RubyGems - devise_openid_authenticatable - Versions diffs - 1.1.6 → 1.2.0 - Mend

devise_openid_authenticatable 1.1.6 → 1.2.0

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.rdoc +3 -0
data/README.md +26 -11
data/lib/devise_openid_authenticatable.rb +1 -0
data/lib/devise_openid_authenticatable/config.rb +27 -0
data/lib/devise_openid_authenticatable/strategy.rb +25 -15
data/lib/devise_openid_authenticatable/version.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b5b4431ddd67c62f013f6de48044bc0816f3b3ba
-  data.tar.gz: f637591849ba1f7555ef310a39f87cda504de7e1
+  metadata.gz: 5abb808ef023d477e64b13be7e6ce7ac0cc7da09
+  data.tar.gz: 7d46f7e4990245d8be2e30a3513020067b16a065
 SHA512:
-  metadata.gz: d2fb011e3711e201f29a5cf2535b52ae8cfdca00b225a1d140f11a4b0ce3aa31e4e300fc19808d481baf8f44fdef8fb96cba93de8c281f3f49677ecedf095293
-  data.tar.gz: 4a9cc6d20b0ce9e4e73bea5953f1f3ad6911f632948bac3ae40ad0ea884cad6984af7172f80140f9aab759b6d56cfaa526a1f24d4b741b05fa05d70159c70315
+  metadata.gz: 14f7a091be1201f3c949db79f8adba3fed476b86ff1ec51a584ea81867a88a59b87321665b7972da851cccf60583cc1e7acb6c9d7cc9c00d956e09a780ad13c8
+  data.tar.gz: cc453acbb72c4fe67bea6931d3b5710cd575973e1c67ebc1b2d472caf1205cbc198731d5abf2cba4abec452b006ec6d4b22d82a4f000f5356de85e6dcb19b6c5

data/CHANGELOG.rdoc CHANGED

@@ -1,3 +1,6 @@
+== 1.2.0
+* Allow configuring a static identity_url for all users (thanks Sander Nieuwenhuizen!)
 == 1.1.6
 * The last fix didn't load correctly; trying a new one that patches the verify_authenticity_token callback instead.

data/README.md CHANGED

@@ -19,16 +19,16 @@ Installation
 Add the following to your project's Gemfile:
     gem "devise_openid_authenticatable"
 Then run `bundle install`.
 Setup
 -----
 Once devise\_openid\_authenticatable is installed, add the following to your user model:
     devise :openid_authenticatable
 You can also add other modules such as token_authenticatable, trackable, etc.  Database_authenticatable
 should work fine alongside openid_authenticatable.
@@ -41,7 +41,21 @@ You'll also need to set up the database schema for this:
 and, optionally, indexes:
     add_index :users, :identity_url, :unique => true
+## Option 1: Configure a global identity_url
+If the identity URL does not vary per user and you do not want to bother users with that you can configure a static identity URL through Devise.
+In `config/initializers/devise.rb`, add:
+```
+Devise.setup do |config|
+  config.openid_authenticatable do |openid|
+    openid.identity_url = 'http://foobar.com'
+  end
+end
+```
+## Option 2: Pass the identity_url along via the login form
 In addition, you'll need to modify sessions/new.html.erb (or the appropriate scoped view if you're
 using those).  You need to add a field for identity_url, and remove username and password if you
 aren't using database_authenticatable:
@@ -57,6 +71,7 @@ aren't using database_authenticatable:
       <p><%= f.submit "Sign in" %></p>
     <% end -%>
+## Rails 2
 Finally, *Rails 2* users, you'll need to wire up Rack::OpenID in your Rails configuration:
     config.middleware.insert_before(Warden::Manager, Rack::OpenID)
@@ -74,12 +89,12 @@ to your user model class:
     class User < ActiveRecord::Base
       devise :openid_authenticatable
       def self.build_from_identity_url(identity_url)
         User.new(:identity_url => identity_url)
       end
     end
 SReg and AX Extensions
 ----------------------
@@ -91,25 +106,25 @@ To add SReg and AX support to your User model, you'll need to do two things: fir
 fields you'd like to request from OpenID providers.  Second, you need to provide a method for processing
 these fields during authentication.
-To specify which fields to request, you can implement one (or both) of two class methods:
+To specify which fields to request, you can implement one (or both) of two class methods:
 openid_required_fields and openid_optional_fields.  For example:
     def self.openid_required_fields
       ["fullname", "email", "http://axschema.org/namePerson", "http://axschema.org/contact/email"]
     end
     def self.openid_optional_fields
       ["gender", "http://axschema.org/person/gender"]
     end
 Required fields should be used for fields without which your app can't operate properly.  Optional fields
 should be used for fields which are nice to have, but not necessary for your app.  Note that just because you
-specify a field as "required" doesn't necessarily mean that the OpenID provider has to give it to you (for
+specify a field as "required" doesn't necessarily mean that the OpenID provider has to give it to you (for
 example, a provider might not have that field for its users).
 In the above example, we're specifying both SReg fields (fullname, email, and gender) and the equivalent
 AX fields (the ones that look like URLs).  A list of defined AX fields and their equivalent SReg fields can
-be found at [http://www.axschema.org/types](http://www.axschema.org/types).  It is highly recommended to
+be found at [http://www.axschema.org/types](http://www.axschema.org/types).  It is highly recommended to
 specify both AX and SReg fields, as both are implemented by different common OpenID providers.
 Once a successful OpenID response comes back, you still need to process the fields that the provider returned
@@ -122,7 +137,7 @@ maps each returned field to a string value.  For example:
         if value.is_a? Array
           value = value.first
         end
         case key.to_s
         when "fullname", "http://axschema.org/namePerson"
           self.name = value

data/lib/devise_openid_authenticatable.rb CHANGED

@@ -1,5 +1,6 @@
 require 'devise'
+require 'devise_openid_authenticatable/config'
 require 'devise_openid_authenticatable/railtie'
 require 'devise_openid_authenticatable/schema'
 require 'devise_openid_authenticatable/strategy'

data/lib/devise_openid_authenticatable/config.rb ADDED

@@ -0,0 +1,27 @@
+module DeviseOpenidAuthenticatable
+  module Config
+    mattr_accessor :identity_url
+  end
+end
+module DeviseOpenidAuthenticatable
+  module Configurable
+    def self.included(base)
+      base.extend ClassMethods
+    end
+    module ClassMethods
+      def openid_authenticatable
+        yield DeviseOpenidAuthenticatable::Config
+      end
+    end
+  end
+end
+Devise.send(:include, DeviseOpenidAuthenticatable::Configurable)

data/lib/devise_openid_authenticatable/strategy.rb CHANGED

@@ -2,6 +2,7 @@ require 'devise/strategies/base'
 require 'rack/openid'
 class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authenticatable
   def valid?
     valid_mapping? && ( provider_response? || identity_param? )
   end
@@ -12,14 +13,15 @@ class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authentica
     if provider_response
       handle_response!
     else # Delegate authentication to Rack::OpenID by throwing a 401
-      opts = { :identifier => params[scope]["identity_url"], :return_to => return_url, :trust_root => trust_root, :method => 'post' }
-      opts[:immediate] = true if params[scope]["immediate"]
+      opts = { :identifier => identity_url, :return_to => return_url, :trust_root => trust_root, :method => 'post' }
+      opts[:immediate] = true if scoped_params["immediate"]
       opts[:optional] = mapping.to.openid_optional_fields if mapping.to.respond_to?(:openid_optional_fields)
       opts[:required] = mapping.to.openid_required_fields if mapping.to.respond_to?(:openid_required_fields)
       custom! [401, { Rack::OpenID::AUTHENTICATE_HEADER => Rack::OpenID.build_header(opts) }, "Sign in with OpenID"]
     end
   end
   # CSRF won't be able to be verified on returning from the OpenID server, so we will bypass that check for this strategy
   def store?
     true
@@ -30,11 +32,10 @@ class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authentica
     # Handles incoming provider response
     def handle_response!
       logger.debug "Attempting OpenID auth: #{provider_response.inspect}"
       case provider_response.status
       when :success
         resource = find_resource || build_resource || create_resource
         if resource && validate(resource)
           begin
             update_resource!(resource)
@@ -69,19 +70,19 @@ class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authentica
     end
     def identity_param?
-      params[scope].try(:[], 'identity_url').present?
+      identity_url.present?
     end
     def find_resource
       mapping.to.find_by_identity_url(provider_response.identity_url)
     end
     def build_resource
       if mapping.to.respond_to?(:build_from_identity_url)
         mapping.to.build_from_identity_url(provider_response.identity_url)
       end
     end
     def create_resource
       if mapping.to.respond_to?(:create_from_identity_url)
         logger.warn "DEPRECATION WARNING: create_from_identity_url is deprecated.  Please implement build_from_identity_url instead.  For more information, please see the devise_openid_authenticatable CHANGELOG for version 1.0.0.beta1."
@@ -93,13 +94,13 @@ class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authentica
       if fields && resource.respond_to?(:openid_fields=)
         resource.openid_fields = fields
       end
       resource.save!
     end
     def fields
       return @fields unless @fields.nil?
       if axr = OpenID::AX::FetchResponse.from_success_response(provider_response)
         @fields = axr.data
       else
@@ -110,17 +111,17 @@ class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authentica
           end
         end
       end
       return @fields
     end
     def logger
       @logger ||= ((Rails && Rails.logger) || RAILS_DEFAULT_LOGGER)
     end
     def return_url
       return_to = URI.parse(request.url)
-      return_params = params[scope].inject({}) do |request_params, pair|
+      return_params = (scoped_params).inject({}) do |request_params, pair|
         param, value = pair
         request_params["#{scope}[#{param}]"] = value
         request_params
@@ -135,6 +136,15 @@ class Devise::Strategies::OpenidAuthenticatable < Devise::Strategies::Authentica
       trust_root.query = nil
       trust_root.to_s
     end
+    def scoped_params
+      params[scope] || {}
+    end
+    def identity_url
+      params[scope].try(:[], 'identity_url') || DeviseOpenidAuthenticatable::Config.identity_url
+    end
 end
 Warden::Strategies.add :openid_authenticatable, Devise::Strategies::OpenidAuthenticatable

data/lib/devise_openid_authenticatable/version.rb CHANGED

@@ -1,3 +1,3 @@
 module DeviseOpenidAuthenticatable
-  VERSION = "1.1.6"
+  VERSION = "1.2.0"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_openid_authenticatable
 version: !ruby/object:Gem::Version
-  version: 1.1.6
+  version: 1.2.0
 platform: ruby
 authors:
 - Nat Budin
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-01-09 00:00:00.000000000 Z
+date: 2016-04-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack-openid
@@ -143,6 +143,7 @@ files:
 - Rakefile
 - devise_openid_authenticatable.gemspec
 - lib/devise_openid_authenticatable.rb
+- lib/devise_openid_authenticatable/config.rb
 - lib/devise_openid_authenticatable/controller.rb
 - lib/devise_openid_authenticatable/model.rb
 - lib/devise_openid_authenticatable/railtie.rb
@@ -193,7 +194,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.2.0
+rubygems_version: 2.4.5.1
 signing_key:
 specification_version: 4
 summary: OpenID authentication for Devise
@@ -222,4 +223,3 @@ test_files:
 - spec/spec_helper.rb
 - spec/strategy_spec.rb
 - spec/support/migrations.rb
-has_rdoc: