Class: Rack::OpenID

Inherits:

Object

• Object
• Rack::OpenID

Defined in:

lib/rack/openid.rb,
lib/rack/openid/version.rb,
lib/rack/openid/simple_auth.rb

Overview

A Rack middleware that provides a more HTTPish API around the ruby-openid library.

You trigger an OpenID request similar to HTTP authentication. From your app, return a “401 Unauthorized” and a “WWW-Authenticate” header with the identifier you would like to validate.

On competition, the OpenID response is automatically verified and assigned to env.

Defined Under Namespace

Modules: Version Classes: MissingResponse, SimpleAuth, TimeoutResponse

Constant Summary

HTTP_METHODS =

%w(GET HEAD PUT POST DELETE OPTIONS)

RESPONSE =

"rack.openid.response"

AUTHENTICATE_HEADER =

"WWW-Authenticate"

AUTHENTICATE_REGEXP =

/^OpenID/

URL_FIELD_SELECTOR =

lambda { |field| field.to_s =~ %r{^https?://} }

Class Method Summary

• .build_header(params = {}) ⇒ Object

  Helper method for building the “WWW-Authenticate” header value.

• .parse_header(str) ⇒ Object

  Helper method for parsing “WWW-Authenticate” header values into a hash.

Instance Method Summary

• #call(env) ⇒ Object

  Standard Rack call dispatch that accepts an env and returns a [status, header, body] response.

• #initialize(app, store = nil) ⇒ OpenID constructor

  Initialize middleware with application and optional OpenID::Store.

Constructor Details

#initialize(app, store = nil) ⇒ OpenID

Initialize middleware with application and optional OpenID::Store. If no store is given, OpenID::Store::Memory is used.

use Rack::OpenID

or

use Rack::OpenID, OpenID::Store::Memcache.new

# File 'lib/rack/openid.rb', line 89

def initialize(app, store = nil)
  @app = app
  @store = store || default_store
end

Class Method Details

.build_header(params = {}) ⇒ Object

Helper method for building the “WWW-Authenticate” header value.

Rack::OpenID.build_header(:identifier => "http://josh.openid.com/")
  #=> OpenID identifier="http://josh.openid.com/"

# File 'lib/rack/openid.rb', line 32

def build_header(params = {})
  "OpenID " + params.map { |key, value|
    if value.is_a?(Array)
      "#{key}=\"#{value.join(",")}\""
    else
      "#{key}=\"#{value}\""
    end
  }.join(", ")
end

.parse_header(str) ⇒ Object

Helper method for parsing “WWW-Authenticate” header values into a hash.

Rack::OpenID.parse_header("OpenID identifier='http://josh.openid.com/'")
  #=> {:identifier => "http://josh.openid.com/"}

# File 'lib/rack/openid.rb', line 47

def parse_header(str)
  params = {}
  if AUTHENTICATE_REGEXP.match?(str)
    str = str.gsub(/#{AUTHENTICATE_REGEXP}\s+/o, "")
    str.split(", ").each { |pair|
      key, *value = pair.split("=")
      value = value.join("=")
      value.gsub!(/^\"/, "").gsub!(/\"$/, "")
      value = value.split(",")
      params[key] = (value.length > 1) ? value : value.first
    }
  end
  params
end

Instance Method Details

#call(env) ⇒ Object

Standard Rack call dispatch that accepts an env and returns a [status, header, body] response.

# File 'lib/rack/openid.rb', line 96

def call(env)
  req = Rack::Request.new(env)

  sanitize_params!(req.params)

  if req.params["openid.mode"]
    complete_authentication(env)
  end

  status, headers, body = @app.call(env)

  qs = headers[AUTHENTICATE_HEADER]
  if status.to_i == 401 && qs && qs.match(AUTHENTICATE_REGEXP)
    begin_authentication(env, qs)
  else
    [status, headers, body]
  end
end