module Ramaze::Helper::Identity
Public Instance Methods
openid_begin()
click to toggle source
We land here from the #openid_login_form and if we can find a matching OpenID server we redirect the user to it, the browser will return to #openid_complete when the authentication is complete.
# File lib/ramaze/helper/identity.rb, line 39 def openid_begin # The OpenID URL pointing to a user's OpenID page, # for example: http://username.myopenid.com) url = request['url'] redirect_referrer if url.to_s.empty? session[:openid] ||= {} session[:openid][:entry] = request.referrer openid_request = openid_consumer.begin(url) # We want these communications to be a secure as the server can # support! papereq = OpenID::PAPE::Request.new papereq.add_policy_uri(OpenID::PAPE::AUTH_PHISHING_RESISTANT) papereq.max_auth_age = 2*60*60 openid_request.add_extension(papereq) # Request information about the person sregreq = OpenID::SReg::Request.new sregreq.request_fields(['fullname', 'nickname', 'dob', 'email', 'gender', 'postcode', 'country', 'language', 'timezone']) openid_request.add_extension(sregreq) openid_request.return_to_args['did_pape'] = 'y' root = "http://#{request.http_host}/" return_to = request.domain(rs(:openid_complete)).to_s immediate = false if openid_request.send_redirect?(root, return_to, immediate) redirect_url = openid_request.redirect_url(root, return_to, immediate) raw_redirect redirect_url else # what the hell is @form_text ? end rescue OpenID::OpenIDError => ex flash[:error] = "Discovery failed for #{url}: #{ex}" raw_redirect rs(:/) end
openid_complete()
click to toggle source
After having authenticated at the OpenID server browsers are redirected back here and on success we set the session[:identity] and a little default flash message. Then we redirect to wherever session[:entry] points us to, which was set on #openid_begin to the referrer
TODO:
- maybe using StackHelper, but this is a really minimal overlap?
# File lib/ramaze/helper/identity.rb, line 88 def openid_complete openid_response = openid_consumer.complete(request.params, request.url) case openid_response.status when OpenID::Consumer::FAILURE flash[:error] = "OpenID - Verification failed: #{openid_response.message}" when OpenID::Consumer::SUCCESS # Backwards compatibility session[:openid][:identity] = openid_response.identity_url session[:openid][:sreg] = OpenID::SReg::Response.from_success_response(openid_response) # Forward compatibility :) session[:openid_identity] = openid_response.identity_url session[:openid_sreg] = OpenID::SReg::Response.from_success_response(openid_response) flash[:success] = 'OpenID - Verification done.' end session.delete(:_openid_consumer_service) raw_redirect session[:openid][:entry] end
openid_login_form(caption="login")
click to toggle source
Simple form for use or overwriting. Has to provide the same functionality when overwritten or directly embedded into a page.
# File lib/ramaze/helper/identity.rb, line 27 def openid_login_form(caption="login") %Q{ <form method="GET" action="#{rs(:openid_begin)}"> Identity URL: <input type="text" name="url" /> <input type="submit" value="#{caption}"/> </form> } end
Private Instance Methods
openid_consumer()
click to toggle source
Fetch/Create a OpenID::Consumer for current session.
# File lib/ramaze/helper/identity.rb, line 114 def openid_consumer OpenID::Consumer.new(session, Ramaze::OpenIDStore) end