libramaze-ruby1.8 2010.06.18-2 / usr / lib / ruby / 1.8 / ramaze / helper / identity.rb

This file is indexed.

/usr/lib/ruby/1.8/ramaze/helper/identity.rb is in libramaze-ruby1.8 2010.06.18-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#          Copyright (c) 2008 Michael Fellinger m.fellinger@gmail.com
# All files in this distribution are subject to the terms of the Ruby license.

require 'openid'
require 'openid/store/filesystem'
require 'openid/extensions/pape'
require 'openid/extensions/sreg'

module Ramaze

  openid_store_file = ::File.join(Ramaze.options.roots[0], '/tmp', 'openid-store')

  # Constant for storing meta-information persistent
  OpenIDStore = OpenID::Store::Filesystem.new(openid_store_file)

  # This is called Identity to avoid collisions with the original openid.rb
  # It provides a nice and simple way to provide and control access over the
  # OpenID authentication model.

  module Helper
    module Identity
      LOOKUP << self

      # Simple form for use or overwriting.
      # Has to provide the same functionality when overwritten or directly
      # embedded into a page.
      def openid_login_form(caption="login")
        %{
<form method="GET" action="#{rs(:openid_begin)}">
  Identity URL: <input type="text" name="url" />
  <input type="submit" value="#{caption}"/>
</form>
        }
      end

      # We land here from the openid_login_form and if we can find a matching
      # OpenID server we redirect the user to it, the browser will return to
      # openid_complete when the authentication is complete.
      def openid_begin
        # The OpenID URL pointing to a user's OpenID page,
        # for example: http://username.myopenid.com)
        url = request['url']
        redirect_referrer if url.to_s.empty?
        session[:openid] ||= {}
        session[:openid][:entry] = request.referrer

        openid_request = openid_consumer.begin(url)

        # We want these communications to be a secure as the server can
        # support!
        papereq = OpenID::PAPE::Request.new
        papereq.add_policy_uri(OpenID::PAPE::AUTH_PHISHING_RESISTANT)
        papereq.max_auth_age = 2*60*60
        openid_request.add_extension(papereq)

        # Request information about the person
        sregreq = OpenID::SReg::Request.new
        sregreq.request_fields(['fullname', 'nickname', 'dob', 'email',
                               'gender', 'postcode', 'country', 'language',
                               'timezone'])
        openid_request.add_extension(sregreq)
        openid_request.return_to_args['did_pape'] = 'y'

        root      = "http://#{request.http_host}/"
        return_to = request.domain(rs(:openid_complete)).to_s
        immediate = false

        if openid_request.send_redirect?(root, return_to, immediate)
          redirect_url =
            openid_request.redirect_url(root, return_to, immediate)
          raw_redirect redirect_url
        else
          # what the hell is @form_text ?
        end

      rescue OpenID::OpenIDError => ex
        flash[:error] = "Discovery failed for #{url}: #{ex}"
        raw_redirect rs(:/)
      end

      # After having authenticated at the OpenID server browsers are redirected
      # back here and on success we set the session[:openid][:identity] and a little
      # default flash message. Then we redirect to wherever session[:openid][:entry]
      # points us to, which was set on openid_begin to the referrer
      #
      # TODO:
      #   - maybe using StackHelper, but this is a really minimal overlap?
      def openid_complete
        openid_response = openid_consumer.complete(request.params, request.url)

        case openid_response.status
        when OpenID::Consumer::FAILURE
          flash[:error] = "OpenID - Verification failed: #{openid_response.message}"
        when OpenID::Consumer::SUCCESS
          # Backwards compatibility
          session[:openid][:identity] = openid_response.identity_url
          session[:openid][:sreg] = OpenID::SReg::Response.from_success_response(openid_response)

          # Forward compatibility :)
          session[:openid_identity] = openid_response.identity_url
          session[:openid_sreg] = OpenID::SReg::Response.from_success_response(openid_response)

          flash[:success] = 'OpenID - Verification done.'
        end

        session.delete(:_openid_consumer_service)

        raw_redirect session[:openid][:entry]
      end

      private

      # Fetch/Create a OpenID::Consumer for current session.
      def openid_consumer
        OpenID::Consumer.new(session, Ramaze::OpenIDStore)
      end
    end
  end
end

APT Browse - Built by Thomas Orozco.