Class: ChefServerSlice::OpenidConsumer
Instance Method Summary
collapse
Methods inherited from Application
#absolute_slice_url, #access_denied, #authorized_node, #escape_node_id, #expand_cookbook_deps, #fix_up_node_id, #get_available_recipes, #load_all_files, #load_cookbook_segment, #login_required, #redirect_back_or_default, #segment_files, #specific_cookbooks, #store_location
Instance Method Details
#complete ⇒ Object
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
# File 'app/controllers/openid_consumer.rb', line 62
def complete
current_url = absolute_slice_url(:openid_consumer_complete)
parameters = params.reject{|k,v| k == "controller" || k == "action"}
oidresp = consumer.complete(parameters, current_url)
case oidresp.status
when OpenID::Consumer::FAILURE
raise BadRequest, "Verification failed: #{oidresp.message}" + (oidresp.display_identifier ? " for identifier '#{oidresp.display_identifier}'" : "")
when OpenID::Consumer::SUCCESS
session[:openid] = oidresp.identity_url
if oidresp.display_identifier =~ /openid\/server\/node\/(.+)$/
reg_name = $1
reg = Chef::OpenIDRegistration.load(reg_name)
Chef::Log.error("#{reg_name} is an admin #{reg.admin}")
session[:level] = reg.admin ? :admin : :node
session[:node_name] = $1
else
session[:level] = :admin
end
redirect_back_or_default(absolute_slice_url(:nodes))
return "Verification of #{oidresp.display_identifier} succeeded."
when OpenID::Consumer::SETUP_NEEDED
return "Immediate request failed - Setup Needed"
when OpenID::Consumer::CANCEL
return "OpenID transaction cancelled."
else
end
redirect absolute_slice_url(:openid_consumer)
end
|
#index ⇒ Object
28
29
30
31
32
33
34
|
# File 'app/controllers/openid_consumer.rb', line 28
def index
if request.xhr?
render :layout => false
else
render :layout => 'login'
end
end
|
#login ⇒ Object
55
56
57
58
59
60
|
# File 'app/controllers/openid_consumer.rb', line 55
def login
oid = params[:openid_identifier]
raise(Unauthorized, "Sorry, #{oid} is not an authorized OpenID.") unless is_authorized_openid_identifier?(oid, Chef::Config[:authorized_openid_identifiers])
raise(Unauthorized, "Sorry, #{oid} is not an authorized OpenID Provider.") unless is_authorized_openid_provider?(oid, Chef::Config[:authorized_openid_providers])
start
end
|
#logout ⇒ Object
92
93
94
95
|
# File 'app/controllers/openid_consumer.rb', line 92
def logout
[:openid,:level,:node_name].each { |n| session.delete(n) }
redirect slice_url(:top)
end
|
#start ⇒ Object
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# File 'app/controllers/openid_consumer.rb', line 36
def start
oid = params[:openid_identifier]
begin
oidreq = consumer.begin(oid)
rescue OpenID::OpenIDError => e
raise BadRequest, "Discovery failed for #{oid}: #{e}"
end
return_to = absolute_slice_url(:openid_consumer_complete)
realm = absolute_slice_url(:openid_consumer)
if oidreq.send_redirect?(realm, return_to, params[:immediate])
return redirect(oidreq.redirect_url(realm, return_to, params[:immediate]))
else
@form_text = oidreq.form_markup(realm, return_to, params[:immediate], {'id' => 'openid_form'})
render
end
end
|