entp-ruby-openid 2.2

data/NOTICE

@@ -0,0 +1,2 @@
+This product includes software developed by JanRain,
+available from http://github.com/openid/ruby-openid

data/README

@@ -0,0 +1,85 @@
+=Ruby OpenID
+
+A Ruby library for verifying and serving OpenID identities.
+
+This is a fork by courtenay @ entp (http://entp.com) which merges in many pull requests,
+fixes some tests and works on ruby 1.8.7 and ruby 1.9.2 (at least). This library seems
+otherwise abandoned by its authors.
+
+==Features
+* Easy to use API for verifying OpenID identites - OpenID::Consumer
+* Support for serving OpenID identites - OpenID::Server
+* Does not depend on underlying web framework
+* Supports multiple storage mechanisms (Filesystem, ActiveRecord, Memory)
+* Example code to help you get started, including:
+  * Ruby on Rails based consumer and server
+  * OpenIDLoginGenerator for quickly getting creating a rails app that uses
+    OpenID for authentication
+  * ActiveRecordOpenIDStore plugin
+* Comprehensive test suite
+* Supports both OpenID 1 and OpenID 2 transparently
+
+==Installing
+Before running the examples or writing your own code you'll need to install
+the library.  See the INSTALL file or use rubygems:
+
+  gem install ruby-openid
+  
+Check the installation:
+  
+  $ irb
+  irb> require 'rubygems'
+  irb> require_gem 'ruby-openid'
+  => true
+
+The library is known to work with Ruby 1.8.4 on Unix, Max OSX and
+Win32.  Examples have been tested with Rails 1.1 and 1.2, and 2.0.
+
+==Getting Started
+The best way to start is to look at the rails_openid example.
+You can run it with:
+ cd examples/rails_openid
+ script/server
+
+If you are writing an OpenID Relying Party, a good place to start is:
+examples/rails_openid/app/controllers/consumer_controller.rb
+
+And if you are writing an OpenID provider:
+examples/rails_openid/app/controllers/server_controller.rb
+
+The library code is quite well documented, so don't be squeamish, and
+look at the library itself if there's anything you don't understand in
+the examples.
+
+==Homepage
+http://github.com/openid/ruby-openid
+
+See also:
+http://openid.net/
+
+==Community
+Discussion regarding the Ruby OpenID library and other JanRain OpenID
+libraries takes place on the the OpenID mailing list on
+openid.net.
+
+http://openid.net/developers/dev-mailing-lists/
+
+Please join this list to discuss, ask implementation questions, report
+bugs, etc.  Also check out the openid channel on the freenode IRC
+network.
+
+If you have a bugfix or feature you'd like to contribute, don't
+hesitate to send it to us.  For more detailed information on how to
+contribute, see
+
+  http://openidenabled.com/contribute/
+
+==Author
+Copyright 2006-2008, JanRain, Inc.
+
+Contact openid@janrain.com or visit the OpenID channel on pibb.com:
+
+http://pibb.com/go/openid
+
+==License
+Apache Software License.  For more information see the LICENSE file.

data/UPGRADE

@@ -0,0 +1,127 @@
+= Upgrading from the OpenID 1.x series library
+
+== Consumer Upgrade
+
+The flow is largely the same, however there are a number of significant 
+changes.  The consumer example is helpful to look at:
+examples/rails_openid/app/controllers/consumer_controller.rb
+
+
+=== Stores
+
+You will need to require the file for the store that you are using.
+For the filesystem store, this is 'openid/stores/filesystem'
+They are also now in modules.  The filesystem store is 
+  OpenID::Store::Filesystem
+The format has changed, and you should remove your old store directory.
+
+The ActiveRecord store ( examples/active_record_openid_store ) still needs
+to be put in a plugin directory for your rails app.  There's a migration
+that needs to be run; examine the README in that directory.
+
+Also, note that the stores now can be garbage collected with the method
+  store.cleanup
+
+
+=== Starting the OpenID transaction
+
+The OpenIDRequest object no longer has status codes.  Instead,
+consumer.begin raises an OpenID::OpenIDError if there is a problem
+initiating the transaction, so you'll want something along the lines of:
+
+  begin
+    openid_request = consumer.begin(params[:openid_identifier])
+  rescue OpenID::OpenIDError => e
+    # display error e
+    return
+  end
+  #success case
+
+Data regarding the OpenID server once lived in
+  openid_request.service
+
+The corresponding object in the 2.0 lib can be retrieved with
+  openid_request.endpoint
+
+Getting the unverified identifier: Where you once had
+  openid_request.identity_url
+you will now want
+  openid_request.endpoint.claimed_id
+which might be different from what you get at the end of the transaction,
+since it is now possible for users to enter their server's url directly.
+
+Arguments on the return_to URL are now verified, so if you want to add
+additional arguments to the return_to url, use
+  openid_request.return_to_args['param'] = value
+
+Generating the redirect is the same as before, but add any extensions
+first.
+
+If you need to set up an SSL certificate authority list for the fetcher,
+use the 'ca_file' attr_accessor on the OpenID::StandardFetcher.  This has
+changed from 'ca_path' in the 1.x.x series library.  That is, set
+OpenID.fetcher.ca_file = '/path/to/ca.list'
+before calling consumer.begin.
+
+=== Requesting Simple Registration Data
+
+You'll need to require the code for the extension
+  require 'openid/extensions/sreg'
+
+The new code for adding an SReg request now looks like:
+
+  sreg_request = OpenID::SReg::Request.new
+  sreg_request.request_fields(['email', 'dob'], true) # required
+  sreg_request.request_fields(['nickname', 'fullname'], false) # optional
+  sreg_request.policy_url = policy_url
+  openid_request.add_extension(sreg_request)
+
+The code for adding other extensions is similar.  Code for the Attribute
+Exchange (AX) and Provider Authentication Policy Extension (PAPE) are
+included with the library, and additional extensions can be implemented
+subclassing OpenID::Extension.
+
+
+=== Completing the transaction
+
+The return_to and its arguments are verified, so you need to pass in
+the base URL and the arguments.  With Rails, the params method mashes
+together parameters from GET, POST, and the path, so you'll need to pull
+off the path "parameters" with something like
+
+  return_to = url_for(:only_path => false, 
+                      :controller => 'openid',
+                      :action => 'complete')
+  parameters = params.reject{|k,v| request.path_parameters[k] }
+  openid_response = consumer.complete(parameters, return_to)
+
+The response still uses the status codes, but they are now namespaced
+slightly differently, for example OpenID::Consumer::SUCCESS
+
+In the case of failure, the error message is now found in
+  openid_response.message
+
+The identifier to display to the user can be found in
+  openid_response.endpoint.display_identifier
+
+The Simple Registration response can be read from the OpenID response
+with
+  sreg_response = OpenID::SReg::Response.from_success_response(openid_response)
+  nickname = sreg_response['nickname']
+  # etc.
+
+
+== Server Upgrade
+
+The server code is mostly the same as before, with the exception of
+extensions.  Also, you must pass in the endpoint URL to the server 
+constructor:
+  @server = OpenID::Server.new(store, server_url)
+
+I recommend looking at 
+examples/rails_openid/app/controllers/server_controller.rb
+for an example of the new way of doing extensions.
+
+--
+Dag Arneson, JanRain Inc.
+Please direct questions to openid@janrain.com

data/admin/runtests.rb

@@ -0,0 +1,45 @@
+#!/usr/bin/ruby
+
+require "logger"
+require "stringio"
+require "pathname"
+
+require 'test/unit/collector/dir'
+require 'test/unit/ui/console/testrunner'
+
+begin
+  require 'rubygems'
+  require 'memcache'
+rescue LoadError
+else
+  if ENV['TESTING_MEMCACHE']
+    TESTING_MEMCACHE = MemCache.new(ENV['TESTING_MEMCACHE'])
+  end
+end
+
+def main
+  old_verbose = $VERBOSE
+  $VERBOSE = true
+
+  tests_dir = Pathname.new(__FILE__).dirname.dirname.join('test')
+
+  # Collect tests from everything named test_*.rb.
+  c = Test::Unit::Collector::Dir.new
+
+  if c.respond_to?(:base=)
+    # In order to supress warnings from ruby 1.8.6 about accessing
+    # undefined member
+    c.base = tests_dir
+    suite = c.collect
+  else
+    # Because base is not defined in ruby < 1.8.6
+    suite = c.collect(tests_dir)
+  end
+
+  result = Test::Unit::UI::Console::TestRunner.run(suite)
+  result.passed?
+ensure
+  $VERBOSE = old_verbose
+end
+
+exit(main)

data/examples/README

@@ -0,0 +1,32 @@
+This directory contains several examples that demonstrate use of the
+OpenID library.  Make sure you have properly installed the library
+before running the examples.  These examples are a great place to
+start in integrating OpenID into your application.
+
+==Rails example
+
+The rails_openid contains a fully functional OpenID server and relying
+party, and acts as a starting point for implementing your own
+production rails server.  You'll need the latest version of Ruby on
+Rails installed, and then:
+
+ cd rails_openid
+ ./script/server
+
+Open a web browser to http://localhost:3000/ and follow the instructions.
+
+The relevant code to work from when writing your Rails OpenID Relying
+Party is: 
+  rails_openid/app/controllers/consumer_controller.rb
+If you are working on an OpenID provider, check out
+  rails_openid/app/controllers/server_controller.rb
+
+Since the library and examples are Apache-licensed, don't be shy about 
+copy-and-paste.
+
+==Rails ActiveRecord OpenIDStore plugin
+
+For various reasons you may want or need to deploy your ruby openid
+consumer/server using an SQL based store.  The active_record_openid_store 
+is a plugin that makes using an SQL based store simple.  Follow the
+README inside the plugin's dir for usage.

data/examples/active_record_openid_store/README

@@ -0,0 +1,58 @@
+=Active Record OpenID Store Plugin
+
+A store is required by an OpenID server and optionally by the consumer
+to store associations, nonces, and auth key information across
+requests and processes.  If rails is distributed across several
+machines, they must must all have access to the same OpenID store
+data, so the FilesystemStore won't do.
+
+This directory contains a plugin for connecting your
+OpenID enabled rails app to an ActiveRecord based OpenID store.
+
+==Install
+
+1) Copy this directory and all it's contents into your
+RAILS_ROOT/vendor/plugins directory.  You structure should look like
+this:
+
+  RAILS_ROOT/vendor/plugins/active_record_openid_store/
+
+2) Copy the migration, XXX_add_open_id_store_to_db.rb to your
+   RAILS_ROOT/db/migrate directory.  Rename the XXX portion of the
+   file to next sequential migration number.
+
+3) Run the migration:
+
+  rake migrate
+
+4) Change your app to use the ActiveRecordOpenIDStore:
+
+  store = ActiveRecordOpenIDStore.new
+  consumer = OpenID::Consumer.new(session, store)
+
+5) That's it! All your OpenID state will now be stored in the database.
+
+==Upgrade
+
+If you are upgrading from the 1.x ActiveRecord store, replace your old
+RAILS_ROOT/vendor/plugins/active_record_openid_store/ directory with
+the new one and run the migration XXX_upgrade_open_id_store.rb.
+
+==What about garbage collection? 
+
+You may garbage collect unused nonces and expired associations using
+the gc instance method of ActiveRecordOpenIDStore.  Hook it up to a
+task in your app's Rakefile like so:
+
+  desc 'GC OpenID store'
+  task :gc_openid_store => :environment do
+    ActiveRecordOpenIDStore.new.cleanup
+  end
+
+Run it by typing:
+
+  rake gc_openid_store
+
+
+==Questions?
+Contact Dag Arneson: dag at janrain dot com

data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb

@@ -0,0 +1,24 @@
+# Use this migration to create the tables for the ActiveRecord store
+class AddOpenIdStoreToDb < ActiveRecord::Migration
+  def self.up
+    create_table "open_id_associations", :force => true do |t|
+      t.column "server_url", :binary, :null => false
+      t.column "handle", :string, :null => false
+      t.column "secret", :binary, :null => false
+      t.column "issued", :integer, :null => false
+      t.column "lifetime", :integer, :null => false
+      t.column "assoc_type", :string, :null => false
+    end
+
+    create_table "open_id_nonces", :force => true do |t|
+      t.column :server_url, :string, :null => false
+      t.column :timestamp, :integer, :null => false
+      t.column :salt, :string, :null => false
+    end
+  end
+
+  def self.down
+    drop_table "open_id_associations"
+    drop_table "open_id_nonces"
+  end
+end

data/examples/active_record_openid_store/XXX_upgrade_open_id_store.rb

@@ -0,0 +1,26 @@
+# Use this migration to upgrade the old 1.1 ActiveRecord store schema
+# to the new 2.0 schema.
+class UpgradeOpenIdStore < ActiveRecord::Migration
+  def self.up
+    drop_table "open_id_settings"
+    drop_table "open_id_nonces"
+    create_table "open_id_nonces", :force => true do |t|
+      t.column :server_url, :string, :null => false
+      t.column :timestamp, :integer, :null => false
+      t.column :salt, :string, :null => false
+    end
+  end
+
+  def self.down
+    drop_table "open_id_nonces"
+    create_table "open_id_nonces", :force => true do |t|
+      t.column "nonce", :string
+      t.column "created", :integer
+    end
+
+    create_table "open_id_settings", :force => true do |t|
+      t.column "setting", :string
+      t.column "value", :binary
+    end
+  end
+end

data/examples/active_record_openid_store/init.rb

@@ -0,0 +1,8 @@
+# might using the ruby-openid gem
+begin
+  require 'rubygems'
+rescue LoadError
+  nil
+end
+require 'openid'
+require 'openid_ar_store'

data/examples/active_record_openid_store/lib/association.rb

@@ -0,0 +1,10 @@
+require 'openid/association'
+require 'time'
+
+class Association < ActiveRecord::Base
+  set_table_name 'open_id_associations'
+  def from_record
+    OpenID::Association.new(handle, secret, Time.at(issued), lifetime, assoc_type)
+  end
+end
+

data/examples/active_record_openid_store/lib/nonce.rb

@@ -0,0 +1,3 @@
+class Nonce < ActiveRecord::Base
+  set_table_name 'open_id_nonces'
+end

data/examples/active_record_openid_store/lib/open_id_setting.rb

@@ -0,0 +1,4 @@
+class OpenIdSetting < ActiveRecord::Base
+  
+  validates_uniqueness_of :setting
+end

data/examples/active_record_openid_store/lib/openid_ar_store.rb

@@ -0,0 +1,57 @@
+require 'association'
+require 'nonce'
+require 'openid/store/interface'
+
+# not in OpenID module to avoid namespace conflict
+class ActiveRecordStore < OpenID::Store::Interface
+  def store_association(server_url, assoc)
+    remove_association(server_url, assoc.handle)    
+    Association.create!(:server_url => server_url,
+                       :handle     => assoc.handle,
+                       :secret     => assoc.secret,
+                       :issued     => assoc.issued.to_i,
+                       :lifetime   => assoc.lifetime,
+                       :assoc_type => assoc.assoc_type)
+  end
+
+  def get_association(server_url, handle=nil)
+    assocs = if handle.blank?
+        Association.find_all_by_server_url(server_url)
+      else
+        Association.find_all_by_server_url_and_handle(server_url, handle)
+      end
+
+    assocs.reverse.each do |assoc|
+      a = assoc.from_record    
+      if a.expires_in == 0
+        assoc.destroy
+      else
+        return a
+      end
+    end if assocs.any?
+    
+    return nil
+  end
+  
+  def remove_association(server_url, handle)
+    Association.delete_all(['server_url = ? AND handle = ?', server_url, handle]) > 0
+  end
+  
+  def use_nonce(server_url, timestamp, salt)
+    return false if Nonce.find_by_server_url_and_timestamp_and_salt(server_url, timestamp, salt)
+    return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
+    Nonce.create!(:server_url => server_url, :timestamp => timestamp, :salt => salt)
+    return true
+  end
+  
+  def cleanup_nonces
+    now = Time.now.to_i
+    Nonce.delete_all(["timestamp > ? OR timestamp < ?", now + OpenID::Nonce.skew, now - OpenID::Nonce.skew])
+  end
+
+  def cleanup_associations
+    now = Time.now.to_i
+    Association.delete_all(['issued + lifetime > ?',now])
+  end
+
+end