lib/open_id_authentication/request.rb @@ -1,3 +1,5 @@ +* Fake HTTP method from OpenID server since they only support a GET. Eliminates the need to set an extra route to match the server's reply. [Josh Peek] + * OpenID 2.0 recommends that forms should use the field name "openid_identifier" rather than "openid_url" [Josh Peek] * Return open_id_response.display_identifier to the application instead of .endpoints.claimed_id. [nbibler] CHANGELOG @@ -68,7 +68,6 @@ Use the above code in your User model and validate OpenID URLs before saving the config/routes.rb map.root :controller => 'articles' - map.open_id_complete 'session', :controller => "sessions", :action => "create", :requirements => { :method => :get } map.resource :session README @@ -4,6 +4,7 @@ require 'openid/store/filesystem' require File.dirname(__FILE__) + '/open_id_authentication/db_store' require File.dirname(__FILE__) + '/open_id_authentication/mem_cache_store' +require File.dirname(__FILE__) + '/open_id_authentication/request' require File.dirname(__FILE__) + '/open_id_authentication/timeout_fixes' if OpenID::VERSION == "2.0.4" module OpenIdAuthentication @@ -85,18 +86,13 @@ module OpenIdAuthentication # The parameter name of "openid_identifier" is used rather than the Rails convention "open_id_identifier" # because that's what the specification dictates in order to get browser auto-complete working across sites - def using_open_id?(identity_url = params[:openid_identifier]) #:doc: - if params.has_key?(:openid_url) - puts '[OPENID] The conventional field name has changed from "openid_url" to "openid_identifier"' - end - + def using_open_id?(identity_url = nil) #:doc: + identity_url ||= params[:openid_identifier] || params[:openid_url] !identity_url.blank? || params[:open_id_complete] end - def authenticate_with_open_id(identity_url = params[:openid_identifier], options = {}, &block) #:doc: - if params.has_key?(:openid_url) - puts '[OPENID] The conventional field name has changed from "openid_url" to "openid_identifier"' - end + def authenticate_with_open_id(identity_url = nil, options = {}, &block) #:doc: + identity_url ||= params[:openid_identifier] || params[:openid_url] if params[:open_id_complete].nil? begin_open_id_authentication(identity_url, options, &block) @@ -108,10 +104,12 @@ module OpenIdAuthentication private def begin_open_id_authentication(identity_url, options = {}) identity_url = normalize_url(identity_url) - return_to = options.delete(:return_to) + return_to = options.delete(:return_to) + method = options.delete(:method) + open_id_request = open_id_consumer.begin(identity_url) add_simple_registration_fields(open_id_request, options) - redirect_to(open_id_redirect_url(open_id_request, return_to)) + redirect_to(open_id_redirect_url(open_id_request, return_to, method)) rescue OpenIdAuthentication::InvalidOpenId => e yield Result[:invalid], identity_url, nil rescue OpenID::OpenIDError, Timeout::Error => e @@ -149,7 +147,8 @@ module OpenIdAuthentication open_id_request.add_extension(sreg_request) end - def open_id_redirect_url(open_id_request, return_to = nil) + def open_id_redirect_url(open_id_request, return_to = nil, method = nil) + open_id_request.return_to_args['_method'] = (method || request.method).to_s open_id_request.return_to_args['open_id_complete'] = '1' open_id_request.redirect_url(root_url, return_to || requested_url) end lib/open_id_authentication.rb 2c4d86d7fd2db200ff52c9e48f8811643b7e0c6f Joshua Peek josh@joshpeek.com http://github.com/rails/open_id_authentication/commit/3382bc49d6c1e6448f67c54e8c2ab059a051a155 3382bc49d6c1e6448f67c54e8c2ab059a051a155 2008-08-21T15:44:09-07:00 2008-08-21T15:44:09-07:00 Fake HTTP method from OpenID server since they only support a GET. Eliminates the need to set an extra route to match the server's reply. 815d581bc7d908a38a502094d26fef179d33e708 Joshua Peek josh@joshpeek.com