We land here from the openid_login_form and if we can find a matching OpenID server we redirect the user to it, the browser will return to openid_complete when the authentication is complete.
# File lib/ramaze/helper/identity.rb, line 39 39: def openid_begin 40: # The OpenID URL pointing to a user's OpenID page, 41: # for example: http://username.myopenid.com) 42: url = request['url'] 43: redirect_referrer if url.to_s.empty? 44: session[:openid] ||= {} 45: session[:openid][:entry] = request.referrer 46: 47: openid_request = openid_consumer.begin(url) 48: 49: # We want these communications to be a secure as the server can 50: # support! 51: papereq = OpenID::PAPE::Request.new 52: papereq.add_policy_uri(OpenID::PAPE::AUTH_PHISHING_RESISTANT) 53: papereq.max_auth_age = 2*60*60 54: openid_request.add_extension(papereq) 55: 56: # Request information about the person 57: sregreq = OpenID::SReg::Request.new 58: sregreq.request_fields(['fullname', 'nickname', 'dob', 'email', 59: 'gender', 'postcode', 'country', 'language', 60: 'timezone']) 61: openid_request.add_extension(sregreq) 62: openid_request.return_to_args['did_pape'] = 'y' 63: 64: root = "http://#{request.http_host}/" 65: return_to = request.domain(rs(:openid_complete)).to_s 66: immediate = false 67: 68: if openid_request.send_redirect?(root, return_to, immediate) 69: redirect_url = 70: openid_request.redirect_url(root, return_to, immediate) 71: raw_redirect redirect_url 72: else 73: # what the hell is @form_text ? 74: end 75: 76: rescue OpenID::OpenIDError => ex 77: flash[:error] = "Discovery failed for #{url}: #{ex}" 78: raw_redirect rs(:/) 79: end
After having authenticated at the OpenID server browsers are redirected back here and on success we set the session[:openid][:identity] and a little default flash message. Then we redirect to wherever session[:openid][:entry] points us to, which was set on openid_begin to the referrer
TODO:
* maybe using StackHelper, but this is a really minimal overlap?
# File lib/ramaze/helper/identity.rb, line 88 88: def openid_complete 89: openid_response = openid_consumer.complete(request.params, request.url) 90: 91: case openid_response.status 92: when OpenID::Consumer::FAILURE 93: flash[:error] = "OpenID - Verification failed: #{openid_response.message}" 94: when OpenID::Consumer::SUCCESS 95: # Backwards compatibility 96: session[:openid][:identity] = openid_response.identity_url 97: session[:openid][:sreg] = OpenID::SReg::Response.from_success_response(openid_response) 98: 99: # Forward compatibility :) 100: session[:openid_identity] = openid_response.identity_url 101: session[:openid_sreg] = OpenID::SReg::Response.from_success_response(openid_response) 102: 103: flash[:success] = 'OpenID - Verification done.' 104: end 105: 106: session.delete(:_openid_consumer_service) 107: 108: raw_redirect session[:openid][:entry] 109: end
Simple form for use or overwriting. Has to provide the same functionality when overwritten or directly embedded into a page.
# File lib/ramaze/helper/identity.rb, line 27 27: def openid_login_form(caption="login") 28: %{ 29: <form method="GET" action="#{rs(:openid_begin)}"> 30: Identity URL: <input type="text" name="url" /> 31: <input type="submit" value="#{caption}"/> 32: </form> 33: } 34: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.