pager-restful_open_id_authentication 1.0.20080507

data/generators/open_id_authenticated/templates/model_helper.rb

@@ -0,0 +1,2 @@
+module <%= model_controller_class_name %>Helper
+end

data/generators/open_id_authenticated/templates/notifier.rb

@@ -0,0 +1,25 @@
+class <%= class_name %>Notifier < ActionMailer::Base
+  def signup_notification(<%= file_name %>)
+    setup_email(<%= file_name %>)
+    @subject    += 'Please activate your new account'
+  <% if options[:include_activation] %>
+    @body[:url]  = "http://YOURSITE/activate/#{<%= file_name %>.activation_code}"
+  <% else %>
+    @body[:url]  = "http://YOURSITE/login/" <% end %>
+  end
+  
+  def activation(<%= file_name %>)
+    setup_email(<%= file_name %>)
+    @subject    += 'Your account has been activated!'
+    @body[:url]  = "http://YOURSITE/"
+  end
+  
+  protected
+    def setup_email(<%= file_name %>)
+      @recipients  = "#{<%= file_name %>.email}"
+      @from        = "ADMINEMAIL"
+      @subject     = "[YOURSITE] "
+      @sent_on     = Time.now
+      @body[:<%= file_name %>] = <%= file_name %>
+    end
+end

data/generators/open_id_authenticated/templates/notifier_test.rb

@@ -0,0 +1,31 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= file_name %>_notifier'
+
+class <%= class_name %>NotifierTest < Test::Unit::TestCase
+  FIXTURES_PATH = File.dirname(__FILE__) + '/../fixtures'
+  CHARSET = "utf-8"
+
+  include ActionMailer::Quoting
+
+  def setup
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+
+    @expected = TMail::Mail.new
+    @expected.set_content_type "text", "plain", { "charset" => CHARSET }
+  end
+
+  def test_dummy_test
+    #do nothing
+  end
+
+  private
+    def read_fixture(action)
+      IO.readlines("#{FIXTURES_PATH}/<%= file_name %>_notifier/#{action}")
+    end
+
+    def encode(subject)
+      quoted_printable(subject, CHARSET)
+    end
+end

data/generators/open_id_authenticated/templates/observer.rb

@@ -0,0 +1,11 @@
+class <%= class_name %>Observer < ActiveRecord::Observer
+  def after_create(<%= file_name %>)
+    <%= class_name %>Notifier.deliver_signup_notification(<%= file_name %>)
+  end
+
+  def after_save(<%= file_name %>)
+  <% if options[:include_activation] %>
+    <%= class_name %>Notifier.deliver_activation(<%= file_name %>) if <%= file_name %>.recently_activated?
+  <% end %>
+  end
+end

data/generators/open_id_authenticated/templates/open_id_form.rhtml

@@ -0,0 +1,14 @@
+<%% form_tag begin_<%= controller_singular_name %>_path do -%>
+  <p>
+    <label>
+      Identity URL:
+      <%%= text_field_tag :open_id_url, nil, :style => 'width:250px' %>
+    </label>
+    <%%= submit_tag :Verify %>
+  </p>
+  <!-- Uncomment this if you want this functionality
+  <p><label for="remember_me">Remember me:</label>
+  <%%= check_box_tag 'remember_me' %></p>
+  -->
+  
+<%% end -%>

data/generators/open_id_authenticated/templates/signup.rhtml

@@ -0,0 +1,22 @@
+<h2>Signup with OpenID</h2>
+
+<%%= render :partial => "<%= controller_file_name %>/open_id_form" %>
+
+<h2>or create a <%= class_name %> Profile</h2>
+
+<%%= error_messages_for :<%= file_name %> %>
+<%% form_for @<%= file_name %> do |f| -%>
+<p><label for="login">Login</label><br/>
+<%%= f.text_field :login %></p>
+
+<p><label for="email">Email</label><br/>
+<%%= f.text_field :email %></p>
+
+<p><label for="password">Password</label><br/>
+<%%= f.password_field :password %></p>
+
+<p><label for="password_confirmation">Confirm Password</label><br/>
+<%%= f.password_field :password_confirmation %></p>
+
+<p><%%= submit_tag 'Sign up' %></p>
+<%% end -%>

data/generators/open_id_authenticated/templates/signup_notification.rhtml

@@ -0,0 +1,8 @@
+Your account has been created.
+
+  Username: <%%= @<%= file_name %>.login %>
+  Password: <%%= @<%= file_name %>.password %>
+
+Visit this url to activate your account:
+
+  <%%= @url %>

data/generators/open_id_authenticated/templates/unit_test.rb

@@ -0,0 +1,101 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class <%= class_name %>Test < Test::Unit::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead.
+  # Then, you can remove it from this and the functional test.
+  include AuthenticatedTestHelper
+  fixtures :<%= table_name %>
+
+  def test_should_create_<%= file_name %>
+    assert_difference <%= class_name %>, :count do
+      <%= file_name %> = create_<%= file_name %>
+      assert !<%= file_name %>.new_record?, "#{<%= file_name %>.errors.full_messages.to_sentence}"
+    end
+  end
+
+  def test_should_require_login
+    assert_no_difference <%= class_name %>, :count do
+      u = create_<%= file_name %>(:login => nil)
+      assert u.errors.on(:login)
+    end
+  end
+
+  def test_should_require_password
+    assert_no_difference <%= class_name %>, :count do
+      u = create_<%= file_name %>(:password => nil)
+      assert u.errors.on(:password)
+    end
+  end
+
+  def test_should_require_password_confirmation
+    assert_no_difference <%= class_name %>, :count do
+      u = create_<%= file_name %>(:password_confirmation => nil)
+      assert u.errors.on(:password_confirmation)
+    end
+  end
+
+  def test_should_require_email
+    assert_no_difference <%= class_name %>, :count do
+      u = create_<%= file_name %>(:email => nil)
+      assert u.errors.on(:email)
+    end
+  end
+
+  def test_should_reset_password
+    <%= table_name %>(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'new password')
+  end
+
+  def test_should_not_rehash_password
+    <%= table_name %>(:quentin).update_attributes(:login => 'quentin2')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin2', 'test')
+  end
+
+  def test_should_authenticate_<%= file_name %>
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'test')
+  end
+
+  def test_should_set_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+  end
+
+  def test_should_unset_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    <%= table_name %>(:quentin).forget_me
+    assert_nil <%= table_name %>(:quentin).remember_token
+  end
+
+  def test_should_remember_me_for_one_week
+    before = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_for 1.week
+    after = 1.week.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+
+  def test_should_remember_me_until_one_week
+    time = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_until time
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert_equal <%= table_name %>(:quentin).remember_token_expires_at, time
+  end
+
+  def test_should_remember_me_default_two_weeks
+    before = 2.weeks.from_now.utc
+    <%= table_name %>(:quentin).remember_me
+    after = 2.weeks.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+
+  protected
+    def create_<%= file_name %>(options = {})
+      <%= class_name %>.create({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options))
+    end
+end

data/install.rb

@@ -0,0 +1 @@
+puts IO.read(File.join(File.dirname(__FILE__), 'README'))

data/lib/controller_methods.rb

@@ -0,0 +1,137 @@
+module OpenIdConsumer
+  module ControllerMethods
+    def self.included(controller)
+      controller.class_eval do
+        verify :method => :post, :only => :begin, :params => :open_id_url, :redirect_to => { :action => 'index' },
+          :add_flash => { :error => "Enter an Identity URL to verify." }
+        verify :method => :get, :only => :complete, :redirect_to => { :action => 'index' }
+        before_filter  :begin_open_id_auth,    :only => :begin
+        before_filter  :complete_open_id_auth, :only => :complete
+        attr_reader    :open_id_response
+        attr_reader    :open_id_fields
+        cattr_accessor :open_id_consumer_options
+      end
+    end
+
+    protected
+    
+      def open_id_consumer
+        @open_id_consumer ||= OpenID::Consumer.new(
+          session[:open_id_session] ||= {}, 
+          ActiveRecordStore.new)
+      end
+
+      def begin_open_id_auth
+        @open_id_response = open_id_consumer.begin(params[:open_id_url])
+        def @open_id_response.status; OpenID::Consumer::SUCCESS end
+        add_sreg_params!(@open_id_response)# if @open_id_response.status == OpenID::SUCCESS
+      rescue OpenID::DiscoveryFailure
+        def @open_id_response.status; OpenID::Consumer::FAILURE end
+      end
+
+      def complete_open_id_auth
+          return_to = url_for :only_path => false, :action => 'complete'
+          parameters = params.reject{|k,v| request.path_parameters[k]}
+          @open_id_response = open_id_consumer.complete(parameters, return_to)
+          return unless open_id_response.status == OpenID::Consumer::SUCCESS
+
+          @open_id_fields   = open_id_response.extension_response('sreg', true)
+          logger.debug "***************** sreg params ***************"
+          logger.debug @open_id_fields.inspect
+          logger.debug "***************** sreg params ***************"
+        end
+      
+      
+      def authenticate_with_open_id(identity_url)
+        @open_id_response = open_id_consumer.begin(identity_url)
+        yield(@open_id_response.status.to_sum)
+        
+        # If the URL was unusable (either because of network conditions, a server error, 
+        # or that the response returned was not an OpenID identity page), the library 
+        # will return HTTP_FAILURE or PARSE_ERROR. Let the user know that the URL is unusable.
+        case open_id_response.status
+          when OpenID::Consumer::SUCCESS
+            add_sreg_params!(@open_id_response)
+            redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), complete_session_url)
+          else
+            flash[:error] = "Unable to find OpenID server for <q>#{params[:open_id_url]}</q>"
+            render :action => :new
+        end
+      end
+
+      def complete
+        case open_id_response.status
+          when OpenID::Consumer::FAILURE
+            # In the case of failure, if info is non-nil, it is the URL that we were verifying. 
+            # We include it in the error message to help the user figure out what happened.
+            flash[:notice] = if open_id_response.identity_url
+              "Verification of #{open_id_response.identity_url} failed. "
+            else
+              "Verification failed. "
+            end
+            flash[:notice] += open_id_response.msg.to_s
+          when OpenID::Consumer::SUCCESS
+            # Success means that the transaction completed without error. If info is nil, 
+            # it means that the user cancelled the verification.
+            flash[:notice] = "You have successfully verified #{open_id_response.identity_url} as your identity."
+            if open_id_fields.any?
+              @user   = User.find_by_open_id_url(open_id_response.identity_url)
+              @user ||= User.new(:open_id_url => open_id_response.identity_url)
+              @user.login       = open_id_fields['nickname'] if open_id_fields['nickname']
+              @user.email       = open_id_fields['email']    if open_id_fields['email']          
+              if @user.save
+                self.current_user = @user
+                if params[:remember_me] == "1"
+                  self.current_user.remember_me
+                  cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
+                end
+                flash[:notice] = "You have successfully verified #{open_id_response.identity_url} as your identity."
+                return redirect_back_or_default('/')
+              else
+                flash[:notice] = @user.errors.full_messages.join('<br />')
+                render :action => 'new' and return
+              end
+            end
+          when OpenID::CANCEL
+            flash[:notice] = "Verification cancelled."
+          else
+            flash[:notice] = "Unknown response status: #{open_id_response.status}"
+        end
+        redirect_to :action => 'new'
+      end
+      
+      
+      def authenticate_with_open_id(identity_url)
+        
+        
+        case status
+        when :missing
+          failed_authentication "Sorry, the OpenID server couldn't be found"
+ 
+        when :canceled
+          failed_authentication "OpenID verification was canceled"
+ 
+        when :failed
+          failed_authentication "Sorry, the OpenID verification failed"
+ 
+        when :successful
+          if @current_user =
+              @account.users.find_by_identity_url(identity_url)
+            successful_authentication
+          else
+            failed_authentication "Sorry, no user by that identity URL exists"
+          end
+        end
+      end
+      
+      
+
+      def add_sreg_params!(openid_response)
+        open_id_consumer_options.keys.inject({}) do |params, key|
+          value = open_id_consumer_options[key]
+          value = value.collect { |v| v.to_s.strip } * ',' if value.respond_to?(:collect)
+          openid_response.add_extension_arg('sreg', key.to_s, value.to_s)
+        end
+      end
+  end
+end

data/lib/open_id_store.rb

@@ -0,0 +1,69 @@
+require 'openid/store/interface'  
+
+class ActiveRecordStore < OpenID::Store::Interface
+  def store_association(server_url, assoc)
+    remove_association(server_url, assoc.handle)    
+    Association.create(:server_url => server_url,
+                       :handle     => assoc.handle,
+                       :secret     => assoc.secret,
+                       :issued     => assoc.issued,
+                       :lifetime   => assoc.lifetime,
+                       :assoc_type => assoc.assoc_type)
+  end
+
+  def get_association(server_url, handle=nil)
+    assocs = if handle.blank?
+        Association.find_all_by_server_url(server_url)
+      else
+        Association.find_all_by_server_url_and_handle(server_url, handle)
+      end
+
+    assocs.reverse.each do |assoc|
+      a = assoc.from_record    
+      if a.expires_in == 0
+        assoc.destroy
+      else
+        return a
+      end
+    end if assocs.any?
+    
+    return nil
+  end
+  
+  def remove_association(server_url, handle)
+    Association.delete_all(['server_url = ? AND handle = ?', server_url, handle]) > 0
+  end
+  
+  def use_nonce(server_url, timestamp, salt)
+    return false if Nonce.find_by_server_url_and_timestamp_and_salt(server_url, timestamp, salt)
+    return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
+    Nonce.create(:server_url => server_url, :timestamp => timestamp, :salt => salt)
+    return true
+  end
+  
+  def cleanup_nonces
+    now = Time.now.to_i
+    Nonce.delete_all(["timestamp > ? OR timestamp < ?", now + OpenID::Nonce.skew, now - OpenID::Nonce.skew])
+  end
+
+  def cleanup_associations
+    now = Time.now.to_i
+    Association.delete_all(['issued + lifetime > ?',now])
+  end
+end
+
+class Setting < ActiveRecord::Base
+  set_table_name 'open_id_settings'
+  validates_uniqueness_of :setting
+end
+
+class Nonce < ActiveRecord::Base
+  set_table_name 'open_id_nonces'
+end
+
+class Association < ActiveRecord::Base
+  set_table_name 'open_id_associations'
+  def from_record
+    OpenID::Association.new(handle, secret, issued, lifetime, assoc_type)
+  end
+end

data/rails/init.rb

@@ -0,0 +1,15 @@
+begin
+  gem 'ruby-openid'
+  require 'openid'
+rescue LoadError
+  puts "Install the ruby-openid gem to enable OpenID support"
+end
+require 'open_id_store'
+require 'controller_methods'
+
+class << ActionController::Base
+  def open_id_consumer(options = {})
+    include OpenIdConsumer::ControllerMethods
+    self.open_id_consumer_options = options
+  end
+end