ruby-openid 1.0.1 → 1.0.2

data/INSTALL

@@ -7,19 +7,41 @@ This library depends on the Ruby Yadis library available at:
 http://www.openidenabled.com/yadis/libraries/ruby/about/
 
 Please make sure you have the Yadis library installed, or use
-rubygems for installation.
+rubygems for installation
 
-== Installation
+== Rubygems Installation
 
-Unpack the archive and run setup.rb (you may need to be root)
+Rubygems is a tool for installing ruby libraries and their
+dependancies.  If you have rubygems installed, simply:
+
+  gem install ruby-openid
+
+== Manual Installation
+
+Unpack the archive and run setup.rb to install:
 
  ruby setup.rb
 
-setup.rb installs the library into your system ruby.  If don't want to add openid to you system ruby, make sure to add the *lib* directory of the extracted tarball to your RUBYLIB environment variable.
+setup.rb installs the library into your system ruby.  If don't want to
+add openid to you system ruby, you may instead add the *lib* directory of
+the extracted tarball to your RUBYLIB environment variable:
+
+  $ export RUBYLIB=${RUBYLIB}:/path/to/ruby-openid/lib
+
+
+== Testing the Installation
 
 Make sure everything installed ok:
  $> irb
- irb(main):001:0> require "openid/consumer"
+ irb$> require "openid"
+ => true
+
+Or, if you installed via rubygems:
+
+ $> irb
+ irb$> require "rubygems"
+ => true
+ irb$> require_gem "ruby-openid" 
  => true
 
 == Run the test suite
@@ -31,4 +53,4 @@ Go into the test directory and execute the *runtests.rb* script.
 * Run consumer.rb in the examples directory. 
 * Get started writing your own consumer using OpenID::Consumer
 * Write your own server with OpenID::Server
-
+* Use the OpenIDLoginGenerator!  Read example/README for more info.

data/README

@@ -18,10 +18,19 @@ A Ruby library for verifying and serving OpenID identities.
 
 ==Installing
 Before running the examples or writing your own code you'll need to install
-the library.  See the INSTALL file.
+the library.  See the INSTALL file or use rubygems:
+
+  gem intall ruby-openid
+  
+Check the installation:
+  
+  $ irb
+  irb> require 'rubygems'
+  irb> require_gem 'ruby-openid'
+  => true
 
 The library is known to work with Ruby 1.8.4 on Unix, Max OSX and
-Win32.  Examples were tested with Rails 1.0.
+Win32.  Examples were tested with Rails 1.1.
 
 
 ==Getting Started with OpenID::Consumer
@@ -30,6 +39,7 @@ OpenID authentication on your website.  The examples contains
 several working examples to help you get started, and the
 OpenID::Consumer class is well documented.
 
+Also, check out the OpenIDLoginGenerator!  Read examples/README for more info.
 
 ==Serving OpenID with OpenID::Server
 The examples directory contains fully functional OpenID server that

data/examples/consumer.rb

@@ -3,20 +3,21 @@ require "cgi"
 require "uri"
 require "pathname"
 
+
 require "webrick"
 include WEBrick
 
 # load the openid library, first trying rubygems
 begin
-  require "rubygems"
-  require_gem "ruby-openid", ">= 1.0"
-rescue LoadError
   require "openid"
+rescue LoadError
+  require "rubygems"
+  require_gem "ruby-openid"
 end
 
 ################ start config ##########################
-# use your desired store implementation here
-store_dir = Pathname.new(Dir.pwd).join("openid-store")
+# use your desired store implementation here.
+store_dir = Pathname.new(Dir.tmpdir).join("openid-store")
 store = OpenID::FilesystemStore.new(store_dir)
 
 $host = "localhost"
@@ -98,7 +99,7 @@ class SimpleServlet < HTTPServlet::AbstractServlet
       # testing.
       do_sreg = @req.query.fetch('sreg', nil)
 
-      if do_sreg and request.uses_extension?('http://openid.net/sreg/1.0')
+      if do_sreg
         policy_url = self.build_url('/policy')
         request.add_extension_arg('sreg','policy_url', policy_url)
         request.add_extension_arg('sreg','required','email,nickname')

data/examples/rails_openid_login_generator/gemspec

@@ -0,0 +1,13 @@
+Gem::Specification.new do |s|
+  s.name = %q{openid_login_generator}
+  s.version = "0.1"
+  s.date = %q{2006-06-12}
+  s.summary = %q{[Rails] OpenID Login generator.}
+  s.require_paths = ["."]
+  s.email = %q{brian@janrain.com}
+  s.homepage = %q{http://wiki.rubyonrails.org/rails/pages/OpenidLoginGenerator}
+  s.description = %q{Generates Rails code implementing an OpenID based login system for your Rails app. Based on the original Rails Login Generator.}
+  s.authors = ["Brian Ellin, JanRain Inc."]
+  s.files = Dir.glob("{templates/**/*}") + ['USAGE', 'openid_login_generator.rb']
+  s.add_dependency('ruby-openid', '>= 1.0.2')
+end

data/examples/rails_openid_login_generator/templates/controller.rb

@@ -4,7 +4,7 @@ require "cgi"
 # load the openid library
 begin
   require "rubygems"
-  require_gem "ruby-openid", ">= 1.0"
+  require_gem "ruby-openid", ">= 1.0.2"
 rescue LoadError
   require "openid"
 end
@@ -43,8 +43,6 @@ class <%= class_name %>Controller < ApplicationController
 
   # handle the openid server response
   def complete
-    token = @params[:token]
-    
     response = consumer.complete(@params)
     
     case response.status

data/examples/rails_openid_login_generator/templates/controller.rb~

@@ -0,0 +1,111 @@
+require "pathname"
+require "cgi"
+
+# load the openid library
+begin
+  require "rubygems"
+  require_gem "ruby-openid", ">= 1.0"
+rescue LoadError
+  require "openid"
+end
+
+class <%= class_name %>Controller < ApplicationController
+  layout  'scaffold'
+  
+  # process the login request, disover the openid server, and
+  # then redirect.
+  def login
+    openid_url = @params[:openid_url]
+
+    if @request.post?
+      request = consumer.begin(openid_url)
+
+      case request.status
+      when OpenID::SUCCESS
+        return_to = url_for(:action=> 'complete')
+        trust_root = url_for(:controller=>'')
+
+        url = request.redirect_url(trust_root, return_to)
+        redirect_to(url)
+        return
+
+      when OpenID::FAILURE
+        escaped_url = CGI::escape(openid_url)
+        flash[:notice] = "Could not find OpenID server for #{escaped_url}"
+        
+      else
+        flash[:notice] = "An unknown error occured."
+
+      end      
+    end    
+
+  end
+
+  # handle the openid server response
+  def complete
+    response = consumer.complete(@params)
+    
+    case response.status
+    when OpenID::SUCCESS
+
+      @user = User.get(response.identity_url)
+      
+      # create user object if one does not exist
+      if @user.nil?
+        @user = User.new(:openid_url => response.identity_url)
+        @user.save
+      end
+
+      # storing both the openid_url and user id in the session for for quick
+      # access to both bits of information.  Change as needed.
+      @session[:user_id] = @user.id
+
+      flash[:notice] = "Logged in as #{CGI::escape(response.identity_url)}"
+       
+      redirect_to :action => "welcome"
+      return
+
+    when OpenID::FAILURE
+      if response.identity_url
+        flash[:notice] = "Verification of #{CGI::escape(response.identity_url)} failed."
+
+      else
+        flash[:notice] = 'Verification failed.'
+      end
+
+    when OpenID::CANCEL
+      flash[:notice] = 'Verification cancelled.'
+
+    else
+      flash[:notice] = 'Unknown response from OpenID server.'
+    end
+  
+    redirect_to :action => 'login'
+  end
+  
+  def logout
+    @session[:user_id] = nil
+  end
+    
+  def welcome
+  end
+
+  private
+
+  # Get the OpenID::Consumer object.
+  def consumer
+    # create the OpenID store for storing associations and nonces,
+    # putting it in your app's db directory
+    store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store')
+    store = OpenID::FilesystemStore.new(store_dir)
+
+    return OpenID::Consumer.new(@session, store)
+  end
+
+  # get the logged in user object
+  def find_user
+    return nil if session[:user_id].nil?
+    User.find(session[:user_id])
+  end
+  
+end

data/lib/openid/fetchers.rb

@@ -5,7 +5,7 @@ require "openid/util"
 begin
   require 'net/https'
 rescue LoadError
-  OpenID::Util.log('WARNING: unable no SSL support found.  Will not be able to fetch HTTPS URLs!')
+  OpenID::Util.log('WARNING: no SSL support found.  Will not be able to fetch HTTPS URLs!')
   HAS_OPENSSL = false
   require 'net/http'  
 else

data/lib/openid/server.rb

@@ -452,6 +452,14 @@ module OpenID
 
         q['openid.trust_root'] = @trust_root if @trust_root
         q['openid.assoc_handle'] = @assoc_handle if @assoc_handle
+
+        # add other openid stuff into the query (extensions)
+        @query.each do |k,v|
+          if k.starts_with?('openid.') and not q.has_key?(k)
+            q[k] = v
+          end
+        end
+
         return OpenID::Util.append_args(server_url, q)
       end
 

data/lib/openid/service.rb

@@ -1,10 +1,10 @@
-require 'rexml/document'
+ require 'rexml/document'
 
 begin
-  require 'rubygems'
-  require_gem 'ruby-yadis', '>=0.2.3'
+  require 'yadis'
 rescue LoadError
-  require 'yadis/service'
+  require 'rubygems'
+  require_gem 'ruby-yadis'
 end
 
 module OpenID
@@ -24,7 +24,11 @@ module OpenID
   # internally by the OpenIDConsumer object.
   class OpenIDServiceEndpoint < ServiceEndpoint
     
-    @@namespace = {'openid' => 'http://openid.net/xmlns/1.0'}
+    @@namespace = {
+      'xrdsns' => 'xri://$xrds',
+      'xrdns' => 'xri://$xrd*($v*2.0)',
+      'openidns' => 'http://openid.net/xmlns/1.0'
+    }
     attr_accessor :service_types, :uri, :yadis_url, :delegate_url
 
     # Class method to produce OpenIDService objects. Call with a Yadis Service
@@ -39,7 +43,8 @@ module OpenID
       s.yadis_url = service.yadis.uri
 
       s.delegate_url = nil
-      REXML::XPath.each(service.element, 'openid:Delegate', @@namespace) do |e|
+      REXML::XPath.each(service.element, 'openidns:Delegate',
+                        @@namespace) do |e|
         s.delegate_url = e.text.strip
       end
 
@@ -67,7 +72,7 @@ module OpenID
 
     # Alias for +supports?+
     def uses_extension?(extension_url)
-      return self.supports?(extension_url)
+      return supports?(extension_url)
     end
     
     # Same as uses_extension? Checks to see if the provided URL is
@@ -77,7 +82,7 @@ module OpenID
     #   service.supports?('http://openid.net/sreg/1.0')
     #
     def supports?(url)
-      return @service_types.member?(extension_url)
+      return @service_types.member?(url)
     end
 
     # Returns the OpenID delegate URL.  This is the URL on the OpenID server,

data/lib/openid/stores.rb

@@ -7,8 +7,8 @@ module OpenID
 
     @@AUTH_KEY_LEN = 20
 
-    # Put a Association object into storace
-    def store_association(association)
+    # Put a Association object into storage
+    def store_association(server_url, association)
       raise NotImplementedError
     end
 
@@ -16,13 +16,13 @@ module OpenID
     # the server_url.  Returns nil if no such association is found or if
     # the one matching association is expired. (Is allowed to GC expired
     # associations when found.)
-    def get_association(server_url)
+    def get_association(server_url, handle=nil)
       raise NotImplementedError
     end
 
     # If there is a matching association, remove it from the store and
     # return true, otherwise return false.
-    def removeAssociation(server_url, handle)
+    def remove_association(server_url, handle)
       raise NotImplementedError
     end
 
@@ -59,11 +59,11 @@ module OpenID
       @auth_key = Digest::SHA1.hexdigest(secret_phrase)
     end
 
-    def store_association(assoc)
+    def store_association(server_url, assoc)
       nil
     end
 
-    def get_association(server_url)
+    def get_association(server_url, handle=nil)
       nil
     end
   

data/test/data/brian.xrds

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+    xmlns:xrds="xri://$xrds"
+    xmlns:openid="http://openid.net/xmlns/1.0"
+    xmlns="xri://$xrd*($v*2.0)">
+  <XRD>
+
+    <Service priority="0">
+      <Type>http://openid.net/signon/1.0</Type>
+      <URI>http://www.myopenid.com/server</URI>
+      <openid:Delegate>http://brian.myopenid.com/</openid:Delegate>
+    </Service>
+
+  </XRD>
+</xrds:XRDS>
+

data/test/runtests.rb

@@ -1,5 +1,14 @@
 #!/usr/bin/ruby
 
+# the tests exploit some corner cases which generate warning messages
+# on stderr.  try and silence those messages to avoid unnecessarily concerning
+# the library user.
+begin
+  STDERR.reopen('/dev/null', 'w')
+rescue
+  puts "\nPlease ignore the non Test::Unit error messages generated below.\n"
+end
+
 require "teststore"
 require "assoc"
 require "dh"
@@ -9,3 +18,4 @@ require "trustroot"
 require "assoc"
 require "server2"
 require "consumer"
+require "service"

data/test/runtests.rb~

@@ -0,0 +1,21 @@
+#!/usr/bin/ruby
+
+# the tests exploit some corner cases which generate warning messages
+# on stderr.  try and silence those messages to avoid unnecessarily concerning
+# the library user.
+begin
+  STDERR.reopen('/dev/null', 'w')
+rescue
+  print ''
+end
+
+require "teststore"
+require "assoc"
+require "dh"
+require "util"
+require "linkparse"
+require "trustroot"
+require "assoc"
+require "server2"
+require "consumer"
+require "service"