ruby-openid 1.1.3 → 1.1.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of ruby-openid might be problematic. Click here for more details.
- data/COPYING +10 -18
- data/LICENSE +202 -0
- data/README +3 -4
- data/examples/README +4 -4
- data/examples/active_record_openid_store/README +53 -0
- data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb +28 -0
- data/examples/active_record_openid_store/init.rb +8 -0
- data/examples/active_record_openid_store/lib/association.rb +7 -0
- data/examples/active_record_openid_store/lib/nonce.rb +3 -0
- data/examples/active_record_openid_store/lib/open_id_setting.rb +4 -0
- data/examples/active_record_openid_store/lib/openid_ar_store.rb +82 -0
- data/examples/active_record_openid_store/test/store_test.rb +182 -0
- data/examples/rails_openid_login_generator/gemspec +2 -2
- data/examples/rails_openid_login_generator/templates/README +5 -5
- data/examples/rails_openid_login_generator/templates/controller.rb +11 -9
- data/examples/rails_openid_login_generator/templates/openid_login_system.rb +5 -5
- data/examples/rails_server/config/environment.rb +2 -1
- data/lib/openid/consumer.rb +1 -1
- data/lib/openid/util.rb +1 -0
- metadata +16 -19
- data/TODO +0 -9
- data/examples/rails_active_record_store/README +0 -59
- data/examples/rails_active_record_store/XX_add_openidstore.rb +0 -30
- data/examples/rails_active_record_store/models/openid_association.rb +0 -17
- data/examples/rails_active_record_store/models/openid_nonce.rb +0 -3
- data/examples/rails_active_record_store/models/openid_setting.rb +0 -2
- data/examples/rails_active_record_store/openid_helper.rb +0 -97
- data/examples/rails_active_record_store/openidstore_test.rb +0 -15
- data/examples/rails_active_record_store/schema.mysql.sql +0 -22
- data/examples/rails_active_record_store/schema.postgresql.sql +0 -21
- data/examples/rails_active_record_store/schema.sqlite.sql +0 -21
- data/examples/rails_openid_login_generator/templates/controller.rb~ +0 -111
- data/test/runtests.rb~ +0 -21
@@ -1,30 +0,0 @@
|
|
1
|
-
class AddOpenidstore < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
create_table :openid_settings do |t|
|
4
|
-
t.column :setting, :string
|
5
|
-
t.column :value, :binary
|
6
|
-
end
|
7
|
-
|
8
|
-
create_table :openid_associations do |t|
|
9
|
-
# server_url is blob, because URLs could be longer
|
10
|
-
# than db can handle as a string
|
11
|
-
t.column :server_url, :binary
|
12
|
-
t.column :handle, :string
|
13
|
-
t.column :secret, :binary
|
14
|
-
t.column :issued, :integer
|
15
|
-
t.column :lifetime, :integer
|
16
|
-
t.column :assoc_type, :string
|
17
|
-
end
|
18
|
-
|
19
|
-
create_table :openid_nonces do |t|
|
20
|
-
t.column :nonce, :string
|
21
|
-
t.column :created, :integer
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def self.down
|
26
|
-
drop_table :openid_settings
|
27
|
-
drop_table :openid_associations
|
28
|
-
drop_table :openid_nonces
|
29
|
-
end
|
30
|
-
end
|
@@ -1,17 +0,0 @@
|
|
1
|
-
begin
|
2
|
-
require "rubygems"
|
3
|
-
require_gem "ruby-openid", ">= 1.0"
|
4
|
-
rescue LoadError
|
5
|
-
require "openid"
|
6
|
-
end
|
7
|
-
|
8
|
-
class OpenidAssociation < ActiveRecord::Base
|
9
|
-
|
10
|
-
def from_record
|
11
|
-
OpenID::Association.new(handle,
|
12
|
-
secret,
|
13
|
-
issued,
|
14
|
-
lifetime,
|
15
|
-
assoc_type)
|
16
|
-
end
|
17
|
-
end
|
@@ -1,97 +0,0 @@
|
|
1
|
-
# load the openid library
|
2
|
-
begin
|
3
|
-
require "rubygems"
|
4
|
-
require_gem "ruby-openid", ">= 1.0"
|
5
|
-
rescue LoadError
|
6
|
-
require "openid"
|
7
|
-
end
|
8
|
-
|
9
|
-
module OpenidHelper
|
10
|
-
|
11
|
-
def get_auth_key
|
12
|
-
setting = OpenidSetting.find :first, :conditions => "setting = 'auth_key'"
|
13
|
-
if setting.nil?
|
14
|
-
auth_key = OpenID::Util.random_string(20)
|
15
|
-
setting = OpenidSetting.create :setting => 'auth_key', :value => auth_key
|
16
|
-
end
|
17
|
-
setting.value
|
18
|
-
end
|
19
|
-
|
20
|
-
def store_association(server_url, assoc)
|
21
|
-
remove_association(server_url, assoc.handle)
|
22
|
-
OpenidAssociation.create(:server_url => server_url,
|
23
|
-
:handle => assoc.handle,
|
24
|
-
:secret => assoc.secret,
|
25
|
-
:issued => assoc.issued,
|
26
|
-
:lifetime => assoc.lifetime,
|
27
|
-
:assoc_type => assoc.assoc_type)
|
28
|
-
end
|
29
|
-
|
30
|
-
def get_association(server_url, handle=nil)
|
31
|
-
|
32
|
-
unless handle.nil?
|
33
|
-
assocs = OpenidAssociation.find(:all, :conditions => ["server_url = ? AND handle = ?", server_url, handle])
|
34
|
-
else
|
35
|
-
assocs = OpenidAssociation.find(:all, :conditions => ["server_url = ?", server_url])
|
36
|
-
end
|
37
|
-
|
38
|
-
return nil if assocs.nil?
|
39
|
-
|
40
|
-
assocs.reverse!
|
41
|
-
|
42
|
-
assocs.each do |assoc|
|
43
|
-
a = assoc.from_record
|
44
|
-
if a.expired?
|
45
|
-
assoc.destroy
|
46
|
-
else
|
47
|
-
return a
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
return nil
|
52
|
-
end
|
53
|
-
|
54
|
-
def remove_association(server_url, handle)
|
55
|
-
assoc = OpenidAssociation.find(:first, :conditions => ["server_url = ? AND handle = ?", server_url, handle])
|
56
|
-
unless assoc.nil?
|
57
|
-
assoc.destroy
|
58
|
-
return true
|
59
|
-
end
|
60
|
-
return false
|
61
|
-
end
|
62
|
-
|
63
|
-
def store_nonce(nonce)
|
64
|
-
use_nonce(nonce)
|
65
|
-
OpenidNonce.create :nonce => nonce, :created => Time.now.to_i
|
66
|
-
end
|
67
|
-
|
68
|
-
def use_nonce(nonce)
|
69
|
-
nonce = OpenidNonce.find(:first, :conditions => ["nonce = ?", nonce])
|
70
|
-
return false if nonce.nil?
|
71
|
-
|
72
|
-
age = Time.now.to_i - nonce.created
|
73
|
-
nonce.destroy
|
74
|
-
|
75
|
-
return false if age > (6*60*60) # max nonce age of 6 hours
|
76
|
-
return true
|
77
|
-
end
|
78
|
-
|
79
|
-
def dumb?
|
80
|
-
return false
|
81
|
-
end
|
82
|
-
|
83
|
-
# not part of the api, but useful
|
84
|
-
def gc
|
85
|
-
now = Time.now.to_i
|
86
|
-
|
87
|
-
# remove old nonces
|
88
|
-
nonces = OpenidNonce.find(:all)
|
89
|
-
nonces.each {|n| n.destroy if now - n.created > (6*60*60)} unless nonces.nil?
|
90
|
-
|
91
|
-
# remove expired assocs
|
92
|
-
assocs = OpenidAssociation.find(:all)
|
93
|
-
assocs.each { |a| a.destroy if a.from_record.expired? } unless assocs.nil?
|
94
|
-
end
|
95
|
-
|
96
|
-
|
97
|
-
end
|
@@ -1,15 +0,0 @@
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper'
|
2
|
-
|
3
|
-
# ugly way to get at StoreTestCase module
|
4
|
-
require File.dirname(__FILE__) + '/../../vendor/openid/test/storetestcase'
|
5
|
-
|
6
|
-
class OpenidTest < Test::Unit::TestCase
|
7
|
-
|
8
|
-
include OpenidHelper
|
9
|
-
include StoreTestCase
|
10
|
-
|
11
|
-
def setup
|
12
|
-
@store = self
|
13
|
-
end
|
14
|
-
|
15
|
-
end
|
@@ -1,22 +0,0 @@
|
|
1
|
-
CREATE TABLE openid_associations (
|
2
|
-
`id` int(11) DEFAULT NULL auto_increment PRIMARY KEY,
|
3
|
-
`server_url` blob,
|
4
|
-
`handle` varchar(255),
|
5
|
-
`secret` blob,
|
6
|
-
`issued` int(11),
|
7
|
-
`lifetime` int(11),
|
8
|
-
`assoc_type` varchar(255)
|
9
|
-
) ENGINE=InnoDB;
|
10
|
-
|
11
|
-
CREATE TABLE openid_nonces (
|
12
|
-
`id` int(11) DEFAULT NULL auto_increment PRIMARY KEY,
|
13
|
-
`nonce` varchar(255),
|
14
|
-
`created` int(11)
|
15
|
-
) ENGINE=InnoDB;
|
16
|
-
|
17
|
-
CREATE TABLE openid_settings (
|
18
|
-
`id` int(11) DEFAULT NULL auto_increment PRIMARY KEY,
|
19
|
-
`setting` varchar(255),
|
20
|
-
`value` blob
|
21
|
-
) ENGINE=InnoDB;
|
22
|
-
|
@@ -1,21 +0,0 @@
|
|
1
|
-
CREATE TABLE openid_associations (
|
2
|
-
"id" serial primary key,
|
3
|
-
"server_url" bytea,
|
4
|
-
"handle" character varying(255),
|
5
|
-
"secret" bytea,
|
6
|
-
"issued" integer,
|
7
|
-
"lifetime" integer,
|
8
|
-
"assoc_type" character varying(255)
|
9
|
-
);
|
10
|
-
|
11
|
-
CREATE TABLE openid_nonces (
|
12
|
-
"id" serial primary key,
|
13
|
-
"nonce" character varying(255),
|
14
|
-
"created" integer
|
15
|
-
);
|
16
|
-
|
17
|
-
CREATE TABLE openid_settings (
|
18
|
-
"id" serial primary key,
|
19
|
-
"setting" character varying(255),
|
20
|
-
"value" bytea
|
21
|
-
);
|
@@ -1,21 +0,0 @@
|
|
1
|
-
CREATE TABLE openid_associations (
|
2
|
-
"id" INTEGER PRIMARY KEY NOT NULL,
|
3
|
-
"server_url" blob,
|
4
|
-
"handle" varchar(255),
|
5
|
-
"secret" blob,
|
6
|
-
"issued" integer,
|
7
|
-
"lifetime" integer,
|
8
|
-
"assoc_type" varchar(255)
|
9
|
-
);
|
10
|
-
|
11
|
-
CREATE TABLE openid_nonces (
|
12
|
-
"id" INTEGER PRIMARY KEY NOT NULL,
|
13
|
-
"nonce" varchar(255),
|
14
|
-
"created" integer
|
15
|
-
);
|
16
|
-
|
17
|
-
CREATE TABLE openid_settings (
|
18
|
-
"id" INTEGER PRIMARY KEY NOT NULL,
|
19
|
-
"setting" varchar(255),
|
20
|
-
"value" blob
|
21
|
-
);
|
@@ -1,111 +0,0 @@
|
|
1
|
-
require "pathname"
|
2
|
-
require "cgi"
|
3
|
-
|
4
|
-
# load the openid library
|
5
|
-
begin
|
6
|
-
require "rubygems"
|
7
|
-
require_gem "ruby-openid", ">= 1.0"
|
8
|
-
rescue LoadError
|
9
|
-
require "openid"
|
10
|
-
end
|
11
|
-
|
12
|
-
class <%= class_name %>Controller < ApplicationController
|
13
|
-
layout 'scaffold'
|
14
|
-
|
15
|
-
# process the login request, disover the openid server, and
|
16
|
-
# then redirect.
|
17
|
-
def login
|
18
|
-
openid_url = @params[:openid_url]
|
19
|
-
|
20
|
-
if @request.post?
|
21
|
-
request = consumer.begin(openid_url)
|
22
|
-
|
23
|
-
case request.status
|
24
|
-
when OpenID::SUCCESS
|
25
|
-
return_to = url_for(:action=> 'complete')
|
26
|
-
trust_root = url_for(:controller=>'')
|
27
|
-
|
28
|
-
url = request.redirect_url(trust_root, return_to)
|
29
|
-
redirect_to(url)
|
30
|
-
return
|
31
|
-
|
32
|
-
when OpenID::FAILURE
|
33
|
-
escaped_url = CGI::escape(openid_url)
|
34
|
-
flash[:notice] = "Could not find OpenID server for #{escaped_url}"
|
35
|
-
|
36
|
-
else
|
37
|
-
flash[:notice] = "An unknown error occured."
|
38
|
-
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
|
-
end
|
43
|
-
|
44
|
-
# handle the openid server response
|
45
|
-
def complete
|
46
|
-
response = consumer.complete(@params)
|
47
|
-
|
48
|
-
case response.status
|
49
|
-
when OpenID::SUCCESS
|
50
|
-
|
51
|
-
@user = User.get(response.identity_url)
|
52
|
-
|
53
|
-
# create user object if one does not exist
|
54
|
-
if @user.nil?
|
55
|
-
@user = User.new(:openid_url => response.identity_url)
|
56
|
-
@user.save
|
57
|
-
end
|
58
|
-
|
59
|
-
# storing both the openid_url and user id in the session for for quick
|
60
|
-
# access to both bits of information. Change as needed.
|
61
|
-
@session[:user_id] = @user.id
|
62
|
-
|
63
|
-
flash[:notice] = "Logged in as #{CGI::escape(response.identity_url)}"
|
64
|
-
|
65
|
-
redirect_to :action => "welcome"
|
66
|
-
return
|
67
|
-
|
68
|
-
when OpenID::FAILURE
|
69
|
-
if response.identity_url
|
70
|
-
flash[:notice] = "Verification of #{CGI::escape(response.identity_url)} failed."
|
71
|
-
|
72
|
-
else
|
73
|
-
flash[:notice] = 'Verification failed.'
|
74
|
-
end
|
75
|
-
|
76
|
-
when OpenID::CANCEL
|
77
|
-
flash[:notice] = 'Verification cancelled.'
|
78
|
-
|
79
|
-
else
|
80
|
-
flash[:notice] = 'Unknown response from OpenID server.'
|
81
|
-
end
|
82
|
-
|
83
|
-
redirect_to :action => 'login'
|
84
|
-
end
|
85
|
-
|
86
|
-
def logout
|
87
|
-
@session[:user_id] = nil
|
88
|
-
end
|
89
|
-
|
90
|
-
def welcome
|
91
|
-
end
|
92
|
-
|
93
|
-
private
|
94
|
-
|
95
|
-
# Get the OpenID::Consumer object.
|
96
|
-
def consumer
|
97
|
-
# create the OpenID store for storing associations and nonces,
|
98
|
-
# putting it in your app's db directory
|
99
|
-
store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store')
|
100
|
-
store = OpenID::FilesystemStore.new(store_dir)
|
101
|
-
|
102
|
-
return OpenID::Consumer.new(@session, store)
|
103
|
-
end
|
104
|
-
|
105
|
-
# get the logged in user object
|
106
|
-
def find_user
|
107
|
-
return nil if session[:user_id].nil?
|
108
|
-
User.find(session[:user_id])
|
109
|
-
end
|
110
|
-
|
111
|
-
end
|
data/test/runtests.rb~
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
#!/usr/bin/ruby
|
2
|
-
|
3
|
-
# the tests exploit some corner cases which generate warning messages
|
4
|
-
# on stderr. try and silence those messages to avoid unnecessarily concerning
|
5
|
-
# the library user.
|
6
|
-
begin
|
7
|
-
STDERR.reopen('/dev/null', 'w')
|
8
|
-
rescue
|
9
|
-
print ''
|
10
|
-
end
|
11
|
-
|
12
|
-
require "teststore"
|
13
|
-
require "assoc"
|
14
|
-
require "dh"
|
15
|
-
require "util"
|
16
|
-
require "linkparse"
|
17
|
-
require "trustroot"
|
18
|
-
require "assoc"
|
19
|
-
require "server2"
|
20
|
-
require "consumer"
|
21
|
-
require "service"
|