ruby-openid 1.1.4 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of ruby-openid might be problematic. Click here for more details.
- data/INSTALL +0 -9
- data/README +21 -22
- data/UPGRADE +117 -0
- data/admin/runtests.rb +36 -0
- data/examples/README +13 -21
- data/examples/active_record_openid_store/README +8 -3
- data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb +4 -8
- data/examples/active_record_openid_store/XXX_upgrade_open_id_store.rb +26 -0
- data/examples/active_record_openid_store/lib/association.rb +2 -0
- data/examples/active_record_openid_store/lib/openid_ar_store.rb +22 -47
- data/examples/active_record_openid_store/test/store_test.rb +78 -48
- data/examples/discover +46 -0
- data/examples/{rails_server → rails_openid}/README +0 -0
- data/examples/{rails_server → rails_openid}/Rakefile +0 -0
- data/examples/{rails_server → rails_openid}/app/controllers/application.rb +0 -0
- data/examples/rails_openid/app/controllers/consumer_controller.rb +115 -0
- data/examples/{rails_server → rails_openid}/app/controllers/login_controller.rb +10 -2
- data/examples/rails_openid/app/controllers/server_controller.rb +265 -0
- data/examples/{rails_server → rails_openid}/app/helpers/application_helper.rb +0 -0
- data/examples/{rails_server → rails_openid}/app/helpers/login_helper.rb +0 -0
- data/examples/{rails_server → rails_openid}/app/helpers/server_helper.rb +0 -0
- data/examples/rails_openid/app/views/consumer/index.rhtml +81 -0
- data/examples/rails_openid/app/views/consumer/start.rhtml +8 -0
- data/examples/{rails_server → rails_openid}/app/views/layouts/server.rhtml +0 -0
- data/examples/{rails_server → rails_openid}/app/views/login/index.rhtml +1 -1
- data/examples/rails_openid/app/views/server/decide.rhtml +26 -0
- data/examples/{rails_server → rails_openid}/config/boot.rb +0 -0
- data/examples/{rails_server → rails_openid}/config/database.yml +0 -0
- data/examples/{rails_server → rails_openid}/config/environment.rb +0 -0
- data/examples/{rails_server → rails_openid}/config/environments/development.rb +0 -0
- data/examples/{rails_server → rails_openid}/config/environments/production.rb +0 -0
- data/examples/{rails_server → rails_openid}/config/environments/test.rb +0 -0
- data/examples/{rails_server → rails_openid}/config/routes.rb +2 -1
- data/examples/{rails_server → rails_openid}/doc/README_FOR_APP +0 -0
- data/examples/{rails_server → rails_openid}/public/404.html +0 -0
- data/examples/{rails_server → rails_openid}/public/500.html +0 -0
- data/examples/{rails_server → rails_openid}/public/dispatch.cgi +0 -0
- data/examples/{rails_server → rails_openid}/public/dispatch.fcgi +0 -0
- data/examples/{rails_server → rails_openid}/public/dispatch.rb +0 -0
- data/examples/{rails_server → rails_openid}/public/favicon.ico +0 -0
- data/examples/rails_openid/public/images/openid_login_bg.gif +0 -0
- data/examples/{rails_server → rails_openid}/public/javascripts/controls.js +0 -0
- data/examples/{rails_server → rails_openid}/public/javascripts/dragdrop.js +0 -0
- data/examples/{rails_server → rails_openid}/public/javascripts/effects.js +0 -0
- data/examples/{rails_server → rails_openid}/public/javascripts/prototype.js +0 -0
- data/examples/{rails_server → rails_openid}/public/robots.txt +0 -0
- data/examples/{rails_server → rails_openid}/script/about +0 -0
- data/examples/{rails_server → rails_openid}/script/breakpointer +0 -0
- data/examples/{rails_server → rails_openid}/script/console +0 -0
- data/examples/{rails_server → rails_openid}/script/destroy +0 -0
- data/examples/{rails_server → rails_openid}/script/generate +0 -0
- data/examples/{rails_server → rails_openid}/script/performance/benchmarker +0 -0
- data/examples/{rails_server → rails_openid}/script/performance/profiler +0 -0
- data/examples/{rails_server → rails_openid}/script/plugin +0 -0
- data/examples/{rails_server → rails_openid}/script/process/reaper +0 -0
- data/examples/{rails_server → rails_openid}/script/process/spawner +0 -0
- data/examples/{rails_server → rails_openid}/script/process/spinner +0 -0
- data/examples/{rails_server → rails_openid}/script/runner +0 -0
- data/examples/{rails_server → rails_openid}/script/server +0 -0
- data/examples/{rails_server → rails_openid}/test/functional/login_controller_test.rb +0 -0
- data/examples/{rails_server → rails_openid}/test/functional/server_controller_test.rb +0 -0
- data/examples/{rails_server → rails_openid}/test/test_helper.rb +0 -0
- data/lib/{hmac.rb → hmac/hmac.rb} +0 -0
- data/lib/{hmac-sha1.rb → hmac/sha1.rb} +1 -1
- data/lib/{hmac-sha2.rb → hmac/sha2.rb} +1 -1
- data/lib/openid/association.rb +213 -73
- data/lib/openid/consumer/associationmanager.rb +338 -0
- data/lib/openid/consumer/checkid_request.rb +175 -0
- data/lib/openid/consumer/discovery.rb +480 -0
- data/lib/openid/consumer/discovery_manager.rb +123 -0
- data/lib/openid/consumer/html_parse.rb +136 -0
- data/lib/openid/consumer/idres.rb +525 -0
- data/lib/openid/consumer/responses.rb +133 -0
- data/lib/openid/consumer.rb +280 -807
- data/lib/openid/cryptutil.rb +85 -0
- data/lib/openid/dh.rb +60 -23
- data/lib/openid/extension.rb +31 -0
- data/lib/openid/extensions/ax.rb +506 -0
- data/lib/openid/extensions/pape.rb +182 -0
- data/lib/openid/extensions/sreg.rb +275 -0
- data/lib/openid/extras.rb +11 -0
- data/lib/openid/fetchers.rb +132 -93
- data/lib/openid/kvform.rb +133 -0
- data/lib/openid/kvpost.rb +56 -0
- data/lib/openid/message.rb +534 -0
- data/lib/openid/protocolerror.rb +6 -0
- data/lib/openid/server.rb +1215 -666
- data/lib/openid/store/filesystem.rb +271 -0
- data/lib/openid/store/interface.rb +75 -0
- data/lib/openid/store/memory.rb +84 -0
- data/lib/openid/store/nonce.rb +68 -0
- data/lib/openid/trustroot.rb +314 -87
- data/lib/openid/urinorm.rb +37 -34
- data/lib/openid/util.rb +42 -220
- data/lib/openid/yadis/accept.rb +148 -0
- data/lib/openid/yadis/constants.rb +21 -0
- data/lib/openid/yadis/discovery.rb +153 -0
- data/lib/openid/yadis/filters.rb +205 -0
- data/lib/openid/{htmltokenizer.rb → yadis/htmltokenizer.rb} +1 -54
- data/lib/openid/yadis/parsehtml.rb +36 -0
- data/lib/openid/yadis/services.rb +42 -0
- data/lib/openid/yadis/xrds.rb +171 -0
- data/lib/openid/yadis/xri.rb +90 -0
- data/lib/openid/yadis/xrires.rb +106 -0
- data/lib/openid.rb +1 -4
- data/test/data/accept.txt +124 -0
- data/test/data/dh.txt +29 -0
- data/test/data/example-xrds.xml +14 -0
- data/test/data/linkparse.txt +587 -0
- data/test/data/n2b64 +650 -0
- data/test/data/test1-discover.txt +137 -0
- data/test/data/test1-parsehtml.txt +128 -0
- data/test/data/test_discover/openid.html +11 -0
- data/test/data/test_discover/openid2.html +11 -0
- data/test/data/test_discover/openid2_xrds.xml +12 -0
- data/test/data/test_discover/openid2_xrds_no_local_id.xml +11 -0
- data/test/data/test_discover/openid_1_and_2.html +11 -0
- data/test/data/test_discover/openid_1_and_2_xrds.xml +16 -0
- data/test/data/test_discover/openid_1_and_2_xrds_bad_delegate.xml +17 -0
- data/test/data/test_discover/openid_and_yadis.html +12 -0
- data/test/data/test_discover/openid_no_delegate.html +10 -0
- data/test/data/test_discover/yadis_0entries.xml +12 -0
- data/test/data/test_discover/yadis_2_bad_local_id.xml +15 -0
- data/test/data/test_discover/yadis_2entries_delegate.xml +22 -0
- data/test/data/test_discover/yadis_2entries_idp.xml +21 -0
- data/test/data/test_discover/yadis_another_delegate.xml +14 -0
- data/test/data/test_discover/yadis_idp.xml +12 -0
- data/test/data/test_discover/yadis_idp_delegate.xml +13 -0
- data/test/data/test_discover/yadis_no_delegate.xml +11 -0
- data/test/data/test_xrds/=j3h.2007.11.14.xrds +25 -0
- data/test/data/test_xrds/README +12 -0
- data/test/data/test_xrds/delegated-20060809-r1.xrds +34 -0
- data/test/data/test_xrds/delegated-20060809-r2.xrds +34 -0
- data/test/data/test_xrds/delegated-20060809.xrds +34 -0
- data/test/data/test_xrds/no-xrd.xml +7 -0
- data/test/data/test_xrds/not-xrds.xml +2 -0
- data/test/data/test_xrds/prefixsometimes.xrds +34 -0
- data/test/data/test_xrds/ref.xrds +109 -0
- data/test/data/test_xrds/sometimesprefix.xrds +34 -0
- data/test/data/test_xrds/spoof1.xrds +25 -0
- data/test/data/test_xrds/spoof2.xrds +25 -0
- data/test/data/test_xrds/spoof3.xrds +37 -0
- data/test/data/test_xrds/status222.xrds +9 -0
- data/test/data/test_xrds/valid-populated-xrds.xml +39 -0
- data/test/data/trustroot.txt +147 -0
- data/test/discoverdata.rb +131 -0
- data/test/test_accept.rb +170 -0
- data/test/test_association.rb +266 -0
- data/test/test_associationmanager.rb +899 -0
- data/test/test_ax.rb +587 -0
- data/test/test_checkid_request.rb +297 -0
- data/test/test_consumer.rb +257 -0
- data/test/test_cryptutil.rb +117 -0
- data/test/test_dh.rb +86 -0
- data/test/test_discover.rb +772 -0
- data/test/test_discovery_manager.rb +262 -0
- data/test/test_extras.rb +35 -0
- data/test/test_fetchers.rb +472 -0
- data/test/test_filters.rb +270 -0
- data/test/test_idres.rb +816 -0
- data/test/test_kvform.rb +165 -0
- data/test/test_kvpost.rb +65 -0
- data/test/test_linkparse.rb +101 -0
- data/test/test_message.rb +1058 -0
- data/test/test_nonce.rb +89 -0
- data/test/test_openid_yadis.rb +178 -0
- data/test/test_pape.rb +233 -0
- data/test/test_parsehtml.rb +80 -0
- data/test/test_responses.rb +63 -0
- data/test/test_server.rb +2270 -0
- data/test/test_sreg.rb +479 -0
- data/test/test_stores.rb +269 -0
- data/test/test_trustroot.rb +112 -0
- data/test/{urinorm.rb → test_urinorm.rb} +6 -3
- data/test/test_util.rb +144 -0
- data/test/test_xrds.rb +160 -0
- data/test/test_xri.rb +48 -0
- data/test/test_xrires.rb +63 -0
- data/test/test_yadis_discovery.rb +207 -0
- data/test/testutil.rb +116 -0
- data/test/util.rb +47 -50
- metadata +233 -143
- data/examples/consumer.rb +0 -290
- data/examples/rails_openid_login_generator/openid_login_generator-0.1.gem +0 -0
- data/examples/rails_server/app/controllers/server_controller.rb +0 -190
- data/examples/rails_server/app/views/server/decide.rhtml +0 -11
- data/examples/rails_server/public/images/rails.png +0 -0
- data/lib/hmac-md5.rb +0 -11
- data/lib/hmac-rmd160.rb +0 -11
- data/lib/openid/discovery.rb +0 -122
- data/lib/openid/filestore.rb +0 -315
- data/lib/openid/parse.rb +0 -23
- data/lib/openid/service.rb +0 -147
- data/lib/openid/stores.rb +0 -178
- data/test/assoc.rb +0 -38
- data/test/consumer.rb +0 -376
- data/test/data/brian.xrds +0 -16
- data/test/data/brianellin.mylid.xrds +0 -42
- data/test/dh.rb +0 -20
- data/test/extensions.rb +0 -30
- data/test/linkparse.rb +0 -305
- data/test/runtests.rb +0 -22
- data/test/server2.rb +0 -1053
- data/test/service.rb +0 -47
- data/test/storetestcase.rb +0 -172
- data/test/teststore.rb +0 -47
- data/test/trustroot.rb +0 -117
data/INSTALL
CHANGED
@@ -1,14 +1,5 @@
|
|
1
1
|
= Ruby OpenID Library Installation
|
2
2
|
|
3
|
-
== Dependencies
|
4
|
-
|
5
|
-
This library depends on the Ruby Yadis library available at:
|
6
|
-
|
7
|
-
http://www.openidenabled.com/yadis/libraries/ruby/about/
|
8
|
-
|
9
|
-
Please make sure you have the Yadis library installed, or use
|
10
|
-
rubygems for installation
|
11
|
-
|
12
3
|
== Rubygems Installation
|
13
4
|
|
14
5
|
Rubygems is a tool for installing ruby libraries and their
|
data/README
CHANGED
@@ -8,18 +8,18 @@ A Ruby library for verifying and serving OpenID identities.
|
|
8
8
|
* Does not depend on underlying web framework
|
9
9
|
* Supports multiple storage mechanisms (Filesystem, ActiveRecord, Memory)
|
10
10
|
* Example code to help you get started, including:
|
11
|
-
*
|
12
|
-
* Ruby on rails based server
|
11
|
+
* Ruby on Rails based consumer and server
|
13
12
|
* OpenIDLoginGenerator for quickly getting creating a rails app that uses
|
14
13
|
OpenID for authentication
|
15
14
|
* ActiveRecordOpenIDStore plugin
|
16
15
|
* Comprehensive test suite
|
16
|
+
* Supports both OpenID 1 and OpenID 2 transparently
|
17
17
|
|
18
18
|
==Installing
|
19
19
|
Before running the examples or writing your own code you'll need to install
|
20
20
|
the library. See the INSTALL file or use rubygems:
|
21
21
|
|
22
|
-
gem
|
22
|
+
gem install ruby-openid
|
23
23
|
|
24
24
|
Check the installation:
|
25
25
|
|
@@ -29,48 +29,47 @@ Check the installation:
|
|
29
29
|
=> true
|
30
30
|
|
31
31
|
The library is known to work with Ruby 1.8.4 on Unix, Max OSX and
|
32
|
-
Win32. Examples
|
33
|
-
|
32
|
+
Win32. Examples have been tested with Rails 1.1 and 1.2, and 2.0.
|
34
33
|
|
35
34
|
==Getting Started with OpenID::Consumer
|
36
|
-
OpenID::Consumer is the place to start if you'd like to support
|
37
|
-
|
35
|
+
OpenID::Consumer is the place to start if you'd like to support OpenID
|
36
|
+
authentication on your website. The examples directory contains
|
38
37
|
several working examples to help you get started, and the
|
39
|
-
OpenID::Consumer class is well
|
38
|
+
OpenID::Consumer class is well-documented.
|
40
39
|
|
41
|
-
Also, check out the OpenIDLoginGenerator! Read examples/README for
|
40
|
+
Also, check out the OpenIDLoginGenerator! Read examples/README for
|
41
|
+
more info.
|
42
42
|
|
43
43
|
==Serving OpenID with OpenID::Server
|
44
|
-
The examples directory contains fully
|
44
|
+
The examples directory contains a fully-functional OpenID server that
|
45
45
|
uses the Ruby on Rails framework. Start by reading about the
|
46
46
|
OpenID::Server interface documentation and looking at the example.
|
47
47
|
|
48
48
|
|
49
49
|
==Homepage
|
50
|
-
http://
|
50
|
+
http://openidenabled.com/ruby-openid/
|
51
51
|
|
52
52
|
See also:
|
53
53
|
http://openid.net/
|
54
|
-
http://
|
54
|
+
http://openidenabled.com/
|
55
55
|
|
56
56
|
==Community
|
57
|
-
Discussion regarding the Ruby OpenID library and other JanRain OpenID
|
58
|
-
takes place on the the OpenID mailing list on
|
57
|
+
Discussion regarding the Ruby OpenID library and other JanRain OpenID
|
58
|
+
libraries takes place on the the OpenID mailing list on
|
59
|
+
openidenabled.com.
|
59
60
|
|
60
61
|
http://lists.openidenabled.com/mailman/listinfo/dev
|
61
62
|
|
62
63
|
Please join this list to discuss, ask implementation questions, report
|
63
|
-
bugs, etc. Also check out the openid channel on the freenode IRC
|
64
|
+
bugs, etc. Also check out the openid channel on the freenode IRC
|
65
|
+
network.
|
64
66
|
|
65
67
|
==Author
|
66
|
-
Copyright 2006, JanRain, Inc.
|
67
|
-
|
68
|
+
Copyright 2006-2007, JanRain, Inc.
|
69
|
+
|
70
|
+
Contact openid@janrain.com or visit the OpenID channel on pibb.com:
|
68
71
|
|
72
|
+
http://pibb.com/go/openid
|
69
73
|
|
70
74
|
==License
|
71
75
|
Apache Software License. For more information see the LICENSE file.
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
data/UPGRADE
ADDED
@@ -0,0 +1,117 @@
|
|
1
|
+
== Upgrading from the OpenID 1.x series library
|
2
|
+
|
3
|
+
= Consumer Upgrade
|
4
|
+
|
5
|
+
The flow is largely the same, however there are a number of significant
|
6
|
+
changes. The consumer example is helpful to look at:
|
7
|
+
examples/ruby_openid/app/controllers/consumer_controller.rb
|
8
|
+
|
9
|
+
+ Stores
|
10
|
+
|
11
|
+
You will need to require the file for the store that you are using.
|
12
|
+
For the filesystem store, this is 'openid/stores/filesystem'
|
13
|
+
They are also now in modules. The filesystem store is
|
14
|
+
OpenID::Store::Filesystem
|
15
|
+
The format has changed, and you should remove your old store directory.
|
16
|
+
|
17
|
+
The ActiveRecord store ( examples/active_record_openid_store ) still needs
|
18
|
+
to be put in a plugin directory for your rails app. There's a migration
|
19
|
+
that needs to be run; examine the README in that directory.
|
20
|
+
|
21
|
+
Also, note that the stores now can be garbage collected with the method
|
22
|
+
store.cleanup
|
23
|
+
|
24
|
+
|
25
|
+
+ Starting the OpenID transaction
|
26
|
+
|
27
|
+
The OpenIDRequest object no longer has status codes. Instead,
|
28
|
+
consumer.begin raises an OpenID::OpenIDError if there is a problem
|
29
|
+
initiating the transaction, so you'll want something along the lines of:
|
30
|
+
|
31
|
+
begin
|
32
|
+
openid_request = consumer.begin(params[:openid_identifier])
|
33
|
+
rescue OpenID::OpenIDError => e
|
34
|
+
# display error e
|
35
|
+
return
|
36
|
+
end
|
37
|
+
#success case
|
38
|
+
|
39
|
+
Data regarding the OpenID server once lived in
|
40
|
+
openid_request.service
|
41
|
+
|
42
|
+
The corresponding object in the 2.0 lib can be retrieved with
|
43
|
+
openid_request.endpoint
|
44
|
+
|
45
|
+
Getting the unverified identifier: Where you once had
|
46
|
+
openid_request.identity_url
|
47
|
+
you will now want
|
48
|
+
openid_request.endpoint.claimed_id
|
49
|
+
which might be different from what you get at the end of the transaction,
|
50
|
+
since it is now possible for users to enter their server's url directly.
|
51
|
+
|
52
|
+
Arguments on the return_to URL are now verified, so if you want to add
|
53
|
+
additional arguments to the return_to url, use
|
54
|
+
openid_request.return_to_args['param'] = value
|
55
|
+
|
56
|
+
Generating the redirect is the same as before, but add any extensions
|
57
|
+
first.
|
58
|
+
|
59
|
+
+ Requesting Simple Registration Data
|
60
|
+
|
61
|
+
You'll need to require the code for the extension
|
62
|
+
require 'openid/extensions/sreg'
|
63
|
+
|
64
|
+
The new code for adding an SReg request now looks like:
|
65
|
+
|
66
|
+
sreg_request = OpenID::SReg::Request.new
|
67
|
+
sreg_request.request_fields(['email', 'dob'], true) # required
|
68
|
+
sreg_request.request_fields(['nickname', 'fullname'], false) # optional
|
69
|
+
sreg_request.policy_url = policy_url
|
70
|
+
openid_request.add_extension(sreg_request)
|
71
|
+
|
72
|
+
The code for adding other extensions is similar. Code for the Attribute
|
73
|
+
Exchange (AX) and Provider Authentication Policy Extension (PAPE) are
|
74
|
+
included with the library, and additional extensions can be implemented
|
75
|
+
subclassing OpenID::Extension.
|
76
|
+
|
77
|
+
+ Completing the transaction
|
78
|
+
|
79
|
+
The return_to and its arguments are verified, so you need to pass in
|
80
|
+
the base URL and the arguments. With Rails, the params method mashes
|
81
|
+
together parameters from GET, POST, and the path, so you'll need to pull
|
82
|
+
off the path "parameters" with something like
|
83
|
+
|
84
|
+
return_to = url_for(:only_path => false,
|
85
|
+
:controller => 'openid',
|
86
|
+
:action => 'complete')
|
87
|
+
parameters = params.reject{|k,v| request.path_parameters[k] }
|
88
|
+
openid_response = consumer.complete(parameters, return_to)
|
89
|
+
|
90
|
+
The response still uses the status codes, but they are now namespaced
|
91
|
+
slightly differently, for example OpenID::Consumer::SUCCESS
|
92
|
+
|
93
|
+
In the case of failure, the error message is now found in
|
94
|
+
openid_response.message
|
95
|
+
|
96
|
+
The identifier to display to the user can be found in
|
97
|
+
openid_response.endpoint.display_identifier
|
98
|
+
|
99
|
+
The Simple Registration response can be read from the OpenID response
|
100
|
+
with
|
101
|
+
sreg_response = OpenID::SReg::Response.from_success_response(openid_response)
|
102
|
+
nickname = sreg_response['nickname']
|
103
|
+
# etc.
|
104
|
+
|
105
|
+
== Server Upgrade
|
106
|
+
The server code is mostly the same as before, with the exception of
|
107
|
+
extensions. Also, you must pass in the endpoint URL to the server
|
108
|
+
constructor:
|
109
|
+
@server = OpenID::Server.new(store, server_url)
|
110
|
+
|
111
|
+
I recommend looking at
|
112
|
+
examples/rails_openid/app/controllers/server_controller.rb
|
113
|
+
for an example of the new way of doing extensions.
|
114
|
+
|
115
|
+
--
|
116
|
+
Dag Arneson, JanRain Inc.
|
117
|
+
Please direct questions to openid@janrain.com
|
data/admin/runtests.rb
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
#!/usr/bin/ruby
|
2
|
+
|
3
|
+
require "logger"
|
4
|
+
require "stringio"
|
5
|
+
require "pathname"
|
6
|
+
|
7
|
+
require 'test/unit/collector/dir'
|
8
|
+
require 'test/unit/ui/console/testrunner'
|
9
|
+
|
10
|
+
def main
|
11
|
+
old_verbose = $VERBOSE
|
12
|
+
$VERBOSE = true
|
13
|
+
|
14
|
+
tests_dir = Pathname.new(__FILE__).dirname.dirname.join('test')
|
15
|
+
|
16
|
+
# Collect tests from everything named test_*.rb.
|
17
|
+
c = Test::Unit::Collector::Dir.new
|
18
|
+
|
19
|
+
if c.respond_to?(:base=)
|
20
|
+
# In order to supress warnings from ruby 1.8.6 about accessing
|
21
|
+
# undefined member
|
22
|
+
c.base = tests_dir
|
23
|
+
suite = c.collect
|
24
|
+
else
|
25
|
+
# Because base is not defined in ruby < 1.8.6
|
26
|
+
suite = c.collect(tests_dir)
|
27
|
+
end
|
28
|
+
|
29
|
+
|
30
|
+
result = Test::Unit::UI::Console::TestRunner.run(suite)
|
31
|
+
result.passed?
|
32
|
+
ensure
|
33
|
+
$VERBOSE = old_verbose
|
34
|
+
end
|
35
|
+
|
36
|
+
exit(main)
|
data/examples/README
CHANGED
@@ -3,22 +3,14 @@ OpenID library. Make sure you have properly installed the library
|
|
3
3
|
before running the examples. These examples are a great place to
|
4
4
|
start in integrating OpenID into your application.
|
5
5
|
|
6
|
-
==
|
7
|
-
consumer.rb runs a simple web server (WEBrick) and will
|
8
|
-
verify OpenID identities. To test this out you'll need a valid
|
9
|
-
OpenID URL and to run:
|
6
|
+
==Rails example
|
10
7
|
|
11
|
-
|
8
|
+
The rails_openid contains a fully functional OpenID server and relying
|
9
|
+
party, and acts as a starting point for implementing your own
|
10
|
+
production rails server. You'll need the latest version of Ruby on
|
11
|
+
Rails installed, and then:
|
12
12
|
|
13
|
-
|
14
|
-
|
15
|
-
==Rails server example
|
16
|
-
|
17
|
-
The rails_server contains a fully functions OpenID server, and acts as
|
18
|
-
a starting point for implementing your own production rails server.
|
19
|
-
You'll need the latest version of Ruby on Rails installed, and then:
|
20
|
-
|
21
|
-
cd rails_server
|
13
|
+
cd rails_openid
|
22
14
|
./script/server
|
23
15
|
|
24
16
|
Open a web browser to http://localhost:3000/ and follow the instructions.
|
@@ -35,7 +27,10 @@ http://wiki.rubyonrails.com/rails/pages/LoginGenerator
|
|
35
27
|
|
36
28
|
===Running the generator
|
37
29
|
|
38
|
-
* Copy the contents of rails_openid_login_generator into
|
30
|
+
* Copy the contents of rails_openid_login_generator into
|
31
|
+
~/.rails/generators/openid_login
|
32
|
+
(or symlink: ln -s examples/rails_openid_login_generator
|
33
|
+
~/.rails/generators/openid_login)
|
39
34
|
* run script/generate openid_login openid
|
40
35
|
|
41
36
|
You will now have an openid_controller.rb in app/controllers. You'll
|
@@ -46,9 +41,6 @@ README_LOGIN in you rails root directory.
|
|
46
41
|
==Rails ActiveRecord OpenIDStore plugin
|
47
42
|
|
48
43
|
For various reasons you may want or need to deploy your ruby openid
|
49
|
-
consumer/server using an SQL based store. The
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
44
|
+
consumer/server using an SQL based store. The active_record_openid_store
|
45
|
+
is a plugin that makes using an SQL based store simple. Follow the
|
46
|
+
README inside the plugin's dir for usage.
|
@@ -7,7 +7,7 @@ machines, they must must all have access to the same OpenID store
|
|
7
7
|
data, so the FilesystemStore won't do.
|
8
8
|
|
9
9
|
This directory contains a plugin for connecting your
|
10
|
-
OpenID enabled rails app to an ActiveRecord based OpenID
|
10
|
+
OpenID enabled rails app to an ActiveRecord based OpenID store.
|
11
11
|
|
12
12
|
==Install
|
13
13
|
|
@@ -32,6 +32,11 @@ this:
|
|
32
32
|
|
33
33
|
5) That's it! All your OpenID state will now be stored in the database.
|
34
34
|
|
35
|
+
==Upgrade
|
36
|
+
|
37
|
+
If you are upgrading from the 1.x ActiveRecord store, replace your old
|
38
|
+
RAILS_ROOT/vendor/plugins/active_record_openid_store/ directory with
|
39
|
+
the new one and run the migration XXX_upgrade_open_id_store.rb.
|
35
40
|
|
36
41
|
==What about garbage collection?
|
37
42
|
|
@@ -41,7 +46,7 @@ task in your app's Rakefile like so:
|
|
41
46
|
|
42
47
|
desc 'GC OpenID store'
|
43
48
|
task :gc_openid_store => :environment do
|
44
|
-
ActiveRecordOpenIDStore.new.
|
49
|
+
ActiveRecordOpenIDStore.new.cleanup
|
45
50
|
end
|
46
51
|
|
47
52
|
Run it by typing:
|
@@ -50,4 +55,4 @@ Run it by typing:
|
|
50
55
|
|
51
56
|
|
52
57
|
==Questions?
|
53
|
-
Contact
|
58
|
+
Contact Dag Arneson: dag at janrain dot com
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# Use this migration to create the tables for the ActiveRecord store
|
1
2
|
class AddOpenIdStoreToDb < ActiveRecord::Migration
|
2
3
|
def self.up
|
3
4
|
create_table "open_id_associations", :force => true do |t|
|
@@ -10,19 +11,14 @@ class AddOpenIdStoreToDb < ActiveRecord::Migration
|
|
10
11
|
end
|
11
12
|
|
12
13
|
create_table "open_id_nonces", :force => true do |t|
|
13
|
-
t.column
|
14
|
-
t.column
|
15
|
-
|
16
|
-
|
17
|
-
create_table "open_id_settings", :force => true do |t|
|
18
|
-
t.column "setting", :string
|
19
|
-
t.column "value", :binary
|
14
|
+
t.column :server_url, :string, :null => false
|
15
|
+
t.column :timestamp, :integer, :null => false
|
16
|
+
t.column :salt, :string, :null => false
|
20
17
|
end
|
21
18
|
end
|
22
19
|
|
23
20
|
def self.down
|
24
21
|
drop_table "open_id_associations"
|
25
22
|
drop_table "open_id_nonces"
|
26
|
-
drop_table "open_id_settings"
|
27
23
|
end
|
28
24
|
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# Use this migration to upgrade the old 1.1 ActiveRecord store schema
|
2
|
+
# to the new 2.0 schema.
|
3
|
+
class UpgradeOpenIDStore < ActiveRecord::Migration
|
4
|
+
def self.up
|
5
|
+
drop_table "open_id_settings"
|
6
|
+
drop_table "open_id_nonces"
|
7
|
+
create_table "open_id_nonces", :force => true do |t|
|
8
|
+
t.column :server_url, :string, :null => false
|
9
|
+
t.column :timestamp, :integer, :null => false
|
10
|
+
t.column :salt, :string, :null => false
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.down
|
15
|
+
drop_table "open_id_nonces"
|
16
|
+
create_table "open_id_nonces", :force => true do |t|
|
17
|
+
t.column "nonce", :string
|
18
|
+
t.column "created", :integer
|
19
|
+
end
|
20
|
+
|
21
|
+
create_table "open_id_settings", :force => true do |t|
|
22
|
+
t.column "setting", :string
|
23
|
+
t.column "value", :binary
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -1,17 +1,9 @@
|
|
1
1
|
require 'association'
|
2
2
|
require 'nonce'
|
3
|
-
require '
|
4
|
-
|
5
|
-
class ActiveRecordOpenIDStore < OpenID::Store
|
6
|
-
def get_auth_key
|
7
|
-
setting = OpenIdSetting.find_by_setting 'auth_key'
|
8
|
-
if setting.nil?
|
9
|
-
auth_key = OpenID::Util.random_string(20)
|
10
|
-
setting = OpenIdSetting.create :setting => 'auth_key', :value => auth_key
|
11
|
-
end
|
12
|
-
setting.value
|
13
|
-
end
|
3
|
+
require 'openid/store/interface'
|
14
4
|
|
5
|
+
# not in OpenID module to avoid namespace conflict
|
6
|
+
class ActiveRecordStore < OpenID::Store::Interface
|
15
7
|
def store_association(server_url, assoc)
|
16
8
|
remove_association(server_url, assoc.handle)
|
17
9
|
Association.create(:server_url => server_url,
|
@@ -23,13 +15,15 @@ class ActiveRecordOpenIDStore < OpenID::Store
|
|
23
15
|
end
|
24
16
|
|
25
17
|
def get_association(server_url, handle=nil)
|
26
|
-
assocs = handle.blank?
|
27
|
-
|
28
|
-
|
29
|
-
|
18
|
+
assocs = if handle.blank?
|
19
|
+
Association.find_all_by_server_url(server_url)
|
20
|
+
else
|
21
|
+
Association.find_all_by_server_url_and_handle(server_url, handle)
|
22
|
+
end
|
23
|
+
|
30
24
|
assocs.reverse.each do |assoc|
|
31
25
|
a = assoc.from_record
|
32
|
-
if a.
|
26
|
+
if a.expires_in == 0
|
33
27
|
assoc.destroy
|
34
28
|
else
|
35
29
|
return a
|
@@ -40,43 +34,24 @@ class ActiveRecordOpenIDStore < OpenID::Store
|
|
40
34
|
end
|
41
35
|
|
42
36
|
def remove_association(server_url, handle)
|
43
|
-
|
44
|
-
unless assoc.nil?
|
45
|
-
assoc.destroy
|
46
|
-
return true
|
47
|
-
end
|
48
|
-
false
|
49
|
-
end
|
50
|
-
|
51
|
-
def store_nonce(nonce)
|
52
|
-
use_nonce(nonce)
|
53
|
-
Nonce.create :nonce => nonce, :created => Time.now.to_i
|
37
|
+
Association.delete_all(['server_url = ? AND handle = ?', server_url, handle]) > 0
|
54
38
|
end
|
55
39
|
|
56
|
-
def use_nonce(
|
57
|
-
|
58
|
-
return false if
|
59
|
-
|
60
|
-
|
61
|
-
nonce.destroy
|
62
|
-
|
63
|
-
age < 6.hours # max nonce age of 6 hours
|
40
|
+
def use_nonce(server_url, timestamp, salt)
|
41
|
+
return false if Nonce.find_by_server_url_and_timestamp_and_salt(server_url, timestamp, salt)
|
42
|
+
return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
|
43
|
+
Nonce.create(:server_url => server_url, :timestamp => timestamp, :salt => salt)
|
44
|
+
return true
|
64
45
|
end
|
65
46
|
|
66
|
-
def
|
67
|
-
|
47
|
+
def cleanup_nonces
|
48
|
+
now = Time.now.to_i
|
49
|
+
Nonce.delete_all(["timestamp > ? OR timestamp < ?", now + OpenID::Nonce.skew, now - OpenID::Nonce.skew])
|
68
50
|
end
|
69
51
|
|
70
|
-
|
71
|
-
def gc
|
52
|
+
def cleanup_associations
|
72
53
|
now = Time.now.to_i
|
73
|
-
|
74
|
-
# remove old nonces
|
75
|
-
nonces = Nonce.find(:all)
|
76
|
-
nonces.each {|n| n.destroy if now - n.created > 6.hours} unless nonces.nil?
|
77
|
-
|
78
|
-
# remove expired assocs
|
79
|
-
assocs = Association.find(:all)
|
80
|
-
assocs.each { |a| a.destroy if a.from_record.expired? } unless assocs.nil?
|
54
|
+
Association.delete_all(['issued + lifetime > ?',now])
|
81
55
|
end
|
56
|
+
|
82
57
|
end
|