technomancy-rack 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/KNOWN-ISSUES +18 -0
- data/README +242 -0
- data/bin/rackup +183 -0
- data/lib/rack.rb +92 -0
- data/lib/rack/adapter/camping.rb +22 -0
- data/lib/rack/auth/abstract/handler.rb +28 -0
- data/lib/rack/auth/abstract/request.rb +37 -0
- data/lib/rack/auth/basic.rb +58 -0
- data/lib/rack/auth/digest/md5.rb +124 -0
- data/lib/rack/auth/digest/nonce.rb +51 -0
- data/lib/rack/auth/digest/params.rb +55 -0
- data/lib/rack/auth/digest/request.rb +40 -0
- data/lib/rack/auth/openid.rb +116 -0
- data/lib/rack/builder.rb +56 -0
- data/lib/rack/cascade.rb +36 -0
- data/lib/rack/commonlogger.rb +56 -0
- data/lib/rack/file.rb +112 -0
- data/lib/rack/handler/cgi.rb +57 -0
- data/lib/rack/handler/fastcgi.rb +83 -0
- data/lib/rack/handler/lsws.rb +52 -0
- data/lib/rack/handler/mongrel.rb +97 -0
- data/lib/rack/handler/scgi.rb +57 -0
- data/lib/rack/handler/webrick.rb +57 -0
- data/lib/rack/lint.rb +394 -0
- data/lib/rack/lobster.rb +65 -0
- data/lib/rack/mock.rb +172 -0
- data/lib/rack/recursive.rb +57 -0
- data/lib/rack/reloader.rb +64 -0
- data/lib/rack/request.rb +197 -0
- data/lib/rack/response.rb +166 -0
- data/lib/rack/session/abstract/id.rb +126 -0
- data/lib/rack/session/cookie.rb +71 -0
- data/lib/rack/session/memcache.rb +83 -0
- data/lib/rack/session/pool.rb +67 -0
- data/lib/rack/showexceptions.rb +344 -0
- data/lib/rack/showstatus.rb +103 -0
- data/lib/rack/static.rb +38 -0
- data/lib/rack/urlmap.rb +48 -0
- data/lib/rack/utils.rb +256 -0
- data/test/spec_rack_auth_basic.rb +69 -0
- data/test/spec_rack_auth_digest.rb +169 -0
- data/test/spec_rack_builder.rb +50 -0
- data/test/spec_rack_camping.rb +47 -0
- data/test/spec_rack_cascade.rb +50 -0
- data/test/spec_rack_cgi.rb +91 -0
- data/test/spec_rack_commonlogger.rb +32 -0
- data/test/spec_rack_fastcgi.rb +91 -0
- data/test/spec_rack_file.rb +40 -0
- data/test/spec_rack_lint.rb +317 -0
- data/test/spec_rack_lobster.rb +45 -0
- data/test/spec_rack_mock.rb +152 -0
- data/test/spec_rack_mongrel.rb +165 -0
- data/test/spec_rack_recursive.rb +77 -0
- data/test/spec_rack_request.rb +384 -0
- data/test/spec_rack_response.rb +167 -0
- data/test/spec_rack_session_cookie.rb +49 -0
- data/test/spec_rack_session_memcache.rb +100 -0
- data/test/spec_rack_session_pool.rb +84 -0
- data/test/spec_rack_showexceptions.rb +21 -0
- data/test/spec_rack_showstatus.rb +71 -0
- data/test/spec_rack_static.rb +37 -0
- data/test/spec_rack_urlmap.rb +175 -0
- data/test/spec_rack_utils.rb +69 -0
- data/test/spec_rack_webrick.rb +106 -0
- data/test/testrequest.rb +43 -0
- metadata +167 -0
@@ -0,0 +1,22 @@
|
|
1
|
+
module Rack
|
2
|
+
module Adapter
|
3
|
+
class Camping
|
4
|
+
def initialize(app)
|
5
|
+
@app = app
|
6
|
+
end
|
7
|
+
|
8
|
+
def call(env)
|
9
|
+
env["PATH_INFO"] ||= ""
|
10
|
+
env["SCRIPT_NAME"] ||= ""
|
11
|
+
controller = @app.run(env['rack.input'], env)
|
12
|
+
h = controller.headers
|
13
|
+
h.each_pair do |k,v|
|
14
|
+
if v.kind_of? URI
|
15
|
+
h[k] = v.to_s
|
16
|
+
end
|
17
|
+
end
|
18
|
+
[controller.status, controller.headers, controller.body]
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
module Rack
|
2
|
+
module Auth
|
3
|
+
# Rack::Auth::AbstractHandler implements common authentication functionality.
|
4
|
+
#
|
5
|
+
# +realm+ should be set for all handlers.
|
6
|
+
|
7
|
+
class AbstractHandler
|
8
|
+
|
9
|
+
attr_accessor :realm
|
10
|
+
|
11
|
+
def initialize(app, &authenticator)
|
12
|
+
@app, @authenticator = app, authenticator
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def unauthorized(www_authenticate = challenge)
|
19
|
+
return [ 401, { 'WWW-Authenticate' => www_authenticate.to_s }, [] ]
|
20
|
+
end
|
21
|
+
|
22
|
+
def bad_request
|
23
|
+
[ 400, {}, [] ]
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module Rack
|
2
|
+
module Auth
|
3
|
+
class AbstractRequest
|
4
|
+
|
5
|
+
def initialize(env)
|
6
|
+
@env = env
|
7
|
+
end
|
8
|
+
|
9
|
+
def provided?
|
10
|
+
!authorization_key.nil?
|
11
|
+
end
|
12
|
+
|
13
|
+
def parts
|
14
|
+
@parts ||= @env[authorization_key].split(' ', 2)
|
15
|
+
end
|
16
|
+
|
17
|
+
def scheme
|
18
|
+
@scheme ||= parts.first.downcase.to_sym
|
19
|
+
end
|
20
|
+
|
21
|
+
def params
|
22
|
+
@params ||= parts.last
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
AUTHORIZATION_KEYS = ['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION']
|
29
|
+
|
30
|
+
def authorization_key
|
31
|
+
@authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.has_key?(key) }
|
32
|
+
end
|
33
|
+
|
34
|
+
end
|
35
|
+
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
require 'rack/auth/abstract/handler'
|
2
|
+
require 'rack/auth/abstract/request'
|
3
|
+
|
4
|
+
module Rack
|
5
|
+
module Auth
|
6
|
+
# Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
|
7
|
+
#
|
8
|
+
# Initialize with the Rack application that you want protecting,
|
9
|
+
# and a block that checks if a username and password pair are valid.
|
10
|
+
#
|
11
|
+
# See also: <tt>example/protectedlobster.rb</tt>
|
12
|
+
|
13
|
+
class Basic < AbstractHandler
|
14
|
+
|
15
|
+
def call(env)
|
16
|
+
auth = Basic::Request.new(env)
|
17
|
+
|
18
|
+
return unauthorized unless auth.provided?
|
19
|
+
|
20
|
+
return bad_request unless auth.basic?
|
21
|
+
|
22
|
+
if valid?(auth)
|
23
|
+
env['REMOTE_USER'] = auth.username
|
24
|
+
|
25
|
+
return @app.call(env)
|
26
|
+
end
|
27
|
+
|
28
|
+
unauthorized
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def challenge
|
35
|
+
'Basic realm="%s"' % realm
|
36
|
+
end
|
37
|
+
|
38
|
+
def valid?(auth)
|
39
|
+
@authenticator.call(*auth.credentials)
|
40
|
+
end
|
41
|
+
|
42
|
+
class Request < Auth::AbstractRequest
|
43
|
+
def basic?
|
44
|
+
:basic == scheme
|
45
|
+
end
|
46
|
+
|
47
|
+
def credentials
|
48
|
+
@credentials ||= params.unpack("m*").first.split(/:/, 2)
|
49
|
+
end
|
50
|
+
|
51
|
+
def username
|
52
|
+
credentials.first
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,124 @@
|
|
1
|
+
require 'rack/auth/abstract/handler'
|
2
|
+
require 'rack/auth/digest/request'
|
3
|
+
require 'rack/auth/digest/params'
|
4
|
+
require 'rack/auth/digest/nonce'
|
5
|
+
require 'digest/md5'
|
6
|
+
|
7
|
+
module Rack
|
8
|
+
module Auth
|
9
|
+
module Digest
|
10
|
+
# Rack::Auth::Digest::MD5 implements the MD5 algorithm version of
|
11
|
+
# HTTP Digest Authentication, as per RFC 2617.
|
12
|
+
#
|
13
|
+
# Initialize with the [Rack] application that you want protecting,
|
14
|
+
# and a block that looks up a plaintext password for a given username.
|
15
|
+
#
|
16
|
+
# +opaque+ needs to be set to a constant base64/hexadecimal string.
|
17
|
+
#
|
18
|
+
class MD5 < AbstractHandler
|
19
|
+
|
20
|
+
attr_accessor :opaque
|
21
|
+
|
22
|
+
attr_writer :passwords_hashed
|
23
|
+
|
24
|
+
def initialize(app)
|
25
|
+
super
|
26
|
+
@passwords_hashed = nil
|
27
|
+
end
|
28
|
+
|
29
|
+
def passwords_hashed?
|
30
|
+
!!@passwords_hashed
|
31
|
+
end
|
32
|
+
|
33
|
+
def call(env)
|
34
|
+
auth = Request.new(env)
|
35
|
+
|
36
|
+
unless auth.provided?
|
37
|
+
return unauthorized
|
38
|
+
end
|
39
|
+
|
40
|
+
if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
|
41
|
+
return bad_request
|
42
|
+
end
|
43
|
+
|
44
|
+
if valid?(auth)
|
45
|
+
if auth.nonce.stale?
|
46
|
+
return unauthorized(challenge(:stale => true))
|
47
|
+
else
|
48
|
+
env['REMOTE_USER'] = auth.username
|
49
|
+
|
50
|
+
return @app.call(env)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
unauthorized
|
55
|
+
end
|
56
|
+
|
57
|
+
|
58
|
+
private
|
59
|
+
|
60
|
+
QOP = 'auth'.freeze
|
61
|
+
|
62
|
+
def params(hash = {})
|
63
|
+
Params.new do |params|
|
64
|
+
params['realm'] = realm
|
65
|
+
params['nonce'] = Nonce.new.to_s
|
66
|
+
params['opaque'] = H(opaque)
|
67
|
+
params['qop'] = QOP
|
68
|
+
|
69
|
+
hash.each { |k, v| params[k] = v }
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
def challenge(hash = {})
|
74
|
+
"Digest #{params(hash)}"
|
75
|
+
end
|
76
|
+
|
77
|
+
def valid?(auth)
|
78
|
+
valid_opaque?(auth) && valid_nonce?(auth) && valid_digest?(auth)
|
79
|
+
end
|
80
|
+
|
81
|
+
def valid_qop?(auth)
|
82
|
+
QOP == auth.qop
|
83
|
+
end
|
84
|
+
|
85
|
+
def valid_opaque?(auth)
|
86
|
+
H(opaque) == auth.opaque
|
87
|
+
end
|
88
|
+
|
89
|
+
def valid_nonce?(auth)
|
90
|
+
auth.nonce.valid?
|
91
|
+
end
|
92
|
+
|
93
|
+
def valid_digest?(auth)
|
94
|
+
digest(auth, @authenticator.call(auth.username)) == auth.response
|
95
|
+
end
|
96
|
+
|
97
|
+
def md5(data)
|
98
|
+
::Digest::MD5.hexdigest(data)
|
99
|
+
end
|
100
|
+
|
101
|
+
alias :H :md5
|
102
|
+
|
103
|
+
def KD(secret, data)
|
104
|
+
H([secret, data] * ':')
|
105
|
+
end
|
106
|
+
|
107
|
+
def A1(auth, password)
|
108
|
+
[ auth.username, auth.realm, password ] * ':'
|
109
|
+
end
|
110
|
+
|
111
|
+
def A2(auth)
|
112
|
+
[ auth.method, auth.uri ] * ':'
|
113
|
+
end
|
114
|
+
|
115
|
+
def digest(auth, password)
|
116
|
+
password_hash = passwords_hashed? ? password : H(A1(auth, password))
|
117
|
+
|
118
|
+
KD(password_hash, [ auth.nonce, auth.nc, auth.cnonce, QOP, H(A2(auth)) ] * ':')
|
119
|
+
end
|
120
|
+
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require 'digest/md5'
|
2
|
+
|
3
|
+
module Rack
|
4
|
+
module Auth
|
5
|
+
module Digest
|
6
|
+
# Rack::Auth::Digest::Nonce is the default nonce generator for the
|
7
|
+
# Rack::Auth::Digest::MD5 authentication handler.
|
8
|
+
#
|
9
|
+
# +private_key+ needs to set to a constant string.
|
10
|
+
#
|
11
|
+
# +time_limit+ can be optionally set to an integer (number of seconds),
|
12
|
+
# to limit the validity of the generated nonces.
|
13
|
+
|
14
|
+
class Nonce
|
15
|
+
|
16
|
+
class << self
|
17
|
+
attr_accessor :private_key, :time_limit
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.parse(string)
|
21
|
+
new(*string.unpack("m*").first.split(' ', 2))
|
22
|
+
end
|
23
|
+
|
24
|
+
def initialize(timestamp = Time.now, given_digest = nil)
|
25
|
+
@timestamp, @given_digest = timestamp.to_i, given_digest
|
26
|
+
end
|
27
|
+
|
28
|
+
def to_s
|
29
|
+
[([ @timestamp, digest ] * ' ')].pack("m*").strip
|
30
|
+
end
|
31
|
+
|
32
|
+
def digest
|
33
|
+
::Digest::MD5.hexdigest([ @timestamp, self.class.private_key ] * ':')
|
34
|
+
end
|
35
|
+
|
36
|
+
def valid?
|
37
|
+
digest == @given_digest
|
38
|
+
end
|
39
|
+
|
40
|
+
def stale?
|
41
|
+
!self.class.time_limit.nil? && (@timestamp - Time.now.to_i) < self.class.time_limit
|
42
|
+
end
|
43
|
+
|
44
|
+
def fresh?
|
45
|
+
!stale?
|
46
|
+
end
|
47
|
+
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
@@ -0,0 +1,55 @@
|
|
1
|
+
module Rack
|
2
|
+
module Auth
|
3
|
+
module Digest
|
4
|
+
class Params < Hash
|
5
|
+
|
6
|
+
def self.parse(str)
|
7
|
+
split_header_value(str).inject(new) do |header, param|
|
8
|
+
k, v = param.split('=', 2)
|
9
|
+
header[k] = dequote(v)
|
10
|
+
header
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.dequote(str) # From WEBrick::HTTPUtils
|
15
|
+
ret = (/\A"(.*)"\Z/ =~ str) ? $1 : str.dup
|
16
|
+
ret.gsub!(/\\(.)/, "\\1")
|
17
|
+
ret
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.split_header_value(str) # From WEBrick::HTTPUtils
|
21
|
+
str.scan(/((?:"(?:\\.|[^"])+?"|[^",]+)+)(?:,\s*|\Z)/n).collect{ |v| v[0] }
|
22
|
+
end
|
23
|
+
|
24
|
+
def initialize
|
25
|
+
super
|
26
|
+
|
27
|
+
yield self if block_given?
|
28
|
+
end
|
29
|
+
|
30
|
+
def [](k)
|
31
|
+
super k.to_s
|
32
|
+
end
|
33
|
+
|
34
|
+
def []=(k, v)
|
35
|
+
super k.to_s, v.to_s
|
36
|
+
end
|
37
|
+
|
38
|
+
UNQUOTED = ['qop', 'nc', 'stale']
|
39
|
+
|
40
|
+
def to_s
|
41
|
+
inject([]) do |parts, (k, v)|
|
42
|
+
parts << "#{k}=" + (UNQUOTED.include?(k) ? v.to_s : quote(v))
|
43
|
+
parts
|
44
|
+
end.join(', ')
|
45
|
+
end
|
46
|
+
|
47
|
+
def quote(str) # From WEBrick::HTTPUtils
|
48
|
+
'"' << str.gsub(/[\\\"]/o, "\\\1") << '"'
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
@@ -0,0 +1,40 @@
|
|
1
|
+
require 'rack/auth/abstract/request'
|
2
|
+
require 'rack/auth/digest/params'
|
3
|
+
require 'rack/auth/digest/nonce'
|
4
|
+
|
5
|
+
module Rack
|
6
|
+
module Auth
|
7
|
+
module Digest
|
8
|
+
class Request < Auth::AbstractRequest
|
9
|
+
|
10
|
+
def method
|
11
|
+
@env['REQUEST_METHOD']
|
12
|
+
end
|
13
|
+
|
14
|
+
def digest?
|
15
|
+
:digest == scheme
|
16
|
+
end
|
17
|
+
|
18
|
+
def correct_uri?
|
19
|
+
@env['PATH_INFO'] == uri
|
20
|
+
end
|
21
|
+
|
22
|
+
def nonce
|
23
|
+
@nonce ||= Nonce.parse(params['nonce'])
|
24
|
+
end
|
25
|
+
|
26
|
+
def params
|
27
|
+
@params ||= Params.parse(parts.last)
|
28
|
+
end
|
29
|
+
|
30
|
+
def method_missing(sym)
|
31
|
+
if params.has_key? key = sym.to_s
|
32
|
+
return params[key]
|
33
|
+
end
|
34
|
+
super
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,116 @@
|
|
1
|
+
# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
|
2
|
+
|
3
|
+
gem_require 'ruby-openid', '~> 1.0.0' if defined? Gem
|
4
|
+
require 'rack/auth/abstract/handler'
|
5
|
+
require 'openid'
|
6
|
+
|
7
|
+
module Rack
|
8
|
+
module Auth
|
9
|
+
# Rack::Auth::OpenID provides a simple method for permitting openid
|
10
|
+
# based logins. It requires the ruby-openid lib from janrain to operate,
|
11
|
+
# as well as some method of session management of a Hash type.
|
12
|
+
#
|
13
|
+
# After a transaction, the response status object is stored in the
|
14
|
+
# environment at rack.auth.openid.status, which can be used in the
|
15
|
+
# followup block or in a wrapping application to accomplish
|
16
|
+
# additional data maniipulation.
|
17
|
+
#
|
18
|
+
# NOTE: Due to the amount of data that ruby-openid stores in the session,
|
19
|
+
# Rack::Session::Cookie may fault.
|
20
|
+
#
|
21
|
+
# A hash of data is stored in the session hash at the key of :openid.
|
22
|
+
# The fully canonicalized identity url is stored within at 'identity'.
|
23
|
+
# Extension data from 'openid.sreg.nickname' would be stored as
|
24
|
+
# { 'nickname' => value }.
|
25
|
+
#
|
26
|
+
# NOTE: To my knowledge there is no collision at this point from storage
|
27
|
+
# of this manner, if there is please let me know so I may adjust this app
|
28
|
+
# to cope.
|
29
|
+
# NOTE: This rack application is only compatible with the 1.x.x versions
|
30
|
+
# of the ruby-openid library. If rubygems is loaded at require time of
|
31
|
+
# this app, the specification will be made. If it is not then the 'openid'
|
32
|
+
# library will be required, and will fail if it is not compatible.
|
33
|
+
class OpenID < AbstractHandler
|
34
|
+
# Required for ruby-openid
|
35
|
+
OIDStore = ::OpenID::MemoryStore.new
|
36
|
+
|
37
|
+
# A Hash of options is taken as it's single initializing
|
38
|
+
# argument. String keys are taken to be openid protocol
|
39
|
+
# extension namespaces.
|
40
|
+
#
|
41
|
+
# For example: 'sreg' => { 'required' => # 'nickname' }
|
42
|
+
#
|
43
|
+
# Other keys are taken as options for Rack::Auth::OpenID, normally Symbols.
|
44
|
+
# Only :return is required. :trust is highly recommended to be set.
|
45
|
+
#
|
46
|
+
# * :return defines the url to return to after the client authenticates
|
47
|
+
# with the openid service provider. Should point to where this app is
|
48
|
+
# mounted. (ex: 'http://mysite.com/openid')
|
49
|
+
# * :trust defines the url identifying the site they are actually logging
|
50
|
+
# into. (ex: 'http://mysite.com/')
|
51
|
+
# * :session_key defines the key to the session hash in the env.
|
52
|
+
# (by default it uses 'rack.session')
|
53
|
+
def initialize(options={})
|
54
|
+
raise ArgumentError, 'No return url provided.' unless options[:return]
|
55
|
+
warn 'No trust url provided.' unless options[:trust]
|
56
|
+
options[:trust] ||= options[:return]
|
57
|
+
|
58
|
+
@options = {
|
59
|
+
:session_key => 'rack.session'
|
60
|
+
}.merge(options)
|
61
|
+
end
|
62
|
+
|
63
|
+
def call(env)
|
64
|
+
request = Rack::Request.new env
|
65
|
+
return no_session unless session = request.env[@options[:session_key]]
|
66
|
+
resp = if request.GET['openid.mode']
|
67
|
+
finish session, request.GET, env
|
68
|
+
elsif request.GET['openid_url']
|
69
|
+
check session, request.GET['openid_url'], env
|
70
|
+
else
|
71
|
+
bad_request
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
def check(session, oid_url, env)
|
76
|
+
consumer = ::OpenID::Consumer.new session, OIDStore
|
77
|
+
oid = consumer.begin oid_url
|
78
|
+
return auth_fail unless oid.status == ::OpenID::SUCCESS
|
79
|
+
@options.each do |ns,s|
|
80
|
+
next unless ns.is_a? String
|
81
|
+
s.each {|k,v| oid.add_extension_arg(ns, k, v) }
|
82
|
+
end
|
83
|
+
r_url = @options.fetch :return do |k| request.url end
|
84
|
+
t_url = @options.fetch :trust
|
85
|
+
env['rack.auth.openid.status'] = oid
|
86
|
+
return 303, {'Location'=>oid.redirect_url( t_url, r_url )}, []
|
87
|
+
end
|
88
|
+
|
89
|
+
def finish(session, params, env)
|
90
|
+
consumer = ::OpenID::Consumer.new session, OIDStore
|
91
|
+
oid = consumer.complete params
|
92
|
+
return bad_login unless oid.status == ::OpenID::SUCCESS
|
93
|
+
session[:openid] = {'identity' => oid.identity_url}
|
94
|
+
@options.each do |ns,s|
|
95
|
+
next unless ns.is_a? String
|
96
|
+
oid.extension_response(ns).each{|k,v| session[k]=v }
|
97
|
+
end
|
98
|
+
env['rack.auth.openid.status'] = oid
|
99
|
+
return 303, {'Location'=>@options[:trust]}, []
|
100
|
+
end
|
101
|
+
|
102
|
+
def no_session
|
103
|
+
@options.
|
104
|
+
fetch :no_session, [500,{'Content-Type'=>'text/plain'},'No session available.']
|
105
|
+
end
|
106
|
+
def auth_fail
|
107
|
+
@options.
|
108
|
+
fetch :auth_fail, [500, {'Content-Type'=>'text/plain'},'Foreign server failure.']
|
109
|
+
end
|
110
|
+
def bad_login
|
111
|
+
@options.
|
112
|
+
fetch :bad_login, [401, {'Content-Type'=>'text/plain'},'Identification has failed.']
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
end
|