dbalatero-rpx_now 0.4.1

data/README.markdown

@@ -0,0 +1,95 @@
+Problem
+=======
+ - OpenID is complex
+ - OpenID is not universally used
+ - Facebook / Myspace / MS-LiveId / AOL connections require different libraries and knowledge
+ - Multiple heterogenouse providers are hard to map to a single user
+
+Solution
+========
+ - Use [RPX](http://rpxnow.com) for universal and usable user login
+ - Use view/controller helpers for easy integration
+
+Usage
+=====
+ - Get an API key @ [RPX](http://rpxnow.com)
+ - Build login view
+ - Communicate with RPX API in controller to create or login User
+ - for more advanced features have a look at the [RPX API Docs](https://rpxnow.com/docs)
+
+Install
+=======
+ - As Rails plugin: `script/plugin install git://github.com/grosser/rpx_now.git `
+ - As gem: `sudo gem install grosser-rpx_now --source http://gems.github.com/`
+ - As gem from source: `git clone git://github.com/grosser/rpx_now.git`,`cd rpx_now && rake install`
+
+Examples
+========
+
+View
+----
+    #login.erb
+    #here 'mywebsite' is your subdomain/realm on RPX
+    <%=RPXNow.embed_code('mywebsite',rpx_token_sessions_url)%>
+    OR
+    <%=RPXNow.popup_code('Login here...','mywebsite',rpx_token_sessions_url,:language=>'de')%>
+
+    (`popup_code` can also be called with `:unobstrusive=>true`)
+
+Controller
+----------
+    # simple: use defaults
+    # user_data returns e.g. {:name=>'John Doe',:email=>'john@doe.com',:identifier=>'blug.google.com/openid/dsdfsdfs3f3'}
+    # when no user_data was found (invalid token supplied), data is empty, you may want to handle that seperatly...
+    # your user model must have an identifier column
+    def rpx_token
+      data = RPXNow.user_data(params[:token],'YOUR RPX API KEY')
+      self.current_user = User.find_by_identifier(data[:identifier]) || User.create!(data)
+      redirect_to '/'
+    end
+
+    # process the raw response yourself:
+    RPXNow.user_data(params[:token],'YOUR RPX API KEY'){|raw| {:email=>raw['profile']['verifiedEmail']}}
+
+    # request extended parameters (most users and APIs do not supply them)
+    RPXNow.user_data(params[:token],'YOUR RPX API KEY',:extended=>'true'){|raw| ...have a look at the RPX API DOCS...}
+
+    # you can provide the api key once, and leave it out on all following calls
+    RPXNow.api_key = 'YOUR RPX API KEY'
+    RPXNow.user_data(params[:token],:extended=>'true')
+
+Advanced
+--------
+###Versions
+The version of RPXNow api can be set globally:
+    RPXNow.api_version = 2
+Or local on each call:
+    RPXNow.mappings(primary_key, :api_version=>1)
+
+###Mappings
+You can map your primary keys (e.g. user.id) to identifiers, so that  
+users can login to the same account with multiple identifiers.
+    #add a mapping
+    RPXNow.map(identifier,primary_key,'YOUR RPX API KEY')
+
+    #remove a mapping
+    RPXNow.unmap(identifier,primary_key,'YOUR RPX API KEY')
+
+    #show mappings
+    RPXNow.mappings(primary_key,'YOUR RPX API KEY') # [identifier1,identifier2,...]
+
+After a primary key is mapped to an identifier, when a user logs in with this identifier,  
+`RPXNow.user_data` will contain his `primaryKey` as `:id`.
+
+TODO
+====
+ - validate RPXNow.com SSL certificate
+
+Author
+======
+###Contributors
+ - [DBA](http://github.com/DBA)
+
+[Michael Grosser](http://pragmatig.wordpress.com)  
+grosser.michael@gmail.com  
+Hereby placed under public domain, do what you want, just do not hold me accountable...  

data/VERSION.yml

@@ -0,0 +1,4 @@
+--- 
+:patch: 1
+:major: 0
+:minor: 4

data/lib/rpx_now.rb

@@ -0,0 +1,164 @@
+require 'json'
+
+module RPXNow
+  extend self
+
+  attr_writer :api_key
+  attr_accessor :api_version
+  self.api_version = 2
+
+  # retrieve the users data, or return nil when nothing could be read/token was invalid
+  # or data was not found
+  def user_data(token, *args)
+    api_key, version, options = extract_key_version_and_options!(args)
+    options = {:token=>token,:apiKey=>api_key}.merge options
+
+    begin
+      data = secure_json_post("https://rpxnow.com/api/v#{version}/auth_info", options)
+    rescue ServerError
+      return nil if $!.to_s =~ /token/ or $!.to_s=~/Data not found/
+      raise
+    end
+    if block_given? then yield(data) else read_user_data_from_response(data) end
+  end
+
+  # maps an identifier to an primary-key (e.g. user.id)
+  def map(identifier, primary_key, *args)
+    api_key, version, options = extract_key_version_and_options!(args)
+    options = {:identifier=>identifier,:primaryKey=>primary_key,:apiKey=>api_key}.merge options
+    secure_json_post("https://rpxnow.com/api/v#{version}/map", options)
+  end
+
+  # un-maps an identifier to an primary-key (e.g. user.id)
+  def unmap(identifier, primary_key, *args)
+    api_key, version, options = extract_key_version_and_options!(args)
+    options = {:identifier=>identifier,:primaryKey=>primary_key,:apiKey=>api_key}.merge options
+    secure_json_post("https://rpxnow.com/api/v#{version}/unmap", options)
+  end
+
+  # returns an array of identifiers which are mapped to one of your primary-keys (e.g. user.id)
+  def mappings(primary_key, *args)
+    api_key, version, options = extract_key_version_and_options!(args)
+    options = {:primaryKey=>primary_key,:apiKey=>api_key}.merge options
+    data = secure_json_post("https://rpxnow.com/api/v#{version}/mappings", options)
+    data['identifiers']
+  end
+
+  def embed_code(subdomain,url)
+<<EOF
+<iframe src="https://#{subdomain}.rpxnow.com/openid/embed?token_url=#{url}"
+  scrolling="no" frameBorder="no" style="width:400px;height:240px;">
+</iframe>
+EOF
+  end
+
+  def popup_code(text, subdomain, url, options = {})
+    if options[:unobtrusive]
+      unobtrusive_popup_code(text, subdomain, url, options)
+    else
+      obtrusive_popup_code(text, subdomain, url, options)
+    end
+  end
+
+  private
+
+  def unobtrusive_popup_code(text, subdomain, url, options={})
+    version = extract_version! options
+    "<a class=\"rpxnow\" href=\"https://#{subdomain}.rpxnow.com/openid/v#{version}/signin?token_url=#{url}\">#{text}</a>"
+  end
+
+  def obtrusive_popup_code(text, subdomain, url, options = {})
+    version = extract_version! options
+    <<EOF
+<a class="rpxnow" onclick="return false;" href="https://#{subdomain}.rpxnow.com/openid/v#{version}/signin?token_url=#{url}">
+  #{text}
+</a>
+<script src="https://rpxnow.com/openid/v#{version}/widget" type="text/javascript"></script>
+<script type="text/javascript">
+  //<![CDATA[
+  RPXNOW.token_url = "#{url}";
+
+  RPXNOW.realm = "#{subdomain}";
+  RPXNOW.overlay = true;
+  RPXNOW.language_preference = '#{options[:language]||'en'}';
+  //]]>
+</script>
+EOF
+  end
+
+  def extract_key_version_and_options!(args)
+    key, options = extract_key_and_options(args)
+    version = extract_version! options
+    [key, version, options]
+  end
+
+  # [API_KEY,{options}] or
+  # [{options}] or
+  # []
+  def extract_key_and_options(args)
+    if args.length == 2
+      [args[0],args[1]]
+    elsif args.length==1
+      if args[0].is_a? Hash then [@api_key,args[0]] else [args[0],{}] end
+    else
+      raise unless @api_key
+      [@api_key,{}]
+    end
+  end
+
+  def extract_version!(options)
+    options.delete(:api_version) || api_version
+  end
+
+  def read_user_data_from_response(response)
+    user_data = response['profile']
+    data = {}
+    data[:identifier] = user_data['identifier']
+    data[:email] = user_data['verifiedEmail'] || user_data['email']
+    data[:name] = user_data['displayName'] || user_data['preferredUsername'] || data[:email].sub(/@.*/,'')
+    data[:id] = user_data['primaryKey'] unless user_data['primaryKey'].to_s.empty?
+    data
+  end
+
+  def secure_json_post(url,data={})
+    data = JSON.parse(post(url,data))
+    raise ServerError.new(data['err']) if data['err']
+    raise ServerError.new(data.inspect) unless data['stat']=='ok'
+    data
+  end
+
+  def post(url,data)
+    require 'net/http'
+    url = URI.parse(url)
+    http = Net::HTTP.new(url.host, url.port)
+    if url.scheme == 'https'
+      require 'net/https'
+      http.use_ssl = true
+      #TODO do we really want to verify the certificate? http://notetoself.vrensk.com/2008/09/verified-https-in-ruby/
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    end
+    resp, data = http.post(url.path, to_query(data))
+    raise "POST FAILED:"+resp.inspect unless resp.is_a? Net::HTTPOK
+    data
+  end
+
+  def to_query(data = {})
+    return data.to_query if Hash.respond_to? :to_query
+    return "" if data.empty?
+
+    #simpler to_query
+    query_data = []
+    data.each do |k, v|
+      query_data << "#{k}=#{v}"
+    end
+    
+    return query_data.join('&')
+  end
+
+  class ServerError < Exception
+    #to_s returns message(which is a hash...)
+    def to_s
+      super.to_s
+    end
+  end
+end

data/spec/rpx_now_spec.rb

@@ -0,0 +1,206 @@
+require File.expand_path("spec_helper", File.dirname(__FILE__))
+
+API_KEY = '4b339169026742245b754fa338b9b0aebbd0a733'
+API_VERSION = RPXNow.api_version
+
+describe RPXNow do
+  before do
+    RPXNow.api_key = nil
+    RPXNow.api_version = API_VERSION
+  end
+
+  describe :api_key= do
+    it "stores the api key, so i do not have to supply everytime" do
+      RPXNow.api_key='XX'
+      RPXNow.expects(:post).with{|x,data|data[:apiKey]=='XX'}.returns %Q({"stat":"ok"})
+      RPXNow.mappings(1)
+    end
+  end
+  
+  describe :api_version= do
+    it "can be set to a api_version globally" do
+      RPXNow.api_version = 5
+      RPXNow.popup_code('x','y','z').should =~ %r(/openid/v5/signin)
+    end
+  end
+
+  describe :embed_code do
+    it "contains the subdomain" do
+      RPXNow.embed_code('xxx','my_url').should =~ /xxx/
+    end
+    
+    it "contains the url" do
+      RPXNow.embed_code('xxx','my_url').should =~ /token_url=my_url/
+    end
+  end
+
+  describe :popup_code do
+    it "defaults to obtrusive output" do
+      RPXNow.popup_code('sign on', 'subdomain', 'http://fake.domain.com/').should =~ /script src=/
+    end
+    
+    it "can build an unobtrusive widget with specific version" do
+      expected = %Q(<a class="rpxnow" href="https://subdomain.rpxnow.com/openid/v300/signin?token_url=http://fake.domain.com/">sign on</a>)
+      RPXNow.popup_code('sign on', 'subdomain', 'http://fake.domain.com/', { :unobtrusive => true, :api_version => 300 }).should == expected
+    end
+    
+    it "allows to specify the version of the widget" do
+      RPXNow.popup_code('x','y','z', :api_version => 300).should =~ %r(/openid/v300/signin)
+    end
+    
+    it "defaults to widget version 2" do
+      RPXNow.popup_code('x','y','z').should =~ %r(/openid/v2/signin)
+    end
+
+    it "defaults to english" do
+      RPXNow.popup_code('x','y','z').should =~ /RPXNOW.language_preference = 'en'/
+    end
+    
+    it "has a changeable language" do
+      RPXNow.popup_code('x','y','z',:language=>'de').should =~ /RPXNOW.language_preference = 'de'/
+    end
+  end
+
+  describe :user_data do
+    def fake_response
+      %Q({"profile":{"verifiedEmail":"grosser.michael@googlemail.com","displayName":"Michael Grosser","preferredUsername":"grosser.michael","identifier":"https:\/\/www.google.com\/accounts\/o8\/id?id=AItOawmaOlyYezg_WfbgP_qjaUyHjmqZD9qNIVM","email":"grosser.michael@gmail.com"},"stat":"ok"})
+    end
+    
+    it "is empty when used with an invalid token" do
+      RPXNow.user_data('xxxx',API_KEY).should == nil
+    end
+    
+    it "is empty when used with an unknown token" do
+      RPXNow.user_data('60d8c6374f4e9d290a7b55f39da7cc6435aef3d3',API_KEY).should == nil
+    end
+    
+    it "parses JSON response to user data" do
+      RPXNow.expects(:post).returns fake_response
+      RPXNow.user_data('','x').should == {:name=>'Michael Grosser',:email=>'grosser.michael@googlemail.com',:identifier=>"https://www.google.com/accounts/o8/id?id=AItOawmaOlyYezg_WfbgP_qjaUyHjmqZD9qNIVM"}
+    end
+    
+    it "adds a :id when primaryKey was returned" do
+      RPXNow.expects(:post).returns fake_response.sub(%Q("verifiedEmail"), %Q("primaryKey":"2","verifiedEmail"))
+      RPXNow.user_data('','x')[:id].should == '2'
+    end
+
+    it "handles primaryKeys that are not numeric" do
+      RPXNow.expects(:post).returns fake_response.sub(%Q("verifiedEmail"), %Q("primaryKey":"dbalatero","verifiedEmail"))
+      RPXNow.user_data('','x')[:id].should == 'dbalatero'
+    end
+    
+    it "hands JSON response to supplied block" do
+      RPXNow.expects(:post).returns %Q({"x":"1","stat":"ok"})
+      response = nil
+      RPXNow.user_data('','x'){|data| response = data}
+      response.should == {"x" => "1", "stat" => "ok"}
+    end
+    
+    it "returns what the supplied block returned" do
+      RPXNow.expects(:post).returns %Q({"x":"1","stat":"ok"})
+      RPXNow.user_data('','x'){|data| "x"}.should == 'x'
+    end
+    
+    it "can send additional parameters" do
+      RPXNow.expects(:post).with{|url,data|
+        data[:extended].should == 'true'
+      }.returns fake_response
+      RPXNow.user_data('','x',:extended=>'true')
+    end
+  end
+
+  describe :read_user_data_from_response do
+    it "reads secondary names" do
+      RPXNow.send(:read_user_data_from_response,{'profile'=>{'preferredUsername'=>'1'}})[:name].should == '1'
+    end
+    
+    it "parses email when no name is found" do
+      RPXNow.send(:read_user_data_from_response,{'profile'=>{'email'=>'1@xxx.com'}})[:name].should == '1'
+    end
+  end
+
+  describe :secure_json_post do
+    it "parses json when status is ok" do
+      RPXNow.expects(:post).returns %Q({"stat":"ok","data":"xx"})
+      RPXNow.send(:secure_json_post, %Q("yy"))['data'].should == "xx"
+    end
+    
+    it "raises when there is a communication error" do
+      RPXNow.expects(:post).returns %Q({"err":"wtf","stat":"ok"})
+      lambda{RPXNow.send(:secure_json_post,'xx')}.should raise_error RPXNow::ServerError
+    end
+    
+    it "raises when status is not ok" do
+      RPXNow.expects(:post).returns %Q({"stat":"err"})
+      lambda{RPXNow.send(:secure_json_post,'xx')}.should raise_error RPXNow::ServerError
+    end
+  end
+
+  describe :mappings do
+    it "parses JSON response to unmap data" do
+      RPXNow.expects(:post).returns %Q({"stat":"ok", "identifiers": ["http://test.myopenid.com/"]})
+      RPXNow.mappings(1, "x").should == ["http://test.myopenid.com/"]
+    end
+  end
+
+  describe :map do
+    it "adds a mapping" do
+      RPXNow.expects(:post).returns %Q({"stat":"ok"})
+      RPXNow.map('http://test.myopenid.com',1, API_KEY)
+    end
+  end
+
+  describe :unmap do
+    it "unmaps a indentifier" do
+      RPXNow.expects(:post).returns %Q({"stat":"ok"})
+      RPXNow.unmap('http://test.myopenid.com', 1, "x")
+    end
+
+    it "can be called with a specific version" do
+      RPXNow.expects(:secure_json_post).with{|a,b|a == "https://rpxnow.com/api/v300/unmap"}
+      RPXNow.unmap('http://test.myopenid.com', 1, :api_key=>'xxx', :api_version=>300)
+    end
+  end
+
+  describe :mapping_integration do
+    before do
+      @k1 = 'http://test.myopenid.com'
+      RPXNow.unmap(@k1, 1, API_KEY)
+      @k2 = 'http://test-2.myopenid.com'
+      RPXNow.unmap(@k2, 1, API_KEY)
+    end
+
+    it "has no mappings when nothing was mapped" do
+      RPXNow.mappings(1,API_KEY).should == []
+    end
+
+    it "unmaps mapped keys" do
+      RPXNow.map(@k2, 1, API_KEY)
+      RPXNow.unmap(@k2, 1, API_KEY)
+      RPXNow.mappings(1, API_KEY).should == []
+    end
+
+    it "maps keys to a primary key and then retrieves them" do
+      RPXNow.map(@k1, 1, API_KEY)
+      RPXNow.map(@k2, 1, API_KEY)
+      RPXNow.mappings(1,API_KEY).sort.should == [@k2,@k1]
+    end
+
+    it "does not add duplicate mappings" do
+      RPXNow.map(@k1, 1, API_KEY)
+      RPXNow.map(@k1, 1, API_KEY)
+      RPXNow.mappings(1,API_KEY).should == [@k1]
+    end
+  end
+  
+  describe :to_query do
+    it "should not depend on active support" do
+      RPXNow.send('to_query', {:one => " abc"}).should == "one= abc"
+    end
+    
+    it "should use ActiveSupport core extensions" do
+      require 'activesupport'
+      RPXNow.send('to_query', {:one => " abc"}).should == "one=+abc"
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,36 @@
+# ---- requirements
+require 'rubygems'
+require 'spec'
+require 'mocha'
+
+$LOAD_PATH << File.expand_path("../lib", File.dirname(__FILE__))
+
+
+# ---- rspec
+Spec::Runner.configure do |config|
+  config.mock_with :mocha
+end
+
+
+# ---- bugfix
+#`exit?': undefined method `run?' for Test::Unit:Module (NoMethodError)
+#can be solved with require test/unit but this will result in extra test-output
+module Test
+  module Unit
+    def self.run?
+      true
+    end
+  end
+end
+
+
+# ---- setup environment/plugin
+require File.expand_path("../init", File.dirname(__FILE__))
+
+
+# ---- Helpers
+def pending_it(text,&block)
+  it text do
+    pending(&block)
+  end
+end

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification 
+name: dbalatero-rpx_now
+version: !ruby/object:Gem::Version 
+  version: 0.4.1
+platform: ruby
+authors: 
+- Michael Grosser
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-04-15 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: activesupport
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: 
+email: grosser.michael@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- VERSION.yml
+- README.markdown
+- lib/rpx_now.rb
+- spec/rpx_now_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/grosser/rpx_now
+post_install_message: 
+rdoc_options: 
+- --inline-source
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Helper to simplify RPX Now user login/creation
+test_files: []
+