@@ -45,25 +45,25 @@ This example is just to meant to demonstrate how you could use OpenID authentica salted hash logins instead of plain text passwords and other requirements on top of this. Treat it as a starting point, not a destination. -Note that the User model referenced in the simple example below has an 'identity_url' attribute. You will want to add the same or similar field to whatever +Note that the User model referenced in the simple example below has an 'identity' attribute. You will want to add the same or similar field to whatever model you are using for authentication. Also of note is the following code block used in the example below: - authenticate_with_open_id do |result, identity_url| + authenticate_with_open_id do |result, identity| ... end -In the above code block, 'identity_url' will need to match user.identity_url exactly. 'identity_url' will be a string in the form of 'http://example.com' - +In the above code block, 'identity' will need to match user.identity exactly. 'identity' will be a string in the form of 'http://example.com/' - If you are storing just 'example.com' with your user, the lookup will fail. -There is a handy method in this plugin called 'normalize_url' that will help with validating OpenID URLs. +There is a handy method in this plugin called 'normalize' that will help with validating OpenIDs. - OpenIdAuthentication.normalize_url(user.identity_url) + OpenIdAuthentication.normalize(user.identity) -The above will return a standardized version of the OpenID URL - the above called with 'example.com' will return 'http://example.com/' -It will also raise an InvalidOpenId exception if the URL is determined to not be valid. -Use the above code in your User model and validate OpenID URLs before saving them. +The above will return a standardized version of the OpenID - the above called with 'example.com' will return 'http://example.com/' +It will also raise an InvalidOpenId exception if the identity is determined to not be valid. +Use the above code in your User model and validate OpenIDs before saving them. config/routes.rb @@ -119,12 +119,12 @@ app/controllers/sessions_controller.rb end def open_id_authentication - authenticate_with_open_id do |result, identity_url| + authenticate_with_open_id do |result, identity| if result.successful? - if @current_user = @account.users.find_by_identity_url(identity_url) + if @current_user = @account.users.find_by_identity(identity) successful_login else - failed_login "Sorry, no user by that identity URL exists (#{identity_url})" + failed_login "Sorry, no user by that identity exists (#{identity})" end else failed_login result.message @@ -151,11 +151,11 @@ If you're fine with the result messages above and don't need individual logic on you can collapse the case into a mere boolean: def open_id_authentication - authenticate_with_open_id do |result, identity_url| - if result.successful? && @current_user = @account.users.find_by_identity_url(identity_url) + authenticate_with_open_id do |result, identity| + if result.successful? && @current_user = @account.users.find_by_identity(identity) successful_login else - failed_login(result.message || "Sorry, no user by that identity URL exists (#{identity_url})") + failed_login(result.message || "Sorry, no user by that identity exists (#{identity})") end end end @@ -168,12 +168,12 @@ Some OpenID Providers support this lightweight profile exchange protocol. See m You can support it in your app by changing #open_id_authentication - def open_id_authentication(identity_url) + def open_id_authentication(identity) # Pass optional :required and :optional keys to specify what sreg fields you want. # Be sure to yield registration, a third argument in the #authenticate_with_open_id block. - authenticate_with_open_id(identity_url, + authenticate_with_open_id(identity, :required => [ :nickname, :email ], - :optional => :fullname) do |result, identity_url, registration| + :optional => :fullname) do |result, identity, registration| case result.status when :missing failed_login "Sorry, the OpenID server couldn't be found" @@ -184,7 +184,7 @@ You can support it in your app by changing #open_id_authentication when :failed failed_login "Sorry, the OpenID verification failed" when :successful - if @current_user = @account.users.find_by_identity_url(identity_url) + if @current_user = @account.users.find_by_identity(identity) assign_registration_attributes!(registration) if current_user.save @@ -194,7 +194,7 @@ You can support it in your app by changing #open_id_authentication @current_user.errors.full_messages.to_sentence end else - failed_login "Sorry, no user by that identity URL exists" + failed_login "Sorry, no user by that identity exists" end end end README 4307ec0dfc75fa0695efab7c4a5fe492bd1b2ae6 Peat Bakke peat@peat.org http://github.com/peat/open_id_authentication/commit/b00a04ec1504b8b47fac6075090084188dde9473 b00a04ec1504b8b47fac6075090084188dde9473 2008-12-12T11:10:13-08:00 2008-12-12T11:10:13-08:00 Changing documentation to reflect the OpenID 2.0 standard, where not all identities are URLs. 85ce35716e130abda9e8c3e4dc8e5439b738f5b2 Peat Bakke peat@peat.org