RubyGems - nov-ruby-openid - Versions diffs - 2.1.9 - Mend

nov-ruby-openid 2.1.9

Files changed (203) hide show

data/CHANGELOG +215 -0
data/CHANGES-2.1.0 +36 -0
data/INSTALL +47 -0
data/LICENSE +210 -0
data/NOTICE +2 -0
data/README +81 -0
data/Rakefile +98 -0
data/UPGRADE +127 -0
data/VERSION +1 -0
data/contrib/google/ruby-openid-apps-discovery-1.0.gem +0 -0
data/contrib/google/ruby-openid-apps-discovery-1.01.gem +0 -0
data/examples/README +32 -0
data/examples/active_record_openid_store/README +58 -0
data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb +24 -0
data/examples/active_record_openid_store/XXX_upgrade_open_id_store.rb +26 -0
data/examples/active_record_openid_store/init.rb +8 -0
data/examples/active_record_openid_store/lib/association.rb +10 -0
data/examples/active_record_openid_store/lib/nonce.rb +3 -0
data/examples/active_record_openid_store/lib/open_id_setting.rb +4 -0
data/examples/active_record_openid_store/lib/openid_ar_store.rb +57 -0
data/examples/active_record_openid_store/test/store_test.rb +212 -0
data/examples/discover +49 -0
data/examples/rails_openid/README +153 -0
data/examples/rails_openid/Rakefile +10 -0
data/examples/rails_openid/app/controllers/application.rb +4 -0
data/examples/rails_openid/app/controllers/consumer_controller.rb +122 -0
data/examples/rails_openid/app/controllers/login_controller.rb +45 -0
data/examples/rails_openid/app/controllers/server_controller.rb +265 -0
data/examples/rails_openid/app/helpers/application_helper.rb +3 -0
data/examples/rails_openid/app/helpers/login_helper.rb +2 -0
data/examples/rails_openid/app/helpers/server_helper.rb +9 -0
data/examples/rails_openid/app/views/consumer/index.rhtml +81 -0
data/examples/rails_openid/app/views/layouts/server.rhtml +68 -0
data/examples/rails_openid/app/views/login/index.rhtml +56 -0
data/examples/rails_openid/app/views/server/decide.rhtml +26 -0
data/examples/rails_openid/config/boot.rb +19 -0
data/examples/rails_openid/config/database.yml +74 -0
data/examples/rails_openid/config/environment.rb +54 -0
data/examples/rails_openid/config/environments/development.rb +19 -0
data/examples/rails_openid/config/environments/production.rb +19 -0
data/examples/rails_openid/config/environments/test.rb +19 -0
data/examples/rails_openid/config/routes.rb +24 -0
data/examples/rails_openid/doc/README_FOR_APP +2 -0
data/examples/rails_openid/public/.htaccess +40 -0
data/examples/rails_openid/public/404.html +8 -0
data/examples/rails_openid/public/500.html +8 -0
data/examples/rails_openid/public/dispatch.cgi +12 -0
data/examples/rails_openid/public/dispatch.fcgi +26 -0
data/examples/rails_openid/public/dispatch.rb +12 -0
data/examples/rails_openid/public/favicon.ico +0 -0
data/examples/rails_openid/public/images/openid_login_bg.gif +0 -0
data/examples/rails_openid/public/javascripts/controls.js +750 -0
data/examples/rails_openid/public/javascripts/dragdrop.js +584 -0
data/examples/rails_openid/public/javascripts/effects.js +854 -0
data/examples/rails_openid/public/javascripts/prototype.js +1785 -0
data/examples/rails_openid/public/robots.txt +1 -0
data/examples/rails_openid/script/about +3 -0
data/examples/rails_openid/script/breakpointer +3 -0
data/examples/rails_openid/script/console +3 -0
data/examples/rails_openid/script/destroy +3 -0
data/examples/rails_openid/script/generate +3 -0
data/examples/rails_openid/script/performance/benchmarker +3 -0
data/examples/rails_openid/script/performance/profiler +3 -0
data/examples/rails_openid/script/plugin +3 -0
data/examples/rails_openid/script/process/reaper +3 -0
data/examples/rails_openid/script/process/spawner +3 -0
data/examples/rails_openid/script/process/spinner +3 -0
data/examples/rails_openid/script/runner +3 -0
data/examples/rails_openid/script/server +3 -0
data/examples/rails_openid/test/functional/login_controller_test.rb +18 -0
data/examples/rails_openid/test/functional/server_controller_test.rb +18 -0
data/examples/rails_openid/test/test_helper.rb +28 -0
data/lib/hmac/hmac.rb +112 -0
data/lib/hmac/sha1.rb +11 -0
data/lib/hmac/sha2.rb +25 -0
data/lib/openid.rb +20 -0
data/lib/openid/association.rb +249 -0
data/lib/openid/consumer.rb +395 -0
data/lib/openid/consumer/associationmanager.rb +344 -0
data/lib/openid/consumer/checkid_request.rb +186 -0
data/lib/openid/consumer/discovery.rb +497 -0
data/lib/openid/consumer/discovery_manager.rb +123 -0
data/lib/openid/consumer/html_parse.rb +134 -0
data/lib/openid/consumer/idres.rb +523 -0
data/lib/openid/consumer/responses.rb +148 -0
data/lib/openid/cryptutil.rb +115 -0
data/lib/openid/dh.rb +89 -0
data/lib/openid/extension.rb +39 -0
data/lib/openid/extensions/ax.rb +539 -0
data/lib/openid/extensions/oauth.rb +91 -0
data/lib/openid/extensions/pape.rb +179 -0
data/lib/openid/extensions/sreg.rb +277 -0
data/lib/openid/extensions/ui.rb +53 -0
data/lib/openid/extras.rb +11 -0
data/lib/openid/fetchers.rb +258 -0
data/lib/openid/kvform.rb +136 -0
data/lib/openid/kvpost.rb +58 -0
data/lib/openid/message.rb +553 -0
data/lib/openid/protocolerror.rb +8 -0
data/lib/openid/server.rb +1544 -0
data/lib/openid/store/filesystem.rb +271 -0
data/lib/openid/store/interface.rb +75 -0
data/lib/openid/store/memcache.rb +107 -0
data/lib/openid/store/memory.rb +84 -0
data/lib/openid/store/nonce.rb +68 -0
data/lib/openid/trustroot.rb +349 -0
data/lib/openid/urinorm.rb +75 -0
data/lib/openid/util.rb +110 -0
data/lib/openid/yadis/accept.rb +148 -0
data/lib/openid/yadis/constants.rb +21 -0
data/lib/openid/yadis/discovery.rb +153 -0
data/lib/openid/yadis/filters.rb +205 -0
data/lib/openid/yadis/htmltokenizer.rb +305 -0
data/lib/openid/yadis/parsehtml.rb +45 -0
data/lib/openid/yadis/services.rb +42 -0
data/lib/openid/yadis/xrds.rb +155 -0
data/lib/openid/yadis/xri.rb +90 -0
data/lib/openid/yadis/xrires.rb +99 -0
data/setup.rb +1551 -0
data/test/data/accept.txt +124 -0
data/test/data/dh.txt +29 -0
data/test/data/example-xrds.xml +14 -0
data/test/data/linkparse.txt +587 -0
data/test/data/n2b64 +650 -0
data/test/data/test1-discover.txt +137 -0
data/test/data/test1-parsehtml.txt +152 -0
data/test/data/test_discover/malformed_meta_tag.html +19 -0
data/test/data/test_discover/openid.html +11 -0
data/test/data/test_discover/openid2.html +11 -0
data/test/data/test_discover/openid2_xrds.xml +12 -0
data/test/data/test_discover/openid2_xrds_no_local_id.xml +11 -0
data/test/data/test_discover/openid_1_and_2.html +11 -0
data/test/data/test_discover/openid_1_and_2_xrds.xml +16 -0
data/test/data/test_discover/openid_1_and_2_xrds_bad_delegate.xml +17 -0
data/test/data/test_discover/openid_and_yadis.html +12 -0
data/test/data/test_discover/openid_no_delegate.html +10 -0
data/test/data/test_discover/openid_utf8.html +11 -0
data/test/data/test_discover/yadis_0entries.xml +12 -0
data/test/data/test_discover/yadis_2_bad_local_id.xml +15 -0
data/test/data/test_discover/yadis_2entries_delegate.xml +22 -0
data/test/data/test_discover/yadis_2entries_idp.xml +21 -0
data/test/data/test_discover/yadis_another_delegate.xml +14 -0
data/test/data/test_discover/yadis_idp.xml +12 -0
data/test/data/test_discover/yadis_idp_delegate.xml +13 -0
data/test/data/test_discover/yadis_no_delegate.xml +11 -0
data/test/data/test_xrds/=j3h.2007.11.14.xrds +25 -0
data/test/data/test_xrds/README +12 -0
data/test/data/test_xrds/delegated-20060809-r1.xrds +34 -0
data/test/data/test_xrds/delegated-20060809-r2.xrds +34 -0
data/test/data/test_xrds/delegated-20060809.xrds +34 -0
data/test/data/test_xrds/no-xrd.xml +7 -0
data/test/data/test_xrds/not-xrds.xml +2 -0
data/test/data/test_xrds/prefixsometimes.xrds +34 -0
data/test/data/test_xrds/ref.xrds +109 -0
data/test/data/test_xrds/sometimesprefix.xrds +34 -0
data/test/data/test_xrds/spoof1.xrds +25 -0
data/test/data/test_xrds/spoof2.xrds +25 -0
data/test/data/test_xrds/spoof3.xrds +37 -0
data/test/data/test_xrds/status222.xrds +9 -0
data/test/data/test_xrds/subsegments.xrds +58 -0
data/test/data/test_xrds/valid-populated-xrds.xml +39 -0
data/test/data/trustroot.txt +153 -0
data/test/data/urinorm.txt +79 -0
data/test/discoverdata.rb +131 -0
data/test/test_accept.rb +170 -0
data/test/test_association.rb +266 -0
data/test/test_associationmanager.rb +917 -0
data/test/test_ax.rb +690 -0
data/test/test_checkid_request.rb +294 -0
data/test/test_consumer.rb +257 -0
data/test/test_cryptutil.rb +119 -0
data/test/test_dh.rb +86 -0
data/test/test_discover.rb +852 -0
data/test/test_discovery_manager.rb +262 -0
data/test/test_extension.rb +46 -0
data/test/test_extras.rb +35 -0
data/test/test_fetchers.rb +565 -0
data/test/test_filters.rb +270 -0
data/test/test_idres.rb +963 -0
data/test/test_kvform.rb +165 -0
data/test/test_kvpost.rb +65 -0
data/test/test_linkparse.rb +101 -0
data/test/test_message.rb +1116 -0
data/test/test_nonce.rb +89 -0
data/test/test_oauth.rb +175 -0
data/test/test_openid_yadis.rb +178 -0
data/test/test_pape.rb +247 -0
data/test/test_parsehtml.rb +80 -0
data/test/test_responses.rb +63 -0
data/test/test_server.rb +2457 -0
data/test/test_sreg.rb +479 -0
data/test/test_stores.rb +298 -0
data/test/test_trustroot.rb +113 -0
data/test/test_ui.rb +93 -0
data/test/test_urinorm.rb +35 -0
data/test/test_util.rb +145 -0
data/test/test_xrds.rb +169 -0
data/test/test_xri.rb +48 -0
data/test/test_xrires.rb +63 -0
data/test/test_yadis_discovery.rb +220 -0
data/test/testutil.rb +127 -0
data/test/util.rb +53 -0
metadata +336 -0

data/examples/rails_openid/Rakefile ADDED

@@ -0,0 +1,10 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/switchtower.rake, and they will automatically be available to Rake.
+require(File.join(File.dirname(__FILE__), 'config', 'boot'))
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+require 'tasks/rails'

data/examples/rails_openid/app/controllers/application.rb ADDED

@@ -0,0 +1,4 @@
+# Filters added to this controller will be run for all controllers in the application.
+# Likewise, all the methods added will be available for all controllers.
+class ApplicationController < ActionController::Base
+end

data/examples/rails_openid/app/controllers/consumer_controller.rb ADDED

@@ -0,0 +1,122 @@
+require 'pathname'
+require "openid"
+require 'openid/extensions/sreg'
+require 'openid/extensions/pape'
+require 'openid/store/filesystem'
+class ConsumerController < ApplicationController
+  layout nil
+  def index
+    # render an openid form
+  end
+  def start
+    begin
+      identifier = params[:openid_identifier]
+      if identifier.nil?
+        flash[:error] = "Enter an OpenID identifier"
+        redirect_to :action => 'index'
+        return
+      end
+      oidreq = consumer.begin(identifier)
+    rescue OpenID::OpenIDError => e
+      flash[:error] = "Discovery failed for #{identifier}: #{e}"
+      redirect_to :action => 'index'
+      return
+    end
+    if params[:use_sreg]
+      sregreq = OpenID::SReg::Request.new
+      # required fields
+      sregreq.request_fields(['email','nickname'], true)
+      # optional fields
+      sregreq.request_fields(['dob', 'fullname'], false)
+      oidreq.add_extension(sregreq)
+      oidreq.return_to_args['did_sreg'] = 'y'
+    end
+    if params[:use_pape]
+      papereq = OpenID::PAPE::Request.new
+      papereq.add_policy_uri(OpenID::PAPE::AUTH_PHISHING_RESISTANT)
+      papereq.max_auth_age = 2*60*60
+      oidreq.add_extension(papereq)
+      oidreq.return_to_args['did_pape'] = 'y'
+    end
+    if params[:force_post]
+      oidreq.return_to_args['force_post']='x'*2048
+    end
+    return_to = url_for :action => 'complete', :only_path => false
+    realm = url_for :action => 'index', :id => nil, :only_path => false
+    if oidreq.send_redirect?(realm, return_to, params[:immediate])
+      redirect_to oidreq.redirect_url(realm, return_to, params[:immediate])
+    else
+      render :text => oidreq.html_markup(realm, return_to, params[:immediate], {'id' => 'openid_form'})
+    end
+  end
+  def complete
+    # FIXME - url_for some action is not necessarily the current URL.
+    current_url = url_for(:action => 'complete', :only_path => false)
+    parameters = params.reject{|k,v|request.path_parameters[k]}
+    oidresp = consumer.complete(parameters, current_url)
+    case oidresp.status
+    when OpenID::Consumer::FAILURE
+      if oidresp.display_identifier
+        flash[:error] = ("Verification of #{oidresp.display_identifier}"\
+                         " failed: #{oidresp.message}")
+      else
+        flash[:error] = "Verification failed: #{oidresp.message}"
+      end
+    when OpenID::Consumer::SUCCESS
+      flash[:success] = ("Verification of #{oidresp.display_identifier}"\
+                         " succeeded.")
+      if params[:did_sreg]
+        sreg_resp = OpenID::SReg::Response.from_success_response(oidresp)
+        sreg_message = "Simple Registration data was requested"
+        if sreg_resp.empty?
+          sreg_message << ", but none was returned."
+        else
+          sreg_message << ". The following data were sent:"
+          sreg_resp.data.each {|k,v|
+            sreg_message << "<br/><b>#{k}</b>: #{v}"
+          }
+        end
+        flash[:sreg_results] = sreg_message
+      end
+      if params[:did_pape]
+        pape_resp = OpenID::PAPE::Response.from_success_response(oidresp)
+        pape_message = "A phishing resistant authentication method was requested"
+        if pape_resp.auth_policies.member? OpenID::PAPE::AUTH_PHISHING_RESISTANT
+          pape_message << ", and the server reported one."
+        else
+          pape_message << ", but the server did not report one."
+        end
+        if pape_resp.auth_time
+          pape_message << "<br><b>Authentication time:</b> #{pape_resp.auth_time} seconds"
+        end
+        if pape_resp.nist_auth_level
+          pape_message << "<br><b>NIST Auth Level:</b> #{pape_resp.nist_auth_level}"
+        end
+        flash[:pape_results] = pape_message
+      end
+    when OpenID::Consumer::SETUP_NEEDED
+      flash[:alert] = "Immediate request failed - Setup Needed"
+    when OpenID::Consumer::CANCEL
+      flash[:alert] = "OpenID transaction cancelled."
+    else
+    end
+    redirect_to :action => 'index'
+  end
+  private
+  def consumer
+    if @consumer.nil?
+      dir = Pathname.new(RAILS_ROOT).join('db').join('cstore')
+      store = OpenID::Store::Filesystem.new(dir)
+      @consumer = OpenID::Consumer.new(session, store)
+    end
+    return @consumer
+  end
+end

data/examples/rails_openid/app/controllers/login_controller.rb ADDED

@@ -0,0 +1,45 @@
+# Controller for handling the login, logout process for "users" of our
+# little server.  Users have no password.  This is just an example.
+require 'openid'
+class LoginController < ApplicationController
+  layout 'server'
+  def base_url
+    url_for(:controller => 'login', :action => nil, :only_path => false)
+  end
+  def index
+    response.headers['X-XRDS-Location'] = url_for(:controller => "server",
+                                                  :action => "idp_xrds",
+                                                  :only_path => false)
+    @base_url = base_url
+    # just show the login page
+  end
+  def submit
+    user = params[:username]
+    # if we get a user, log them in by putting their username in
+    # the session hash.
+    unless user.nil?
+      session[:username] = user unless user.nil?
+      session[:approvals] = []
+      flash[:notice] = "Your OpenID URL is <b>#{base_url}user/#{user}</b><br/><br/>Proceed to step 2 below."
+    else
+      flash[:error] = "Sorry, couldn't log you in. Try again."
+    end
+    redirect_to :action => 'index'
+  end
+  def logout
+    # delete the username from the session hash
+    session[:username] = nil
+    session[:approvals] = nil
+    redirect_to :action => 'index'
+  end
+end

data/examples/rails_openid/app/controllers/server_controller.rb ADDED

@@ -0,0 +1,265 @@
+require 'pathname'
+# load the openid library, first trying rubygems
+#begin
+#  require "rubygems"
+#  require_gem "ruby-openid", ">= 1.0"
+#rescue LoadError
+require "openid"
+require "openid/consumer/discovery"
+require 'openid/extensions/sreg'
+require 'openid/extensions/pape'
+require 'openid/store/filesystem'
+#end
+class ServerController < ApplicationController
+  include ServerHelper
+  include OpenID::Server
+  layout nil
+  def index
+    begin
+      oidreq = server.decode_request(params)
+    rescue ProtocolError => e
+      # invalid openid request, so just display a page with an error message
+      render :text => e.to_s, :status => 500
+      return
+    end
+    # no openid.mode was given
+    unless oidreq
+      render :text => "This is an OpenID server endpoint."
+      return
+    end
+    oidresp = nil
+    if oidreq.kind_of?(CheckIDRequest)
+      identity = oidreq.identity
+      if oidreq.id_select
+        if oidreq.immediate
+          oidresp = oidreq.answer(false)
+        elsif session[:username].nil?
+          # The user hasn't logged in.
+          show_decision_page(oidreq)
+          return
+        else
+          # Else, set the identity to the one the user is using.
+          identity = url_for_user
+        end
+      end
+      if oidresp
+        nil
+      elsif self.is_authorized(identity, oidreq.trust_root)
+        oidresp = oidreq.answer(true, nil, identity)
+        # add the sreg response if requested
+        add_sreg(oidreq, oidresp)
+        # ditto pape
+        add_pape(oidreq, oidresp)
+      elsif oidreq.immediate
+        server_url = url_for :action => 'index'
+        oidresp = oidreq.answer(false, server_url)
+      else
+        show_decision_page(oidreq)
+        return
+      end
+    else
+      oidresp = server.handle_request(oidreq)
+    end
+    self.render_response(oidresp)
+  end
+  def show_decision_page(oidreq, message="Do you trust this site with your identity?")
+    session[:last_oidreq] = oidreq
+    @oidreq = oidreq
+    if message
+      flash[:notice] = message
+    end
+    render :template => 'server/decide', :layout => 'server'
+  end
+  def user_page
+    # Yadis content-negotiation: we want to return the xrds if asked for.
+    accept = request.env['HTTP_ACCEPT']
+    # This is not technically correct, and should eventually be updated
+    # to do real Accept header parsing and logic.  Though I expect it will work
+    # 99% of the time.
+    if accept and accept.include?('application/xrds+xml')
+      user_xrds
+      return
+    end
+    # content negotiation failed, so just render the user page
+    xrds_url = url_for(:controller=>'user',:action=>params[:username])+'/xrds'
+    identity_page = <<EOS
+<html><head>
+<meta http-equiv="X-XRDS-Location" content="#{xrds_url}" />
+<link rel="openid.server" href="#{url_for :action => 'index'}" />
+</head><body><p>OpenID identity page for #{params[:username]}</p>
+</body></html>
+EOS
+    # Also add the Yadis location header, so that they don't have
+    # to parse the html unless absolutely necessary.
+    response.headers['X-XRDS-Location'] = xrds_url
+    render :text => identity_page
+  end
+  def user_xrds
+    types = [
+             OpenID::OPENID_2_0_TYPE,
+             OpenID::OPENID_1_0_TYPE,
+             OpenID::SREG_URI,
+            ]
+    render_xrds(types)
+  end
+  def idp_xrds
+    types = [
+             OpenID::OPENID_IDP_2_0_TYPE,
+            ]
+    render_xrds(types)
+  end
+  def decision
+    oidreq = session[:last_oidreq]
+    session[:last_oidreq] = nil
+    if params[:yes].nil?
+      redirect_to oidreq.cancel_url
+      return
+    else
+      id_to_send = params[:id_to_send]
+      identity = oidreq.identity
+      if oidreq.id_select
+        if id_to_send and id_to_send != ""
+          session[:username] = id_to_send
+          session[:approvals] = []
+          identity = url_for_user
+        else
+          msg = "You must enter a username to in order to send " +
+            "an identifier to the Relying Party."
+          show_decision_page(oidreq, msg)
+          return
+        end
+      end
+      if session[:approvals]
+        session[:approvals] << oidreq.trust_root
+      else
+        session[:approvals] = [oidreq.trust_root]
+      end
+      oidresp = oidreq.answer(true, nil, identity)
+      add_sreg(oidreq, oidresp)
+      add_pape(oidreq, oidresp)
+      return self.render_response(oidresp)
+    end
+  end
+  protected
+  def server
+    if @server.nil?
+      server_url = url_for :action => 'index', :only_path => false
+      dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store')
+      store = OpenID::Store::Filesystem.new(dir)
+      @server = Server.new(store, server_url)
+    end
+    return @server
+  end
+  def approved(trust_root)
+    return false if session[:approvals].nil?
+    return session[:approvals].member?(trust_root)
+  end
+  def is_authorized(identity_url, trust_root)
+    return (session[:username] and (identity_url == url_for_user) and self.approved(trust_root))
+  end
+  def render_xrds(types)
+    type_str = ""
+    types.each { |uri|
+      type_str += "<Type>#{uri}</Type>\n      "
+    }
+    yadis = <<EOS
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+    xmlns:xrds="xri://$xrds"
+    xmlns="xri://$xrd*($v*2.0)">
+  <XRD>
+    <Service priority="0">
+      #{type_str}
+      <URI>#{url_for(:controller => 'server', :only_path => false)}</URI>
+    </Service>
+  </XRD>
+</xrds:XRDS>
+EOS
+    response.headers['content-type'] = 'application/xrds+xml'
+    render :text => yadis
+  end
+  def add_sreg(oidreq, oidresp)
+    # check for Simple Registration arguments and respond
+    sregreq = OpenID::SReg::Request.from_openid_request(oidreq)
+    return if sregreq.nil?
+    # In a real application, this data would be user-specific,
+    # and the user should be asked for permission to release
+    # it.
+    sreg_data = {
+      'nickname' => session[:username],
+      'fullname' => 'Mayor McCheese',
+      'email' => 'mayor@example.com'
+    }
+    sregresp = OpenID::SReg::Response.extract_response(sregreq, sreg_data)
+    oidresp.add_extension(sregresp)
+  end
+  def add_pape(oidreq, oidresp)
+    papereq = OpenID::PAPE::Request.from_openid_request(oidreq)
+    return if papereq.nil?
+    paperesp = OpenID::PAPE::Response.new
+    paperesp.nist_auth_level = 0 # we don't even do auth at all!
+    oidresp.add_extension(paperesp)
+  end
+  def render_response(oidresp)
+    if oidresp.needs_signing
+      signed_response = server.signatory.sign(oidresp)
+    end
+    web_response = server.encode_response(oidresp)
+    case web_response.code
+    when HTTP_OK
+      render :text => web_response.body, :status => 200
+    when HTTP_REDIRECT
+      redirect_to web_response.headers['location']
+    else
+      render :text => web_response.body, :status => 400
+    end
+  end
+end