Local and remote OpenID Ownings

app/models/open_id_owning.rb

@@ -6,5 +6,8 @@ class OpenIdOwning < ActiveRecord::Base
   belongs_to :agent, :polymorphic => true
   belongs_to :uri
 
+  named_scope :local, lambda { { :conditions => { :local => true } } }
+  named_scope :remote, lambda { { :conditions => { :local => false } } }
+
   validates_presence_of :agent_id, :agent_type, :uri_id
 end

app/models/open_id_trust.rb

@@ -1,4 +1,6 @@
-# Agents with OpenID Server have OpenID trusts when approve sign in a Remote Server
+# Agents with OpenID Server have OpenID trusts when approve signing in a Remote Server
+#
+# The URI of the Remove Server is the trusted URI
 #
 class OpenIdTrust < ActiveRecord::Base
   belongs_to :agent, :polymorphic => true

db/migrate/station_3_to_4.rb

@@ -14,6 +14,10 @@ def self.up
 
     drop_table :categories
     drop_table :categorizations
+
+    # local column should be in OpenID ownings, not in OpenID trusts
+    remove_column :open_id_trusts, :local
+    add_column :open_id_ownings, :local, :boolean, :default => false
   end
 
   def self.down
@@ -39,5 +43,9 @@ def self.down
       t.integer :categorizable_id
       t.string  :categorizable_type
     end
+
+    # local column should be in OpenID ownings, not in OpenID trusts
+    add_column :open_id_trusts, :local, :boolean, :default => false
+    remove_column :open_id_ownings, :local
   end
 end

generators/station/templates/migration.rb

@@ -67,13 +67,13 @@ def self.up
       t.integer :agent_id
       t.string  :agent_type
       t.integer :uri_id
+      t.boolean :local, :default => false
     end
 
     create_table :open_id_trusts do |t|
       t.integer :agent_id
       t.string  :agent_type
       t.integer :uri_id
-      t.boolean :local, :default => false
     end
 
 

lib/active_record/agent.rb

@@ -148,7 +148,8 @@ def needs_password?
         # False is Login/Password is not supported by this Agent
         return false unless agent_options[:authentication].include?(:login_and_password)
         # False if OpenID is suported and there is already an OpenID Owning associated
-        ! (agent_options[:authentication].include?(:openid) && !openid_identifier.blank?)
+        ! (agent_options[:authentication].include?(:openid) &&
+             openid_identifier.present? || openid_ownings.remote.any?)
       end
 
       # All Stages in which this Agent has a Performance

lib/active_record/agent/authentication/openid.rb

@@ -23,9 +23,13 @@ def self.included(base) #:nodoc:
 
         module ClassMethods
           # Find first Agent of this class owning this OpenID URI
+          #
+          # OpenIdOwning must be remote, since authenticated using local
+          # OpenID is a chicken and egg action.
           def authenticate_with_openid(uri)
-            owning = uri.openid_ownings.find :first,
-                                             :conditions => [ "agent_type = ?", self.to_s ]
+            owning =
+              uri.openid_ownings.remote.find :first,
+                                               :conditions => { :agent_type => self.name }
             owning ? owning.agent : nil
           end
         end

lib/active_record/agent/openid_server.rb

@@ -35,11 +35,13 @@ module InstanceMethods
         # Create OpenID Ownings for the URIs hosted in this server
         def create_openid_server_ownings
           uris_path = "#{ Site.current.domain }/#{ self.class.to_s.tableize }/#{ to_param }"
-          uris = [ Uri.find_or_create_by_uri("http://#{ uris_path }", :local => true) ]
-          uris << Uri.find_or_create_by_uri("https://#{ uris_path }", :local => true) if Site.current.ssl?
+          uris = [ Uri.find_or_create_by_uri("http://#{ uris_path }") ]
+          uris << Uri.find_or_create_by_uri("https://#{ uris_path }") if Site.current.ssl?
 
           uris.each do |u|
-            openid_uris << u unless openid_uris.include?(u)
+            unless openid_ownings.local.map(&:uri).include?(u)
+              openid_ownings.local.create :uri => u
+            end
           end
         end
       end