ruby-openid 2.0.4 → 2.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of ruby-openid might be problematic. Click here for more details.

Files changed (58) hide show
  1. data/CHANGELOG +65 -28
  2. data/LICENSE +4 -1
  3. data/README +19 -12
  4. data/UPGRADE +5 -0
  5. data/examples/README +8 -22
  6. data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb +6 -6
  7. data/examples/active_record_openid_store/lib/association.rb +2 -1
  8. data/examples/active_record_openid_store/lib/openid_ar_store.rb +3 -3
  9. data/examples/rails_openid/app/controllers/consumer_controller.rb +11 -5
  10. data/lib/openid.rb +4 -0
  11. data/lib/openid/association.rb +7 -7
  12. data/lib/openid/consumer/checkid_request.rb +11 -0
  13. data/lib/openid/consumer/discovery.rb +12 -3
  14. data/lib/openid/consumer/idres.rb +35 -43
  15. data/lib/openid/extension.rb +9 -1
  16. data/lib/openid/extensions/pape.rb +22 -25
  17. data/lib/openid/extensions/sreg.rb +1 -0
  18. data/lib/openid/fetchers.rb +25 -5
  19. data/lib/openid/kvform.rb +8 -5
  20. data/lib/openid/kvpost.rb +6 -5
  21. data/lib/openid/message.rb +53 -34
  22. data/lib/openid/server.rb +87 -52
  23. data/lib/openid/trustroot.rb +25 -17
  24. data/lib/openid/util.rb +19 -4
  25. data/lib/openid/yadis/discovery.rb +3 -3
  26. data/lib/openid/yadis/htmltokenizer.rb +8 -5
  27. data/lib/openid/yadis/parsehtml.rb +22 -14
  28. data/lib/openid/yadis/xrds.rb +6 -9
  29. data/test/data/linkparse.txt +1 -1
  30. data/test/data/test1-parsehtml.txt +24 -0
  31. data/test/data/trustroot.txt +8 -2
  32. data/test/test_association.rb +7 -7
  33. data/test/test_associationmanager.rb +1 -1
  34. data/test/test_extension.rb +46 -0
  35. data/test/test_idres.rb +81 -21
  36. data/test/test_kvform.rb +5 -5
  37. data/test/test_message.rb +61 -3
  38. data/test/test_pape.rb +36 -22
  39. data/test/test_server.rb +190 -12
  40. data/test/test_sreg.rb +0 -1
  41. data/test/test_trustroot.rb +1 -0
  42. data/test/test_yadis_discovery.rb +13 -0
  43. metadata +3 -19
  44. data/examples/rails_openid/app/views/consumer/start.rhtml +0 -8
  45. data/examples/rails_openid_login_generator/USAGE +0 -23
  46. data/examples/rails_openid_login_generator/gemspec +0 -13
  47. data/examples/rails_openid_login_generator/openid_login_generator.rb +0 -36
  48. data/examples/rails_openid_login_generator/templates/README +0 -116
  49. data/examples/rails_openid_login_generator/templates/controller.rb +0 -113
  50. data/examples/rails_openid_login_generator/templates/controller_test.rb +0 -0
  51. data/examples/rails_openid_login_generator/templates/helper.rb +0 -2
  52. data/examples/rails_openid_login_generator/templates/openid_login_system.rb +0 -87
  53. data/examples/rails_openid_login_generator/templates/user.rb +0 -14
  54. data/examples/rails_openid_login_generator/templates/user_test.rb +0 -0
  55. data/examples/rails_openid_login_generator/templates/users.yml +0 -0
  56. data/examples/rails_openid_login_generator/templates/view_login.rhtml +0 -15
  57. data/examples/rails_openid_login_generator/templates/view_logout.rhtml +0 -10
  58. data/examples/rails_openid_login_generator/templates/view_welcome.rhtml +0 -9
data/test/test_sreg.rb CHANGED
@@ -453,7 +453,6 @@ module OpenID
453
453
  req_msg.update_args(NS_URI, sreg_req.get_extension_args)
454
454
  req = Server::OpenIDRequest.new
455
455
  req.message = req_msg
456
- req.namespace = req_msg.get_openid_namespace
457
456
 
458
457
  # -> checkid_* request
459
458
 
@@ -9,6 +9,7 @@ class TrustRootTest < Test::Unit::TestCase
9
9
  def _test_sanity(case_, sanity, desc)
10
10
  tr = OpenID::TrustRoot::TrustRoot.parse(case_)
11
11
  if sanity == 'sane'
12
+ assert(! tr.nil?)
12
13
  assert(tr.sane?, [case_, desc])
13
14
  assert(OpenID::TrustRoot::TrustRoot.check_sanity(case_), [case_, desc])
14
15
  elsif sanity == 'insane'
@@ -162,6 +162,12 @@ module OpenID
162
162
  end
163
163
  end
164
164
 
165
+ class BlankContentTypeFetcher
166
+ def fetch(url, body=nil, headers=nil, redirect_limit=nil)
167
+ return OpenID::HTTPResponse._from_raw_data(200, "", {"Content-Type" => ""}, nil)
168
+ end
169
+ end
170
+
165
171
  class TestYadisDiscovery < Test::Unit::TestCase
166
172
  include FetcherMixin
167
173
 
@@ -202,6 +208,13 @@ module OpenID
202
208
  assert_equal(nil, result.content_type)
203
209
  end
204
210
  end
211
+
212
+ def test_blank_content_type
213
+ with_fetcher(BlankContentTypeFetcher.new) do
214
+ result = Yadis.discover("http://bogus")
215
+ assert_equal("", result.content_type)
216
+ end
217
+ end
205
218
  end
206
219
  end
207
220
  end
metadata CHANGED
@@ -3,8 +3,8 @@ rubygems_version: 0.9.0
3
3
  specification_version: 1
4
4
  name: ruby-openid
5
5
  version: !ruby/object:Gem::Version
6
- version: 2.0.4
7
- date: 2008-02-13 00:00:00 -08:00
6
+ version: 2.1.2
7
+ date: 2008-06-27 00:00:00 -07:00
8
8
  summary: A library for consuming and serving OpenID identities.
9
9
  require_paths:
10
10
  - lib
@@ -31,7 +31,6 @@ authors:
31
31
  files:
32
32
  - examples/README
33
33
  - examples/active_record_openid_store
34
- - examples/rails_openid_login_generator
35
34
  - examples/rails_openid
36
35
  - examples/discover
37
36
  - examples/active_record_openid_store/lib
@@ -45,21 +44,6 @@ files:
45
44
  - examples/active_record_openid_store/lib/open_id_setting.rb
46
45
  - examples/active_record_openid_store/lib/openid_ar_store.rb
47
46
  - examples/active_record_openid_store/test/store_test.rb
48
- - examples/rails_openid_login_generator/templates
49
- - examples/rails_openid_login_generator/gemspec
50
- - examples/rails_openid_login_generator/USAGE
51
- - examples/rails_openid_login_generator/openid_login_generator.rb
52
- - examples/rails_openid_login_generator/templates/user.rb
53
- - examples/rails_openid_login_generator/templates/README
54
- - examples/rails_openid_login_generator/templates/controller.rb
55
- - examples/rails_openid_login_generator/templates/helper.rb
56
- - examples/rails_openid_login_generator/templates/view_login.rhtml
57
- - examples/rails_openid_login_generator/templates/view_logout.rhtml
58
- - examples/rails_openid_login_generator/templates/view_welcome.rhtml
59
- - examples/rails_openid_login_generator/templates/controller_test.rb
60
- - examples/rails_openid_login_generator/templates/user_test.rb
61
- - examples/rails_openid_login_generator/templates/users.yml
62
- - examples/rails_openid_login_generator/templates/openid_login_system.rb
63
47
  - examples/rails_openid/app
64
48
  - examples/rails_openid/components
65
49
  - examples/rails_openid/config
@@ -91,7 +75,6 @@ files:
91
75
  - examples/rails_openid/app/views/layouts/server.rhtml
92
76
  - examples/rails_openid/app/views/login/index.rhtml
93
77
  - examples/rails_openid/app/views/server/decide.rhtml
94
- - examples/rails_openid/app/views/consumer/start.rhtml
95
78
  - examples/rails_openid/app/views/consumer/index.rhtml
96
79
  - examples/rails_openid/config/environments
97
80
  - examples/rails_openid/config/database.yml
@@ -228,6 +211,7 @@ files:
228
211
  - test/test_checkid_request.rb
229
212
  - test/test_discovery_manager.rb
230
213
  - test/test_responses.rb
214
+ - test/test_extension.rb
231
215
  - test/data/test_xrds
232
216
  - test/data/urinorm.txt
233
217
  - test/data/n2b64
@@ -1,8 +0,0 @@
1
- <html>
2
- <body>
3
- <%= @form_text %>
4
- <script type="text/javascript">
5
- document.getElementById('openid_form').submit();
6
- </script>
7
- </body>
8
- </html>
@@ -1,23 +0,0 @@
1
- NAME
2
- openid_login - creates a functional openid login system
3
-
4
- SYNOPSIS
5
- openid_login [Controller name]
6
-
7
- Good names are Account Myaccount Security
8
-
9
- DESCRIPTION
10
- This generator creates a general purpose login system.
11
-
12
- Included:
13
- - a User model which stores OpenID authenticated users
14
- - a Controller with login, welcome and logoff actions
15
- - a mixin which lets you easily add advanced authentication
16
- features to your abstract base controller
17
-
18
-
19
- EXAMPLE
20
- ./script/generate openid_login Account
21
-
22
- This will generate an Account controller with login and logout methods.
23
- The model is always called User
@@ -1,13 +0,0 @@
1
- Gem::Specification.new do |s|
2
- s.name = %q{openid_login_generator}
3
- s.version = "0.2"
4
- s.date = %q{2007-1-4}
5
- s.summary = %q{[Rails] OpenID Login generator.}
6
- s.require_paths = ["."]
7
- s.email = %q{brian@janrain.com}
8
- s.homepage = %q{http://wiki.rubyonrails.org/rails/pages/OpenidLoginGenerator}
9
- s.description = %q{Generates Rails code implementing an OpenID based login system for your Rails app. Based on the original Rails Login Generator.}
10
- s.authors = ["Brian Ellin, JanRain Inc."]
11
- s.files = Dir.glob("{templates/**/*}") + ['USAGE', 'openid_login_generator.rb']
12
- s.add_dependency('ruby-openid', '>= 1.0.2')
13
- end
@@ -1,36 +0,0 @@
1
- class OpenidLoginGenerator < Rails::Generator::NamedBase
2
- def manifest
3
- record do |m|
4
-
5
- # Login module, controller class, functional test, and helper.
6
- m.template "openid_login_system.rb", "lib/openid_login_system.rb"
7
- m.template "controller.rb", File.join("app/controllers", class_path, "#{file_name}_controller.rb")
8
- m.template "controller_test.rb", File.join("test/functional", class_path, "#{file_name}_controller_test.rb")
9
- m.template "helper.rb", File.join("app/helpers", class_path, "#{file_name}_helper.rb")
10
-
11
- # Model class, unit test, fixtures, and example schema.
12
- m.template "user.rb", "app/models/user.rb"
13
- m.template "user_test.rb", "test/unit/user_test.rb"
14
- m.template "users.yml", "test/fixtures/users.yml"
15
-
16
- # Layout and stylesheet.
17
- m.template "scaffold:layout.rhtml", "app/views/layouts/scaffold.rhtml"
18
- m.template "scaffold:style.css", "public/stylesheets/scaffold.css"
19
-
20
- # Views.
21
- m.directory File.join("app/views", class_path, file_name)
22
- login_views.each do |action|
23
- m.template "view_#{action}.rhtml",
24
- File.join("app/views", class_path, file_name, "#{action}.rhtml")
25
- end
26
-
27
- m.template "README", "README_LOGIN"
28
- end
29
- end
30
-
31
- attr_accessor :controller_class_name
32
-
33
- def login_views
34
- %w(welcome login logout)
35
- end
36
- end
@@ -1,116 +0,0 @@
1
- == About
2
-
3
- This is a port of the standard LoginGenerator to use OpenID for
4
- authentication. It is distributed with the Ruby OpenID library.
5
-
6
- Read more at:
7
- * http://openidenabled.com
8
- * http://openidenabled.com/openid/libraries/ruby
9
- * http://openid.net
10
-
11
- == Installation
12
-
13
- If you are reading this, then you have installed the openid_login
14
- system, but there are still a few things you have to do
15
- manually. First open your app/controllers/application.rb and add
16
-
17
- require_dependency "openid_login_system"
18
-
19
- to the top of the file and include the login system with
20
-
21
- include OpenidLoginSystem
22
-
23
- The beginning of your ApplicationController.
24
- It should look something like this :
25
-
26
- require_dependency "openid_login_system"
27
-
28
- class ApplicationController < ActionController::Base
29
- include OpenidLoginSystem
30
- model :user
31
-
32
- After you have done the modifications the the AbstractController you can import
33
- the user model into the database. This model is meant as an example and you
34
- should extend it.
35
-
36
- The model :user is required when you are hitting problems to the degree of
37
- "Session could not be restored becuase not all items in it are known"
38
-
39
- == Requirements
40
-
41
- You need a database table corresponding to the User model.
42
-
43
- mysql syntax:
44
- CREATE TABLE users (
45
- id int(11) NOT NULL auto_increment,
46
- openid_url varchar(256) default NULL,
47
- PRIMARY KEY (id)
48
- );
49
-
50
- postgres :
51
- CREATE TABLE "users" (
52
- �"id" SERIAL NOT NULL UNIQUE,
53
- �"openid_url" VARCHAR(256),
54
- �PRIMARY KEY("id")
55
- ) WITH OIDS;
56
-
57
- sqlite:
58
- CREATE TABLE 'users' (
59
- 'id' INTEGER PRIMARY KEY NOT NULL,
60
- 'openid_url' VARCHAR(256) DEFAULT NULL
61
- );
62
-
63
- Of course your user model can have any amount of extra fields. This is just a
64
- starting point
65
-
66
- == How to use it
67
-
68
- Now you can go around and happily add "before_filter :login_required" to the
69
- controllers which you would like to protect.
70
-
71
- After integrating the login system with your rails application
72
- navigate to your new controller's login method. There you may login
73
- which will create a new User object if you've never logged in
74
- before. After you are done you should have a look at your DB, and
75
- you'll see the record for your User with the openid_url you entered.
76
-
77
-
78
- == Tips & Tricks
79
-
80
- How do I...
81
-
82
- ... access the user who is currently logged in
83
-
84
- A: You can get the user id from the session using session[:user_id]
85
- Example:
86
-
87
- session[:user_id]
88
-
89
- To get the User object:
90
-
91
- user = User.find(session[:user_id])
92
-
93
- The OpenidController also has a find_user method
94
- which will return the User object of the logged in user, or nil
95
- if no user is logged in.
96
-
97
-
98
- ... restrict access to only a few methods?
99
-
100
- A: Use before_filters build in scoping.
101
- Example:
102
- before_filter :login_required, :only => [:myaccount, :changepassword]
103
- before_filter :login_required, :except => [:index]
104
-
105
- ... check if a user is logged-in in my views?
106
-
107
- A: session[:user_id] will tell you. Here is an example helper which you can use to make this more pretty:
108
- Example:
109
- def user?
110
- !session[:user_id].nil?
111
- end
112
-
113
-
114
-
115
-
116
-
@@ -1,113 +0,0 @@
1
- require "pathname"
2
- require "cgi"
3
-
4
- # load the openid library
5
- begin
6
- require "rubygems"
7
- require_gem "ruby-openid", ">= 1.0.2"
8
- rescue LoadError
9
- require "openid"
10
- end
11
-
12
- class <%= class_name %>Controller < ApplicationController
13
- layout 'scaffold'
14
-
15
- # process the login request, disover the openid server, and
16
- # then redirect.
17
- def login
18
- openid_url = params[:openid_url]
19
-
20
- if request.post?
21
- request = consumer.begin(openid_url)
22
-
23
- case request.status
24
- when OpenID::SUCCESS
25
- return_to = url_for(:action=> 'complete')
26
- trust_root = url_for(:controller=>'')
27
-
28
- url = request.redirect_url(trust_root, return_to)
29
- redirect_to(url)
30
- return
31
-
32
- when OpenID::FAILURE
33
- escaped_url = CGI::escape(openid_url)
34
- flash[:notice] = "Could not find OpenID server for #{escaped_url}"
35
-
36
- else
37
- flash[:notice] = "An unknown error occured."
38
-
39
- end
40
- end
41
-
42
- end
43
-
44
- # handle the openid server response
45
- def complete
46
- response = consumer.complete(params)
47
-
48
- case response.status
49
- when OpenID::SUCCESS
50
-
51
- @user = User.get(response.identity_url)
52
-
53
- # create user object if one does not exist
54
- if @user.nil?
55
- @user = User.new(:openid_url => response.identity_url)
56
- @user.save
57
- end
58
-
59
- # storing both the openid_url and user id in the session for for quick
60
- # access to both bits of information. Change as needed.
61
- session[:user_id] = @user.id
62
-
63
- flash[:notice] = "Logged in as #{CGI::escape(response.identity_url)}"
64
-
65
- redirect_back_or_default :action => "welcome"
66
- return
67
-
68
- when OpenID::FAILURE
69
- if response.identity_url
70
- flash[:notice] = "Verification of #{response.identity_url} failed."
71
-
72
- else
73
- flash[:notice] = 'Verification failed.'
74
- end
75
-
76
- when OpenID::CANCEL
77
- flash[:notice] = 'Verification cancelled.'
78
-
79
- else
80
- flash[:notice] = 'Unknown response from OpenID server.'
81
- end
82
-
83
- redirect_to :action => 'login'
84
- end
85
-
86
- def logout
87
- session[:user_id] = nil
88
- end
89
-
90
- def welcome
91
- end
92
-
93
- private
94
-
95
- # Get the OpenID::Consumer object.
96
- def consumer
97
- # Create the OpenID store for storing associations and nonces,
98
- # putting it in your app's db directory.
99
- # Note: see the plugin located at examples/active_record_openid_store
100
- # if you need to store this information in your database.
101
- store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store')
102
- store = OpenID::FilesystemStore.new(store_dir)
103
-
104
- return OpenID::Consumer.new(session, store)
105
- end
106
-
107
- # get the logged in user object
108
- def find_user
109
- return nil if session[:user_id].nil?
110
- User.find(session[:user_id])
111
- end
112
-
113
- end
@@ -1,2 +0,0 @@
1
- module <%= class_name %>Helper
2
- end
@@ -1,87 +0,0 @@
1
- require_dependency "user"
2
-
3
- module OpenidLoginSystem
4
-
5
- protected
6
-
7
- # overwrite this if you want to restrict access to only a few actions
8
- # or if you want to check if the user has the correct rights
9
- # example:
10
- #
11
- # # only allow nonbobs
12
- # def authorize?(user)
13
- # user.login != "bob"
14
- # end
15
- def authorize?(user)
16
- true
17
- end
18
-
19
- # overwrite this method if you only want to protect certain actions of the controller
20
- # example:
21
- #
22
- # # don't protect the login and the about method
23
- # def protect?(action)
24
- # if ['action', 'about'].include?(action)
25
- # return false
26
- # else
27
- # return true
28
- # end
29
- # end
30
- def protect?(action)
31
- true
32
- end
33
-
34
- # login_required filter. add
35
- #
36
- # before_filter :login_required
37
- #
38
- # if the controller should be under any rights management.
39
- # for finer access control you can overwrite
40
- #
41
- # def authorize?(user)
42
- #
43
- def login_required
44
-
45
- if not protect?(action_name)
46
- return true
47
- end
48
-
49
- if session[:user_id] and authorize?(User.find(session[:user_id]))
50
- return true
51
- end
52
-
53
- # store current location so that we can
54
- # come back after the user logged in
55
- store_location
56
-
57
- # call overwriteable reaction to unauthorized access
58
- access_denied
59
- return false
60
- end
61
-
62
- # overwrite if you want to have special behavior in case the user is not authorized
63
- # to access the current operation.
64
- # the default action is to redirect to the login screen
65
- # example use :
66
- # a popup window might just close itself for instance
67
- def access_denied
68
- redirect_to :controller=>"/<%= file_name %>", :action =>"login"
69
- end
70
-
71
- # store current uri in the session.
72
- # we can return to this location by calling return_location
73
- def store_location
74
- session[:return_to] = request.request_uri
75
- end
76
-
77
- # move to the last store_location call or to the passed default one
78
- def redirect_back_or_default(default)
79
- if session[:return_to].nil?
80
- redirect_to default
81
- else
82
- redirect_to_url session[:return_to]
83
- session[:return_to] = nil
84
- end
85
- end
86
-
87
- end