easy-rack-open-id 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +2 -1
- data/Gemfile +10 -0
- data/Gemfile.lock +38 -0
- data/LICENSE +20 -0
- data/README.rdoc +1 -1
- data/Rakefile +2 -28
- data/config.ru +6 -8
- data/easy-rack-open-id.gemspec +16 -72
- data/lib/easy-rack-open-id/processing.rb +195 -0
- data/lib/easy-rack-open-id/server.rb +12 -0
- data/lib/easy-rack-open-id/version.rb +7 -0
- data/lib/easy-rack-openid.rb +13 -0
- data/lib/nice_openid_form.html.erb +3 -3
- data/lib/nicer_openid_form.html.erb +2 -2
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/css/style.css +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/demo.html +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/img/balloon.png +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/img/indicator.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/img/openid-icons.png +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/js/jquery.openid.js +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/js/jquery.openid.min.js +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/css/openid.css +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/demo.html +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/aol.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/blogger.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/claimid.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/facebook.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/flickr.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/google.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/livejournal.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/myopenid.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/openid-inputicon.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/openid.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/technorati.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/verisign.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/vidoop.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/wordpress.ico +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/yahoo.gif +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/js/jquery-1.2.6.min.js +0 -0
- data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/js/openid-jquery.js +1 -1
- metadata +69 -57
- data/VERSION +0 -1
- data/lib/easy_rack_open_id.rb +0 -138
- data/lib/easy_rack_open_id_processing.rb +0 -193
data/.gitignore
CHANGED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
easy-rack-open-id (0.3.0)
|
5
|
+
rack-openid (~> 1.3)
|
6
|
+
|
7
|
+
GEM
|
8
|
+
remote: http://rubygems.org/
|
9
|
+
specs:
|
10
|
+
bson (1.3.1)
|
11
|
+
columnize (0.3.2)
|
12
|
+
linecache (0.43)
|
13
|
+
mongo (1.3.1)
|
14
|
+
bson (>= 1.3.1)
|
15
|
+
openid_mongodb_store (0.3.0)
|
16
|
+
mongo (~> 1.3)
|
17
|
+
ruby-openid (~> 2.1)
|
18
|
+
rack (1.3.0)
|
19
|
+
rack-openid (1.3.1)
|
20
|
+
rack (>= 1.1.0)
|
21
|
+
ruby-openid (>= 2.1.8)
|
22
|
+
ruby-debug (0.10.4)
|
23
|
+
columnize (>= 0.1)
|
24
|
+
ruby-debug-base (~> 0.10.4.0)
|
25
|
+
ruby-debug-base (0.10.4)
|
26
|
+
linecache (>= 0.3)
|
27
|
+
ruby-openid (2.1.8)
|
28
|
+
shotgun (0.9)
|
29
|
+
rack (>= 1.0)
|
30
|
+
|
31
|
+
PLATFORMS
|
32
|
+
ruby
|
33
|
+
|
34
|
+
DEPENDENCIES
|
35
|
+
easy-rack-open-id!
|
36
|
+
openid_mongodb_store
|
37
|
+
ruby-debug
|
38
|
+
shotgun
|
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2009 Sam Schenkman-Moore
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
CHANGED
@@ -57,4 +57,4 @@ Right now allowed_identifiers and identity_match cannot both be used at once.
|
|
57
57
|
:policy_url
|
58
58
|
|
59
59
|
== OpenID Selector, Real-selector
|
60
|
-
This package includes nice-looking default login forms from the "openid-selector" and "real-openid-selector" projects. This gem will serve the necessary javascript/images, but it may be more efficient to copy public/easy-rack-
|
60
|
+
This package includes nice-looking default login forms from the "openid-selector" and "real-openid-selector" projects. This gem will serve the necessary javascript/images, but it may be more efficient to copy public/easy-rack-open-id-assets into your application's public directory so that Apache/Nginx/whatever can serve those file directly.
|
data/Rakefile
CHANGED
@@ -1,28 +1,2 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require 'rake'
|
4
|
-
|
5
|
-
begin
|
6
|
-
require 'jeweler'
|
7
|
-
Jeweler::Tasks.new do |gem|
|
8
|
-
gem.name = "easy-rack-open-id"
|
9
|
-
gem.summary = "Super easy OpenID protection for Rack."
|
10
|
-
gem.description = "You supply OpenIDs, this keeps anyone but people with access to those ids from getting through. You don't even have to make a form. :)"
|
11
|
-
gem.email = "samsm@samsm.com"
|
12
|
-
gem.homepage = "http://github.com/samsm/Easy-Rack-OpenID"
|
13
|
-
gem.authors = ["Sam Schenkman-Moore"]
|
14
|
-
gem.add_development_dependency "yard", ">= 0"
|
15
|
-
gem.add_runtime_dependency 'rack-openid'
|
16
|
-
end
|
17
|
-
rescue LoadError
|
18
|
-
puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
|
19
|
-
end
|
20
|
-
|
21
|
-
begin
|
22
|
-
require 'yard'
|
23
|
-
YARD::Rake::YardocTask.new
|
24
|
-
rescue LoadError
|
25
|
-
task :yardoc do
|
26
|
-
abort "YARD is not available. In order to run yardoc, you must: sudo gem install yard"
|
27
|
-
end
|
28
|
-
end
|
1
|
+
require 'bundler'
|
2
|
+
Bundler::GemHelper.install_tasks
|
data/config.ru
CHANGED
@@ -1,23 +1,21 @@
|
|
1
1
|
require 'rubygems'
|
2
2
|
require 'rack'
|
3
|
-
|
4
|
-
require '
|
5
|
-
require 'lib/easy_rack_open_id'
|
3
|
+
require 'rack/openid'
|
4
|
+
require 'lib/easy-rack-open-id'
|
6
5
|
|
7
6
|
use Rack::ShowExceptions
|
8
7
|
|
9
8
|
class HelloWorld
|
10
9
|
def call(env)
|
11
|
-
[200, {"Content-Type" => "text/
|
10
|
+
[200, {"Content-Type" => "text/html"}, ["Made it through! (<a href='/logout'>logout</a>)"]]
|
12
11
|
end
|
13
12
|
end
|
14
13
|
|
15
|
-
|
16
14
|
# require 'openid_mongodb_store'
|
17
|
-
|
15
|
+
|
18
16
|
puts "Remember shotgun won't work with memory store!"
|
19
17
|
|
20
18
|
use Rack::Session::Cookie
|
21
|
-
use Rack::OpenID #, OpenidMongodbStore::Store.new
|
22
|
-
use
|
19
|
+
use Rack::OpenID #, OpenidMongodbStore::Store.new(Mongo::Connection.new.db('testorama'))
|
20
|
+
use EasyRackOpenId::Server, :allowed_identifiers => ['http://samsm.com/'], :after_logout_path => '/login', :required => ['nickname']
|
23
21
|
run HelloWorld.new
|
data/easy-rack-open-id.gemspec
CHANGED
@@ -1,79 +1,23 @@
|
|
1
|
-
# Generated by jeweler
|
2
|
-
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
-
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
1
|
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "easy-rack-open-id/version"
|
5
4
|
|
6
5
|
Gem::Specification.new do |s|
|
7
|
-
s.name
|
8
|
-
s.version
|
9
|
-
|
10
|
-
s.
|
11
|
-
s.
|
12
|
-
s.
|
6
|
+
s.name = "easy-rack-open-id"
|
7
|
+
s.version = Easy::Rack::Openid::VERSION
|
8
|
+
s.platform = Gem::Platform::RUBY
|
9
|
+
s.authors = ["Sam Schenkman-Moore"]
|
10
|
+
s.email = ["samsm@samsm.com"]
|
11
|
+
s.homepage = "http://github.com/samsm/easy-rack-open-id"
|
12
|
+
s.summary = %q{Super easy OpenID protection for Rack.}
|
13
13
|
s.description = %q{You supply OpenIDs, this keeps anyone but people with access to those ids from getting through. You don't even have to make a form. :)}
|
14
|
-
s.email = %q{samsm@samsm.com}
|
15
|
-
s.extra_rdoc_files = [
|
16
|
-
"README.rdoc"
|
17
|
-
]
|
18
|
-
s.files = [
|
19
|
-
".gitignore",
|
20
|
-
"README.rdoc",
|
21
|
-
"Rakefile",
|
22
|
-
"VERSION",
|
23
|
-
"config.ru",
|
24
|
-
"easy-rack-open-id.gemspec",
|
25
|
-
"lib/easy_rack_open_id.rb",
|
26
|
-
"lib/easy_rack_open_id_processing.rb",
|
27
|
-
"lib/generic_openid_form.html.erb",
|
28
|
-
"lib/nice_openid_form.html.erb",
|
29
|
-
"lib/nicer_openid_form.html.erb",
|
30
|
-
"public/easy-rack-openid-assets/openid-realselector/css/style.css",
|
31
|
-
"public/easy-rack-openid-assets/openid-realselector/demo.html",
|
32
|
-
"public/easy-rack-openid-assets/openid-realselector/img/balloon.png",
|
33
|
-
"public/easy-rack-openid-assets/openid-realselector/img/indicator.gif",
|
34
|
-
"public/easy-rack-openid-assets/openid-realselector/img/openid-icons.png",
|
35
|
-
"public/easy-rack-openid-assets/openid-realselector/js/jquery.openid.js",
|
36
|
-
"public/easy-rack-openid-assets/openid-realselector/js/jquery.openid.min.js",
|
37
|
-
"public/easy-rack-openid-assets/openid-selector/css/openid.css",
|
38
|
-
"public/easy-rack-openid-assets/openid-selector/demo.html",
|
39
|
-
"public/easy-rack-openid-assets/openid-selector/images/aol.gif",
|
40
|
-
"public/easy-rack-openid-assets/openid-selector/images/blogger.ico",
|
41
|
-
"public/easy-rack-openid-assets/openid-selector/images/claimid.ico",
|
42
|
-
"public/easy-rack-openid-assets/openid-selector/images/facebook.gif",
|
43
|
-
"public/easy-rack-openid-assets/openid-selector/images/flickr.ico",
|
44
|
-
"public/easy-rack-openid-assets/openid-selector/images/google.gif",
|
45
|
-
"public/easy-rack-openid-assets/openid-selector/images/livejournal.ico",
|
46
|
-
"public/easy-rack-openid-assets/openid-selector/images/myopenid.ico",
|
47
|
-
"public/easy-rack-openid-assets/openid-selector/images/openid-inputicon.gif",
|
48
|
-
"public/easy-rack-openid-assets/openid-selector/images/openid.gif",
|
49
|
-
"public/easy-rack-openid-assets/openid-selector/images/technorati.ico",
|
50
|
-
"public/easy-rack-openid-assets/openid-selector/images/verisign.ico",
|
51
|
-
"public/easy-rack-openid-assets/openid-selector/images/vidoop.ico",
|
52
|
-
"public/easy-rack-openid-assets/openid-selector/images/wordpress.ico",
|
53
|
-
"public/easy-rack-openid-assets/openid-selector/images/yahoo.gif",
|
54
|
-
"public/easy-rack-openid-assets/openid-selector/js/jquery-1.2.6.min.js",
|
55
|
-
"public/easy-rack-openid-assets/openid-selector/js/openid-jquery.js"
|
56
|
-
]
|
57
|
-
s.homepage = %q{http://github.com/samsm/Easy-Rack-OpenID}
|
58
|
-
s.rdoc_options = ["--charset=UTF-8"]
|
59
|
-
s.require_paths = ["lib"]
|
60
|
-
s.rubygems_version = %q{1.3.5}
|
61
|
-
s.summary = %q{Super easy OpenID protection for Rack.}
|
62
14
|
|
63
|
-
|
64
|
-
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
65
|
-
s.specification_version = 3
|
15
|
+
s.rubyforge_project = "easy-rack-open-id"
|
66
16
|
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
s.add_dependency(%q<yard>, [">= 0"])
|
72
|
-
s.add_dependency(%q<rack-openid>, [">= 0"])
|
73
|
-
end
|
74
|
-
else
|
75
|
-
s.add_dependency(%q<yard>, [">= 0"])
|
76
|
-
s.add_dependency(%q<rack-openid>, [">= 0"])
|
77
|
-
end
|
78
|
-
end
|
17
|
+
s.files = `git ls-files`.split("\n")
|
18
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
19
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
20
|
+
s.require_paths = ["lib"]
|
79
21
|
|
22
|
+
s.add_dependency 'rack-openid', ['~> 1.3']
|
23
|
+
end
|
@@ -0,0 +1,195 @@
|
|
1
|
+
module EasyRackOpenId
|
2
|
+
class Processing
|
3
|
+
|
4
|
+
attr_accessor :env, :options
|
5
|
+
|
6
|
+
def initialize(app, options ={})
|
7
|
+
@app = app
|
8
|
+
@options = options
|
9
|
+
end
|
10
|
+
|
11
|
+
def call(env)
|
12
|
+
@env = env
|
13
|
+
if logout_path == path
|
14
|
+
logout_result = logout
|
15
|
+
return logout_result if logout_result
|
16
|
+
end
|
17
|
+
if asset?
|
18
|
+
content_type_lookup = {'css' => 'text/css','html'=> 'text/html','js'=>'text/javascript','gif'=>'image/gif','ico' => 'image/vnd.microsoft.icon', 'png'=> 'image/png'}
|
19
|
+
ok(IO.read(gem_public_path + path), content_type_lookup[File.extname(path)[1..-1]])
|
20
|
+
elsif allowed?
|
21
|
+
# pass through
|
22
|
+
@app.call(env)
|
23
|
+
else
|
24
|
+
# break chain, start open_id_login
|
25
|
+
open_id_login
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def asset?
|
30
|
+
0 == path.index(asset_prefix)
|
31
|
+
end
|
32
|
+
|
33
|
+
def asset_prefix
|
34
|
+
'/easy-rack-open-id-assets'
|
35
|
+
end
|
36
|
+
|
37
|
+
def gem_public_path
|
38
|
+
File.dirname(__FILE__) + '/../../public/'
|
39
|
+
end
|
40
|
+
|
41
|
+
def open_id_login
|
42
|
+
if resp = env["rack.openid.response"]
|
43
|
+
case resp.status
|
44
|
+
when :success
|
45
|
+
# Load in any registration data gathered
|
46
|
+
profile_data = {}
|
47
|
+
# merge the SReg data and the AX data into a single hash of profile data
|
48
|
+
[ OpenID::SReg::Response, OpenID::AX::FetchResponse ].each do |data_response|
|
49
|
+
if data_response.from_success_response( resp )
|
50
|
+
profile_data.merge! data_response.from_success_response( resp ).data
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
profile_data['identifier'] = resp.identity_url
|
55
|
+
#... save id and registration and forward to ...
|
56
|
+
self.verified_identity = profile_data
|
57
|
+
forward_to(protected_path)
|
58
|
+
when :failure
|
59
|
+
present_login_options
|
60
|
+
end
|
61
|
+
else
|
62
|
+
if identitifier_to_verify && valid_identifier?
|
63
|
+
self.protected_path = path
|
64
|
+
header_hash = {:identifier => identitifier_to_verify}
|
65
|
+
header_hash.merge!(:required => options[:required]) if options[:required]
|
66
|
+
header_hash.merge!(:required => options[:optional]) if options[:optional]
|
67
|
+
header_hash.merge!(:required => options[:policy_url]) if options[:policy_url]
|
68
|
+
[401, {"WWW-Authenticate" => Rack::OpenID.build_header(header_hash)}, []]
|
69
|
+
else
|
70
|
+
present_login_options
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
def path
|
76
|
+
env['REQUEST_PATH']
|
77
|
+
end
|
78
|
+
|
79
|
+
def present_login_options
|
80
|
+
if login_path
|
81
|
+
forward_to(login_path)
|
82
|
+
else
|
83
|
+
dir = File.dirname(__FILE__) + '/../'
|
84
|
+
form = case options[:form]
|
85
|
+
when 'boring'
|
86
|
+
IO.read(dir + '/generic_openid_form.html.erb')
|
87
|
+
when 'selector'
|
88
|
+
IO.read(dir + '/nice_openid_form.html.erb')
|
89
|
+
else # use default, real-openid selector
|
90
|
+
IO.read(dir + '/nicer_openid_form.html.erb')
|
91
|
+
end
|
92
|
+
ok(form)
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def forward_to(url)
|
97
|
+
[302, {'Location' => url,'Content-Type' => 'text/html'}, ["Forwarding to #{url}"]]
|
98
|
+
end
|
99
|
+
|
100
|
+
def allowed?
|
101
|
+
if allowed_identifiers
|
102
|
+
allowed_identifiers.include? verified_identifier
|
103
|
+
elsif identity_match
|
104
|
+
identity_match === verified_identifier
|
105
|
+
else
|
106
|
+
verified_identifier
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
def identity_match
|
111
|
+
options[:identity_match]
|
112
|
+
end
|
113
|
+
|
114
|
+
def allowed_identifiers
|
115
|
+
options[:allowed_identifiers]
|
116
|
+
end
|
117
|
+
|
118
|
+
def logout_path
|
119
|
+
options[:logout_path] || '/logout'
|
120
|
+
end
|
121
|
+
|
122
|
+
def logout
|
123
|
+
self.verified_identity = nil
|
124
|
+
if after_logout_path
|
125
|
+
forward_to(after_logout_path)
|
126
|
+
end
|
127
|
+
end
|
128
|
+
|
129
|
+
def after_logout_path
|
130
|
+
options[:after_logout_path]
|
131
|
+
end
|
132
|
+
|
133
|
+
def login_path
|
134
|
+
options[:login_path]
|
135
|
+
end
|
136
|
+
|
137
|
+
def identitifier_to_verify
|
138
|
+
@identitifier_to_verify ||=
|
139
|
+
if env["rack.request.query_hash"] && env["rack.request.query_hash"]["openid_identifier"]
|
140
|
+
env["rack.request.query_hash"]["openid_identifier"]
|
141
|
+
elsif posted_data = CGI.parse(env['rack.input'].read)
|
142
|
+
env['rack.input'].rewind
|
143
|
+
identifier = posted_data['openid_identifier']
|
144
|
+
if identifier.kind_of? Array
|
145
|
+
identifier.last
|
146
|
+
else
|
147
|
+
identifier
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
151
|
+
|
152
|
+
def valid_identifier?
|
153
|
+
uri = URI.parse(identitifier_to_verify.to_s.strip)
|
154
|
+
uri = URI.parse("http://#{uri}") unless uri.scheme
|
155
|
+
uri.scheme = uri.scheme.downcase # URI should do this
|
156
|
+
uri.normalize.to_s
|
157
|
+
rescue URI::InvalidURIError
|
158
|
+
# raise InvalidOpenId.new("#{url} is not an OpenID URL")
|
159
|
+
false # Quietly fail for now.
|
160
|
+
end
|
161
|
+
|
162
|
+
def verified_identity=(hash)
|
163
|
+
session['verified_identity'] = hash
|
164
|
+
end
|
165
|
+
|
166
|
+
def verified_identity
|
167
|
+
session['verified_identity']
|
168
|
+
end
|
169
|
+
|
170
|
+
def verified_identifier
|
171
|
+
verified_identity && verified_identity['identifier']
|
172
|
+
end
|
173
|
+
|
174
|
+
def session
|
175
|
+
env['rack.session']
|
176
|
+
end
|
177
|
+
|
178
|
+
def protected_path=(path)
|
179
|
+
session['return_to'] = path
|
180
|
+
end
|
181
|
+
|
182
|
+
def protected_path
|
183
|
+
session['return_to'] || default_return_to
|
184
|
+
end
|
185
|
+
|
186
|
+
def default_return_to
|
187
|
+
options[:default_return_to] || '/'
|
188
|
+
end
|
189
|
+
|
190
|
+
def ok(text, content_type = 'text/html')
|
191
|
+
[200,{"Content-Type" => content_type, 'Content-Length'=> text.length.to_s},[text]]
|
192
|
+
end
|
193
|
+
|
194
|
+
end
|
195
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/easy-rack-open-id/server'
|
2
|
+
require File.dirname(__FILE__) + '/easy-rack-open-id/processing'
|
3
|
+
|
4
|
+
module EasyRackOpenId
|
5
|
+
def initialize(app, options ={})
|
6
|
+
@app = app
|
7
|
+
@options = options
|
8
|
+
end
|
9
|
+
|
10
|
+
def call(env)
|
11
|
+
Processing.new(@app,@options).call(env)
|
12
|
+
end
|
13
|
+
end
|
@@ -5,9 +5,9 @@
|
|
5
5
|
<title>Log In!</title>
|
6
6
|
|
7
7
|
<!-- Simple OpenID Selector -->
|
8
|
-
<link rel="stylesheet" href="/easy-rack-
|
9
|
-
<script type="text/javascript" src="/easy-rack-
|
10
|
-
<script type="text/javascript" src="/easy-rack-
|
8
|
+
<link rel="stylesheet" href="/easy-rack-open-id-assets/openid-selector/css/openid.css" />
|
9
|
+
<script type="text/javascript" src="/easy-rack-open-id-assets/openid-selector/js/jquery-1.2.6.min.js"></script>
|
10
|
+
<script type="text/javascript" src="/easy-rack-open-id-assets/openid-selector/js/openid-jquery.js"></script>
|
11
11
|
<script type="text/javascript">
|
12
12
|
$(document).ready(function() {
|
13
13
|
openid.init('openid_identifier');
|
@@ -4,9 +4,9 @@
|
|
4
4
|
<head>
|
5
5
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
|
6
6
|
<title>Log In</title>
|
7
|
-
<link rel="stylesheet" href="/easy-rack-
|
7
|
+
<link rel="stylesheet" href="/easy-rack-open-id-assets/openid-realselector/css/style.css" type="text/css" media="screen" charset="utf-8" />
|
8
8
|
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
|
9
|
-
<script type="text/javascript" src="/easy-rack-
|
9
|
+
<script type="text/javascript" src="/easy-rack-open-id-assets/openid-realselector/js/jquery.openid.js"></script>
|
10
10
|
<script type="text/javascript"><!--//
|
11
11
|
$(function() {
|
12
12
|
$('#openid').openid({
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/css/style.css
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/demo.html
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-realselector/img/balloon.png
RENAMED
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/css/openid.css
RENAMED
File without changes
|
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/aol.gif
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/blogger.ico
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/claimid.ico
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/facebook.gif
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/flickr.ico
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/google.gif
RENAMED
File without changes
|
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/myopenid.ico
RENAMED
File without changes
|
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/openid.gif
RENAMED
File without changes
|
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/verisign.ico
RENAMED
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/vidoop.ico
RENAMED
File without changes
|
File without changes
|
data/public/{easy-rack-openid-assets → easy-rack-open-id-assets}/openid-selector/images/yahoo.gif
RENAMED
File without changes
|
File without changes
|
metadata
CHANGED
@@ -1,7 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: easy-rack-open-id
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
|
4
|
+
hash: 19
|
5
|
+
prerelease: false
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 3
|
9
|
+
- 0
|
10
|
+
version: 0.3.0
|
5
11
|
platform: ruby
|
6
12
|
authors:
|
7
13
|
- Sam Schenkman-Moore
|
@@ -9,100 +15,106 @@ autorequire:
|
|
9
15
|
bindir: bin
|
10
16
|
cert_chain: []
|
11
17
|
|
12
|
-
date:
|
18
|
+
date: 2011-05-24 00:00:00 -04:00
|
13
19
|
default_executable:
|
14
20
|
dependencies:
|
15
|
-
- !ruby/object:Gem::Dependency
|
16
|
-
name: yard
|
17
|
-
type: :development
|
18
|
-
version_requirement:
|
19
|
-
version_requirements: !ruby/object:Gem::Requirement
|
20
|
-
requirements:
|
21
|
-
- - ">="
|
22
|
-
- !ruby/object:Gem::Version
|
23
|
-
version: "0"
|
24
|
-
version:
|
25
21
|
- !ruby/object:Gem::Dependency
|
26
22
|
name: rack-openid
|
27
|
-
|
28
|
-
|
29
|
-
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
30
26
|
requirements:
|
31
|
-
- -
|
27
|
+
- - ~>
|
32
28
|
- !ruby/object:Gem::Version
|
33
|
-
|
34
|
-
|
29
|
+
hash: 9
|
30
|
+
segments:
|
31
|
+
- 1
|
32
|
+
- 3
|
33
|
+
version: "1.3"
|
34
|
+
type: :runtime
|
35
|
+
version_requirements: *id001
|
35
36
|
description: You supply OpenIDs, this keeps anyone but people with access to those ids from getting through. You don't even have to make a form. :)
|
36
|
-
email:
|
37
|
+
email:
|
38
|
+
- samsm@samsm.com
|
37
39
|
executables: []
|
38
40
|
|
39
41
|
extensions: []
|
40
42
|
|
41
|
-
extra_rdoc_files:
|
42
|
-
|
43
|
+
extra_rdoc_files: []
|
44
|
+
|
43
45
|
files:
|
44
46
|
- .gitignore
|
47
|
+
- Gemfile
|
48
|
+
- Gemfile.lock
|
49
|
+
- LICENSE
|
45
50
|
- README.rdoc
|
46
51
|
- Rakefile
|
47
|
-
- VERSION
|
48
52
|
- config.ru
|
49
53
|
- easy-rack-open-id.gemspec
|
50
|
-
- lib/
|
51
|
-
- lib/
|
54
|
+
- lib/easy-rack-open-id/processing.rb
|
55
|
+
- lib/easy-rack-open-id/server.rb
|
56
|
+
- lib/easy-rack-open-id/version.rb
|
57
|
+
- lib/easy-rack-openid.rb
|
52
58
|
- lib/generic_openid_form.html.erb
|
53
59
|
- lib/nice_openid_form.html.erb
|
54
60
|
- lib/nicer_openid_form.html.erb
|
55
|
-
- public/easy-rack-
|
56
|
-
- public/easy-rack-
|
57
|
-
- public/easy-rack-
|
58
|
-
- public/easy-rack-
|
59
|
-
- public/easy-rack-
|
60
|
-
- public/easy-rack-
|
61
|
-
- public/easy-rack-
|
62
|
-
- public/easy-rack-
|
63
|
-
- public/easy-rack-
|
64
|
-
- public/easy-rack-
|
65
|
-
- public/easy-rack-
|
66
|
-
- public/easy-rack-
|
67
|
-
- public/easy-rack-
|
68
|
-
- public/easy-rack-
|
69
|
-
- public/easy-rack-
|
70
|
-
- public/easy-rack-
|
71
|
-
- public/easy-rack-
|
72
|
-
- public/easy-rack-
|
73
|
-
- public/easy-rack-
|
74
|
-
- public/easy-rack-
|
75
|
-
- public/easy-rack-
|
76
|
-
- public/easy-rack-
|
77
|
-
- public/easy-rack-
|
78
|
-
- public/easy-rack-
|
79
|
-
- public/easy-rack-
|
80
|
-
- public/easy-rack-
|
61
|
+
- public/easy-rack-open-id-assets/openid-realselector/css/style.css
|
62
|
+
- public/easy-rack-open-id-assets/openid-realselector/demo.html
|
63
|
+
- public/easy-rack-open-id-assets/openid-realselector/img/balloon.png
|
64
|
+
- public/easy-rack-open-id-assets/openid-realselector/img/indicator.gif
|
65
|
+
- public/easy-rack-open-id-assets/openid-realselector/img/openid-icons.png
|
66
|
+
- public/easy-rack-open-id-assets/openid-realselector/js/jquery.openid.js
|
67
|
+
- public/easy-rack-open-id-assets/openid-realselector/js/jquery.openid.min.js
|
68
|
+
- public/easy-rack-open-id-assets/openid-selector/css/openid.css
|
69
|
+
- public/easy-rack-open-id-assets/openid-selector/demo.html
|
70
|
+
- public/easy-rack-open-id-assets/openid-selector/images/aol.gif
|
71
|
+
- public/easy-rack-open-id-assets/openid-selector/images/blogger.ico
|
72
|
+
- public/easy-rack-open-id-assets/openid-selector/images/claimid.ico
|
73
|
+
- public/easy-rack-open-id-assets/openid-selector/images/facebook.gif
|
74
|
+
- public/easy-rack-open-id-assets/openid-selector/images/flickr.ico
|
75
|
+
- public/easy-rack-open-id-assets/openid-selector/images/google.gif
|
76
|
+
- public/easy-rack-open-id-assets/openid-selector/images/livejournal.ico
|
77
|
+
- public/easy-rack-open-id-assets/openid-selector/images/myopenid.ico
|
78
|
+
- public/easy-rack-open-id-assets/openid-selector/images/openid-inputicon.gif
|
79
|
+
- public/easy-rack-open-id-assets/openid-selector/images/openid.gif
|
80
|
+
- public/easy-rack-open-id-assets/openid-selector/images/technorati.ico
|
81
|
+
- public/easy-rack-open-id-assets/openid-selector/images/verisign.ico
|
82
|
+
- public/easy-rack-open-id-assets/openid-selector/images/vidoop.ico
|
83
|
+
- public/easy-rack-open-id-assets/openid-selector/images/wordpress.ico
|
84
|
+
- public/easy-rack-open-id-assets/openid-selector/images/yahoo.gif
|
85
|
+
- public/easy-rack-open-id-assets/openid-selector/js/jquery-1.2.6.min.js
|
86
|
+
- public/easy-rack-open-id-assets/openid-selector/js/openid-jquery.js
|
81
87
|
has_rdoc: true
|
82
|
-
homepage: http://github.com/samsm/
|
88
|
+
homepage: http://github.com/samsm/easy-rack-open-id
|
83
89
|
licenses: []
|
84
90
|
|
85
91
|
post_install_message:
|
86
|
-
rdoc_options:
|
87
|
-
|
92
|
+
rdoc_options: []
|
93
|
+
|
88
94
|
require_paths:
|
89
95
|
- lib
|
90
96
|
required_ruby_version: !ruby/object:Gem::Requirement
|
97
|
+
none: false
|
91
98
|
requirements:
|
92
99
|
- - ">="
|
93
100
|
- !ruby/object:Gem::Version
|
101
|
+
hash: 3
|
102
|
+
segments:
|
103
|
+
- 0
|
94
104
|
version: "0"
|
95
|
-
version:
|
96
105
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
106
|
+
none: false
|
97
107
|
requirements:
|
98
108
|
- - ">="
|
99
109
|
- !ruby/object:Gem::Version
|
110
|
+
hash: 3
|
111
|
+
segments:
|
112
|
+
- 0
|
100
113
|
version: "0"
|
101
|
-
version:
|
102
114
|
requirements: []
|
103
115
|
|
104
|
-
rubyforge_project:
|
105
|
-
rubygems_version: 1.3.
|
116
|
+
rubyforge_project: easy-rack-open-id
|
117
|
+
rubygems_version: 1.3.7
|
106
118
|
signing_key:
|
107
119
|
specification_version: 3
|
108
120
|
summary: Super easy OpenID protection for Rack.
|
data/VERSION
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
0.2.2
|
data/lib/easy_rack_open_id.rb
DELETED
@@ -1,138 +0,0 @@
|
|
1
|
-
require File.dirname(__FILE__) + '/easy_rack_open_id_processing'
|
2
|
-
class EasyRackOpenID
|
3
|
-
|
4
|
-
# attr_accessor :env, :options
|
5
|
-
|
6
|
-
def initialize(app, options ={})
|
7
|
-
@app = app
|
8
|
-
@options = options
|
9
|
-
end
|
10
|
-
|
11
|
-
def call(env)
|
12
|
-
EasyRackOpenIDProcessing.new(@app,@options).call(env)
|
13
|
-
end
|
14
|
-
|
15
|
-
def asset?
|
16
|
-
0 == path.index(asset_prefix)
|
17
|
-
end
|
18
|
-
|
19
|
-
def asset_prefix
|
20
|
-
'/easy-rack-openid-assets'
|
21
|
-
end
|
22
|
-
|
23
|
-
def gem_public_path
|
24
|
-
File.dirname(__FILE__) + '/../public/'
|
25
|
-
end
|
26
|
-
|
27
|
-
def open_id_login
|
28
|
-
if resp = env["rack.openid.response"]
|
29
|
-
case resp.status
|
30
|
-
when :success
|
31
|
-
#... save id and forward to ...
|
32
|
-
self.verified_identity = resp.identity_url
|
33
|
-
forward_to(protected_path)
|
34
|
-
when :failure
|
35
|
-
present_login_options
|
36
|
-
end
|
37
|
-
else
|
38
|
-
if identitifier_to_verify
|
39
|
-
self.protected_path = path
|
40
|
-
[401, {"WWW-Authenticate" => "OpenID identifier=\"#{identitifier_to_verify}\""}, []]
|
41
|
-
else
|
42
|
-
present_login_options
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
end
|
47
|
-
|
48
|
-
def path
|
49
|
-
env['REQUEST_PATH']
|
50
|
-
end
|
51
|
-
|
52
|
-
def present_login_options
|
53
|
-
if login_path
|
54
|
-
forward_to(login_path)
|
55
|
-
else
|
56
|
-
dir = File.dirname(__FILE__)
|
57
|
-
# form = IO.read(dir + '/generic_openid_form.html.erb')
|
58
|
-
form = IO.read(dir + '/nice_openid_form.html.erb')
|
59
|
-
ok(form)
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
|
-
def forward_to(url)
|
64
|
-
[302, {'Location' => url}, ["Forwarding to #{url}"]]
|
65
|
-
end
|
66
|
-
|
67
|
-
def allowed?
|
68
|
-
if allowed_identifiers
|
69
|
-
allowed_identifiers.include? verified_identity
|
70
|
-
elsif identity_match
|
71
|
-
identity_match === verified_identity
|
72
|
-
else
|
73
|
-
verified_identity
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
def identity_match
|
78
|
-
options[:identity_match]
|
79
|
-
end
|
80
|
-
|
81
|
-
def allowed_identifiers
|
82
|
-
options[:allowed_identifiers]
|
83
|
-
end
|
84
|
-
|
85
|
-
def logout_path
|
86
|
-
options[:logout_path] || '/logout'
|
87
|
-
end
|
88
|
-
|
89
|
-
def logout
|
90
|
-
self.verified_identity = nil
|
91
|
-
if after_logout_path
|
92
|
-
forward_to(after_logout_path)
|
93
|
-
end
|
94
|
-
end
|
95
|
-
|
96
|
-
def after_logout_path
|
97
|
-
options[:after_logout_path]
|
98
|
-
end
|
99
|
-
|
100
|
-
def login_path
|
101
|
-
options[:login_path]
|
102
|
-
end
|
103
|
-
|
104
|
-
def identitifier_to_verify
|
105
|
-
env["rack.request.query_hash"]["openid_identifier"]
|
106
|
-
end
|
107
|
-
|
108
|
-
def verified_identity=(url)
|
109
|
-
session['verified_identity'] = url
|
110
|
-
end
|
111
|
-
|
112
|
-
def verified_identity
|
113
|
-
session['verified_identity']
|
114
|
-
end
|
115
|
-
|
116
|
-
def session
|
117
|
-
env['rack.session']
|
118
|
-
end
|
119
|
-
|
120
|
-
def protected_path=(path)
|
121
|
-
session['return_to'] = path
|
122
|
-
end
|
123
|
-
|
124
|
-
def protected_path
|
125
|
-
session['return_to'] || default_return_to
|
126
|
-
end
|
127
|
-
|
128
|
-
def default_return_to
|
129
|
-
options[:default_return_to] || '/'
|
130
|
-
end
|
131
|
-
|
132
|
-
def ok(text, content_type = 'text/html')
|
133
|
-
puts
|
134
|
-
puts "2. Content type: #{content_type} for #{path}"
|
135
|
-
[200,{"Content-Type" => content_type, 'Content-Length'=> text.length},[text]]
|
136
|
-
end
|
137
|
-
|
138
|
-
end
|
@@ -1,193 +0,0 @@
|
|
1
|
-
class EasyRackOpenIDProcessing
|
2
|
-
|
3
|
-
attr_accessor :env, :options
|
4
|
-
|
5
|
-
def initialize(app, options ={})
|
6
|
-
@app = app
|
7
|
-
@options = options
|
8
|
-
end
|
9
|
-
|
10
|
-
def call(env)
|
11
|
-
@env = env
|
12
|
-
if logout_path == path
|
13
|
-
logout_result = logout
|
14
|
-
return logout_result if logout_result
|
15
|
-
end
|
16
|
-
if asset?
|
17
|
-
content_type_lookup = {'css' => 'text/css','html'=> 'text/html','js'=>'text/javascript','gif'=>'image/gif','ico' => 'image/vnd.microsoft.icon', 'png'=> 'image/png'}
|
18
|
-
ok(IO.read(gem_public_path + path), content_type_lookup[File.extname(path)[1..-1]])
|
19
|
-
elsif allowed?
|
20
|
-
# pass through
|
21
|
-
@app.call(env)
|
22
|
-
else
|
23
|
-
# break chain, start open_id_login
|
24
|
-
open_id_login
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
def asset?
|
29
|
-
0 == path.index(asset_prefix)
|
30
|
-
end
|
31
|
-
|
32
|
-
def asset_prefix
|
33
|
-
'/easy-rack-openid-assets'
|
34
|
-
end
|
35
|
-
|
36
|
-
def gem_public_path
|
37
|
-
File.dirname(__FILE__) + '/../public/'
|
38
|
-
end
|
39
|
-
|
40
|
-
def open_id_login
|
41
|
-
if resp = env["rack.openid.response"]
|
42
|
-
case resp.status
|
43
|
-
when :success
|
44
|
-
# Load in any registration data gathered
|
45
|
-
profile_data = {}
|
46
|
-
# merge the SReg data and the AX data into a single hash of profile data
|
47
|
-
[ OpenID::SReg::Response, OpenID::AX::FetchResponse ].each do |data_response|
|
48
|
-
if data_response.from_success_response( resp )
|
49
|
-
profile_data.merge! data_response.from_success_response( resp ).data
|
50
|
-
end
|
51
|
-
end
|
52
|
-
|
53
|
-
profile_data['identifier'] = resp.identity_url
|
54
|
-
#... save id and registration and forward to ...
|
55
|
-
self.verified_identity = profile_data
|
56
|
-
forward_to(protected_path)
|
57
|
-
when :failure
|
58
|
-
present_login_options
|
59
|
-
end
|
60
|
-
else
|
61
|
-
if identitifier_to_verify && valid_identifier?
|
62
|
-
self.protected_path = path
|
63
|
-
header_hash = {:identifier => identitifier_to_verify}
|
64
|
-
header_hash.merge!(:required => options[:required]) if options[:required]
|
65
|
-
header_hash.merge!(:required => options[:optional]) if options[:optional]
|
66
|
-
header_hash.merge!(:required => options[:policy_url]) if options[:policy_url]
|
67
|
-
[401, {"WWW-Authenticate" => Rack::OpenID.build_header(header_hash)}, []]
|
68
|
-
else
|
69
|
-
present_login_options
|
70
|
-
end
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
def path
|
75
|
-
env['REQUEST_PATH']
|
76
|
-
end
|
77
|
-
|
78
|
-
def present_login_options
|
79
|
-
if login_path
|
80
|
-
forward_to(login_path)
|
81
|
-
else
|
82
|
-
dir = File.dirname(__FILE__)
|
83
|
-
form = case options[:form]
|
84
|
-
when 'boring'
|
85
|
-
IO.read(dir + '/generic_openid_form.html.erb')
|
86
|
-
when 'selector'
|
87
|
-
IO.read(dir + '/nice_openid_form.html.erb')
|
88
|
-
else # use default, real-openid selector
|
89
|
-
IO.read(dir + '/nicer_openid_form.html.erb')
|
90
|
-
end
|
91
|
-
ok(form)
|
92
|
-
end
|
93
|
-
end
|
94
|
-
|
95
|
-
def forward_to(url)
|
96
|
-
[302, {'Location' => url,'Content-Type' => 'text/html'}, ["Forwarding to #{url}"]]
|
97
|
-
end
|
98
|
-
|
99
|
-
def allowed?
|
100
|
-
if allowed_identifiers
|
101
|
-
allowed_identifiers.include? verified_identifier
|
102
|
-
elsif identity_match
|
103
|
-
identity_match === verified_identifier
|
104
|
-
else
|
105
|
-
verified_identifier
|
106
|
-
end
|
107
|
-
end
|
108
|
-
|
109
|
-
def identity_match
|
110
|
-
options[:identity_match]
|
111
|
-
end
|
112
|
-
|
113
|
-
def allowed_identifiers
|
114
|
-
options[:allowed_identifiers]
|
115
|
-
end
|
116
|
-
|
117
|
-
def logout_path
|
118
|
-
options[:logout_path] || '/logout'
|
119
|
-
end
|
120
|
-
|
121
|
-
def logout
|
122
|
-
self.verified_identity = nil
|
123
|
-
if after_logout_path
|
124
|
-
forward_to(after_logout_path)
|
125
|
-
end
|
126
|
-
end
|
127
|
-
|
128
|
-
def after_logout_path
|
129
|
-
options[:after_logout_path]
|
130
|
-
end
|
131
|
-
|
132
|
-
def login_path
|
133
|
-
options[:login_path]
|
134
|
-
end
|
135
|
-
|
136
|
-
def identitifier_to_verify
|
137
|
-
@identitifier_to_verify ||=
|
138
|
-
if env["rack.request.query_hash"] && env["rack.request.query_hash"]["openid_identifier"]
|
139
|
-
env["rack.request.query_hash"]["openid_identifier"]
|
140
|
-
elsif posted_data = CGI.parse(env['rack.input'].read)
|
141
|
-
env['rack.input'].rewind
|
142
|
-
identifier = posted_data['openid_identifier']
|
143
|
-
if identifier.kind_of? Array
|
144
|
-
identifier.last
|
145
|
-
else
|
146
|
-
identifier
|
147
|
-
end
|
148
|
-
end
|
149
|
-
end
|
150
|
-
|
151
|
-
def valid_identifier?
|
152
|
-
uri = URI.parse(identitifier_to_verify.to_s.strip)
|
153
|
-
uri = URI.parse("http://#{uri}") unless uri.scheme
|
154
|
-
uri.scheme = uri.scheme.downcase # URI should do this
|
155
|
-
uri.normalize.to_s
|
156
|
-
rescue URI::InvalidURIError
|
157
|
-
# raise InvalidOpenId.new("#{url} is not an OpenID URL")
|
158
|
-
false # Quietly fail for now.
|
159
|
-
end
|
160
|
-
|
161
|
-
def verified_identity=(hash)
|
162
|
-
session['verified_identity'] = hash
|
163
|
-
end
|
164
|
-
|
165
|
-
def verified_identity
|
166
|
-
session['verified_identity']
|
167
|
-
end
|
168
|
-
|
169
|
-
def verified_identifier
|
170
|
-
verified_identity && verified_identity['identifier']
|
171
|
-
end
|
172
|
-
|
173
|
-
def session
|
174
|
-
env['rack.session']
|
175
|
-
end
|
176
|
-
|
177
|
-
def protected_path=(path)
|
178
|
-
session['return_to'] = path
|
179
|
-
end
|
180
|
-
|
181
|
-
def protected_path
|
182
|
-
session['return_to'] || default_return_to
|
183
|
-
end
|
184
|
-
|
185
|
-
def default_return_to
|
186
|
-
options[:default_return_to] || '/'
|
187
|
-
end
|
188
|
-
|
189
|
-
def ok(text, content_type = 'text/html')
|
190
|
-
[200,{"Content-Type" => content_type, 'Content-Length'=> text.length.to_s},[text]]
|
191
|
-
end
|
192
|
-
|
193
|
-
end
|