open_id_provider

[pre-working] Plugin to assist in implementing an Openid server.

3 years after

OpenidProviderPlugin

This is a plugin to aid me (and maybe others) in adding openid provider functionality to their sites.

Much of the work is taken from or inspired by the JanRain openid library, the Apache Heraldy example, and also Dennis Blöte's masquerade. Oh yeah, and some fine poaching from the open_id_authentication plugin in Rails core.

Requires the ruby-openid gem, and aasm. gem install ruby-openid gem install rubyist-aasm --source http://gems.github.com

Create association tables for OpenID nuts and bolts. rake openid_provider:db:create rake db:migrate

Example

class ApplicationController < ActionController::Base ... include OpenIdProvider ... end

class UsersController include OpenIdProviderResource

before_filter :openid_routing, :only => :show skip_before_filter :verify_authenticity_token protected def attempt_approval

Just after this method ends, the plugin will call "current_request.approved?".

  # Approved requests will be sent back to the relying party that originated them.
  # Non-approved requests with call "reconcile_non_approval", where you redirect to
  # a login page, or trust page.
  # example:
  if logged_in? and current_user == @user
    current_request.verify
  end
  if current_request.verified? and current_user.allows_openid_login
    current_request.approved
  end
end

def reconcile_non_approval
  case current_request.status
  when verified
    redirect_to manual_approval_path
  else
    redirect_to login_path
  end
end

end

In a controller where you include OpenIdProviderResource the endpoint is assumed to be the resource requested. If you need to customize this (such as focusing on a given endpoint in a different controller) overwrite endpoint_url.

Example

class TrustsController

...

protected def endpoint_url params[:endpoint_for_trust] or raise ErrorError end end

You also need to adjust the routes so that POST requests to a given resource are accepted:

Example

map.identity_endpoint 'identities/:id', :id => /.+/, :controller => 'identities', :action => 'show', :conditions => { :method => :post } map.resources :identities

Copyright (c) 2008 Sam Schenkman-Moore, released under the MIT license


Top Contributors

samsm