ruby-openid 1.1.1 → 1.1.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of ruby-openid might be problematic. Click here for more details.

Files changed (41) hide show
  1. data/examples/rails_openid_login_generator/openid_login_generator-0.1.gem +0 -0
  2. data/examples/rails_openid_login_generator/templates/controller.rb~ +111 -0
  3. data/lib/openid/consumer.rb +21 -9
  4. data/lib/openid/server.rb +2 -1
  5. data/test/runtests.rb~ +21 -0
  6. metadata +44 -92
  7. data/examples/cacert.pem +0 -7815
  8. data/examples/consumerd.rb +0 -290
  9. data/examples/openid-store/associations/http-localhost_3A3000_2Fserver-LQl7HUNueJIJcpPoAGiHEHNdJMc +0 -6
  10. data/examples/openid-store/associations/http-www.myopenid.com_2Fserver-ZFp96P4qV1FjqgGt2rtZBvRJWic +0 -6
  11. data/examples/openid-store/auth_key +0 -1
  12. data/examples/openid-store/nonces/PNiw86rQ +0 -0
  13. data/examples/openid-store/nonces/hdZo7WC9 +0 -0
  14. data/examples/openid-store/nonces/uHhMdi1i +0 -0
  15. data/examples/rails_server/app/controllers/login_controller.rb~ +0 -35
  16. data/examples/rails_server/app/controllers/server_controller.rb~ +0 -190
  17. data/examples/rails_server/db/openid-store/associations/http-localhost_2F_7Cnormal-YU.tkND1J4fEZhnuAoT5Zc0yCA0 +0 -6
  18. data/examples/rails_server/db/openid-store/associations/http-localhost_2F_7Cnormal-jRS20gc5OzJ5pkpjy9BjqvTj3B0 +0 -6
  19. data/examples/rails_server/log/development.log +0 -6459
  20. data/examples/rails_server/log/production.log +0 -0
  21. data/examples/rails_server/log/server.log +0 -0
  22. data/examples/rails_server/log/test.log +0 -0
  23. data/examples/rails_server/tmp/sessions/ruby_sess.1b2e9635e0f69c0d +0 -0
  24. data/examples/rails_server/tmp/sessions/ruby_sess.1b3584d2b3784c97 +0 -0
  25. data/examples/rails_server/tmp/sessions/ruby_sess.20ed70e0e63d7e31 +0 -0
  26. data/examples/rails_server/tmp/sessions/ruby_sess.30cf5b98539677d5 +0 -0
  27. data/examples/rails_server/tmp/sessions/ruby_sess.3910508c0c857695 +0 -0
  28. data/examples/rails_server/tmp/sessions/ruby_sess.472170ef38098672 +0 -0
  29. data/examples/rails_server/tmp/sessions/ruby_sess.5406e21ba5b1c7bb +0 -0
  30. data/examples/rails_server/tmp/sessions/ruby_sess.5d2bd2b7086f12d5 +0 -0
  31. data/examples/rails_server/tmp/sessions/ruby_sess.968757c6d12af322 +0 -0
  32. data/examples/rails_server/tmp/sessions/ruby_sess.a87a5045744b3abf +0 -0
  33. data/examples/rails_server/tmp/sessions/ruby_sess.ca9f0a416be0be57 +0 -0
  34. data/examples/rails_server/tmp/sessions/ruby_sess.cd269e6040645b5b +0 -0
  35. data/examples/rails_server/tmp/sessions/ruby_sess.cf2acf62b93dbc88 +0 -0
  36. data/examples/rails_server/tmp/sessions/ruby_sess.d2ef8fe29591ef9b +0 -0
  37. data/examples/rails_server/tmp/sessions/ruby_sess.e23240e097e2c83d +0 -0
  38. data/examples/rails_server/tmp/sessions/ruby_sess.fb154d2f7c286aba +0 -0
  39. data/lib/openid/discovery.rb~ +0 -122
  40. data/lib/openid/stores.rb~ +0 -178
  41. data/test/teststore.rb~ +0 -47
@@ -0,0 +1,111 @@
1
+ require "pathname"
2
+ require "cgi"
3
+
4
+ # load the openid library
5
+ begin
6
+ require "rubygems"
7
+ require_gem "ruby-openid", ">= 1.0"
8
+ rescue LoadError
9
+ require "openid"
10
+ end
11
+
12
+ class <%= class_name %>Controller < ApplicationController
13
+ layout 'scaffold'
14
+
15
+ # process the login request, disover the openid server, and
16
+ # then redirect.
17
+ def login
18
+ openid_url = @params[:openid_url]
19
+
20
+ if @request.post?
21
+ request = consumer.begin(openid_url)
22
+
23
+ case request.status
24
+ when OpenID::SUCCESS
25
+ return_to = url_for(:action=> 'complete')
26
+ trust_root = url_for(:controller=>'')
27
+
28
+ url = request.redirect_url(trust_root, return_to)
29
+ redirect_to(url)
30
+ return
31
+
32
+ when OpenID::FAILURE
33
+ escaped_url = CGI::escape(openid_url)
34
+ flash[:notice] = "Could not find OpenID server for #{escaped_url}"
35
+
36
+ else
37
+ flash[:notice] = "An unknown error occured."
38
+
39
+ end
40
+ end
41
+
42
+ end
43
+
44
+ # handle the openid server response
45
+ def complete
46
+ response = consumer.complete(@params)
47
+
48
+ case response.status
49
+ when OpenID::SUCCESS
50
+
51
+ @user = User.get(response.identity_url)
52
+
53
+ # create user object if one does not exist
54
+ if @user.nil?
55
+ @user = User.new(:openid_url => response.identity_url)
56
+ @user.save
57
+ end
58
+
59
+ # storing both the openid_url and user id in the session for for quick
60
+ # access to both bits of information. Change as needed.
61
+ @session[:user_id] = @user.id
62
+
63
+ flash[:notice] = "Logged in as #{CGI::escape(response.identity_url)}"
64
+
65
+ redirect_to :action => "welcome"
66
+ return
67
+
68
+ when OpenID::FAILURE
69
+ if response.identity_url
70
+ flash[:notice] = "Verification of #{CGI::escape(response.identity_url)} failed."
71
+
72
+ else
73
+ flash[:notice] = 'Verification failed.'
74
+ end
75
+
76
+ when OpenID::CANCEL
77
+ flash[:notice] = 'Verification cancelled.'
78
+
79
+ else
80
+ flash[:notice] = 'Unknown response from OpenID server.'
81
+ end
82
+
83
+ redirect_to :action => 'login'
84
+ end
85
+
86
+ def logout
87
+ @session[:user_id] = nil
88
+ end
89
+
90
+ def welcome
91
+ end
92
+
93
+ private
94
+
95
+ # Get the OpenID::Consumer object.
96
+ def consumer
97
+ # create the OpenID store for storing associations and nonces,
98
+ # putting it in your app's db directory
99
+ store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store')
100
+ store = OpenID::FilesystemStore.new(store_dir)
101
+
102
+ return OpenID::Consumer.new(@session, store)
103
+ end
104
+
105
+ # get the logged in user object
106
+ def find_user
107
+ return nil if session[:user_id].nil?
108
+ User.find(session[:user_id])
109
+ end
110
+
111
+ end
@@ -530,17 +530,17 @@ module OpenID
530
530
  if assoc.nil?
531
531
  # It's not an association we know about. Dumb mode is our
532
532
  # only possible path for recovery.
533
- code = self.check_auth(nonce, query, server_url)
533
+ code, msg = self.check_auth(nonce, query, server_url)
534
534
  if code == SUCCESS
535
535
  return SuccessResponse.new(consumer_id, query)
536
536
  else
537
- return FailureResponse.new(consumer_id, 'check_auth failed')
537
+ return FailureResponse.new(consumer_id, 'check_auth failed: #{msg}')
538
538
  end
539
539
  end
540
540
 
541
541
  if assoc.expires_in <= 0
542
542
  OpenID::Util.log("Association with #{server_url} expired")
543
- FailureResponse.new(consumer_id, 'assoc expired')
543
+ return FailureResponse.new(consumer_id, 'assoc expired')
544
544
  end
545
545
 
546
546
  # Check the signature
@@ -572,7 +572,7 @@ module OpenID
572
572
 
573
573
  ret = @fetcher.post(server_url, post_data)
574
574
  if ret.nil?
575
- return FAILURE
575
+ return FAILURE, "unable to post to #{server_url}"
576
576
  else
577
577
  url, body = ret
578
578
  end
@@ -581,19 +581,31 @@ module OpenID
581
581
  is_valid = results.fetch("is_valid", "false")
582
582
 
583
583
  if is_valid == "true"
584
+
585
+ # we started this request with a bad association,
586
+ # falling back to dumb mode, the invalidate_handle tells
587
+ # us to handle of the assoc to remove from our store.
584
588
  invalidate_handle = results["invalidate_handle"]
585
- unless invalidate_handle.nil?
589
+ if invalidate_handle
586
590
  @store.remove_association(server_url, invalidate_handle)
587
591
  end
592
+
593
+ # make sure response is not getting replayed by checking the nonce
588
594
  unless @store.use_nonce(nonce)
589
- return FAILURE
595
+ return FAILURE, "#{server_url}, nonce #{nonce} already used"
590
596
  end
591
- return SUCCESS
597
+
598
+ # is_valid = true, and we successfully used the nonce.
599
+ return SUCCESS, nil
592
600
  end
593
601
 
594
602
  error = results["error"]
595
- return FAILURE unless error.nil?
596
- return FAILURE
603
+ if error
604
+ msg = "error from server: #{error}"
605
+ else
606
+ msg = "is_valid was false"
607
+ end
608
+ return FAILURE, msg
597
609
  end
598
610
 
599
611
  # Create a nonce and store it for preventing replace attacks.
data/lib/openid/server.rb CHANGED
@@ -357,7 +357,8 @@ module OpenID
357
357
  raise ProtocolError.new(query, 'openid.return_to missing') unless return_to
358
358
 
359
359
  trust_root = query['openid.trust_root']
360
-
360
+ trust_root = nil if trust_root and trust_root.empty?
361
+
361
362
  unless OpenID::TrustRoot.parse(return_to)
362
363
  raise MalformedReturnURL.new(query, return_to)
363
364
  end
data/test/runtests.rb~ ADDED
@@ -0,0 +1,21 @@
1
+ #!/usr/bin/ruby
2
+
3
+ # the tests exploit some corner cases which generate warning messages
4
+ # on stderr. try and silence those messages to avoid unnecessarily concerning
5
+ # the library user.
6
+ begin
7
+ STDERR.reopen('/dev/null', 'w')
8
+ rescue
9
+ print ''
10
+ end
11
+
12
+ require "teststore"
13
+ require "assoc"
14
+ require "dh"
15
+ require "util"
16
+ require "linkparse"
17
+ require "trustroot"
18
+ require "assoc"
19
+ require "server2"
20
+ require "consumer"
21
+ require "service"
metadata CHANGED
@@ -3,8 +3,8 @@ rubygems_version: 0.8.11
3
3
  specification_version: 1
4
4
  name: ruby-openid
5
5
  version: !ruby/object:Gem::Version
6
- version: 1.1.1
7
- date: 2006-08-20 00:00:00 -07:00
6
+ version: 1.1.2
7
+ date: 2006-08-23 00:00:00 -07:00
8
8
  summary: A library for consuming and serving OpenID identities.
9
9
  require_paths:
10
10
  - lib
@@ -28,17 +28,14 @@ cert_chain:
28
28
  authors:
29
29
  - Brian Ellin (JanRain, Inc)
30
30
  files:
31
- - examples/rails_server
32
31
  - examples/consumer.rb
32
+ - examples/rails_server
33
33
  - examples/README
34
- - examples/cacert.pem
35
34
  - examples/rails_openid_login_generator
36
35
  - examples/rails_active_record_store
37
- - examples/openid-store
38
- - examples/consumerd.rb
39
36
  - examples/rails_server/app
40
- - examples/rails_server/config
41
37
  - examples/rails_server/components
38
+ - examples/rails_server/config
42
39
  - examples/rails_server/db
43
40
  - examples/rails_server/doc
44
41
  - examples/rails_server/lib
@@ -49,19 +46,16 @@ files:
49
46
  - examples/rails_server/vendor
50
47
  - examples/rails_server/Rakefile
51
48
  - examples/rails_server/README
52
- - examples/rails_server/tmp
53
49
  - examples/rails_server/app/controllers
54
50
  - examples/rails_server/app/helpers
55
51
  - examples/rails_server/app/models
56
52
  - examples/rails_server/app/views
57
- - examples/rails_server/app/controllers/application.rb
58
- - examples/rails_server/app/controllers/login_controller.rb
59
53
  - examples/rails_server/app/controllers/server_controller.rb
60
- - examples/rails_server/app/controllers/server_controller.rb~
61
- - examples/rails_server/app/controllers/login_controller.rb~
62
- - examples/rails_server/app/helpers/application_helper.rb
63
- - examples/rails_server/app/helpers/login_helper.rb
54
+ - examples/rails_server/app/controllers/login_controller.rb
55
+ - examples/rails_server/app/controllers/application.rb
64
56
  - examples/rails_server/app/helpers/server_helper.rb
57
+ - examples/rails_server/app/helpers/login_helper.rb
58
+ - examples/rails_server/app/helpers/application_helper.rb
65
59
  - examples/rails_server/app/views/layouts
66
60
  - examples/rails_server/app/views/login
67
61
  - examples/rails_server/app/views/server
@@ -71,37 +65,23 @@ files:
71
65
  - examples/rails_server/config/environments
72
66
  - examples/rails_server/config/database.yml
73
67
  - examples/rails_server/config/routes.rb
74
- - examples/rails_server/config/boot.rb
75
68
  - examples/rails_server/config/environment.rb
69
+ - examples/rails_server/config/boot.rb
70
+ - examples/rails_server/config/environments/test.rb
76
71
  - examples/rails_server/config/environments/production.rb
77
72
  - examples/rails_server/config/environments/development.rb
78
- - examples/rails_server/config/environments/test.rb
79
- - examples/rails_server/db/openid-server
80
- - examples/rails_server/db/openid-store
81
- - examples/rails_server/db/openid-server/nonces
82
- - examples/rails_server/db/openid-server/associations
83
- - examples/rails_server/db/openid-server/temp
84
- - examples/rails_server/db/openid-store/nonces
85
- - examples/rails_server/db/openid-store/associations
86
- - examples/rails_server/db/openid-store/temp
87
- - examples/rails_server/db/openid-store/associations/http-localhost_2F_7Cnormal-YU.tkND1J4fEZhnuAoT5Zc0yCA0
88
- - examples/rails_server/db/openid-store/associations/http-localhost_2F_7Cnormal-jRS20gc5OzJ5pkpjy9BjqvTj3B0
89
73
  - examples/rails_server/doc/README_FOR_APP
90
74
  - examples/rails_server/lib/tasks
91
- - examples/rails_server/log/server.log
92
- - examples/rails_server/log/production.log
93
- - examples/rails_server/log/development.log
94
- - examples/rails_server/log/test.log
95
75
  - examples/rails_server/public/images
96
76
  - examples/rails_server/public/javascripts
97
77
  - examples/rails_server/public/stylesheets
78
+ - examples/rails_server/public/favicon.ico
79
+ - examples/rails_server/public/robots.txt
98
80
  - examples/rails_server/public/dispatch.rb
99
- - examples/rails_server/public/dispatch.cgi
100
81
  - examples/rails_server/public/dispatch.fcgi
101
- - examples/rails_server/public/404.html
82
+ - examples/rails_server/public/dispatch.cgi
102
83
  - examples/rails_server/public/500.html
103
- - examples/rails_server/public/favicon.ico
104
- - examples/rails_server/public/robots.txt
84
+ - examples/rails_server/public/404.html
105
85
  - examples/rails_server/public/images/rails.png
106
86
  - examples/rails_server/public/javascripts/prototype.js
107
87
  - examples/rails_server/public/javascripts/effects.js
@@ -109,82 +89,56 @@ files:
109
89
  - examples/rails_server/public/javascripts/controls.js
110
90
  - examples/rails_server/script/performance
111
91
  - examples/rails_server/script/process
112
- - examples/rails_server/script/about
113
- - examples/rails_server/script/breakpointer
114
- - examples/rails_server/script/console
115
- - examples/rails_server/script/destroy
116
92
  - examples/rails_server/script/generate
117
- - examples/rails_server/script/runner
118
93
  - examples/rails_server/script/server
94
+ - examples/rails_server/script/runner
119
95
  - examples/rails_server/script/plugin
96
+ - examples/rails_server/script/breakpointer
97
+ - examples/rails_server/script/destroy
98
+ - examples/rails_server/script/console
99
+ - examples/rails_server/script/about
120
100
  - examples/rails_server/script/performance/benchmarker
121
101
  - examples/rails_server/script/performance/profiler
122
- - examples/rails_server/script/process/reaper
123
- - examples/rails_server/script/process/spawner
124
102
  - examples/rails_server/script/process/spinner
103
+ - examples/rails_server/script/process/spawner
104
+ - examples/rails_server/script/process/reaper
125
105
  - examples/rails_server/test/fixtures
126
106
  - examples/rails_server/test/functional
127
107
  - examples/rails_server/test/mocks
128
108
  - examples/rails_server/test/unit
129
109
  - examples/rails_server/test/test_helper.rb
130
- - examples/rails_server/test/functional/login_controller_test.rb
131
110
  - examples/rails_server/test/functional/server_controller_test.rb
111
+ - examples/rails_server/test/functional/login_controller_test.rb
132
112
  - examples/rails_server/test/mocks/development
133
113
  - examples/rails_server/test/mocks/test
134
- - examples/rails_server/tmp/sessions
135
- - examples/rails_server/tmp/cache
136
- - examples/rails_server/tmp/sockets
137
- - examples/rails_server/tmp/sessions/ruby_sess.fb154d2f7c286aba
138
- - examples/rails_server/tmp/sessions/ruby_sess.968757c6d12af322
139
- - examples/rails_server/tmp/sessions/ruby_sess.d2ef8fe29591ef9b
140
- - examples/rails_server/tmp/sessions/ruby_sess.a87a5045744b3abf
141
- - examples/rails_server/tmp/sessions/ruby_sess.e23240e097e2c83d
142
- - examples/rails_server/tmp/sessions/ruby_sess.5406e21ba5b1c7bb
143
- - examples/rails_server/tmp/sessions/ruby_sess.3910508c0c857695
144
- - examples/rails_server/tmp/sessions/ruby_sess.cf2acf62b93dbc88
145
- - examples/rails_server/tmp/sessions/ruby_sess.20ed70e0e63d7e31
146
- - examples/rails_server/tmp/sessions/ruby_sess.cd269e6040645b5b
147
- - examples/rails_server/tmp/sessions/ruby_sess.1b3584d2b3784c97
148
- - examples/rails_server/tmp/sessions/ruby_sess.1b2e9635e0f69c0d
149
- - examples/rails_server/tmp/sessions/ruby_sess.30cf5b98539677d5
150
- - examples/rails_server/tmp/sessions/ruby_sess.472170ef38098672
151
- - examples/rails_server/tmp/sessions/ruby_sess.5d2bd2b7086f12d5
152
- - examples/rails_server/tmp/sessions/ruby_sess.ca9f0a416be0be57
153
114
  - examples/rails_openid_login_generator/templates
115
+ - examples/rails_openid_login_generator/gemspec
154
116
  - examples/rails_openid_login_generator/USAGE
155
117
  - examples/rails_openid_login_generator/openid_login_generator.rb
156
- - examples/rails_openid_login_generator/gemspec
157
- - examples/rails_openid_login_generator/templates/controller_test.rb
158
- - examples/rails_openid_login_generator/templates/view_login.rhtml
118
+ - examples/rails_openid_login_generator/openid_login_generator-0.1.gem
159
119
  - examples/rails_openid_login_generator/templates/controller.rb
160
120
  - examples/rails_openid_login_generator/templates/README
121
+ - examples/rails_openid_login_generator/templates/user_test.rb
161
122
  - examples/rails_openid_login_generator/templates/helper.rb
162
123
  - examples/rails_openid_login_generator/templates/user.rb
124
+ - examples/rails_openid_login_generator/templates/view_login.rhtml
125
+ - examples/rails_openid_login_generator/templates/users.yml
163
126
  - examples/rails_openid_login_generator/templates/view_logout.rhtml
127
+ - examples/rails_openid_login_generator/templates/controller.rb~
164
128
  - examples/rails_openid_login_generator/templates/view_welcome.rhtml
165
- - examples/rails_openid_login_generator/templates/user_test.rb
166
- - examples/rails_openid_login_generator/templates/users.yml
129
+ - examples/rails_openid_login_generator/templates/controller_test.rb
167
130
  - examples/rails_openid_login_generator/templates/openid_login_system.rb
168
131
  - examples/rails_active_record_store/models
169
- - examples/rails_active_record_store/README
170
- - examples/rails_active_record_store/XX_add_openidstore.rb
171
- - examples/rails_active_record_store/openid_helper.rb
172
132
  - examples/rails_active_record_store/openidstore_test.rb
173
- - examples/rails_active_record_store/schema.postgresql.sql
174
- - examples/rails_active_record_store/schema.mysql.sql
175
133
  - examples/rails_active_record_store/schema.sqlite.sql
176
- - examples/rails_active_record_store/models/openid_association.rb
177
- - examples/rails_active_record_store/models/openid_nonce.rb
134
+ - examples/rails_active_record_store/schema.mysql.sql
135
+ - examples/rails_active_record_store/schema.postgresql.sql
136
+ - examples/rails_active_record_store/openid_helper.rb
137
+ - examples/rails_active_record_store/README
138
+ - examples/rails_active_record_store/XX_add_openidstore.rb
178
139
  - examples/rails_active_record_store/models/openid_setting.rb
179
- - examples/openid-store/nonces
180
- - examples/openid-store/associations
181
- - examples/openid-store/temp
182
- - examples/openid-store/auth_key
183
- - examples/openid-store/nonces/PNiw86rQ
184
- - examples/openid-store/nonces/uHhMdi1i
185
- - examples/openid-store/nonces/hdZo7WC9
186
- - examples/openid-store/associations/http-localhost_3A3000_2Fserver-LQl7HUNueJIJcpPoAGiHEHNdJMc
187
- - examples/openid-store/associations/http-www.myopenid.com_2Fserver-ZFp96P4qV1FjqgGt2rtZBvRJWic
140
+ - examples/rails_active_record_store/models/openid_nonce.rb
141
+ - examples/rails_active_record_store/models/openid_association.rb
188
142
  - lib/openid
189
143
  - lib/hmac-sha2.rb
190
144
  - lib/hmac.rb
@@ -192,6 +146,7 @@ files:
192
146
  - lib/hmac-rmd160.rb
193
147
  - lib/hmac-md5.rb
194
148
  - lib/openid.rb
149
+ - lib/openid/htmltokenizer.rb
195
150
  - lib/openid/consumer.rb
196
151
  - lib/openid/dh.rb
197
152
  - lib/openid/fetchers.rb
@@ -199,29 +154,26 @@ files:
199
154
  - lib/openid/parse.rb
200
155
  - lib/openid/stores.rb
201
156
  - lib/openid/util.rb
202
- - lib/openid/server.rb
203
157
  - lib/openid/association.rb
204
158
  - lib/openid/trustroot.rb
159
+ - lib/openid/server.rb
160
+ - lib/openid/urinorm.rb
205
161
  - lib/openid/discovery.rb
206
- - lib/openid/htmltokenizer.rb
207
162
  - lib/openid/service.rb
208
- - lib/openid/stores.rb~
209
- - lib/openid/urinorm.rb
210
- - lib/openid/discovery.rb~
211
163
  - test/storetestcase.rb
212
164
  - test/linkparse.rb
213
165
  - test/assoc.rb
214
166
  - test/dh.rb
215
167
  - test/teststore.rb
216
- - test/util.rb
217
168
  - test/data
169
+ - test/util.rb
218
170
  - test/trustroot.rb
219
- - test/extensions.rb
220
- - test/consumer.rb
171
+ - test/runtests.rb~
221
172
  - test/runtests.rb
173
+ - test/extensions.rb
222
174
  - test/server2.rb
175
+ - test/consumer.rb
223
176
  - test/service.rb
224
- - test/teststore.rb~
225
177
  - test/urinorm.rb
226
178
  - test/data/urinorm.txt
227
179
  - test/data/brian.xrds
@@ -253,5 +205,5 @@ dependencies:
253
205
  requirements:
254
206
  - - ">="
255
207
  - !ruby/object:Gem::Version
256
- version: "0.3"
208
+ version: 0.3.3
257
209
  version: