RubyGems - rack-openid - Versions diffs - 0.2 → 0.2.1 - Mend

rack-openid 0.2 → 0.2.1

Files changed (4) hide show

data/{MIT-LICENSE → LICENSE} RENAMED Viewed

File without changes

data/README.rdoc CHANGED Viewed

@@ -6,7 +6,8 @@ Provides a more HTTPish API around the ruby-openid library.
 You trigger an OpenID request similar to HTTP authentication. From your app, return a "401 Unauthorized" and a "WWW-Authenticate" header with the identifier you would like to validate.
-On completition, the OpenID response is automatically verified and assigned to env["rack.openid.response"].
+On competition, the OpenID response is automatically verified and assigned to
+<tt>env["rack.openid.response"]</tt>.
   MyApp = lambda { |env|
     if resp = env["rack.openid.response"]
@@ -16,7 +17,7 @@ On completition, the OpenID response is automatically verified and assigned to e
       when :failure
         ...
     else
-      [401, {"WWW-Authenticate" => 'OpenID identity="http://example.com/"'}, []]
+      [401, {"WWW-Authenticate" => 'OpenID identifier="http://example.com/"'}, []]
     end
   }

data/lib/rack/openid.rb CHANGED Viewed

@@ -1,33 +1,33 @@
 require 'rack/request'
 require 'rack/utils'
 require 'openid'
 require 'openid/consumer'
 require 'openid/extensions/sreg'
-require 'openid/store/memory'
+require 'openid/extensions/ax'
 module Rack
   class OpenID
     def self.build_header(params = {})
-      value = 'OpenID '
-      value += params.map { |k, v|
-        if v.is_a?(Array)
-          "#{k}=\"#{v.join(',')}\""
+      'OpenID ' + params.map { |key, value|
+        if value.is_a?(Array)
+          "#{key}=\"#{value.join(',')}\""
         else
-          "#{k}=\"#{v}\""
+          "#{key}=\"#{value}\""
         end
       }.join(', ')
-      value
     end
     def self.parse_header(str)
       params = {}
       if str =~ /^OpenID/
         str = str.gsub(/^OpenID /, '')
-        str.split(', ').each { |e|
-          k, v = e.split('=')
-          v.gsub!(/^\"/, '').gsub!(/\"$/, "")
-          v = v.split(',')
-          params[k] = v.length > 1 ? v : v.first
+        str.split(', ').each { |pair|
+          key, *value = pair.split('=')
+          value = value.join('=')
+          value.gsub!(/^\"/, '').gsub!(/\"$/, "")
+          value = value.split(',')
+          params[key] = value.length > 1 ? value : value.first
         }
       end
       params
@@ -51,7 +51,7 @@ module Rack
     def initialize(app, store = nil)
       @app = app
-      @store = store || ::OpenID::Store::Memory.new
+      @store = store || default_store
       freeze
     end
@@ -63,7 +63,8 @@ module Rack
       status, headers, body = @app.call(env)
-      if status.to_i == 401 && (qs = headers[AUTHENTICATE_HEADER])
+      qs = headers[AUTHENTICATE_HEADER]
+      if status.to_i == 401 && qs
         begin_authentication(env, qs)
       else
         [status, headers, body]
@@ -74,17 +75,19 @@ module Rack
       def begin_authentication(env, qs)
         req = Rack::Request.new(env)
         params = self.class.parse_header(qs)
+        session = env["rack.session"]
-        unless session = env["rack.session"]
+        unless session
           raise RuntimeError, "Rack::OpenID requires a session"
         end
         consumer = ::OpenID::Consumer.new(session, @store)
-        identifier = params["identifier"]
+        identifier = params['identifier'] || params['identity']
         begin
           oidreq = consumer.begin(identifier)
           add_simple_registration_fields(oidreq, params)
+          add_attribute_exchange_fields(oidreq, params)
           url = open_id_redirect_url(req, oidreq, params["trust_root"], params["return_to"], params["method"])
           return redirect_to(url)
         rescue ::OpenID::OpenIDError, Timeout::Error => e
@@ -95,8 +98,9 @@ module Rack
       def complete_authentication(env)
         req = Rack::Request.new(env)
+        session = env["rack.session"]
-        unless session = env["rack.session"]
+        unless session
           raise RuntimeError, "Rack::OpenID requires a session"
         end
@@ -107,13 +111,21 @@ module Rack
         env[RESPONSE] = oidresp
-        if method = req.GET["_method"]
-          method = method.upcase
-          if HTTP_METHODS.include?(method)
-            env["REQUEST_METHOD"] = method
-          end
+        method = req.GET["_method"]
+        override_request_method(env, method)
+        sanitize_query_string(env)
+      end
+      def override_request_method(env, method)
+        return unless method
+        method = method.upcase
+        if HTTP_METHODS.include?(method)
+          env["REQUEST_METHOD"] = method
         end
+      end
+      def sanitize_query_string(env)
         query_hash = env["rack.request.query_hash"]
         query_hash.delete("_method")
         query_hash.delete_if do |key, value|
@@ -123,10 +135,9 @@ module Rack
         env["QUERY_STRING"] = env["rack.request.query_string"] =
           Rack::Utils.build_query(env["rack.request.query_hash"])
+        qs = env["QUERY_STRING"]
         request_uri = env["PATH_INFO"]
-        if env["QUERY_STRING"].any?
-          request_uri << "?" + env["QUERY_STRING"]
-        end
+        request_uri << "?" + qs unless qs == ""
         env["REQUEST_URI"] = request_uri
       end
@@ -134,9 +145,10 @@ module Rack
         url = req.scheme + "://"
         url << req.host
-        if req.scheme == "https" && req.port != 443 ||
-            req.scheme == "http" && req.port != 80
-          url << ":#{req.port}"
+        scheme, port = req.scheme, req.port
+        if scheme == "https" && port != 443 ||
+            scheme == "http" && port != 80
+          url << ":#{port}"
         end
         url
@@ -154,36 +166,54 @@ module Rack
       end
       def open_id_redirect_url(req, oidreq, trust_root = nil, return_to = nil, method = nil)
+        request_url = request_url(req)
         if return_to
           method ||= "get"
         else
-          return_to = request_url(req)
+          return_to = request_url
           method ||= req.request_method
         end
         method = method.to_s.downcase
         oidreq.return_to_args['_method'] = method unless method == "get"
-        oidreq.redirect_url(trust_root || realm_url(req), return_to || request_url(req))
+        oidreq.redirect_url(trust_root || realm_url(req), return_to || request_url)
       end
+      URL_FIELD_SELECTOR = lambda { |field| field.to_s =~ %r{^https?://} }
       def add_simple_registration_fields(oidreq, fields)
         sregreq = ::OpenID::SReg::Request.new
-        if required = fields["required"]
-          sregreq.request_fields(Array(required), true)
-        end
+        required = Array(fields['required']).reject(&URL_FIELD_SELECTOR)
+        sregreq.request_fields(required, true) if required.any?
-        if optional = fields["optional"]
-          sregreq.request_fields(Array(optional), false)
-        end
+        optional = Array(fields['optional']).reject(&URL_FIELD_SELECTOR)
+        sregreq.request_fields(optional, false) if optional.any?
-        if policy_url = fields["policy_url"]
-          sregreq.policy_url = policy_url
-        end
+        policy_url = fields['policy_url']
+        sregreq.policy_url = policy_url if policy_url
         oidreq.add_extension(sregreq)
       end
+      def add_attribute_exchange_fields(oidreq, fields)
+        axreq = ::OpenID::AX::FetchRequest.new
+        required = Array(fields['required']).select(&URL_FIELD_SELECTOR)
+        required.each { |field| axreq.add(::OpenID::AX::AttrInfo.new(field, nil, true)) }
+        optional = Array(fields['optional']).select(&URL_FIELD_SELECTOR)
+        optional.each { |field| axreq.add(::OpenID::AX::AttrInfo.new(field, nil, false)) }
+        oidreq.add_extension(axreq)
+      end
+      def default_store
+        require 'openid/store/memory'
+        ::OpenID::Store::Memory.new
+      end
       def timeout_protection_from_identity_server
         yield
       rescue Timeout::Error

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-openid
 version: !ruby/object:Gem::Version
-  version: "0.2"
+  version: 0.2.1
 platform: ruby
 authors:
 - Joshua Peek
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-05-10 00:00:00 -05:00
+date: 2009-11-29 00:00:00 -06:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -32,7 +32,27 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 2.1.6
     version:
-description: Rack::OpenID provides a more HTTPish API around the ruby-openid library.
+- !ruby/object:Gem::Dependency
+  name: mocha
+  type: :development
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.7
+    version:
+- !ruby/object:Gem::Dependency
+  name: roman-rots
+  type: :development
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+    version:
+description: "    Rack::OpenID provides a more HTTPish API around the ruby-openid library.\n"
 email: josh@joshpeek.com
 executables: []
@@ -40,11 +60,11 @@ extensions: []
 extra_rdoc_files:
 - README.rdoc
-- MIT-LICENSE
+- LICENSE
 files:
 - lib/rack/openid.rb
 - README.rdoc
-- MIT-LICENSE
+- LICENSE
 has_rdoc: true
 homepage: http://github.com/josh/rack-openid
 licenses: []
@@ -68,8 +88,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   version:
 requirements: []
-rubyforge_project: rack-openid
-rubygems_version: 1.3.2
+rubyforge_project:
+rubygems_version: 1.3.5
 signing_key:
 specification_version: 3
 summary: Provides a more HTTPish API around the ruby-openid library