Path: | README.rdoc |
Last Update: | Sun Apr 17 09:29:13 +0000 2011 |
Provides a more HTTPish API around the ruby-openid library.
You trigger an OpenID request similar to HTTP authentication. From your app, return a "401 Unauthorized" and a "WWW-Authenticate" header with the identifier you would like to validate.
On competition, the OpenID response is automatically verified and assigned to env.
MyApp = lambda { |env| if resp = env["rack.openid.response"] case resp.status when :success ... when :failure ... else [401, {"WWW-Authenticate" => 'OpenID identifier="http://example.com/"'}, []] end } use Rack::OpenID run MyApp
# Session needs to be before Rack::OpenID use Rack::Session::Cookie require 'rack/openid' use Rack::OpenID get '/login' do erb :login end post '/login' do if resp = request.env["rack.openid.response"] if resp.status == :success "Welcome: #{resp.display_identifier}" else "Error: #{resp.status}" end else headers 'WWW-Authenticate' => Rack::OpenID.build_header( :identifier => params["openid_identifier"] ) throw :halt, [401, 'got openid?'] end end use_in_file_templates! __END__ @@ login <form action="/login" method="post"> <p> <label for="openid_identifier">OpenID:</label> <input id="openid_identifier" name="openid_identifier" type="text" /> </p> <p> <input name="commit" type="submit" value="Sign in" /> </p> </form>