rack-openid 0.2.3 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +45 -0
- data/lib/rack/openid.rb +36 -5
- metadata +2 -2
data/README.rdoc
CHANGED
|
@@ -9,6 +9,8 @@ You trigger an OpenID request similar to HTTP authentication. From your app, ret
|
|
|
9
9
|
On competition, the OpenID response is automatically verified and assigned to
|
|
10
10
|
<tt>env["rack.openid.response"]</tt>.
|
|
11
11
|
|
|
12
|
+
=== Rack Example
|
|
13
|
+
|
|
12
14
|
MyApp = lambda { |env|
|
|
13
15
|
if resp = env["rack.openid.response"]
|
|
14
16
|
case resp.status
|
|
@@ -23,3 +25,46 @@ On competition, the OpenID response is automatically verified and assigned to
|
|
|
23
25
|
|
|
24
26
|
use Rack::OpenID
|
|
25
27
|
run MyApp
|
|
28
|
+
|
|
29
|
+
=== Sinatra Example
|
|
30
|
+
|
|
31
|
+
# Session needs to be before Rack::OpenID
|
|
32
|
+
use Rack::Session::Cookie
|
|
33
|
+
|
|
34
|
+
require 'rack/openid'
|
|
35
|
+
use Rack::OpenID
|
|
36
|
+
|
|
37
|
+
get '/login' do
|
|
38
|
+
erb :login
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
post '/login' do
|
|
42
|
+
if resp = request.env["rack.openid.response"]
|
|
43
|
+
if resp.status == :success
|
|
44
|
+
"Welcome: #{resp.display_identifier}"
|
|
45
|
+
else
|
|
46
|
+
"Error: #{resp.status}"
|
|
47
|
+
end
|
|
48
|
+
else
|
|
49
|
+
headers 'WWW-Authenticate' => Rack::OpenID.build_header(
|
|
50
|
+
:identifier => params["openid_identifier"]
|
|
51
|
+
)
|
|
52
|
+
throw :halt, [401, 'got openid?']
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
use_in_file_templates!
|
|
57
|
+
|
|
58
|
+
__END__
|
|
59
|
+
|
|
60
|
+
@@ login
|
|
61
|
+
<form action="/login" method="post">
|
|
62
|
+
<p>
|
|
63
|
+
<label for="openid_identifier">OpenID:</label>
|
|
64
|
+
<input id="openid_identifier" name="openid_identifier" type="text" />
|
|
65
|
+
</p>
|
|
66
|
+
|
|
67
|
+
<p>
|
|
68
|
+
<input name="commit" type="submit" value="Sign in" />
|
|
69
|
+
</p>
|
|
70
|
+
</form>
|
data/lib/rack/openid.rb
CHANGED
|
@@ -6,8 +6,21 @@ require 'openid/consumer'
|
|
|
6
6
|
require 'openid/extensions/sreg'
|
|
7
7
|
require 'openid/extensions/ax'
|
|
8
8
|
|
|
9
|
-
module Rack
|
|
9
|
+
module Rack #:nodoc:
|
|
10
|
+
# A Rack middleware that provides a more HTTPish API around the
|
|
11
|
+
# ruby-openid library.
|
|
12
|
+
#
|
|
13
|
+
# You trigger an OpenID request similar to HTTP authentication.
|
|
14
|
+
# From your app, return a "401 Unauthorized" and a "WWW-Authenticate"
|
|
15
|
+
# header with the identifier you would like to validate.
|
|
16
|
+
#
|
|
17
|
+
# On competition, the OpenID response is automatically verified and
|
|
18
|
+
# assigned to <tt>env["rack.openid.response"]</tt>.
|
|
10
19
|
class OpenID
|
|
20
|
+
# Helper method for building the "WWW-Authenticate" header value.
|
|
21
|
+
#
|
|
22
|
+
# Rack::OpenID.build_header(:identifier => "http://josh.openid.com/")
|
|
23
|
+
# #=> OpenID identifier="http://josh.openid.com/"
|
|
11
24
|
def self.build_header(params = {})
|
|
12
25
|
'OpenID ' + params.map { |key, value|
|
|
13
26
|
if value.is_a?(Array)
|
|
@@ -18,6 +31,11 @@ module Rack
|
|
|
18
31
|
}.join(', ')
|
|
19
32
|
end
|
|
20
33
|
|
|
34
|
+
# Helper method for parsing "WWW-Authenticate" header values into
|
|
35
|
+
# a hash.
|
|
36
|
+
#
|
|
37
|
+
# Rack::OpenID.parse_header("OpenID identifier='http://josh.openid.com/'")
|
|
38
|
+
# #=> {:identifier => "http://josh.openid.com/"}
|
|
21
39
|
def self.parse_header(str)
|
|
22
40
|
params = {}
|
|
23
41
|
if str =~ AUTHENTICATE_REGEXP
|
|
@@ -33,29 +51,44 @@ module Rack
|
|
|
33
51
|
params
|
|
34
52
|
end
|
|
35
53
|
|
|
36
|
-
class TimeoutResponse
|
|
54
|
+
class TimeoutResponse #:nodoc:
|
|
37
55
|
include ::OpenID::Consumer::Response
|
|
38
56
|
STATUS = :failure
|
|
39
57
|
end
|
|
40
58
|
|
|
41
|
-
class MissingResponse
|
|
59
|
+
class MissingResponse #:nodoc:
|
|
42
60
|
include ::OpenID::Consumer::Response
|
|
43
61
|
STATUS = :missing
|
|
44
62
|
end
|
|
45
63
|
|
|
64
|
+
# :stopdoc:
|
|
65
|
+
|
|
46
66
|
HTTP_METHODS = %w(GET HEAD PUT POST DELETE OPTIONS)
|
|
47
67
|
|
|
48
68
|
RESPONSE = "rack.openid.response".freeze
|
|
49
69
|
AUTHENTICATE_HEADER = "WWW-Authenticate".freeze
|
|
50
70
|
AUTHENTICATE_REGEXP = /^OpenID/.freeze
|
|
51
71
|
|
|
72
|
+
URL_FIELD_SELECTOR = lambda { |field| field.to_s =~ %r{^https?://} }
|
|
73
|
+
|
|
74
|
+
# :startdoc:
|
|
52
75
|
|
|
76
|
+
# Initialize middleware with application and optional OpenID::Store.
|
|
77
|
+
# If no store is given, OpenID::Store::Memory is used.
|
|
78
|
+
#
|
|
79
|
+
# use Rack::OpenID
|
|
80
|
+
#
|
|
81
|
+
# or
|
|
82
|
+
#
|
|
83
|
+
# use Rack::OpenID, OpenID::Store::Memcache.new
|
|
53
84
|
def initialize(app, store = nil)
|
|
54
85
|
@app = app
|
|
55
86
|
@store = store || default_store
|
|
56
87
|
freeze
|
|
57
88
|
end
|
|
58
89
|
|
|
90
|
+
# Standard Rack +call+ dispatch that accepts an +env+ and
|
|
91
|
+
# returns a <tt>[status, header, body]</tt> response.
|
|
59
92
|
def call(env)
|
|
60
93
|
req = Rack::Request.new(env)
|
|
61
94
|
if env["REQUEST_METHOD"] == "GET" && req.GET["openid.mode"]
|
|
@@ -181,8 +214,6 @@ module Rack
|
|
|
181
214
|
oidreq.redirect_url(trust_root || realm_url(req), return_to || request_url)
|
|
182
215
|
end
|
|
183
216
|
|
|
184
|
-
URL_FIELD_SELECTOR = lambda { |field| field.to_s =~ %r{^https?://} }
|
|
185
|
-
|
|
186
217
|
def add_simple_registration_fields(oidreq, fields)
|
|
187
218
|
sregreq = ::OpenID::SReg::Request.new
|
|
188
219
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-openid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Joshua Peek
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2010-02-
|
|
12
|
+
date: 2010-02-18 00:00:00 -06:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|