lsdr-authlogic-connect 0.0.3.9

data/lib/authlogic_connect/openid.rb

@@ -0,0 +1,11 @@
+module AuthlogicConnect::Openid
+end
+
+require File.dirname(__FILE__) + "/openid/state"
+require File.dirname(__FILE__) + "/openid/variables"
+require File.dirname(__FILE__) + "/openid/process"
+require File.dirname(__FILE__) + "/openid/user"
+require File.dirname(__FILE__) + "/openid/session"
+
+ActiveRecord::Base.send(:include, AuthlogicConnect::Openid::User)
+Authlogic::Session::Base.send(:include, AuthlogicConnect::Openid::Session)

data/lib/authlogic_connect/openid/process.rb

@@ -0,0 +1,30 @@
+module AuthlogicConnect::Openid::Process
+
+  include AuthlogicConnect::Openid::Variables
+  
+  # want to do this after the final save
+  def cleanup_openid_session
+    [:auth_attributes, :authentication_type, :auth_callback_method].each {|key| auth_session.delete(key)}
+    auth_session.each_key do |key|
+      auth_session.delete(key) if key.to_s =~ /^OpenID/
+    end
+  end
+  
+  def validate_by_openid
+    errors.add(:tokens, "had the following error: #{@openid_error}") if @openid_error
+  end
+  
+  def save_openid_session
+    # Tell our rack callback filter what method the current request is using
+    auth_session[:auth_callback_method]   = auth_controller.request.method
+    auth_session[:auth_attributes]        = attributes_to_save
+    auth_session[:authentication_type]    = auth_params[:authentication_type]
+    auth_session[:auth_method]            = "openid"
+  end
+  
+  def restore_attributes
+    # Restore any attributes which were saved before redirecting to the auth server
+    self.attributes = auth_session[:auth_attributes]
+  end
+  
+end

data/lib/authlogic_connect/openid/session.rb

@@ -0,0 +1,78 @@
+module AuthlogicConnect::Openid
+  # This module is responsible for adding all of the OpenID goodness to the Authlogic::Session::Base class.
+  module Session
+    # Add a simple openid_identifier attribute and some validations for the field.
+    def self.included(klass)
+      klass.class_eval do
+        include InstanceMethods
+      end
+    end
+    
+    module InstanceMethods
+      include AuthlogicConnect::Openid::Process
+      
+      def self.included(klass)
+        klass.class_eval do
+          validate :validate_openid_error
+          validate :validate_by_openid, :if => :authenticating_with_openid?
+        end
+      end
+      
+      # Hooks into credentials so that you can pass an :openid_identifier key.
+      def credentials=(value)
+        super
+        values = value.is_a?(Array) ? value : [value]
+        hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
+        self.openid_identifier = hash[:openid_identifier] if !hash.nil? && hash.key?(:openid_identifier)
+      end
+      
+      # Cleaers out the block if we are authenticating with OpenID, so that we can redirect without a DoubleRender
+      # error.
+      def save_with_openid(&block)
+        block = nil if Token.find_by_key(openid_identifier.normalize_identifier)
+        return block.nil?
+      end
+      
+      private
+        def authenticating_with_openid?
+          attempted_record.nil? && errors.empty? && (!openid_identifier.blank? || (controller.params[:open_id_complete] && controller.params[:for_session]))
+        end
+        
+        def auto_register?
+          false
+        end
+        
+        def validate_by_openid
+          self.remember_me = auth_params[:remember_me] == "true" if auth_params.key?(:remember_me)
+          token = Token.find_by_key(openid_identifier.normalize_identifier, :include => [:user])
+          self.attempted_record = token.user if token
+          if !attempted_record
+            if auto_register?
+              self.attempted_record = klass.new :openid_identifier => openid_identifier
+              attempted_record.save do |result|
+                if result
+                  true
+                else
+                  false
+                end
+              end
+            else
+              errors.add(:openid_identifier, "did not match any users in our database, have you set up your account to use OpenID?")
+            end
+            return
+          end
+          controller.send(:authenticate_with_open_id, openid_identifier, :return_to => controller.url_for(:for_session => "1", :remember_me => remember_me?)) do |result, openid_identifier|
+            if result.unsuccessful?
+              errors.add_to_base(result.message)
+              return
+            end
+            
+          end
+        end
+        
+        def validate_openid_error
+          errors.add(:openid_identifier, @openid_error) if @openid_error
+        end
+    end
+  end
+end

data/lib/authlogic_connect/openid/state.rb

@@ -0,0 +1,47 @@
+# all these methods must return true or false
+module AuthlogicConnect::Openid::State
+    # 1. to call
+    def openid_request?
+      !openid_identifier.blank?
+    end
+    
+    def openid_identifier?
+      openid_request?
+    end
+    
+    def openid_provider?
+      
+    end
+    
+    # 2. from call
+    # better check needed
+    def openid_response?
+      !auth_session[:auth_attributes].nil? && auth_session[:auth_method] == "openid"
+    end
+    alias_method :openid_complete?, :openid_response?
+    
+    # 3. either to or from call
+    # this should include more!
+    # we know we are using open id if:
+    #   the params passed in have "openid_identifier"
+    def using_openid?
+      openid_request? || openid_response?
+    end
+    
+    def authenticating_with_openid?
+      session_class.activated? && using_openid?
+    end
+    
+    def allow_openid_redirect?
+      authenticating_with_openid?
+    end
+    
+    def redirecting_to_openid_server?
+      allow_openid_redirect? && !authenticate_with_openid
+    end
+    
+    def validate_password_with_openid?
+      !using_openid? && require_password?
+    end
+    
+end

data/lib/authlogic_connect/openid/tokens/my_openid_token.rb

@@ -0,0 +1,3 @@
+class MyOpenidToken < OpenidToken
+  
+end

data/lib/authlogic_connect/openid/tokens/openid_token.rb

@@ -0,0 +1,9 @@
+class OpenidToken < Token
+  
+  before_save :format_identifier
+  
+  def format_identifier
+    self.key = self.key.to_s.normalize_identifier unless self.key.blank?
+  end
+  
+end

data/lib/authlogic_connect/openid/user.rb

@@ -0,0 +1,62 @@
+module AuthlogicConnect::Openid
+  module User
+    def self.included(base)
+      base.class_eval do
+        add_acts_as_authentic_module(AuthlogicConnect::Openid::Process, :prepend)
+        add_acts_as_authentic_module(InstanceMethods, :append)
+      end
+    end
+    
+    module InstanceMethods
+      
+      def self.included(base)        
+        base.class_eval do
+          validate :validate_by_openid, :if => :authenticating_with_openid?
+          
+          validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_openid?)
+          validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_openid?)
+          validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_openid?)
+          validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_openid?)
+          validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_openid?)
+        end
+      end
+      
+      def authenticate_with_openid
+        @openid_error = nil
+        if !openid_response?
+          save_openid_session
+        else
+          restore_attributes
+        end
+        options = {}
+        options[:return_to] = auth_callback_url(:for_model => "1", :action => "create")
+        auth_controller.send(:authenticate_with_open_id, openid_identifier, options) do |result, openid_identifier|
+          create_openid_token(result, openid_identifier)
+          return true
+        end
+        return false
+      end
+      
+      def create_openid_token(result, openid_identifier)
+        if result.unsuccessful?
+          @openid_error = result.message
+        elsif Token.find_by_key(openid_identifier.normalize_identifier)
+        else
+          token = OpenidToken.new(:key => openid_identifier)
+          self.tokens << token
+          self.active_token = token
+        end
+      end
+      
+      def attributes_to_save
+        attr_list = [:id, :password, crypted_password_field, password_salt_field, :persistence_token, :perishable_token, :single_access_token, :login_count, 
+          :failed_login_count, :last_request_at, :current_login_at, :last_login_at, :current_login_ip, :last_login_ip, :created_at,
+          :updated_at, :lock_version]
+        attrs_to_save = attributes.clone.delete_if do |k, v|
+          attr_list.include?(k.to_sym)
+        end
+        attrs_to_save.merge!(:password => password, :password_confirmation => password_confirmation)
+      end
+    end
+  end
+end

data/lib/authlogic_connect/openid/variables.rb

@@ -0,0 +1,19 @@
+module AuthlogicConnect::Openid::Variables
+  include AuthlogicConnect::Openid::State
+  
+  # openid_provider = "blogger", "myopenid", etc.
+  # openid_identifier = "viatropos.myopenid.com", etc.
+  # openid_key = "viatropos"
+#  def openid_attributes
+#    [:openid_provider, :openid_identifier, :openid_key]
+#  end
+  
+  def openid_identifier
+    auth_params[:openid_identifier]
+  end
+  
+  def openid_provider
+    from_session_or_params(:openid_provider)
+  end
+  
+end

data/lib/authlogic_connect/token.rb

@@ -0,0 +1,53 @@
+class Token < ActiveRecord::Base
+  belongs_to :user
+  
+  def client
+    self.class.client
+  end
+  
+  def consumer
+    self.class.consumer
+  end
+  
+  def service_name
+    self.class.service_name
+  end
+  
+  def settings
+    self.class.settings
+  end
+  
+  def get(path)
+    
+  end
+  
+  class << self
+    def service_name
+      @service_name ||= self.to_s.underscore.scan(/^(.*?)(_token)?$/)[0][0].to_sym
+    end
+    
+    def client
+      raise "implement client in subclass"
+    end
+    
+    def consumer
+      raise "implement consumer in subclass"
+    end
+    
+    def settings(site, hash = {})
+      @settings = hash.merge(:site => site)
+    end
+    
+    def config
+      @settings ||= {}
+      @settings.dup
+    end
+    
+    protected
+    
+    def credentials
+      @credentials ||= AuthlogicConnect.credentials(service_name)
+    end
+  end
+  
+end

data/lib/open_id_authentication.rb

@@ -0,0 +1,128 @@
+# copied from open_id_authentication plugin on github
+require 'uri'
+require 'openid'
+require 'rack/openid'
+
+module OpenIdAuthentication
+  def self.new(app)
+    store = OpenIdAuthentication.store
+    if store.nil?
+      Rails.logger.warn "OpenIdAuthentication.store is nil. Using in-memory store."
+    end
+
+    ::Rack::OpenID.new(app, OpenIdAuthentication.store)
+  end
+
+  def self.store
+    @@store
+  end
+
+  def self.store=(*store_option)
+    store, *parameters = *([ store_option ].flatten)
+
+    @@store = case store
+    when :memory
+      require 'openid/store/memory'
+      OpenID::Store::Memory.new
+    when :file
+      require 'openid/store/filesystem'
+      OpenID::Store::Filesystem.new(Rails.root.join('tmp/openids'))
+    when :memcache
+      require 'memcache'
+      require 'openid/store/memcache'
+      OpenID::Store::Memcache.new(MemCache.new(parameters))
+    else
+      store
+    end
+  end
+
+  self.store = nil
+
+  class Result
+    ERROR_MESSAGES = {
+      :missing      => "Sorry, the OpenID server couldn't be found",
+      :invalid      => "Sorry, but this does not appear to be a valid OpenID",
+      :canceled     => "OpenID verification was canceled",
+      :failed       => "OpenID verification failed",
+      :setup_needed => "OpenID verification needs setup"
+    }
+
+    def self.[](code)
+      new(code)
+    end
+
+    def initialize(code)
+      @code = code
+    end
+
+    def status
+      @code
+    end
+
+    ERROR_MESSAGES.keys.each { |state| define_method("#{state}?") { @code == state } }
+
+    def successful?
+      @code == :successful
+    end
+
+    def unsuccessful?
+      ERROR_MESSAGES.keys.include?(@code)
+    end
+
+    def message
+      ERROR_MESSAGES[@code]
+    end
+  end
+
+  protected
+    # The parameter name of "openid_identifier" is used rather than
+    # the Rails convention "open_id_identifier" because that's what
+    # the specification dictates in order to get browser auto-complete
+    # working across sites
+    def using_open_id?(identifier = nil) #:doc:
+      identifier ||= open_id_identifier
+      !identifier.blank? || request.env[Rack::OpenID::RESPONSE]
+    end
+
+    def authenticate_with_open_id(identifier = nil, options = {}, &block) #:doc:
+      identifier ||= open_id_identifier
+      if request.env[Rack::OpenID::RESPONSE]
+        complete_open_id_authentication(&block)
+      else
+        begin_open_id_authentication(identifier, options, &block)
+      end
+    end
+
+  private
+    def open_id_identifier
+      params[:openid_identifier] || params[:openid_url]
+    end
+
+    def begin_open_id_authentication(identifier, options = {})
+      options[:identifier] = identifier
+      value = Rack::OpenID.build_header(options)
+      response.headers[Rack::OpenID::AUTHENTICATE_HEADER] = value
+      head :unauthorized
+    end
+
+    def complete_open_id_authentication
+      response   = request.env[Rack::OpenID::RESPONSE]
+      identifier = response.display_identifier
+
+      case response.status
+      when OpenID::Consumer::SUCCESS
+        yield Result[:successful], identifier,
+          OpenID::SReg::Response.from_success_response(response)
+      when :missing
+        yield Result[:missing], identifier, nil
+      when :invalid
+        yield Result[:invalid], identifier, nil
+      when OpenID::Consumer::CANCEL
+        yield Result[:canceled], identifier, nil
+      when OpenID::Consumer::FAILURE
+        yield Result[:failed], identifier, nil
+      when OpenID::Consumer::SETUP_NEEDED
+        yield Result[:setup_needed], response.setup_url, nil
+      end
+    end
+end