From fb20816fd9a20f85d565b495cba775e638b93243 Mon Sep 17 00:00:00 2001 From: Rick Olson Date: Mon, 21 Apr 2008 23:38:23 -0500 Subject: [PATCH] Add Timeout protection Signed-off-by: Joshua Peek --- CHANGELOG | 2 ++ lib/open_id_authentication.rb | 1 + lib/open_id_authentication/timeout_fixes.rb | 20 ++++++++++++++++++++ 3 files changed, 23 insertions(+) create mode 100644 lib/open_id_authentication/timeout_fixes.rb diff --git a/CHANGELOG b/CHANGELOG index 6da8bf6..ea5efab 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,5 @@ +* Add Timeout protection [Rick] + * An invalid identity url passed through authenticate_with_open_id will no longer raise an InvalidOpenId exception. Instead it will return Result[:missing] to the completion block. * Allow a return_to option to be used instead of the requested url [Josh Peek] diff --git a/lib/open_id_authentication.rb b/lib/open_id_authentication.rb index eb938f9..42fbd42 100644 --- a/lib/open_id_authentication.rb +++ b/lib/open_id_authentication.rb @@ -1,6 +1,7 @@ require 'uri' require 'openid/extensions/sreg' require 'openid/store/filesystem' +require File.join(File.dirname(__FILE__), 'open_id_authentication/timeout_fixes') if OpenID::VERSION == "2.0.4" module OpenIdAuthentication OPEN_ID_AUTHENTICATION_DIR = RAILS_ROOT + "/tmp/openids" diff --git a/lib/open_id_authentication/timeout_fixes.rb b/lib/open_id_authentication/timeout_fixes.rb new file mode 100644 index 0000000..cc711c9 --- /dev/null +++ b/lib/open_id_authentication/timeout_fixes.rb @@ -0,0 +1,20 @@ +# http://trac.openidenabled.com/trac/ticket/156 +module OpenID + @@timeout_threshold = 20 + + def self.timeout_threshold + @@timeout_threshold + end + + def self.timeout_threshold=(value) + @@timeout_threshold = value + end + + class StandardFetcher + def make_http(uri) + http = @proxy.new(uri.host, uri.port) + http.read_timeout = http.open_timeout = OpenID.timeout_threshold + http + end + end +end \ No newline at end of file