Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Erlang consumer library for OpenID
Erlang
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
dep
ebin
include
src
.gitignore
.gitmodules
Emakefile
LICENSE
Makefile
README.md
dep.inc

README.md

This is an implementation of OpenID version 1.1.

(NB: IT DOES NOT (YET) IMPLEMENT THE DUMB MODE!)

Requirements: at least R12B-5 it can also make use of Yaws/Mochiweb/trane if available)

Start Erlang as:

erl -pa ./ebin -pa ~/svn/mochiweb-read-only/ebin -s eopenid

NB: MAKE SURE YOU ACTUALLY START eopenid AS ABOVE, OR CALL application:start(eopenid) ELSEWHERE IN YOUR STARTUP CODE!!

At the moment you can try it out as shown below (nb: change the values according to your setup). Also, this example is using some Nitrogen code (wf.erl):

[ClaimedId] = wf:q(claimed_id),
Dict0 = eopenid_lib:foldf(
          [eopenid_lib:in("openid.return_to", 
                          "http://www.tornkvist.org:8002/web/openid"),
           eopenid_lib:in("openid.trust_root", 
                          "http://www.tornkvist.org:8002")
          ], eopenid_lib:new()),
{ok,Dict1} = eopenid_v1:discover(ClaimedId, Dict0),
{ok,Dict2} = eopenid_v1:associate(Dict1),
{ok, Url}  = eopenid_v1:checkid_setup(Dict2).
wf:session(eopenid_dict, Dict2),
wf:redirect(Url)

The above will perform DISCOVER, ASSOCIATE, CHECKID_SETUP and return the Url to be used for redirecting the client. Note that an associate request only is made the first time eopenid see a new Provider (the Association is cached the very first time). The Nitrogen framework will in this example send a redirect to the client, who will login to its Provider and (again) will be redirected, this time to the return_to address.

At the return_to address we have the following code which verifies the signed keys that the Provider sent along with the redirect in the returned_to Url:

Dict = wf:session(eopenid_dict),
RawPath = wf_platform:get_raw_path(),
%% assertion
true = eopenid_v1:verify_signed_keys(RawPath, Dict),
ClaimedId = eopenid_lib:out("openid.claimed_id", Dict),
wf:user(ClaimedId),
wf:redirect("/web/write/")

Finally, the authenticated user is redirected to the protected page.

TODO:

  • Dumb mode.
  • Cleanup the code.
Something went wrong with that request. Please try again.