#!/home/ndw/ruby/bin/ruby # -*- Ruby -*- require 'cgi' require "cgi/session" require "cgi/session/pstore" require "uri" # load the openid library, first trying rubygems begin require "openid" rescue LoadError require "rubygems" Gem.path.push("/home/ndw/.gem") require_gem "ruby-openid" end # In real life, you want this to point to your site, not mine # Hack! if File.exists?("/home/ndw/.homepage") $root_uri = "http://localhost:8122/" else $root_uri = "http://norman.walsh.name/" end def main() if $cgi.key?("action") && $cgi["action"] == 'complete' check_result() exit end if !$cgi.key?("openid_url") display_form() exit end openid_url = $cgi['openid_url'].dup # Get the string out of CGI's hands request = $consumer.begin(openid_url) if request.status == OpenID::SUCCESS policy_url = $root_uri + "openid/policy" request.add_extension_arg('sreg','policy_url', policy_url) request.add_extension_arg('sreg','required','email,nickname') request.add_extension_arg('sreg','optional','fullname,dob,gender,postcode,country') return_to = $root_uri + "cgi-bin/login?action=complete" return_to += "&sess_id=" + $session.session_id return_to += "&page=" + $cgi["page"] if $cgi.key?("page") return_to += "&uri=" + $cgi["uri"] if $cgi.key?("uri") # build the redirect redirect_url = request.redirect_url($trust_root, return_to) print "Status: 303 See Other\n" printf "Location: %s\n\n", redirect_url else print "Content-type: text/plain\n\n" print "OpenID consumer request failed:\n\n" p request end end def display_form() print "Content-type: text/html\n\n" print "\n" print "\n" print "Login with OpenID\n" print "\n" print "\n" print "\n" print "

Login with OpenID

\n" print "\n" print "\n" print "\n" print "\n" end def check_result() query = Hash.new $cgi.keys.each { |k| query[k] = $cgi[k].dup } # Ask the library to check the response that the server sent # us. Status is a code indicating the response type. info is # either nil or a string containing more information about # the return type. response = $consumer.complete(query) if response.status == OpenID::FAILURE if response.identity_url message = "Verification of #{response.identity_url} failed" else message = 'Verification failed.' end # add on the failure message for a little debug info message += ' '+response.msg.to_s login_failure(message) elsif response.status == OpenID::SUCCESS # get the signed extension sreg arguments sreg = response.extension_response('sreg') login_success(response.identity_url, sreg) elsif response.status == OpenID::CANCEL login_failure("Verification cancelled.") else login_failure("Unknown response status: #{response.status}") end $session.delete end def login_success(identity, sreg) nick = sreg['nickname'] || sreg['fullname'] || identity print "Content-type: text/html\n\n" # In real life, you have to do something here to remember the success; perhaps # set a cookie or add something to the URI. print "\n" print "\n" print "Logged in with OpenID\n" print "\n" print "\n" print "

Welcome " printf "%s!

\n", nick print "

Your login was successful.

\n" if !(sreg.key?('nickname')||sreg.key?('fullname')) || !sreg.key?('email') print "

In the future, please login with a profile that includes your name\n" print "and email address.

\n" end print "\n" print "\n" end def login_failure(message) print "Content-type: text/html\n\n" print "\n" print "\n" print "Login with OpenID\n" print "\n" print "\n" print "

Login with OpenID

\n" printf "

\n", message print "

Try again?

\n" print "\n" print "\n" end $cgi = CGI.new("html4") $session = CGI::Session.new($cgi, 'database_manager' => CGI::Session::PStore, # use PStore 'session_key' => 'sess_id', # custom session key 'session_expires' => Time.now + 10 * 60, # 10 minute timeout 'prefix' => 'pstore_sid_') # PStore option $store_dir = "/home/ndw/norman.walsh.name/openid/store/" $store = OpenID::FilesystemStore.new($store_dir) filename = $store_dir + "foobar" File.open(filename, "w").close $base_url = $root_uri $trust_root = $base_url $consumer = OpenID::Consumer.new($session, $store) main()