Class Rack::Auth::OpenID
In: lib/rack/auth/openid.rb
Parent: AbstractHandler

Rack::Auth::OpenID provides a simple method for permitting openid based logins. It requires the ruby-openid lib from janrain to operate, as well as some method of session management of a Hash type.

After a transaction, the response status object is stored in the environment at rack.auth.openid.status, which can be used in the followup block or in a wrapping application to accomplish additional data maniipulation.

NOTE: Due to the amount of data that ruby-openid stores in the session, Rack::Session::Cookie may fault.

A hash of data is stored in the session hash at the key of :openid. The fully canonicalized identity url is stored within at ‘identity’. Extension data from ‘openid.sreg.nickname’ would be stored as { ‘nickname’ => value }.

NOTE: To my knowledge there is no collision at this point from storage of this manner, if there is please let me know so I may adjust this app to cope.

Methods

auth_fail   bad_login   call   check   finish   new   no_session  

Constants

OIDStore = ::OpenID::MemoryStore.new   Required for ruby-openid

Public Class methods

A Hash of options is taken as it‘s single initializing argument. String keys are taken to be openid protocol extension namespaces.

  For example: 'sreg' => { 'required' => # 'nickname' }

Other keys are taken as options for Rack::Auth::OpenID, normally Symbols. Only :return is required. :trust is highly recommended to be set.

  • :return defines the url to return to after the client authenticates with the openid service provider. Should point to where this app is mounted. (ex: ‘mysite.com/openid’)
  • :trust defines the url identifying the site they are actually logging into. (ex: ‘mysite.com/’)
  • :session_key defines the key to the session hash in the env. (by default it uses ‘rack.session’)

Public Instance methods

[Validate]