COLUMNS
AT THE FORGE
in a little bit, when we look at routing. The form contains a single text field, whose name and id attributes both will be set to openid_url. Modern browsers recognize this name and use it to
Thus, my suggested solution to the whole question of OpenID is to use the simple, low-level ruby-openid gem, which happens to have support for Rails applications built in.
that server. In order to do this, we need an instance of OpenID::Consumer, an object defined by the ruby-openid gem. Because we will continue to need this, we can create it as an instance variable: def openid_consumer if @openid_consumer.blank? @openid_consumer = OpenID::Consumer.new(session, OpenID::Store::Filesystem.new("#{RAILS_ROOT}/tmp/openid")) end return @openid_consumer
fill in an OpenID URL automatically. A submit button and a closing end tag complete the form.
Storing User Information When we display this form in our browser, the user has one option—namely, to sign in with OpenID by entering a URL. The action (create) that is invoked has to find the user’s OpenID server and redirect to
end
Notice that we’re storing the OpenID information on the filesystem, in the tmp directory under the root of our Rails project directory. This is a bad idea when you have multiple Web servers, but is certainly good enough for a small or beginning site. Now that we have a method named
Listing 1. openid_controller.rb require 'openid'
# Get an OpenID response
require 'openid/store/filesystem'
openid_response = openid_consumer.begin openid_url
class OpenidController < ApplicationController
home_url = url_for :controller => "openid", :action => "index" complete_url = url_for :controller => "openid", :action => "complete"
def openid_consumer if @openid_consumer.blank?
openid_redirect_url = openid_response.redirect_url(home_url, complete_url) redirect_to openid_redirect_url
@openid_consumer = OpenID::Consumer.new(session, OpenID::Store::Filesystem.new("#{RAILS_ROOT}/tmp/openid"))
return end
end def complete return @openid_consumer
home_url = url_for :controller => "openid", :action => "index"
end
complete_url = url_for :controller => "openid", :action => "complete"
def new
openid_response = openid_consumer.complete(params, complete_url)
# Nothing to do here -- it's all in the form session[:openid] = openid_response.identity_url
end
flash[:error] = "You have been logged in as '#{session[:openid]}'" def create # Get the OpenID parameter
redirect_to :action => "new" return
openid_url = params[:openid_url]
end
# Make sure we got something
def clear_session
if openid_url.blank? flash[:error] = "No OpenID was entered; try again" redirect_to :back return
reset_session flash[:error] = "Session cleared." redirect_to :action => "new" end
end end
22 | july 2008 w w w. l i n u x j o u r n a l . c o m