ruby-openid-2.1.8debian.orig/ 0000755 0001750 0001750 00000000000 11753312574 014555 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/ 0000755 0001750 0001750 00000000000 11753312574 016373 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/ 0000755 0001750 0001750 00000000000 11753312574 023756 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/XXX_upgrade_open_id_store.rb 0000644 0001750 0001750 00000001404 11753312574 031411 0 ustar paul paul # Use this migration to upgrade the old 1.1 ActiveRecord store schema
# to the new 2.0 schema.
class UpgradeOpenIdStore < ActiveRecord::Migration
def self.up
drop_table "open_id_settings"
drop_table "open_id_nonces"
create_table "open_id_nonces", :force => true do |t|
t.column :server_url, :string, :null => false
t.column :timestamp, :integer, :null => false
t.column :salt, :string, :null => false
end
end
def self.down
drop_table "open_id_nonces"
create_table "open_id_nonces", :force => true do |t|
t.column "nonce", :string
t.column "created", :integer
end
create_table "open_id_settings", :force => true do |t|
t.column "setting", :string
t.column "value", :binary
end
end
end
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/init.rb 0000644 0001750 0001750 00000000203 11753312574 025241 0 ustar paul paul # might using the ruby-openid gem
begin
require 'rubygems'
rescue LoadError
nil
end
require 'openid'
require 'openid_ar_store'
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/README 0000644 0001750 0001750 00000003303 11753312574 024635 0 ustar paul paul =Active Record OpenID Store Plugin
A store is required by an OpenID server and optionally by the consumer
to store associations, nonces, and auth key information across
requests and processes. If rails is distributed across several
machines, they must must all have access to the same OpenID store
data, so the FilesystemStore won't do.
This directory contains a plugin for connecting your
OpenID enabled rails app to an ActiveRecord based OpenID store.
==Install
1) Copy this directory and all it's contents into your
RAILS_ROOT/vendor/plugins directory. You structure should look like
this:
RAILS_ROOT/vendor/plugins/active_record_openid_store/
2) Copy the migration, XXX_add_open_id_store_to_db.rb to your
RAILS_ROOT/db/migrate directory. Rename the XXX portion of the
file to next sequential migration number.
3) Run the migration:
rake migrate
4) Change your app to use the ActiveRecordOpenIDStore:
store = ActiveRecordOpenIDStore.new
consumer = OpenID::Consumer.new(session, store)
5) That's it! All your OpenID state will now be stored in the database.
==Upgrade
If you are upgrading from the 1.x ActiveRecord store, replace your old
RAILS_ROOT/vendor/plugins/active_record_openid_store/ directory with
the new one and run the migration XXX_upgrade_open_id_store.rb.
==What about garbage collection?
You may garbage collect unused nonces and expired associations using
the gc instance method of ActiveRecordOpenIDStore. Hook it up to a
task in your app's Rakefile like so:
desc 'GC OpenID store'
task :gc_openid_store => :environment do
ActiveRecordOpenIDStore.new.cleanup
end
Run it by typing:
rake gc_openid_store
==Questions?
Contact Dag Arneson: dag at janrain dot com
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/test/ 0000755 0001750 0001750 00000000000 11753312574 024735 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/test/store_test.rb 0000644 0001750 0001750 00000016226 11753312574 027464 0 ustar paul paul $:.unshift(File.dirname(__FILE__) + '/../lib')
require 'test/unit'
RAILS_ENV = "test"
require File.expand_path(File.join(File.dirname(__FILE__), '../../../../config/environment.rb'))
module StoreTestCase
@@allowed_handle = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
@@allowed_nonce = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
def _gen_nonce
OpenID::CryptUtil.random_string(8, @@allowed_nonce)
end
def _gen_handle(n)
OpenID::CryptUtil.random_string(n, @@allowed_handle)
end
def _gen_secret(n, chars=nil)
OpenID::CryptUtil.random_string(n, chars)
end
def _gen_assoc(issued, lifetime=600)
secret = _gen_secret(20)
handle = _gen_handle(128)
OpenID::Association.new(handle, secret, Time.now + issued, lifetime,
'HMAC-SHA1')
end
def _check_retrieve(url, handle=nil, expected=nil)
ret_assoc = @store.get_association(url, handle)
if expected.nil?
assert_nil(ret_assoc)
else
assert_equal(expected, ret_assoc)
assert_equal(expected.handle, ret_assoc.handle)
assert_equal(expected.secret, ret_assoc.secret)
end
end
def _check_remove(url, handle, expected)
present = @store.remove_association(url, handle)
assert_equal(expected, present)
end
def test_store
server_url = "http://www.myopenid.com/openid"
assoc = _gen_assoc(issued=0)
# Make sure that a missing association returns no result
_check_retrieve(server_url)
# Check that after storage, getting returns the same result
@store.store_association(server_url, assoc)
_check_retrieve(server_url, nil, assoc)
# more than once
_check_retrieve(server_url, nil, assoc)
# Storing more than once has no ill effect
@store.store_association(server_url, assoc)
_check_retrieve(server_url, nil, assoc)
# Removing an association that does not exist returns not present
_check_remove(server_url, assoc.handle + 'x', false)
# Removing an association that does not exist returns not present
_check_remove(server_url + 'x', assoc.handle, false)
# Removing an association that is present returns present
_check_remove(server_url, assoc.handle, true)
# but not present on subsequent calls
_check_remove(server_url, assoc.handle, false)
# Put assoc back in the store
@store.store_association(server_url, assoc)
# More recent and expires after assoc
assoc2 = _gen_assoc(issued=1)
@store.store_association(server_url, assoc2)
# After storing an association with a different handle, but the
# same server_url, the handle with the later expiration is returned.
_check_retrieve(server_url, nil, assoc2)
# We can still retrieve the older association
_check_retrieve(server_url, assoc.handle, assoc)
# Plus we can retrieve the association with the later expiration
# explicitly
_check_retrieve(server_url, assoc2.handle, assoc2)
# More recent, and expires earlier than assoc2 or assoc. Make sure
# that we're picking the one with the latest issued date and not
# taking into account the expiration.
assoc3 = _gen_assoc(issued=2, lifetime=100)
@store.store_association(server_url, assoc3)
_check_retrieve(server_url, nil, assoc3)
_check_retrieve(server_url, assoc.handle, assoc)
_check_retrieve(server_url, assoc2.handle, assoc2)
_check_retrieve(server_url, assoc3.handle, assoc3)
_check_remove(server_url, assoc2.handle, true)
_check_retrieve(server_url, nil, assoc3)
_check_retrieve(server_url, assoc.handle, assoc)
_check_retrieve(server_url, assoc2.handle, nil)
_check_retrieve(server_url, assoc3.handle, assoc3)
_check_remove(server_url, assoc2.handle, false)
_check_remove(server_url, assoc3.handle, true)
_check_retrieve(server_url, nil, assoc)
_check_retrieve(server_url, assoc.handle, assoc)
_check_retrieve(server_url, assoc2.handle, nil)
_check_retrieve(server_url, assoc3.handle, nil)
_check_remove(server_url, assoc2.handle, false)
_check_remove(server_url, assoc.handle, true)
_check_remove(server_url, assoc3.handle, false)
_check_retrieve(server_url, nil, nil)
_check_retrieve(server_url, assoc.handle, nil)
_check_retrieve(server_url, assoc2.handle, nil)
_check_retrieve(server_url, assoc3.handle, nil)
_check_remove(server_url, assoc2.handle, false)
_check_remove(server_url, assoc.handle, false)
_check_remove(server_url, assoc3.handle, false)
assocValid1 = _gen_assoc(-3600, 7200)
assocValid2 = _gen_assoc(-5)
assocExpired1 = _gen_assoc(-7200, 3600)
assocExpired2 = _gen_assoc(-7200, 3600)
@store.cleanup_associations
@store.store_association(server_url + '1', assocValid1)
@store.store_association(server_url + '1', assocExpired1)
@store.store_association(server_url + '2', assocExpired2)
@store.store_association(server_url + '3', assocValid2)
cleaned = @store.cleanup_associations()
assert_equal(2, cleaned, "cleaned up associations")
end
def _check_use_nonce(nonce, expected, server_url, msg='')
stamp, salt = OpenID::Nonce::split_nonce(nonce)
actual = @store.use_nonce(server_url, stamp, salt)
assert_equal(expected, actual, msg)
end
def test_nonce
server_url = "http://www.myopenid.com/openid"
[server_url, ''].each{|url|
nonce1 = OpenID::Nonce::mk_nonce
_check_use_nonce(nonce1, true, url, "#{url}: nonce allowed by default")
_check_use_nonce(nonce1, false, url, "#{url}: nonce not allowed twice")
_check_use_nonce(nonce1, false, url, "#{url}: nonce not allowed third time")
# old nonces shouldn't pass
old_nonce = OpenID::Nonce::mk_nonce(3600)
_check_use_nonce(old_nonce, false, url, "Old nonce #{old_nonce.inspect} passed")
}
now = Time.now.to_i
old_nonce1 = OpenID::Nonce::mk_nonce(now - 20000)
old_nonce2 = OpenID::Nonce::mk_nonce(now - 10000)
recent_nonce = OpenID::Nonce::mk_nonce(now - 600)
orig_skew = OpenID::Nonce.skew
OpenID::Nonce.skew = 0
count = @store.cleanup_nonces
OpenID::Nonce.skew = 1000000
ts, salt = OpenID::Nonce::split_nonce(old_nonce1)
assert(@store.use_nonce(server_url, ts, salt), "oldnonce1")
ts, salt = OpenID::Nonce::split_nonce(old_nonce2)
assert(@store.use_nonce(server_url, ts, salt), "oldnonce2")
ts, salt = OpenID::Nonce::split_nonce(recent_nonce)
assert(@store.use_nonce(server_url, ts, salt), "recent_nonce")
OpenID::Nonce.skew = 1000
cleaned = @store.cleanup_nonces
assert_equal(2, cleaned, "Cleaned #{cleaned} nonces")
OpenID::Nonce.skew = 100000
ts, salt = OpenID::Nonce::split_nonce(old_nonce1)
assert(@store.use_nonce(server_url, ts, salt), "oldnonce1 after cleanup")
ts, salt = OpenID::Nonce::split_nonce(old_nonce2)
assert(@store.use_nonce(server_url, ts, salt), "oldnonce2 after cleanup")
ts, salt = OpenID::Nonce::split_nonce(recent_nonce)
assert(!@store.use_nonce(server_url, ts, salt), "recent_nonce after cleanup")
OpenID::Nonce.skew = orig_skew
end
end
class TestARStore < Test::Unit::TestCase
include StoreTestCase
def setup
@store = ActiveRecordStore.new
end
end
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/lib/ 0000755 0001750 0001750 00000000000 11753312574 024524 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/lib/association.rb 0000644 0001750 0001750 00000000354 11753312574 027367 0 ustar paul paul require 'openid/association'
require 'time'
class Association < ActiveRecord::Base
set_table_name 'open_id_associations'
def from_record
OpenID::Association.new(handle, secret, Time.at(issued), lifetime, assoc_type)
end
end
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/lib/nonce.rb 0000644 0001750 0001750 00000000107 11753312574 026151 0 ustar paul paul class Nonce < ActiveRecord::Base
set_table_name 'open_id_nonces'
end
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/lib/open_id_setting.rb 0000644 0001750 0001750 00000000123 11753312574 030217 0 ustar paul paul class OpenIdSetting < ActiveRecord::Base
validates_uniqueness_of :setting
end
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/lib/openid_ar_store.rb 0000644 0001750 0001750 00000003362 11753312574 030231 0 ustar paul paul require 'association'
require 'nonce'
require 'openid/store/interface'
# not in OpenID module to avoid namespace conflict
class ActiveRecordStore < OpenID::Store::Interface
def store_association(server_url, assoc)
remove_association(server_url, assoc.handle)
Association.create!(:server_url => server_url,
:handle => assoc.handle,
:secret => assoc.secret,
:issued => assoc.issued.to_i,
:lifetime => assoc.lifetime,
:assoc_type => assoc.assoc_type)
end
def get_association(server_url, handle=nil)
assocs = if handle.blank?
Association.find_all_by_server_url(server_url)
else
Association.find_all_by_server_url_and_handle(server_url, handle)
end
assocs.reverse.each do |assoc|
a = assoc.from_record
if a.expires_in == 0
assoc.destroy
else
return a
end
end if assocs.any?
return nil
end
def remove_association(server_url, handle)
Association.delete_all(['server_url = ? AND handle = ?', server_url, handle]) > 0
end
def use_nonce(server_url, timestamp, salt)
return false if Nonce.find_by_server_url_and_timestamp_and_salt(server_url, timestamp, salt)
return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
Nonce.create!(:server_url => server_url, :timestamp => timestamp, :salt => salt)
return true
end
def cleanup_nonces
now = Time.now.to_i
Nonce.delete_all(["timestamp > ? OR timestamp < ?", now + OpenID::Nonce.skew, now - OpenID::Nonce.skew])
end
def cleanup_associations
now = Time.now.to_i
Association.delete_all(['issued + lifetime > ?',now])
end
end
ruby-openid-2.1.8debian.orig/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb 0000644 0001750 0001750 00000001476 11753312574 031672 0 ustar paul paul # Use this migration to create the tables for the ActiveRecord store
class AddOpenIdStoreToDb < ActiveRecord::Migration
def self.up
create_table "open_id_associations", :force => true do |t|
t.column "server_url", :binary, :null => false
t.column "handle", :string, :null => false
t.column "secret", :binary, :null => false
t.column "issued", :integer, :null => false
t.column "lifetime", :integer, :null => false
t.column "assoc_type", :string, :null => false
end
create_table "open_id_nonces", :force => true do |t|
t.column :server_url, :string, :null => false
t.column :timestamp, :integer, :null => false
t.column :salt, :string, :null => false
end
end
def self.down
drop_table "open_id_associations"
drop_table "open_id_nonces"
end
end
ruby-openid-2.1.8debian.orig/examples/discover 0000755 0001750 0001750 00000002252 11753312574 020140 0 ustar paul paul #!/usr/bin/env ruby
require "openid/consumer/discovery"
require 'openid/fetchers'
OpenID::fetcher_use_env_http_proxy
$names = [[:server_url, "Server URL "],
[:local_id, "Local ID "],
[:canonical_id, "Canonical ID"],
]
def show_services(user_input, normalized, services)
puts " Claimed identifier: #{normalized}"
if services.empty?
puts " No OpenID services found"
puts
else
puts " Discovered services:"
n = 0
services.each do |service|
n += 1
puts " #{n}."
$names.each do |meth, name|
val = service.send(meth)
if val
printf(" %s: %s\n", name, val)
end
end
puts " Type URIs:"
for type_uri in service.type_uris
puts " * #{type_uri}"
end
puts
end
end
end
ARGV.each do |openid_identifier|
puts "=" * 50
puts "Running discovery on #{openid_identifier}"
begin
normalized_identifier, services = OpenID.discover(openid_identifier)
rescue OpenID::DiscoveryFailure => why
puts "Discovery failed: #{why.message}"
puts
else
show_services(openid_identifier, normalized_identifier, services)
end
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/ 0000755 0001750 0001750 00000000000 11753312574 021043 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/doc/ 0000755 0001750 0001750 00000000000 11753312574 021610 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/doc/README_FOR_APP 0000644 0001750 0001750 00000000274 11753312574 023701 0 ustar paul paul Use this README file to introduce your application and point to useful places in the API for learning more.
Run "rake appdoc" to generate API documentation for your models and controllers. ruby-openid-2.1.8debian.orig/examples/rails_openid/README 0000644 0001750 0001750 00000013660 11753312574 021731 0 ustar paul paul == Welcome to Rails
Rails is a web-application and persistence framework that includes everything
needed to create database-backed web-applications according to the
Model-View-Control pattern of separation. This pattern splits the view (also
called the presentation) into "dumb" templates that are primarily responsible
for inserting pre-built data in between HTML tags. The model contains the
"smart" domain objects (such as Account, Product, Person, Post) that holds all
the business logic and knows how to persist themselves to a database. The
controller handles the incoming requests (such as Save New Account, Update
Product, Show Post) by manipulating the model and directing data to the view.
In Rails, the model is handled by what's called an object-relational mapping
layer entitled Active Record. This layer allows you to present the data from
database rows as objects and embellish these data objects with business logic
methods. You can read more about Active Record in
link:files/vendor/rails/activerecord/README.html.
The controller and view are handled by the Action Pack, which handles both
layers by its two parts: Action View and Action Controller. These two layers
are bundled in a single package due to their heavy interdependence. This is
unlike the relationship between the Active Record and Action Pack that is much
more separate. Each of these packages can be used independently outside of
Rails. You can read more about Action Pack in
link:files/vendor/rails/actionpack/README.html.
== Getting started
1. Run the WEBrick servlet: ruby script/server (run with --help for options)
...or if you have lighttpd installed: ruby script/lighttpd (it's faster)
2. Go to http://localhost:3000/ and get "Congratulations, you've put Ruby on Rails!"
3. Follow the guidelines on the "Congratulations, you've put Ruby on Rails!" screen
== Example for Apache conf
ServerName rails
DocumentRoot /path/application/public/
ErrorLog /path/application/log/server.log
Options ExecCGI FollowSymLinks
AllowOverride all
Allow from all
Order allow,deny
NOTE: Be sure that CGIs can be executed in that directory as well. So ExecCGI
should be on and ".cgi" should respond. All requests from 127.0.0.1 go
through CGI, so no Apache restart is necessary for changes. All other requests
go through FCGI (or mod_ruby), which requires a restart to show changes.
== Debugging Rails
Have "tail -f" commands running on both the server.log, production.log, and
test.log files. Rails will automatically display debugging and runtime
information to these files. Debugging info will also be shown in the browser
on requests from 127.0.0.1.
== Breakpoints
Breakpoint support is available through the script/breakpointer client. This
means that you can break out of execution at any point in the code, investigate
and change the model, AND then resume execution! Example:
class WeblogController < ActionController::Base
def index
@posts = Post.find_all
breakpoint "Breaking out from the list"
end
end
So the controller will accept the action, run the first line, then present you
with a IRB prompt in the breakpointer window. Here you can do things like:
Executing breakpoint "Breaking out from the list" at .../webrick_server.rb:16 in 'breakpoint'
>> @posts.inspect
=> "[#nil, \"body\"=>nil, \"id\"=>\"1\"}>,
#\"Rails you know!\", \"body\"=>\"Only ten..\", \"id\"=>\"2\"}>]"
>> @posts.first.title = "hello from a breakpoint"
=> "hello from a breakpoint"
...and even better is that you can examine how your runtime objects actually work:
>> f = @posts.first
=> #nil, "body"=>nil, "id"=>"1"}>
>> f.
Display all 152 possibilities? (y or n)
Finally, when you're ready to resume execution, you press CTRL-D
== Console
You can interact with the domain model by starting the console through script/console.
Here you'll have all parts of the application configured, just like it is when the
application is running. You can inspect domain models, change values, and save to the
database. Starting the script without arguments will launch it in the development environment.
Passing an argument will specify a different environment, like console production.
== Description of contents
app
Holds all the code that's specific to this particular application.
app/controllers
Holds controllers that should be named like weblog_controller.rb for
automated URL mapping. All controllers should descend from
ActionController::Base.
app/models
Holds models that should be named like post.rb.
Most models will descend from ActiveRecord::Base.
app/views
Holds the template files for the view that should be named like
weblog/index.rhtml for the WeblogController#index action. All views use eRuby
syntax. This directory can also be used to keep stylesheets, images, and so on
that can be symlinked to public.
app/helpers
Holds view helpers that should be named like weblog_helper.rb.
config
Configuration files for the Rails environment, the routing map, the database, and other dependencies.
components
Self-contained mini-applications that can bundle together controllers, models, and views.
lib
Application specific libraries. Basically, any kind of custom code that doesn't
belong under controllers, models, or helpers. This directory is in the load path.
public
The directory available for the web server. Contains subdirectories for images, stylesheets,
and javascripts. Also contains the dispatchers and the default HTML files.
script
Helper scripts for automation and generation.
test
Unit and functional tests along with fixtures.
vendor
External libraries that the application depends on. Also includes the plugins subdirectory.
This directory is in the load path.
ruby-openid-2.1.8debian.orig/examples/rails_openid/config/ 0000755 0001750 0001750 00000000000 11753312574 022310 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/config/boot.rb 0000644 0001750 0001750 00000001044 11753312574 023577 0 ustar paul paul # Don't change this file. Configuration is done in config/environment.rb and config/environments/*.rb
unless defined?(RAILS_ROOT)
root_path = File.join(File.dirname(__FILE__), '..')
unless RUBY_PLATFORM =~ /mswin32/
require 'pathname'
root_path = Pathname.new(root_path).cleanpath(true).to_s
end
RAILS_ROOT = root_path
end
if File.directory?("#{RAILS_ROOT}/vendor/rails")
require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
else
require 'rubygems'
require 'initializer'
end
Rails::Initializer.run(:set_load_path)
ruby-openid-2.1.8debian.orig/examples/rails_openid/config/environments/ 0000755 0001750 0001750 00000000000 11753312574 025037 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/config/environments/test.rb 0000644 0001750 0001750 00000001530 11753312574 026342 0 ustar paul paul # Settings specified here will take precedence over those in config/environment.rb
# The test environment is used exclusively to run your application's
# test suite. You never need to work with it otherwise. Remember that
# your test database is "scratch space" for the test suite and is wiped
# and recreated between test runs. Don't rely on the data there!
config.cache_classes = true
# Log error messages when you accidentally call methods on nil.
config.whiny_nils = true
# Show full error reports and disable caching
config.action_controller.consider_all_requests_local = true
config.action_controller.perform_caching = false
# Tell ActionMailer not to deliver emails to the real world.
# The :test delivery method accumulates sent emails in the
# ActionMailer::Base.deliveries array.
config.action_mailer.delivery_method = :test ruby-openid-2.1.8debian.orig/examples/rails_openid/config/environments/production.rb 0000644 0001750 0001750 00000001420 11753312574 027547 0 ustar paul paul # Settings specified here will take precedence over those in config/environment.rb
# The production environment is meant for finished, "live" apps.
# Code is not reloaded between requests
config.cache_classes = true
# Use a different logger for distributed setups
# config.logger = SyslogLogger.new
# Full error reports are disabled and caching is turned on
config.action_controller.consider_all_requests_local = false
config.action_controller.perform_caching = true
# Enable serving of images, stylesheets, and javascripts from an asset server
# config.action_controller.asset_host = "http://assets.example.com"
# Disable delivery errors if you bad email addresses should just be ignored
# config.action_mailer.raise_delivery_errors = false
ruby-openid-2.1.8debian.orig/examples/rails_openid/config/environments/development.rb 0000644 0001750 0001750 00000001440 11753312574 027705 0 ustar paul paul # Settings specified here will take precedence over those in config/environment.rb
# In the development environment your application's code is reloaded on
# every request. This slows down response time but is perfect for development
# since you don't have to restart the webserver when you make code changes.
config.cache_classes = false
# Log error messages when you accidentally call methods on nil.
config.whiny_nils = true
# Enable the breakpoint server that script/breakpointer connects to
config.breakpoint_server = true
# Show full error reports and disable caching
config.action_controller.consider_all_requests_local = true
config.action_controller.perform_caching = false
# Don't care if the mailer can't send
config.action_mailer.raise_delivery_errors = false
ruby-openid-2.1.8debian.orig/examples/rails_openid/config/database.yml 0000644 0001750 0001750 00000003601 11753312574 024577 0 ustar paul paul # MySQL (default setup). Versions 4.1 and 5.0 are recommended.
#
# Get the fast C bindings:
# gem install mysql
# (on OS X: gem install mysql -- --include=/usr/local/lib)
# And be sure to use new-style password hashing:
# http://dev.mysql.com/doc/refman/5.0/en/old-client.html
development:
adapter: sqlite3
database: db/development.sqlite3
# Warning: The database defined as 'test' will be erased and
# re-generated from your development database when you run 'rake'.
# Do not set this db to the same as development or production.
test:
adapter: sqlite3
database: ":memory:"
production:
adapter: mysql
database: rails_server_production
username: root
password:
socket: /path/to/your/mysql.sock
# PostgreSQL versions 7.4 - 8.1
#
# Get the C bindings:
# gem install postgres
# or use the pure-Ruby bindings on Windows:
# gem install postgres-pr
postgresql_example:
adapter: postgresql
database: rails_server_development
username: rails_server
password:
# Connect on a TCP socket. Omitted by default since the client uses a
# domain socket that doesn't need configuration.
#host: remote-database
#port: 5432
# Schema search path. The server defaults to $user,public
#schema_search_path: myapp,sharedapp,public
# Character set encoding. The server defaults to sql_ascii.
#encoding: UTF8
# Minimum log levels, in increasing order:
# debug5, debug4, debug3, debug2, debug1,
# info, notice, warning, error, log, fatal, or panic
# The server defaults to notice.
#min_messages: warning
# SQLite version 2.x
# gem install sqlite-ruby
sqlite_example:
adapter: sqlite
database: db/development.sqlite2
# SQLite version 3.x
# gem install sqlite3-ruby
sqlite3_example:
adapter: sqlite3
database: db/development.sqlite3
# In-memory SQLite 3 database. Useful for tests.
sqlite3_in_memory_example:
adapter: sqlite3
database: ":memory:" ruby-openid-2.1.8debian.orig/examples/rails_openid/config/environment.rb 0000644 0001750 0001750 00000004224 11753312574 025203 0 ustar paul paul # Be sure to restart your web server when you modify this file.
# Uncomment below to force Rails into production mode when
# you don't control web/app server and can't set it the proper way
# ENV['RAILS_ENV'] ||= 'production'
# Bootstrap the Rails environment, frameworks, and default configuration
require File.join(File.dirname(__FILE__), 'boot')
Rails::Initializer.run do |config|
# Settings in config/environments/* take precedence those specified here
# Skip frameworks you're not going to use
# config.frameworks -= [ :action_web_service, :action_mailer ]
# Add additional load paths for your own custom dirs
# config.load_paths += %W( #{RAILS_ROOT}/extras )
# Force all environments to use the same logger level
# (by default production uses :info, the others :debug)
# config.log_level = :debug
# Use the database for sessions instead of the file system
# (create the session table with 'rake create_sessions_table')
# config.action_controller.session_store = :active_record_store
# Enable page/fragment caching by setting a file-based store
# (remember to create the caching directory and make it readable to the application)
# config.action_controller.fragment_cache_store = :file_store, "#{RAILS_ROOT}/cache"
# Activate observers that should always be running
# config.active_record.observers = :cacher, :garbage_collector
# Make Active Record use UTC-base instead of local time
# config.active_record.default_timezone = :utc
# Use Active Record's schema dumper instead of SQL when creating the test database
# (enables use of different database adapters for development and test environments)
# config.active_record.schema_format = :ruby
# See Rails::Configuration for more options
end
# Add new inflection rules using the following format
# (all these examples are active by default):
# Inflector.inflections do |inflect|
# inflect.plural /^(ox)$/i, '\1en'
# inflect.singular /^(ox)en/i, '\1'
# inflect.irregular 'person', 'people'
# inflect.uncountable %w( fish sheep )
# end
# Include your application configuration below
ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_key] = '_session_id_2'
ruby-openid-2.1.8debian.orig/examples/rails_openid/config/routes.rb 0000644 0001750 0001750 00000002037 11753312574 024160 0 ustar paul paul ActionController::Routing::Routes.draw do |map|
# Add your own custom routes here.
# The priority is based upon order of creation: first created -> highest priority.
# Here's a sample route:
# map.connect 'products/:id', :controller => 'catalog', :action => 'view'
# Keep in mind you can assign values other than :controller and :action
# You can have the root of your site routed by hooking up ''
# -- just remember to delete public/index.html.
# map.connect '', :controller => "welcome"
map.connect '', :controller => 'login'
map.connect 'server/xrds', :controller => 'server', :action => 'idp_xrds'
map.connect 'user/:username', :controller => 'server', :action => 'user_page'
map.connect 'user/:username/xrds', :controller => 'server', :action => 'user_xrds'
# Allow downloading Web Service WSDL as a file with an extension
# instead of a file named 'wsdl'
map.connect ':controller/service.wsdl', :action => 'wsdl'
# Install the default route as the lowest priority.
map.connect ':controller/:action/:id'
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/app/ 0000755 0001750 0001750 00000000000 11753312574 021623 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/app/helpers/ 0000755 0001750 0001750 00000000000 11753312574 023265 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/app/helpers/login_helper.rb 0000644 0001750 0001750 00000000027 11753312574 026260 0 ustar paul paul module LoginHelper
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/app/helpers/server_helper.rb 0000644 0001750 0001750 00000000166 11753312574 026462 0 ustar paul paul
module ServerHelper
def url_for_user
url_for :controller => 'user', :action => session[:username]
end
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/app/helpers/application_helper.rb 0000644 0001750 0001750 00000000163 11753312574 027454 0 ustar paul paul # Methods added to this helper will be available to all templates in the application.
module ApplicationHelper
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/app/controllers/ 0000755 0001750 0001750 00000000000 11753312574 024171 5 ustar paul paul ruby-openid-2.1.8debian.orig/examples/rails_openid/app/controllers/login_controller.rb 0000644 0001750 0001750 00000002340 11753312574 030070 0 ustar paul paul # Controller for handling the login, logout process for "users" of our
# little server. Users have no password. This is just an example.
require 'openid'
class LoginController < ApplicationController
layout 'server'
def base_url
url_for(:controller => 'login', :action => nil, :only_path => false)
end
def index
response.headers['X-XRDS-Location'] = url_for(:controller => "server",
:action => "idp_xrds",
:only_path => false)
@base_url = base_url
# just show the login page
end
def submit
user = params[:username]
# if we get a user, log them in by putting their username in
# the session hash.
unless user.nil?
session[:username] = user unless user.nil?
session[:approvals] = []
flash[:notice] = "Your OpenID URL is #{base_url}user/#{user}
Proceed to step 2 below."
else
flash[:error] = "Sorry, couldn't log you in. Try again."
end
redirect_to :action => 'index'
end
def logout
# delete the username from the session hash
session[:username] = nil
session[:approvals] = nil
redirect_to :action => 'index'
end
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/app/controllers/application.rb 0000644 0001750 0001750 00000000330 11753312574 027015 0 ustar paul paul # Filters added to this controller will be run for all controllers in the application.
# Likewise, all the methods added will be available for all controllers.
class ApplicationController < ActionController::Base
end ruby-openid-2.1.8debian.orig/examples/rails_openid/app/controllers/consumer_controller.rb 0000644 0001750 0001750 00000010155 11753312574 030616 0 ustar paul paul require 'pathname'
require "openid"
require 'openid/extensions/sreg'
require 'openid/extensions/pape'
require 'openid/store/filesystem'
class ConsumerController < ApplicationController
layout nil
def index
# render an openid form
end
def start
begin
identifier = params[:openid_identifier]
if identifier.nil?
flash[:error] = "Enter an OpenID identifier"
redirect_to :action => 'index'
return
end
oidreq = consumer.begin(identifier)
rescue OpenID::OpenIDError => e
flash[:error] = "Discovery failed for #{identifier}: #{e}"
redirect_to :action => 'index'
return
end
if params[:use_sreg]
sregreq = OpenID::SReg::Request.new
# required fields
sregreq.request_fields(['email','nickname'], true)
# optional fields
sregreq.request_fields(['dob', 'fullname'], false)
oidreq.add_extension(sregreq)
oidreq.return_to_args['did_sreg'] = 'y'
end
if params[:use_pape]
papereq = OpenID::PAPE::Request.new
papereq.add_policy_uri(OpenID::PAPE::AUTH_PHISHING_RESISTANT)
papereq.max_auth_age = 2*60*60
oidreq.add_extension(papereq)
oidreq.return_to_args['did_pape'] = 'y'
end
if params[:force_post]
oidreq.return_to_args['force_post']='x'*2048
end
return_to = url_for :action => 'complete', :only_path => false
realm = url_for :action => 'index', :id => nil, :only_path => false
if oidreq.send_redirect?(realm, return_to, params[:immediate])
redirect_to oidreq.redirect_url(realm, return_to, params[:immediate])
else
render :text => oidreq.html_markup(realm, return_to, params[:immediate], {'id' => 'openid_form'})
end
end
def complete
# FIXME - url_for some action is not necessarily the current URL.
current_url = url_for(:action => 'complete', :only_path => false)
parameters = params.reject{|k,v|request.path_parameters[k]}
oidresp = consumer.complete(parameters, current_url)
case oidresp.status
when OpenID::Consumer::FAILURE
if oidresp.display_identifier
flash[:error] = ("Verification of #{oidresp.display_identifier}"\
" failed: #{oidresp.message}")
else
flash[:error] = "Verification failed: #{oidresp.message}"
end
when OpenID::Consumer::SUCCESS
flash[:success] = ("Verification of #{oidresp.display_identifier}"\
" succeeded.")
if params[:did_sreg]
sreg_resp = OpenID::SReg::Response.from_success_response(oidresp)
sreg_message = "Simple Registration data was requested"
if sreg_resp.empty?
sreg_message << ", but none was returned."
else
sreg_message << ". The following data were sent:"
sreg_resp.data.each {|k,v|
sreg_message << " #{k}: #{v}"
}
end
flash[:sreg_results] = sreg_message
end
if params[:did_pape]
pape_resp = OpenID::PAPE::Response.from_success_response(oidresp)
pape_message = "A phishing resistant authentication method was requested"
if pape_resp.auth_policies.member? OpenID::PAPE::AUTH_PHISHING_RESISTANT
pape_message << ", and the server reported one."
else
pape_message << ", but the server did not report one."
end
if pape_resp.auth_time
pape_message << " Authentication time: #{pape_resp.auth_time} seconds"
end
if pape_resp.nist_auth_level
pape_message << " NIST Auth Level: #{pape_resp.nist_auth_level}"
end
flash[:pape_results] = pape_message
end
when OpenID::Consumer::SETUP_NEEDED
flash[:alert] = "Immediate request failed - Setup Needed"
when OpenID::Consumer::CANCEL
flash[:alert] = "OpenID transaction cancelled."
else
end
redirect_to :action => 'index'
end
private
def consumer
if @consumer.nil?
dir = Pathname.new(RAILS_ROOT).join('db').join('cstore')
store = OpenID::Store::Filesystem.new(dir)
@consumer = OpenID::Consumer.new(session, store)
end
return @consumer
end
end
ruby-openid-2.1.8debian.orig/examples/rails_openid/app/controllers/server_controller.rb 0000644 0001750 0001750 00000015133 11753312574 030272 0 ustar paul paul require 'pathname'
# load the openid library, first trying rubygems
#begin
# require "rubygems"
# require_gem "ruby-openid", ">= 1.0"
#rescue LoadError
require "openid"
require "openid/consumer/discovery"
require 'openid/extensions/sreg'
require 'openid/extensions/pape'
require 'openid/store/filesystem'
#end
class ServerController < ApplicationController
include ServerHelper
include OpenID::Server
layout nil
def index
begin
oidreq = server.decode_request(params)
rescue ProtocolError => e
# invalid openid request, so just display a page with an error message
render :text => e.to_s, :status => 500
return
end
# no openid.mode was given
unless oidreq
render :text => "This is an OpenID server endpoint."
return
end
oidresp = nil
if oidreq.kind_of?(CheckIDRequest)
identity = oidreq.identity
if oidreq.id_select
if oidreq.immediate
oidresp = oidreq.answer(false)
elsif session[:username].nil?
# The user hasn't logged in.
show_decision_page(oidreq)
return
else
# Else, set the identity to the one the user is using.
identity = url_for_user
end
end
if oidresp
nil
elsif self.is_authorized(identity, oidreq.trust_root)
oidresp = oidreq.answer(true, nil, identity)
# add the sreg response if requested
add_sreg(oidreq, oidresp)
# ditto pape
add_pape(oidreq, oidresp)
elsif oidreq.immediate
server_url = url_for :action => 'index'
oidresp = oidreq.answer(false, server_url)
else
show_decision_page(oidreq)
return
end
else
oidresp = server.handle_request(oidreq)
end
self.render_response(oidresp)
end
def show_decision_page(oidreq, message="Do you trust this site with your identity?")
session[:last_oidreq] = oidreq
@oidreq = oidreq
if message
flash[:notice] = message
end
render :template => 'server/decide', :layout => 'server'
end
def user_page
# Yadis content-negotiation: we want to return the xrds if asked for.
accept = request.env['HTTP_ACCEPT']
# This is not technically correct, and should eventually be updated
# to do real Accept header parsing and logic. Though I expect it will work
# 99% of the time.
if accept and accept.include?('application/xrds+xml')
user_xrds
return
end
# content negotiation failed, so just render the user page
xrds_url = url_for(:controller=>'user',:action=>params[:username])+'/xrds'
identity_page = <