josh / rack-openid
watch download tarball
public
Forks7Right
Watchers63Right
Description: Provides a more HTTPish API around the ruby-openid library
Homepage: http://rdoc.info/projects/josh/rack-openid/
Clone URL: git://github.com/josh/rack-openid.git
name age
history
message
file LICENSE Sun Dec 14 13:52:34 -0800 2008 first commit [josh]
file README.rdoc Mon Nov 16 11:54:30 -0800 2009 prefer identifier over identity [josh]
file Rakefile Sun Nov 29 10:18:32 -0800 2009 no mg [josh]
file deps.rip Sun Aug 23 20:24:26 -0700 2009 rip deps [josh]
directory examples/ Sun Nov 29 10:15:36 -0800 2009 remove memcache store from sinatra example [josh]
directory lib/ Sun Nov 29 10:47:10 -0800 2009 only lookup QUERY_STRING once in sanitize_query... [josh]
file rack-openid.gemspec Sun Nov 29 10:56:44 -0800 2009 0.2.1 release [josh]
directory test/ Sun Nov 29 10:55:55 -0800 2009 more robust build_header test [josh]
directory tmp/ Tue Sep 08 16:06:00 -0700 2009 more robust test process cleanup [josh]
README.rdoc

Rack::OpenID

Provides a more HTTPish API around the ruby-openid library.

Usage

You trigger an OpenID request similar to HTTP authentication. From your app, return a "401 Unauthorized" and a "WWW-Authenticate" header with the identifier you would like to validate.

On competition, the OpenID response is automatically verified and assigned to env. 

  MyApp = lambda { |env|
    if resp = env["rack.openid.response"]
      case resp.status
      when :success
        ...
      when :failure
        ...
    else
      [401, {"WWW-Authenticate" => 'OpenID identifier="http://example.com/"'}, []]
    end
  }

  use Rack::OpenID
  run MyApp