Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Axe DB store, use memcache.

  • Loading branch information...
commit ee5be2f26c37049f6c37e113627a34c1ef6d35cd 1 parent b9a0759
@josh josh authored
View
26 README
@@ -14,22 +14,14 @@ The specification used is http://openid.net/specs/openid-authentication-2_0.html
Prerequisites
=============
-OpenID authentication uses the session, so be sure that you haven't turned that off. It also relies on a number of
-database tables to store the authentication keys. So you'll have to run the migration to create these before you get started:
-
- rake open_id_authentication:db:create
-
-Or, use the included generators to install or upgrade:
-
- ./script/generate open_id_authentication_tables MigrationName
- ./script/generate upgrade_open_id_authentication_tables MigrationName
+OpenID authentication uses the session, so be sure that you haven't turned that off.
Alternatively, you can use the file-based store, which just relies on on tmp/openids being present in RAILS_ROOT. But be aware that this store only works if you have a single application server. And it's not safe to use across NFS. It's recommended that you use the database store if at all possible. To use the file-based store, you'll also have to add this line to your config/environment.rb:
OpenIdAuthentication.store = :file
This particular plugin also relies on the fact that the authentication action allows for both POST and GET operations.
-If you're using RESTful authentication, you'll need to explicitly allow for this in your routes.rb.
+If you're using RESTful authentication, you'll need to explicitly allow for this in your routes.rb.
The plugin also expects to find a root_url method that points to the home page of your site. You can accomplish this by using a root route in config/routes.rb:
@@ -53,7 +45,7 @@ Also of note is the following code block used in the example below:
authenticate_with_open_id do |result, identity_url|
...
end
-
+
In the above code block, 'identity_url' will need to match user.identity_url exactly. 'identity_url' will be a string in the form of 'http://example.com' -
If you are storing just 'example.com' with your user, the lookup will fail.
@@ -131,8 +123,8 @@ app/controllers/sessions_controller.rb
end
end
end
-
-
+
+
private
def successful_login
session[:user_id] = @current_user.id
@@ -171,7 +163,7 @@ You can support it in your app by changing #open_id_authentication
def open_id_authentication(identity_url)
# Pass optional :required and :optional keys to specify what sreg fields you want.
# Be sure to yield registration, a third argument in the #authenticate_with_open_id block.
- authenticate_with_open_id(identity_url,
+ authenticate_with_open_id(identity_url,
:required => [ :nickname, :email ],
:optional => :fullname) do |result, identity_url, registration|
case result.status
@@ -199,7 +191,7 @@ You can support it in your app by changing #open_id_authentication
end
end
end
-
+
# registration is a hash containing the valid sreg keys given above
# use this to map them to fields of your user model
def assign_registration_attributes!(registration)
@@ -221,9 +213,9 @@ Some OpenID providers also support the OpenID AX (attribute exchange) protocol f
Accessing AX data is very similar to the Simple Registration process, described above -- just add the URI identifier for the AX field to your :optional or :required parameters. For example:
- authenticate_with_open_id(identity_url,
+ authenticate_with_open_id(identity_url,
:required => [ :email, 'http://schema.openid.net/birthDate' ]) do |result, identity_url, registration|
-
+
This would provide the sreg data for :email, and the AX data for 'http://schema.openid.net/birthDate'
View
11 generators/open_id_authentication_tables/open_id_authentication_tables_generator.rb
@@ -1,11 +0,0 @@
-class OpenIdAuthenticationTablesGenerator < Rails::Generator::NamedBase
- def initialize(runtime_args, runtime_options = {})
- super
- end
-
- def manifest
- record do |m|
- m.migration_template 'migration.rb', 'db/migrate'
- end
- end
-end
View
20 generators/open_id_authentication_tables/templates/migration.rb
@@ -1,20 +0,0 @@
-class <%= class_name %> < ActiveRecord::Migration
- def self.up
- create_table :open_id_authentication_associations, :force => true do |t|
- t.integer :issued, :lifetime
- t.string :handle, :assoc_type
- t.binary :server_url, :secret
- end
-
- create_table :open_id_authentication_nonces, :force => true do |t|
- t.integer :timestamp, :null => false
- t.string :server_url, :null => true
- t.string :salt, :null => false
- end
- end
-
- def self.down
- drop_table :open_id_authentication_associations
- drop_table :open_id_authentication_nonces
- end
-end
View
26 generators/upgrade_open_id_authentication_tables/templates/migration.rb
@@ -1,26 +0,0 @@
-class <%= class_name %> < ActiveRecord::Migration
- def self.up
- drop_table :open_id_authentication_settings
- drop_table :open_id_authentication_nonces
-
- create_table :open_id_authentication_nonces, :force => true do |t|
- t.integer :timestamp, :null => false
- t.string :server_url, :null => true
- t.string :salt, :null => false
- end
- end
-
- def self.down
- drop_table :open_id_authentication_nonces
-
- create_table :open_id_authentication_nonces, :force => true do |t|
- t.integer :created
- t.string :nonce
- end
-
- create_table :open_id_authentication_settings, :force => true do |t|
- t.string :setting
- t.binary :value
- end
- end
-end
View
11 generators/upgrade_open_id_authentication_tables/upgrade_open_id_authentication_tables_generator.rb
@@ -1,11 +0,0 @@
-class UpgradeOpenIdAuthenticationTablesGenerator < Rails::Generator::NamedBase
- def initialize(runtime_args, runtime_options = {})
- super
- end
-
- def manifest
- record do |m|
- m.migration_template 'migration.rb', 'db/migrate'
- end
- end
-end
View
9 lib/open_id_authentication.rb
@@ -4,9 +4,6 @@
require 'openid/extensions/ax'
require 'openid/store/filesystem'
-require 'open_id_authentication/association'
-require 'open_id_authentication/nonce'
-require 'open_id_authentication/db_store'
require 'open_id_authentication/timeout_fixes' if OpenID::VERSION == "2.0.4"
require File.dirname(__FILE__) + '/../vendor/rack-openid/lib/rack/openid'
@@ -26,8 +23,8 @@ def self.store=(*store_option)
store, *parameters = *([ store_option ].flatten)
@@store = case store
- when :db
- OpenIdAuthentication::DbStore.new
+ when :memory
+ OpenID::Store::Memory.new
when :file
OpenID::Store::Filesystem.new(OPEN_ID_AUTHENTICATION_DIR)
else
@@ -35,7 +32,7 @@ def self.store=(*store_option)
end
end
- self.store = :db
+ self.store = :memory
class Result
ERROR_MESSAGES = {
View
9 lib/open_id_authentication/association.rb
@@ -1,9 +0,0 @@
-module OpenIdAuthentication
- class Association < ActiveRecord::Base
- set_table_name :open_id_authentication_associations
-
- def from_record
- OpenID::Association.new(handle, secret, issued, lifetime, assoc_type)
- end
- end
-end
View
55 lib/open_id_authentication/db_store.rb
@@ -1,55 +0,0 @@
-require 'openid/store/interface'
-
-module OpenIdAuthentication
- class DbStore < OpenID::Store::Interface
- def self.cleanup_nonces
- now = Time.now.to_i
- Nonce.delete_all(["timestamp > ? OR timestamp < ?", now + OpenID::Nonce.skew, now - OpenID::Nonce.skew])
- end
-
- def self.cleanup_associations
- now = Time.now.to_i
- Association.delete_all(['issued + lifetime > ?',now])
- end
-
- def store_association(server_url, assoc)
- remove_association(server_url, assoc.handle)
- Association.create(:server_url => server_url,
- :handle => assoc.handle,
- :secret => assoc.secret,
- :issued => assoc.issued,
- :lifetime => assoc.lifetime,
- :assoc_type => assoc.assoc_type)
- end
-
- def get_association(server_url, handle = nil)
- assocs = if handle.blank?
- Association.find_all_by_server_url(server_url)
- else
- Association.find_all_by_server_url_and_handle(server_url, handle)
- end
-
- assocs.reverse.each do |assoc|
- a = assoc.from_record
- if a.expires_in == 0
- assoc.destroy
- else
- return a
- end
- end if assocs.any?
-
- return nil
- end
-
- def remove_association(server_url, handle)
- Association.delete_all(['server_url = ? AND handle = ?', server_url, handle]) > 0
- end
-
- def use_nonce(server_url, timestamp, salt)
- return false if Nonce.find_by_server_url_and_timestamp_and_salt(server_url, timestamp, salt)
- return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
- Nonce.create(:server_url => server_url, :timestamp => timestamp, :salt => salt)
- return true
- end
- end
-end
View
5 lib/open_id_authentication/nonce.rb
@@ -1,5 +0,0 @@
-module OpenIdAuthentication
- class Nonce < ActiveRecord::Base
- set_table_name :open_id_authentication_nonces
- end
-end
View
30 tasks/open_id_authentication_tasks.rake
@@ -1,30 +0,0 @@
-namespace :open_id_authentication do
- namespace :db do
- desc "Creates authentication tables for use with OpenIdAuthentication"
- task :create => :environment do
- generate_migration(["open_id_authentication_tables", "add_open_id_authentication_tables"])
- end
-
- desc "Upgrade authentication tables from ruby-openid 1.x.x to 2.x.x"
- task :upgrade => :environment do
- generate_migration(["upgrade_open_id_authentication_tables", "upgrade_open_id_authentication_tables"])
- end
-
- def generate_migration(args)
- require 'rails_generator'
- require 'rails_generator/scripts/generate'
-
- if ActiveRecord::Base.connection.supports_migrations?
- Rails::Generator::Scripts::Generate.new.run(args)
- else
- raise "Task unavailable to this database (no migration support)"
- end
- end
-
- desc "Clear the authentication tables"
- task :clear => :environment do
- OpenIdAuthentication::DbStore.cleanup_nonces
- OpenIdAuthentication::DbStore.cleanup_associations
- end
- end
-end
Please sign in to comment.
Something went wrong with that request. Please try again.