Size'),
+        initial=80,
+        min_value=10,
+        max_value=160,
+        required=True,
+    )
+
+    default_url = forms.URLField(
+        label=_('Default URL'),
+        required=False,
+    )
+
+    def clean(self):
+        self.cleaned_data = super().clean()
+        mail = self.cleaned_data.get('mail')
+        openid = self.cleaned_data.get('openid')
+        if not mail and not openid:
+            raise ValidationError(_('Either OpenID or mail must be specified'))
+        return self.cleaned_data
diff --git a/ivatar/tools/templates/check.html b/ivatar/tools/templates/check.html
new file mode 100644
index 0000000..5541b96
--- /dev/null
+++ b/ivatar/tools/templates/check.html
@@ -0,0 +1,21 @@
+{% extends 'base.html' %}
+{% load i18n %}
+{% load bootstrap4 %}
+
+{% block title %}{% trans 'Check e-mail or openid' %}{% endblock title %}
+
+{% block content %}
+
+<h1>{% trans 'Check e-mail or openid' %}</h1>
+
+<div style="width:600px;">
+<form method="post" name="check">{% csrf_token %}
+  {% bootstrap_form form %}
+  {% buttons %}
+      <button type="submit" class="btn btn-primary">{% trans 'Check' %}</button>
+      <button type="cancel" class="btn btn-danger">{% trans 'Cancel' %}</button>
+  {% endbuttons %}
+</form>
+</div>
+
+{% endblock content %}
diff --git a/ivatar/tools/urls.py b/ivatar/tools/urls.py
new file mode 100644
index 0000000..9605ed4
--- /dev/null
+++ b/ivatar/tools/urls.py
@@ -0,0 +1,11 @@
+'''
+ivatar/tools URL configuration
+'''
+
+from django.conf.urls import url
+from . views import CheckView, CheckDomainView
+
+urlpatterns = [  # pylint: disable=invalid-name
+    url('check/', CheckView.as_view(), name='tools_check'),
+    url('check_domain/', CheckDomainView.as_view(), name='tools_check_domain'),
+]
diff --git a/ivatar/tools/views.py b/ivatar/tools/views.py
new file mode 100644
index 0000000..235fc0d
--- /dev/null
+++ b/ivatar/tools/views.py
@@ -0,0 +1,29 @@
+'''
+View classes for ivatar/tools/
+'''
+from django.views.generic.edit import FormView
+from django.urls import reverse_lazy as reverse
+from django.shortcuts import render
+
+from .forms import CheckDomainForm, CheckForm
+
+
+class CheckDomainView(FormView):
+    '''
+    View class for checking a domain
+    '''
+    template_name = 'check_domain.html'
+    form_class = CheckDomainForm
+
+
+class CheckView(FormView):
+    '''
+    View class for checking an e-mail or openid address
+    '''
+    template_name = 'check.html'
+    form_class = CheckForm
+    success_url = reverse('tools_check')
+
+    def form_valid(self, form):
+        super().form_valid(form)
+        return render(self.request, self.template_name, {'form': form})
diff --git a/ivatar/urls.py b/ivatar/urls.py
index e4be7b4..ed6deb8 100644
--- a/ivatar/urls.py
+++ b/ivatar/urls.py
@@ -13,6 +13,7 @@ urlpatterns = [  # pylint: disable=invalid-name
     path('admin/', admin.site.urls),
     url('openid/', include('django_openid_auth.urls')),
     url('accounts/', include('ivatar.ivataraccount.urls')),
+    url('tools/', include('ivatar.tools.urls')),
     url(
         r'avatar/(?P<digest>\w{64})',
         AvatarImageView.as_view(), name='avatar_view'),

From 1a08887892d926b99dfc4bfb49a6c22b92c5e7d9 Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 10:58:03 +0200
Subject: [PATCH 02/10] Add functionality to check OpenID/mail; Size already
 works, default URL not (yet)

---
 config.py                         | 10 ++++++
 ivatar/ivataraccount/forms.py     |  9 +++---
 ivatar/ivataraccount/models.py    |  3 ++
 ivatar/tools/forms.py             | 12 +++++--
 ivatar/tools/templates/check.html | 54 +++++++++++++++++++++++++++++++
 ivatar/tools/views.py             | 53 +++++++++++++++++++++++++++++-
 templates/base.html               |  3 ++
 7 files changed, 136 insertions(+), 8 deletions(-)

diff --git a/config.py b/config.py
index a0ba066..15decaa 100644
--- a/config.py
+++ b/config.py
@@ -55,6 +55,9 @@ OPENID_UPDATE_DETAILS_FROM_SREG = True
 SITE_NAME = 'ivatar'
 IVATAR_VERSION = '0.1'
 
+SECURE_BASE_URL = 'https://avatars.linux-kernel.at/avatar/'
+BASE_URL = 'http://avatars.linux-kernel.at/avatar/'
+
 LOGIN_REDIRECT_URL = reverse_lazy('profile')
 MAX_LENGTH_EMAIL = 254  # http://stackoverflow.com/questions/386294
 SERVER_EMAIL = 'accounts@mg.linux-kernel.at'
@@ -66,6 +69,13 @@ MAX_PIXELS = 7000
 AVATAR_MAX_SIZE = 512
 JPEG_QUALITY = 85
 
+# I'm not 100% sure if single character domains are possible
+# under any tld... so MIN_LENGTH_EMAIL/_URL, might be +1
+MIN_LENGTH_URL = 11  # eg. http://a.io
+MAX_LENGTH_URL = 255  # MySQL can't handle more than that (LP: 1018682)
+MIN_LENGTH_EMAIL = 6  # eg. x@x.xx
+MAX_LENGTH_EMAIL = 254  # http://stackoverflow.com/questions/386294
+
 BOOTSTRAP4 = {
     'include_jquery': False,
     'javascript_in_head': False,
diff --git a/ivatar/ivataraccount/forms.py b/ivatar/ivataraccount/forms.py
index 168d884..60c155c 100644
--- a/ivatar/ivataraccount/forms.py
+++ b/ivatar/ivataraccount/forms.py
@@ -12,7 +12,8 @@ from django.core.mail import send_mail
 from ipware import get_client_ip
 
 from ivatar import settings
-from ivatar.settings import MAX_LENGTH_EMAIL
+from ivatar.settings import MIN_LENGTH_EMAIL, MAX_LENGTH_EMAIL
+from ivatar.settings import MIN_LENGTH_URL, MAX_LENGTH_URL
 from ivatar.ivataraccount.models import MAX_LENGTH_URL
 from . models import UnconfirmedEmail, ConfirmedEmail, Photo
 from . models import UnconfirmedOpenId, ConfirmedOpenId
@@ -26,8 +27,8 @@ class AddEmailForm(forms.Form):
     '''
     email = forms.EmailField(
         label=_('Email'),
+        min_length=MIN_LENGTH_EMAIL,
         max_length=MAX_LENGTH_EMAIL,
-        min_length=6,  # x@x.xx
     )
 
     def clean_email(self):
@@ -136,10 +137,8 @@ class AddOpenIDForm(forms.Form):
     '''
     openid = forms.URLField(
         label=_('OpenID'),
+        min_length=MIN_LENGTH_URL,
         max_length=MAX_LENGTH_URL,
-        # However, not 100% sure if single character domains are possible
-        # under any tld...
-        min_length=11,  # eg. http://a.io
         initial='http://'
     )
 
diff --git a/ivatar/ivataraccount/models.py b/ivatar/ivataraccount/models.py
index 7ff69eb..c282de7 100644
--- a/ivatar/ivataraccount/models.py
+++ b/ivatar/ivataraccount/models.py
@@ -365,6 +365,9 @@ class ConfirmedOpenId(BaseAccountModel):
         lowercase_url = urlunsplit(
             (url.scheme.lower(), netloc, url.path, url.query, url.fragment)
         )
+        if lowercase_url[-1] != '/':
+            lowercase_url += '/'
+        self.openid = lowercase_url
         self.digest = hashlib.sha256(lowercase_url.encode('utf-8')).hexdigest()
         return super().save(force_insert, force_update, using, update_fields)
 
diff --git a/ivatar/tools/forms.py b/ivatar/tools/forms.py
index f09ed12..736bb1c 100644
--- a/ivatar/tools/forms.py
+++ b/ivatar/tools/forms.py
@@ -5,6 +5,10 @@ from django import forms
 from django.utils.translation import ugettext_lazy as _
 from django.core.exceptions import ValidationError
 
+from ivatar.settings import AVATAR_MAX_SIZE
+from ivatar.settings import MIN_LENGTH_URL, MAX_LENGTH_URL
+from ivatar.settings import MIN_LENGTH_EMAIL, MAX_LENGTH_EMAIL
+
 
 class CheckDomainForm(forms.Form):
     '''
@@ -29,6 +33,8 @@ class CheckForm(forms.Form):
     mail = forms.EmailField(
         label=_('E-Mail'),
         required=False,
+        min_length=MIN_LENGTH_EMAIL,
+        max_length=MAX_LENGTH_EMAIL,
         error_messages={
             'required':
             _('Cannot check without a domain name.')
@@ -37,6 +43,8 @@ class CheckForm(forms.Form):
     openid = forms.CharField(
         label=_('OpenID'),
         required=False,
+        min_length=MIN_LENGTH_URL,
+        max_length=MAX_LENGTH_URL,
         error_messages={
             'required':
             _('Cannot check without an openid name.')
@@ -45,8 +53,8 @@ class CheckForm(forms.Form):
     size = forms.IntegerField(
         label=_('Size'),
         initial=80,
-        min_value=10,
-        max_value=160,
+        min_value=5,
+        max_value=AVATAR_MAX_SIZE,
         required=True,
     )
 
diff --git a/ivatar/tools/templates/check.html b/ivatar/tools/templates/check.html
index 5541b96..97faab8 100644
--- a/ivatar/tools/templates/check.html
+++ b/ivatar/tools/templates/check.html
@@ -1,6 +1,7 @@
 {% extends 'base.html' %}
 {% load i18n %}
 {% load bootstrap4 %}
+{% load static %}
 
 {% block title %}{% trans 'Check e-mail or openid' %}{% endblock title %}
 
@@ -18,4 +19,57 @@
 </form>
 </div>
 
+{% if mailurl or openidurl %}
+    <p>
+      This is what the avatars will look like depending on the hash and protocol you use:<br/>
+
+      {% if mail_hash %}
+        MD5 hash (mail): {{ mail_hash }}<br/>
+        SHA256 hash (mail): {{ mail_hash256 }}<br/>
+      {% endif %}
+
+      {% if openid_hash %}
+        SHA256 hash (OpenID): {{ openid_hash }}<br/>
+      {% endif %}
+    </p>
+
+    <ul class="horizontal-list avatar-list centered">
+      {% if mailurl %}
+        <li>
+          <img src="{{ mailurl }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+          <br/>
+          MD5
+        </li>
+        <li>
+          <img src="{{ mailurl_secure }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+          <br/>
+          MD5 <img src="{% static 'img/https_lock.png' %}">
+        </li>
+      {% endif %}
+
+      {% if openidurl %}
+        <li>
+          <img src="{{ openidurl }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+          <br/>
+          SHA256
+        </li>
+        <li>
+          <img src="{{ openidurl_secure }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+          <br/>
+          SHA256 <img src="{% static 'img/https_lock.png' %}">
+        </li>
+      {% endif %}
+    </ul>
+{% endif %}
+
+{# Bad hack in order to have the images for sure inside our "outer" div box #}
+<!-- Bad hack -->
+{% if mailurl %}
+<div style="height: {{ size }}px;">&nbsp;</div>
+{% endif %}
+{% if openidurl %}
+<div style="height: {{ size }}px;">&nbsp;</div>
+{% endif %}
+<!-- End of bad hack -->
+
 {% endblock content %}
diff --git a/ivatar/tools/views.py b/ivatar/tools/views.py
index 235fc0d..6debeb9 100644
--- a/ivatar/tools/views.py
+++ b/ivatar/tools/views.py
@@ -5,7 +5,13 @@ from django.views.generic.edit import FormView
 from django.urls import reverse_lazy as reverse
 from django.shortcuts import render
 
+from libravatar import libravatar_url, parse_user_identity
+from libravatar import SECURE_BASE_URL as LIBRAVATAR_SECURE_BASE_URL
+from libravatar import BASE_URL as LIBRAVATAR_BASE_URL
+import hashlib
+
 from .forms import CheckDomainForm, CheckForm
+from ivatar.settings import SECURE_BASE_URL, BASE_URL
 
 
 class CheckDomainView(FormView):
@@ -25,5 +31,50 @@ class CheckView(FormView):
     success_url = reverse('tools_check')
 
     def form_valid(self, form):
+        mailurl = None
+        openidurl = None
+        mailurl_secure = None
+        openidurl_secure = None
+        mail_hash = None
+        mail_hash256 = None
+        openid_hash = None
+        size = 80
+
         super().form_valid(form)
-        return render(self.request, self.template_name, {'form': form})
+
+        if form.cleaned_data['default_url']:
+            default_url = form.cleaned_data['default_url']
+        else:
+            default_url = None
+
+        if form.cleaned_data['mail']:
+            mailurl = libravatar_url(email=form.cleaned_data['mail'], size=form.cleaned_data['size'], default=default_url)
+            mailurl = mailurl.replace(LIBRAVATAR_BASE_URL, BASE_URL)
+            mailurl_secure = libravatar_url(email=form.cleaned_data['mail'], size=form.cleaned_data['size'], https=True, default=default_url)
+            mailurl_secure = mailurl_secure.replace(LIBRAVATAR_SECURE_BASE_URL, SECURE_BASE_URL)
+            mail_hash = parse_user_identity(email=form.cleaned_data['mail'], openid=None)[0]
+            hash_obj = hashlib.new('sha256')
+            hash_obj.update(form.cleaned_data['mail'].encode('utf-8'))
+            mail_hash256 = hash_obj.hexdigest()
+            size = form.cleaned_data['size']
+        if form.cleaned_data['openid']:
+            if form.cleaned_data['openid'][-1] != '/':
+                form.cleaned_data['openid'] += '/'
+            openidurl = libravatar_url(openid=form.cleaned_data['openid'], size=form.cleaned_data['size'], default=default_url)
+            openidurl = openidurl.replace(LIBRAVATAR_BASE_URL, BASE_URL)
+            openidurl_secure = libravatar_url(openid=form.cleaned_data['openid'], size=form.cleaned_data['size'], https=True, default=default_url)
+            openidurl_secure = openidurl_secure.replace(LIBRAVATAR_SECURE_BASE_URL, SECURE_BASE_URL)
+            openid_hash = parse_user_identity(openid=form.cleaned_data['openid'], email=None)[0]
+            size = form.cleaned_data['size']
+
+        return render(self.request, self.template_name, {
+            'form': form,
+            'mailurl': mailurl,
+            'openidurl': openidurl,
+            'mailurl_secure': mailurl_secure,
+            'openidurl_secure': openidurl_secure,
+            'mail_hash': mail_hash,
+            'mail_hash256': mail_hash256,
+            'openid_hash': openid_hash,
+            'size': size,
+        })
diff --git a/templates/base.html b/templates/base.html
index f0d7b88..3894a04 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -19,13 +19,16 @@
   </div>
 
   {% autoescape off %}{% bootstrap_messages %}{% endautoescape %}
+  {# TODO: Fix URLs!!! #}
   <div id="account">
     {% if user.is_authenticated %}
     <a href="{% url 'profile' %}">{% trans 'Profile' %}</a>&nbsp;|&nbsp;
+    <a href="{% url 'tools_check' %}">{% trans 'Check' %}</a>&nbsp;|&nbsp;
     <a href="{{ contact_us }}">{% trans 'Contact Us' %}</a>&nbsp;|&nbsp;
     <a href="{{ security_url }}">{% trans 'Security' %}</a>&nbsp;|&nbsp;
     <a href="{% url 'logout' %}" id="logout-link">{% trans 'Logout' %}</a>
     {% else %}
+    <a href="{% url 'tools_check' %}">{% trans 'Check' %}</a>&nbsp;|&nbsp;
     <a href="{{ contact_us }}">{% trans 'Contact Us' %}</a>&nbsp;|&nbsp;
     <a href="{{ security_url }}">{% trans 'Security' %}</a>&nbsp;|&nbsp;
     <a href="{% url 'login' %}">{% trans 'Login' %}</a>

From 3d7af73a5a06c8a0fc414eea54091995ebb6918d Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 11:51:18 +0200
Subject: [PATCH 03/10] We need to add the trailing slash now

---
 ivatar/ivataraccount/test_views.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ivatar/ivataraccount/test_views.py b/ivatar/ivataraccount/test_views.py
index 5f1d133..7c99489 100644
--- a/ivatar/ivataraccount/test_views.py
+++ b/ivatar/ivataraccount/test_views.py
@@ -38,7 +38,7 @@ class Tester(TestCase):  # pylint: disable=too-many-public-methods
     password = random_string()
     email = '%s@%s.%s' % (username, random_string(), random_string(2))
     # Dunno why random tld doens't work, but I'm too lazy now to investigate
-    openid = 'http://%s.%s.%s' % (username, random_string(), 'org')
+    openid = 'http://%s.%s.%s/' % (username, random_string(), 'org')
 
     def login(self):
         '''
@@ -822,7 +822,6 @@ class Tester(TestCase):  # pylint: disable=too-many-public-methods
             },
         )
         self.assertEqual(response.status_code, 302, 'OpenID must redirect')
-
         response = self.client.post(
             reverse('add_openid'), {
                 'openid': self.openid,

From a6cadbf1b05aa5ce9fc049dd4f4c0bab1949ebe1 Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:03:51 +0200
Subject: [PATCH 04/10] Add baseurl and secure base url, in order to use it in
 the template(s).

---
 ivatar/context_processors.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ivatar/context_processors.py b/ivatar/context_processors.py
index 823188d..ab4df64 100644
--- a/ivatar/context_processors.py
+++ b/ivatar/context_processors.py
@@ -4,6 +4,7 @@ Default: useful variables for the base page templates.
 
 from ipware import get_client_ip
 from ivatar.settings import IVATAR_VERSION, SITE_NAME, MAX_PHOTO_SIZE
+from ivatar.settings import BASE_URL, SECURE_BASE_URL
 
 def basepage(request):
     '''
@@ -20,4 +21,6 @@ def basepage(request):
     context['site_name'] = SITE_NAME
     context['site_url'] = request.build_absolute_uri('/')[:-1]
     context['max_file_size'] = MAX_PHOTO_SIZE
+    context['BASE_URL'] = BASE_URL
+    context['SECURE_BASE_URL'] = SECURE_BASE_URL
     return context

From e44413a43a62c29a3bd98d2e9e7a7b1d0850efcb Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:05:47 +0200
Subject: [PATCH 05/10] Make pylint happier

---
 config.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config.py b/config.py
index 15decaa..efa2350 100644
--- a/config.py
+++ b/config.py
@@ -96,7 +96,7 @@ BOOTSTRAP4 = {
     },
 }
 
-if not 'test' in sys.argv and not 'collectstatic' in sys.argv:
+if 'test' not in sys.argv and 'collectstatic' not in sys.argv:
     ANYMAIL = {  # pragma: no cover
         'MAILGUN_API_KEY': os.environ['IVATAR_MAILGUN_API_KEY'],
         'MAILGUN_SENDER_DOMAIN': os.environ['IVATAR_MAILGUN_SENDER_DOMAIN'],
@@ -108,7 +108,7 @@ try:
     from ivatar.settings import DATABASES
 except Exception:  # pragma: no cover
     DATABASES = []  # pragma: no cover
-if not 'default' in DATABASES:
+if 'default' not in DATABASES:
     DATABASES['default'] = {  # pragma: no cover
         'ENGINE': 'django.db.backends.sqlite3',
         'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),

From 1c6542eb34c738ef6aa8e345b89aaee38e171dcc Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:06:40 +0200
Subject: [PATCH 06/10] Style fas/fab (Fonts Awesome)

---
 ivatar/static/css/ivatar.css | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ivatar/static/css/ivatar.css b/ivatar/static/css/ivatar.css
index b4b66b4..aef5b23 100644
--- a/ivatar/static/css/ivatar.css
+++ b/ivatar/static/css/ivatar.css
@@ -185,3 +185,7 @@ ul li {
 .clear-both {
   clear: both;
 }
+
+.fas, .fab {
+  color: #dbc40d;
+}

From 18201ed86c852c8c11084f85867a842edbebbaf1 Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:07:06 +0200
Subject: [PATCH 07/10] Include Font Awesome

---
 templates/header.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/header.html b/templates/header.html
index 0584c1b..ce8f1bb 100644
--- a/templates/header.html
+++ b/templates/header.html
@@ -19,6 +19,7 @@
 <link rel="icon" type="image/png" href="{% static '/img/nobody/195.png' %}" sizes="195x195">
 <link rel="mask-icon" href="{% static '/img/safari-pinned-tab.svg' %}" color="#fa711f">
 <link rel="stylesheet" href="{% static '/css/ivatar.css' %}" type="text/css">
+<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.1.0/css/all.css" integrity="sha384-lKuwvrZot6UHsBSfcMvOkWwlCMgc0TaWr+30HWe3a4ltaBwTZhyTEggF5tJv8tbt" crossorigin="anonymous">
 <link rel="manifest" href="/manifest.json">
 <meta name="msapplication-TileImage" content="{% static '/img/nobody/144.png' %}">
 <meta name="msapplication-TileColor" content="#fa711f">

From ca09662d4721c90f7fa9da00735fd7abb232aeca Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:07:34 +0200
Subject: [PATCH 08/10] Style the images nicer with Font Awesome and titles for
 these.

---
 ivatar/tools/templates/check.html | 85 ++++++++++++++++++++++++++-----
 1 file changed, 72 insertions(+), 13 deletions(-)

diff --git a/ivatar/tools/templates/check.html b/ivatar/tools/templates/check.html
index 97faab8..0569d8b 100644
--- a/ivatar/tools/templates/check.html
+++ b/ivatar/tools/templates/check.html
@@ -33,30 +33,89 @@
       {% endif %}
     </p>
 
-    <ul class="horizontal-list avatar-list centered">
+    <ul class="horizontal-list avatar-list centered" style="font-size:smaller;">
       {% if mailurl %}
         <li>
-          <img src="{{ mailurl }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
-          <br/>
-          MD5
+          <div style="float:left;">
+            <a href="{{ mailurl }}">
+              <img src="{{ mailurl }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+            </a>
+            <div style="float:inline-end; font-size:{% widthratio size 3 1 %}px;">
+              <i class="fas fa-unlock" title="None-SSL connection (http)"></i>
+              <br/>
+              <i class="fas fa-at" title="mail: {{ form.mail.value }}"></i>
+            </div>
+          </div>
+          <br/>MD5
         </li>
         <li>
-          <img src="{{ mailurl_secure }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
-          <br/>
-          MD5 <img src="{% static 'img/https_lock.png' %}">
+          <div style="float:left;">
+            <a href="{{ mailurl_secure }}">
+              <img src="{{ mailurl_secure }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+            </a>
+            <div style="float:inline-end; font-size:{% widthratio size 3 1 %}px;">
+              <i class="fas fa-lock" title="Secure connection (https)"></i>
+              <br/>
+              <i class="fas fa-at" title="mail: {{ form.mail.value }}"></i>
+            </div>
+          </div>
+          <br/>MD5
+        </li>
+
+        <li>
+          <div style="float:left;">
+            <a href="{{ BASE_URL }}{{ mail_hash256 }}?s={{ size }}">
+              <img src="{{ BASE_URL }}{{ mail_hash256 }}?s={{ size }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+            </a>
+            <div style="float:inline-end; font-size:{% widthratio size 3 1 %}px;">
+              <i class="fas fa-unlock" title="None-SSL connection (http)"></i>
+              <br/>
+              <i class="fas fa-at" title="mail: {{ form.mail.value }}"></i>
+            </div>
+          </div>
+          <br/>SHA256
+        </li>
+        <li>
+          <div style="float:left;">
+            <a href="{{ SECURE_BASE_URL }}{{ mail_hash256 }}?s={{ size }}">
+              <img src="{{ SECURE_BASE_URL }}{{ mail_hash256 }}?s={{ size }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+            </a>
+            <div style="float:inline-end; font-size:{% widthratio size 3 1 %}px;">
+              <i class="fas fa-lock" title="Secure connection (https)"></i>
+              <br/>
+              <i class="fas fa-at" title="mail: {{ form.mail.value }}"></i>
+            </div>
+          </div>
+          <br/>SHA256
         </li>
       {% endif %}
 
       {% if openidurl %}
         <li>
-          <img src="{{ openidurl }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
-          <br/>
-          SHA256
+          <div style="float:left;">
+            <a href="{{ openidurl }}">
+              <img src="{{ openidurl }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+            </a>
+            <div style="float:inline-end; font-size:{% widthratio size 3 1 %}px">
+              <i class="fas fa-unlock" title="None-SSL connection (http)"></i>
+              <br/>
+              <i class="fab fa-openid" title="openid: {{ form.openid.value }}"></i>
+            </div>
+          </div>
+          <br/>SHA256
         </li>
         <li>
-          <img src="{{ openidurl_secure }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
-          <br/>
-          SHA256 <img src="{% static 'img/https_lock.png' %}">
+          <div style="float:left;">
+            <a href="{{ openidurl_secure }}">
+              <img src="{{ openidurl_secure }}" style="max-width: {{ size }}px; max-height: {{ size }}px;">
+            </a>
+            <div style="float:inline-end; font-size:{% widthratio size 3 1 %}px">
+              <i class="fas fa-lock" title="Secure connection (http)"></i>
+              <br/>
+              <i class="fab fa-openid" title="openid: {{ form.openid.value }}"></i>
+            </div>
+          </div>
+          <br/>SHA256
         </li>
       {% endif %}
     </ul>

From c95953861988a001b72552114167a8d1c9bb6467 Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:15:34 +0200
Subject: [PATCH 09/10] Only a happy lint, is a good lint.

---
 ivatar/ivataraccount/forms.py  | 13 ++++++++----
 ivatar/ivataraccount/models.py |  4 +---
 ivatar/ivataraccount/views.py  | 15 +++++++-------
 ivatar/tools/views.py          | 38 +++++++++++++++++++++++++++-------
 ivatar/views.py                |  3 ++-
 5 files changed, 50 insertions(+), 23 deletions(-)

diff --git a/ivatar/ivataraccount/forms.py b/ivatar/ivataraccount/forms.py
index 60c155c..bb3a625 100644
--- a/ivatar/ivataraccount/forms.py
+++ b/ivatar/ivataraccount/forms.py
@@ -14,7 +14,6 @@ from ipware import get_client_ip
 from ivatar import settings
 from ivatar.settings import MIN_LENGTH_EMAIL, MAX_LENGTH_EMAIL
 from ivatar.settings import MIN_LENGTH_URL, MAX_LENGTH_URL
-from ivatar.ivataraccount.models import MAX_LENGTH_URL
 from . models import UnconfirmedEmail, ConfirmedEmail, Photo
 from . models import UnconfirmedOpenId, ConfirmedOpenId
 
@@ -59,13 +58,17 @@ class AddEmailForm(forms.Form):
         # sent by this user already
         if UnconfirmedEmail.objects.filter(  # pylint: disable=no-member
                 user=user, email=self.cleaned_data['email']).exists():
-            self.add_error('email', _('Address already added, currently unconfirmed'))
+            self.add_error(
+              'email',
+              _('Address already added, currently unconfirmed'))
             return False
 
         # Check whether or not the email is already confirmed by someone
         if ConfirmedEmail.objects.filter(
                 email=self.cleaned_data['email']).exists():
-            self.add_error('email', _('Address already confirmed (by someone else)'))
+            self.add_error(
+              'email',
+              _('Address already confirmed (by someone else)'))
             return False
 
         unconfirmed = UnconfirmedEmail()
@@ -166,7 +169,9 @@ class AddOpenIDForm(forms.Form):
 
         if UnconfirmedOpenId.objects.filter(  # pylint: disable=no-member
                 openid=self.cleaned_data['openid']).exists():
-            self.add_error('openid', _('OpenID already added, but not confirmed yet!'))
+            self.add_error(
+              'openid',
+              _('OpenID already added, but not confirmed yet!'))
             return False
 
         unconfirmed = UnconfirmedOpenId()
diff --git a/ivatar/ivataraccount/models.py b/ivatar/ivataraccount/models.py
index c282de7..bdbedf0 100644
--- a/ivatar/ivataraccount/models.py
+++ b/ivatar/ivataraccount/models.py
@@ -26,12 +26,10 @@ from openid.store.interface import OpenIDStore
 
 from ivatar.settings import MAX_LENGTH_EMAIL, logger
 from ivatar.settings import MAX_PIXELS, AVATAR_MAX_SIZE, JPEG_QUALITY
+from ivatar.settings import MIN_LENGTH_URL
 from .gravatar import get_photo as get_gravatar_photo
 
 
-MAX_LENGTH_URL = 255  # MySQL can't handle more than that (LP 1018682)
-
-
 def file_format(image_type):
     '''
     Helper method returning a 3 character long image type
diff --git a/ivatar/ivataraccount/views.py b/ivatar/ivataraccount/views.py
index d3147af..96a48ca 100644
--- a/ivatar/ivataraccount/views.py
+++ b/ivatar/ivataraccount/views.py
@@ -93,7 +93,7 @@ class AddEmailView(SuccessMessageMixin, FormView):
 
     def form_valid(self, form):
         if not form.save(self.request):
-            return render(self.request, self.template_name, { 'form': form })
+            return render(self.request, self.template_name, {'form': form})
         else:
             messages.success(self.request, _('Address added successfully'))
         return super().form_valid(form)
@@ -372,7 +372,7 @@ class AddOpenIDView(SuccessMessageMixin, FormView):
     def form_valid(self, form):
         openid_id = form.save(self.request.user)
         if not openid_id:
-            return render(self.request, self.template_name, { 'form': form })
+            return render(self.request, self.template_name, {'form': form})
         else:
             messages.success(self.request, _('ID added successfully'))
             return HttpResponseRedirect(
@@ -548,13 +548,14 @@ class CropPhotoView(TemplateView):
         if 'email' in request.POST:
             try:
                 email = ConfirmedEmail.objects.get(email=request.POST['email'])
-            except:
-                pass # Ignore automatic assignment
+            except Exception:
+                pass  # Ignore automatic assignment
 
         if 'openid' in request.POST:
             try:
-                openid = ConfirmedOpenId.objects.get(openid=request.POST['openid'])
-            except:
-                pass # Ignore automatic assignment
+                openid = ConfirmedOpenId.objects.get(
+                  openid=request.POST['openid'])
+            except Exception:
+                pass  # Ignore automatic assignment
 
         return photo.perform_crop(request, dimensions, email, openid)
diff --git a/ivatar/tools/views.py b/ivatar/tools/views.py
index 6debeb9..c4ac253 100644
--- a/ivatar/tools/views.py
+++ b/ivatar/tools/views.py
@@ -48,11 +48,22 @@ class CheckView(FormView):
             default_url = None
 
         if form.cleaned_data['mail']:
-            mailurl = libravatar_url(email=form.cleaned_data['mail'], size=form.cleaned_data['size'], default=default_url)
+            mailurl = libravatar_url(
+              email=form.cleaned_data['mail'],
+              size=form.cleaned_data['size'],
+              default=default_url)
             mailurl = mailurl.replace(LIBRAVATAR_BASE_URL, BASE_URL)
-            mailurl_secure = libravatar_url(email=form.cleaned_data['mail'], size=form.cleaned_data['size'], https=True, default=default_url)
-            mailurl_secure = mailurl_secure.replace(LIBRAVATAR_SECURE_BASE_URL, SECURE_BASE_URL)
-            mail_hash = parse_user_identity(email=form.cleaned_data['mail'], openid=None)[0]
+            mailurl_secure = libravatar_url(
+              email=form.cleaned_data['mail'],
+              size=form.cleaned_data['size'],
+              https=True,
+              default=default_url)
+            mailurl_secure = mailurl_secure.replace(
+              LIBRAVATAR_SECURE_BASE_URL,
+              SECURE_BASE_URL)
+            mail_hash = parse_user_identity(
+              email=form.cleaned_data['mail'],
+              openid=None)[0]
             hash_obj = hashlib.new('sha256')
             hash_obj.update(form.cleaned_data['mail'].encode('utf-8'))
             mail_hash256 = hash_obj.hexdigest()
@@ -60,11 +71,22 @@ class CheckView(FormView):
         if form.cleaned_data['openid']:
             if form.cleaned_data['openid'][-1] != '/':
                 form.cleaned_data['openid'] += '/'
-            openidurl = libravatar_url(openid=form.cleaned_data['openid'], size=form.cleaned_data['size'], default=default_url)
+            openidurl = libravatar_url(
+              openid=form.cleaned_data['openid'],
+              size=form.cleaned_data['size'],
+              default=default_url)
             openidurl = openidurl.replace(LIBRAVATAR_BASE_URL, BASE_URL)
-            openidurl_secure = libravatar_url(openid=form.cleaned_data['openid'], size=form.cleaned_data['size'], https=True, default=default_url)
-            openidurl_secure = openidurl_secure.replace(LIBRAVATAR_SECURE_BASE_URL, SECURE_BASE_URL)
-            openid_hash = parse_user_identity(openid=form.cleaned_data['openid'], email=None)[0]
+            openidurl_secure = libravatar_url(
+              openid=form.cleaned_data['openid'],
+              size=form.cleaned_data['size'],
+              https=True,
+              default=default_url)
+            openidurl_secure = openidurl_secure.replace(
+              LIBRAVATAR_SECURE_BASE_URL,
+              SECURE_BASE_URL)
+            openid_hash = parse_user_identity(
+              openid=form.cleaned_data['openid'],
+              email=None)[0]
             size = form.cleaned_data['size']
 
         return render(self.request, self.template_name, {
diff --git a/ivatar/views.py b/ivatar/views.py
index dea22d4..1de9883 100644
--- a/ivatar/views.py
+++ b/ivatar/views.py
@@ -22,7 +22,8 @@ class AvatarImageView(TemplateView):
             # Fetch by digest from mail
             pass
         elif len(kwargs['digest']) == 64:
-            if ConfirmedOpenId.objects.filter(digest=kwargs['digest']).count():  # pylint: disable=no-member
+            if ConfirmedOpenId.objects.filter(
+              digest=kwargs['digest']).count():  # pylint: disable=no-member
                 # Fetch by digest from OpenID
                 model = ConfirmedOpenId
         else:  # pragma: no cover

From af9949f9dbe48a1689ddccbc1c6bf722c935e50d Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 3 Jul 2018 13:25:04 +0200
Subject: [PATCH 10/10] Forgot to import MAX_LENGTH_URL, now that it's no
 longer defined here

---
 ivatar/ivataraccount/models.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ivatar/ivataraccount/models.py b/ivatar/ivataraccount/models.py
index bdbedf0..7e3bb15 100644
--- a/ivatar/ivataraccount/models.py
+++ b/ivatar/ivataraccount/models.py
@@ -26,7 +26,7 @@ from openid.store.interface import OpenIDStore
 
 from ivatar.settings import MAX_LENGTH_EMAIL, logger
 from ivatar.settings import MAX_PIXELS, AVATAR_MAX_SIZE, JPEG_QUALITY
-from ivatar.settings import MIN_LENGTH_URL
+from ivatar.settings import MIN_LENGTH_URL, MAX_LENGTH_URL
 from .gravatar import get_photo as get_gravatar_photo