devise_openid_authenticatable 1.0.0.alpha3 → 1.0.0.alpha4

data/README.md

@@ -83,8 +83,56 @@ to your user model class:
       end
     end
     
-Ideally I'd like to add support for using sreg attributes here as well, to populate other
-fields in the user table.
+SReg and AX Extensions
+----------------------
+
+As of version 1.0.0.alpha4, devise_openid_authenticatable now supports the SReg (simple registration) and AX
+(attribute exchange) extensions.  This allows OpenID providers to pass you additional user details, such as
+name, email address, gender, nickname, etc.
+
+To add SReg and AX support to your User model, you'll need to do two things: first, you need to specify what
+fields you'd like to request from OpenID providers.  Second, you need to provide a method for processing
+these fields during authentication.
+
+To specify which fields to request, you can implement one (or both) of two class methods: 
+openid_required_fields and openid_optional_fields.  For example:
+
+    def self.openid_required_fields
+      ["fullname", "email", "http://axschema.org/namePerson", "http://axschema.org/contact/email"]
+    end
+    
+    def self.openid_optional_fields
+      ["gender", "http://axschema.org/person/gender"]
+    end
+
+Required fields should be used for fields without which your app can't operate properly.  Optional fields
+should be used for fields which are nice to have, but not necessary for your app.  Note that just because you
+specify a field as "required" doesn't necessarily mean that the OpenID provider has to give it to you (for 
+example, a provider might not have that field for its users).
+
+In the above example, we're specifying both SReg fields (fullname, email, and gender) and the equivalent
+AX fields (the ones that look like URLs).  A list of defined AX fields and their equivalent SReg fields can
+be found at [http://www.axschema.org/types](http://www.axschema.org/types).  It is highly recommended to 
+specify both AX and SReg fields, as both are implemented by different common OpenID providers.
+
+Once a successful OpenID response comes back, you still need to process the fields that the provider returned
+to your app.  To do that, implement an instance method called openid_fields=.  This method takes a hash that
+maps each returned field to a string value.  For example:
+
+    def openid_fields=(fields)
+      fields.each do |key, value|
+        case key.to_s
+        when "fullname", "http://axschema.org/namePerson"
+          self.name = value
+        when "email", "http://axschema.org/contact/email"
+          self.email = value
+        when "gender", "http://axschema.org/person/gender"
+          self.gender = value
+        else
+          logger.error "Unknown OpenID field: #{key}"
+        end
+      end
+    end
 
 See also
 --------

data/Rakefile

@@ -33,7 +33,7 @@ begin
     gemspec.homepage = "http://github.com/nbudin/devise_cas_authenticatable"
     gemspec.authors = ["Nat Budin"]
     gemspec.add_runtime_dependency "devise", ">= 1.0.6"
-    gemspec.add_runtime_dependency "rack-openid", "~> 1.0.3"
+    gemspec.add_runtime_dependency "rack-openid", ">= 1.0.3"
   end
   Jeweler::GemcutterTasks.new
 rescue LoadError

data/VERSION

@@ -1 +1 @@
-1.0.0.alpha3
+1.0.0.alpha4

data/devise_openid_authenticatable.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise_openid_authenticatable}
-  s.version = "1.0.0.alpha3"
+  s.version = "1.0.0.alpha4"
 
   s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
   s.authors = ["Nat Budin"]
@@ -40,14 +40,14 @@ Gem::Specification.new do |s|
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<devise>, [">= 1.0.6"])
-      s.add_runtime_dependency(%q<rack-openid>, ["~> 1.0.3"])
+      s.add_runtime_dependency(%q<rack-openid>, [">= 1.0.3"])
     else
       s.add_dependency(%q<devise>, [">= 1.0.6"])
-      s.add_dependency(%q<rack-openid>, ["~> 1.0.3"])
+      s.add_dependency(%q<rack-openid>, [">= 1.0.3"])
     end
   else
     s.add_dependency(%q<devise>, [">= 1.0.6"])
-    s.add_dependency(%q<rack-openid>, ["~> 1.0.3"])
+    s.add_dependency(%q<rack-openid>, [">= 1.0.3"])
   end
 end
 

data/lib/devise_openid_authenticatable/strategy.rb

@@ -10,16 +10,27 @@ module Devise
       end
 
       def authenticate!
-        RAILS_DEFAULT_LOGGER.info("Authenticating with OpenID for mapping #{mapping.to}")
+        logger.debug("Authenticating with OpenID for mapping #{mapping.to}")
         if resp = env[Rack::OpenID::RESPONSE]
-          RAILS_DEFAULT_LOGGER.info "Attempting OpenID auth: #{env["rack.openid.response"].inspect}"
+          logger.debug "Attempting OpenID auth: #{env["rack.openid.response"].inspect}"
           case resp.status
           when :success
             u = mapping.to.find_by_identity_url(resp.identity_url)
+            if u.nil? && mapping.to.respond_to?(:create_from_identity_url)
+              u = mapping.to.create_from_identity_url(resp.identity_url)
+            end
+            
             if u
+              if u.respond_to?("openid_fields=")
+                openid_fields = parse_openid_fields(resp)
+              
+                if openid_fields
+                  u.openid_fields = openid_fields
+                  u.save
+                end
+              end
+              
               success!(u)
-            elsif mapping.to.respond_to?(:create_from_identity_url)
-              success!(mapping.to.create_from_identity_url(resp.identity_url))
             else
               fail!("This OpenID URL is not associated with any registered user")
             end
@@ -29,22 +40,43 @@ module Devise
             fail!("OpenID auth failed")
           end
         else
-          # construct a return URL, preserving all the scope parameters as GET parameters
-          return_to = URI.parse(request.url)
-          scope_params = {}
-          params[scope].each do |k, v|
-            scope_params["#{scope}[#{k}]"] = v
-          end
-          return_to.query = Rack::Utils.build_query(scope_params)
-          
-          header_data = Rack::OpenID.build_header(:identifier => params[scope]["identity_url"], :return_to => return_to.to_s,
-            :method => request.method)
-          RAILS_DEFAULT_LOGGER.info header_data
+          header_params = { :identifier => params[scope]["identity_url"] }
+          header_params[:optional] = mapping.to.openid_optional_fields if mapping.to.respond_to?(:openid_optional_fields)
+          header_params[:required] = mapping.to.openid_required_fields if mapping.to.respond_to?(:openid_required_fields)
+          header_data = Rack::OpenID.build_header(header_params)
+          logger.debug header_data
           custom!([401, {
                 Rack::OpenID::AUTHENTICATE_HEADER => header_data
               }, "Sign in with OpenID"])
         end
       end
+      
+      private
+      def parse_openid_fields(resp)
+        openid_fields = nil
+        axr = OpenID::AX::FetchResponse.from_success_response(resp)
+        if axr
+          openid_fields = axr.data
+        else
+          resp.message.namespaces.each do |uri, ns_alias|
+            if ns_alias.to_s == "sreg"
+              openid_fields = resp.extension_response(uri, true)
+              break
+            end
+          end
+        end
+        
+        # Make sure everything is a string
+        openid_fields.each do |k, v|
+          openid_fields[k] = v.to_s
+        end
+        
+        return openid_fields
+      end
+      
+      def logger
+        @logger ||= ((Rails && Rails.logger) || RAILS_DEFAULT_LOGGER)
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification 
 name: devise_openid_authenticatable
 version: !ruby/object:Gem::Version 
-  hash: -1710980575
+  hash: -1710980386
   prerelease: true
   segments: 
   - 1
   - 0
   - 0
-  - alpha3
-  version: 1.0.0.alpha3
+  - alpha4
+  version: 1.0.0.alpha4
 platform: ruby
 authors: 
 - Nat Budin
@@ -41,7 +41,7 @@ dependencies:
   requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version 
         hash: 17
         segments: