Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Bundling rack-openid

  • Loading branch information...
commit b0519047c11d4611e868ee93852f860bdd21aec9 1 parent 9b1d0a2
Chad Humphries and Jon Distad authored
View
1  Gemfile
@@ -3,6 +3,7 @@ source "http://rubygems.org"
gem "rake", "0.8.7"
gem "rails", "2.3.5"
gem "ruby-openid", "2.1.7"
+gem "rack-openid", "1.0.3", :require => nil
gem "pg", "0.9.0"
gem "rdiscount", "1.6.5"
View
4 Gemfile.lock
@@ -21,6 +21,9 @@ GEM
levenshtein (0.2.0)
pg (0.9.0)
rack (1.0.1)
+ rack-openid (1.0.3)
+ rack (>= 0.4)
+ ruby-openid (>= 2.1.6)
rails (2.3.5)
actionmailer (= 2.3.5)
actionpack (= 2.3.5)
@@ -45,6 +48,7 @@ DEPENDENCIES
flexmock (= 0.8.7)
levenshtein (= 0.2.0)
pg (= 0.9.0)
+ rack-openid (= 1.0.3)
rails (= 2.3.5)
rake (= 0.8.7)
rcov (= 0.9.9)
View
4 config/database.example.yml
@@ -11,3 +11,7 @@ development:
test:
database: clojuredocs_test
<<: *shared
+
+production:
+ database: clojuredocs_production
+ <<: *shared
View
2  db/schema.rb
@@ -15,7 +15,7 @@
t.integer "commentable_id", :default => 0
t.string "commentable_type", :limit => 15, :default => ""
t.string "title", :default => ""
- t.text "body"
+ t.text "body", :default => ""
t.string "subject", :default => ""
t.integer "user_id", :default => 0, :null => false
t.integer "parent_id"
View
77 vendor/please_remove_me_gems/rack-openid-1.0.3/.specification
@@ -1,77 +0,0 @@
---- !ruby/object:Gem::Specification
-name: rack-openid
-version: !ruby/object:Gem::Version
- version: 1.0.3
-platform: ruby
-authors:
-- Joshua Peek
-autorequire:
-bindir: bin
-cert_chain: []
-
-date: 2010-04-16 00:00:00 -06:00
-default_executable:
-dependencies:
-- !ruby/object:Gem::Dependency
- name: rack
- type: :runtime
- version_requirement:
- version_requirements: !ruby/object:Gem::Requirement
- requirements:
- - - ">="
- - !ruby/object:Gem::Version
- version: "0.4"
- version:
-- !ruby/object:Gem::Dependency
- name: ruby-openid
- type: :runtime
- version_requirement:
- version_requirements: !ruby/object:Gem::Requirement
- requirements:
- - - ">="
- - !ruby/object:Gem::Version
- version: 2.1.6
- version:
-description: Provides a more HTTPish API around the ruby-openid library
-email: josh@joshpeek.com
-executables: []
-
-extensions: []
-
-extra_rdoc_files:
-- LICENSE
-- README.rdoc
-files:
-- lib/rack/openid.rb
-- LICENSE
-- README.rdoc
-has_rdoc: true
-homepage: http://github.com/josh/rack-openid
-licenses: []
-
-post_install_message:
-rdoc_options: []
-
-require_paths:
-- lib
-required_ruby_version: !ruby/object:Gem::Requirement
- requirements:
- - - ">="
- - !ruby/object:Gem::Version
- version: "0"
- version:
-required_rubygems_version: !ruby/object:Gem::Requirement
- requirements:
- - - ">="
- - !ruby/object:Gem::Version
- version: "0"
- version:
-requirements: []
-
-rubyforge_project:
-rubygems_version: 1.3.5
-signing_key:
-specification_version: 3
-summary: Provides a more HTTPish API around the ruby-openid library
-test_files: []
-
View
20 vendor/please_remove_me_gems/rack-openid-1.0.3/LICENSE
@@ -1,20 +0,0 @@
-Copyright (c) 2010 Joshua Peek
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
View
70 vendor/please_remove_me_gems/rack-openid-1.0.3/README.rdoc
@@ -1,70 +0,0 @@
-= Rack::OpenID
-
-Provides a more HTTPish API around the ruby-openid library.
-
-=== Usage
-
-You trigger an OpenID request similar to HTTP authentication. From your app, return a "401 Unauthorized" and a "WWW-Authenticate" header with the identifier you would like to validate.
-
-On competition, the OpenID response is automatically verified and assigned to
-<tt>env["rack.openid.response"]</tt>.
-
-=== Rack Example
-
- MyApp = lambda { |env|
- if resp = env["rack.openid.response"]
- case resp.status
- when :success
- ...
- when :failure
- ...
- else
- [401, {"WWW-Authenticate" => 'OpenID identifier="http://example.com/"'}, []]
- end
- }
-
- use Rack::OpenID
- run MyApp
-
-=== Sinatra Example
-
- # Session needs to be before Rack::OpenID
- use Rack::Session::Cookie
-
- require 'rack/openid'
- use Rack::OpenID
-
- get '/login' do
- erb :login
- end
-
- post '/login' do
- if resp = request.env["rack.openid.response"]
- if resp.status == :success
- "Welcome: #{resp.display_identifier}"
- else
- "Error: #{resp.status}"
- end
- else
- headers 'WWW-Authenticate' => Rack::OpenID.build_header(
- :identifier => params["openid_identifier"]
- )
- throw :halt, [401, 'got openid?']
- end
- end
-
- use_in_file_templates!
-
- __END__
-
- @@ login
- <form action="/login" method="post">
- <p>
- <label for="openid_identifier">OpenID:</label>
- <input id="openid_identifier" name="openid_identifier" type="text" />
- </p>
-
- <p>
- <input name="commit" type="submit" value="Sign in" />
- </p>
- </form>
View
255 vendor/please_remove_me_gems/rack-openid-1.0.3/lib/rack/openid.rb
@@ -1,255 +0,0 @@
-require 'rack/request'
-require 'rack/utils'
-
-require 'openid'
-require 'openid/consumer'
-require 'openid/extensions/sreg'
-require 'openid/extensions/ax'
-
-module Rack #:nodoc:
- # A Rack middleware that provides a more HTTPish API around the
- # ruby-openid library.
- #
- # You trigger an OpenID request similar to HTTP authentication.
- # From your app, return a "401 Unauthorized" and a "WWW-Authenticate"
- # header with the identifier you would like to validate.
- #
- # On competition, the OpenID response is automatically verified and
- # assigned to <tt>env["rack.openid.response"]</tt>.
- class OpenID
- # Helper method for building the "WWW-Authenticate" header value.
- #
- # Rack::OpenID.build_header(:identifier => "http://josh.openid.com/")
- # #=> OpenID identifier="http://josh.openid.com/"
- def self.build_header(params = {})
- 'OpenID ' + params.map { |key, value|
- if value.is_a?(Array)
- "#{key}=\"#{value.join(',')}\""
- else
- "#{key}=\"#{value}\""
- end
- }.join(', ')
- end
-
- # Helper method for parsing "WWW-Authenticate" header values into
- # a hash.
- #
- # Rack::OpenID.parse_header("OpenID identifier='http://josh.openid.com/'")
- # #=> {:identifier => "http://josh.openid.com/"}
- def self.parse_header(str)
- params = {}
- if str =~ AUTHENTICATE_REGEXP
- str = str.gsub(/#{AUTHENTICATE_REGEXP}\s+/, '')
- str.split(', ').each { |pair|
- key, *value = pair.split('=')
- value = value.join('=')
- value.gsub!(/^\"/, '').gsub!(/\"$/, "")
- value = value.split(',')
- params[key] = value.length > 1 ? value : value.first
- }
- end
- params
- end
-
- class TimeoutResponse #:nodoc:
- include ::OpenID::Consumer::Response
- STATUS = :failure
- end
-
- class MissingResponse #:nodoc:
- include ::OpenID::Consumer::Response
- STATUS = :missing
- end
-
- # :stopdoc:
-
- HTTP_METHODS = %w(GET HEAD PUT POST DELETE OPTIONS)
-
- RESPONSE = "rack.openid.response".freeze
- AUTHENTICATE_HEADER = "WWW-Authenticate".freeze
- AUTHENTICATE_REGEXP = /^OpenID/.freeze
-
- URL_FIELD_SELECTOR = lambda { |field| field.to_s =~ %r{^https?://} }
-
- # :startdoc:
-
- # Initialize middleware with application and optional OpenID::Store.
- # If no store is given, OpenID::Store::Memory is used.
- #
- # use Rack::OpenID
- #
- # or
- #
- # use Rack::OpenID, OpenID::Store::Memcache.new
- def initialize(app, store = nil)
- @app = app
- @store = store || default_store
- freeze
- end
-
- # Standard Rack +call+ dispatch that accepts an +env+ and
- # returns a <tt>[status, header, body]</tt> response.
- def call(env)
- req = Rack::Request.new(env)
- if req.params["openid.mode"]
- complete_authentication(env)
- end
-
- status, headers, body = @app.call(env)
-
- qs = headers[AUTHENTICATE_HEADER]
- if status.to_i == 401 && qs && qs.match(AUTHENTICATE_REGEXP)
- begin_authentication(env, qs)
- else
- [status, headers, body]
- end
- end
-
- private
- def begin_authentication(env, qs)
- req = Rack::Request.new(env)
- params = self.class.parse_header(qs)
- session = env["rack.session"]
-
- unless session
- raise RuntimeError, "Rack::OpenID requires a session"
- end
-
- consumer = ::OpenID::Consumer.new(session, @store)
- identifier = params['identifier'] || params['identity']
-
- begin
- oidreq = consumer.begin(identifier)
- add_simple_registration_fields(oidreq, params)
- add_attribute_exchange_fields(oidreq, params)
- url = open_id_redirect_url(req, oidreq, params["trust_root"], params["return_to"], params["method"])
- return redirect_to(url)
- rescue ::OpenID::OpenIDError, Timeout::Error => e
- env[RESPONSE] = MissingResponse.new
- return @app.call(env)
- end
- end
-
- def complete_authentication(env)
- req = Rack::Request.new(env)
- session = env["rack.session"]
-
- unless session
- raise RuntimeError, "Rack::OpenID requires a session"
- end
-
- oidresp = timeout_protection_from_identity_server {
- consumer = ::OpenID::Consumer.new(session, @store)
- consumer.complete(req.params, req.url)
- }
-
- env[RESPONSE] = oidresp
-
- method = req.GET["_method"]
- override_request_method(env, method)
-
- sanitize_query_string(env)
- end
-
- def override_request_method(env, method)
- return unless method
- method = method.upcase
- if HTTP_METHODS.include?(method)
- env["REQUEST_METHOD"] = method
- end
- end
-
- def sanitize_query_string(env)
- query_hash = env["rack.request.query_hash"]
- query_hash.delete("_method")
- query_hash.delete_if do |key, value|
- key =~ /^openid\./
- end
-
- env["QUERY_STRING"] = env["rack.request.query_string"] =
- Rack::Utils.build_query(env["rack.request.query_hash"])
-
- qs = env["QUERY_STRING"]
- request_uri = (env["PATH_INFO"] || "").dup
- request_uri << "?" + qs unless qs == ""
- env["REQUEST_URI"] = request_uri
- end
-
- def realm_url(req)
- url = req.scheme + "://"
- url << req.host
-
- scheme, port = req.scheme, req.port
- if scheme == "https" && port != 443 ||
- scheme == "http" && port != 80
- url << ":#{port}"
- end
-
- url
- end
-
- def request_url(req)
- url = realm_url(req)
- url << req.script_name
- url << req.path_info
- url
- end
-
- def redirect_to(url)
- [303, {"Content-Type" => "text/html", "Location" => url}, []]
- end
-
- def open_id_redirect_url(req, oidreq, trust_root = nil, return_to = nil, method = nil)
- request_url = request_url(req)
-
- if return_to
- method ||= "get"
- else
- return_to = request_url
- method ||= req.request_method
- end
-
- method = method.to_s.downcase
- oidreq.return_to_args['_method'] = method unless method == "get"
- oidreq.redirect_url(trust_root || realm_url(req), return_to || request_url)
- end
-
- def add_simple_registration_fields(oidreq, fields)
- sregreq = ::OpenID::SReg::Request.new
-
- required = Array(fields['required']).reject(&URL_FIELD_SELECTOR)
- sregreq.request_fields(required, true) if required.any?
-
- optional = Array(fields['optional']).reject(&URL_FIELD_SELECTOR)
- sregreq.request_fields(optional, false) if optional.any?
-
- policy_url = fields['policy_url']
- sregreq.policy_url = policy_url if policy_url
-
- oidreq.add_extension(sregreq)
- end
-
- def add_attribute_exchange_fields(oidreq, fields)
- axreq = ::OpenID::AX::FetchRequest.new
-
- required = Array(fields['required']).select(&URL_FIELD_SELECTOR)
- required.each { |field| axreq.add(::OpenID::AX::AttrInfo.new(field, nil, true)) }
-
- optional = Array(fields['optional']).select(&URL_FIELD_SELECTOR)
- optional.each { |field| axreq.add(::OpenID::AX::AttrInfo.new(field, nil, false)) }
-
- oidreq.add_extension(axreq)
- end
-
- def default_store
- require 'openid/store/memory'
- ::OpenID::Store::Memory.new
- end
-
- def timeout_protection_from_identity_server
- yield
- rescue Timeout::Error
- TimeoutResponse.new
- end
- end
-end
Please sign in to comment.
Something went wrong with that request. Please try again.