Class: OpenID::Server::AssociateRequest

Inherits:
OpenIDRequest show all
Defined in:
lib/openid/server.rb

Overview

A request to establish an association.

See OpenID Specs, Section 8: Establishing Associations <openid.net/specs/openid-authentication-2_0-12.html#associations>

Constant Summary collapse

@@session_classes =
{
  'no-encryption' => PlainTextServerSession,
  'DH-SHA1' => DiffieHellmanSHA1ServerSession,
  'DH-SHA256' => DiffieHellmanSHA256ServerSession,
}

Instance Attribute Summary collapse

Attributes inherited from OpenIDRequest

#message, #mode

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from OpenIDRequest

#namespace

Constructor Details

#initialize(session, assoc_type) ⇒ AssociateRequest

Construct me.

The session is assigned directly as a class attribute. See my class documentation for its description.



303
304
305
306
307
308
309
# File 'lib/openid/server.rb', line 303

def initialize(session, assoc_type)
  super()
  @session = session
  @assoc_type = assoc_type

  @mode = "associate"
end

Instance Attribute Details

#assoc_typeObject

The type of association. Supported values include HMAC-SHA256 and HMAC-SHA1



291
292
293
# File 'lib/openid/server.rb', line 291

def assoc_type
  @assoc_type
end

#sessionObject

An object that knows how to handle association requests of a certain type.



287
288
289
# File 'lib/openid/server.rb', line 287

def session
  @session
end

Class Method Details

.from_message(message, op_endpoint = UNUSED) ⇒ Object

Construct me from an OpenID Message.



312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
# File 'lib/openid/server.rb', line 312

def self.from_message(message, op_endpoint=UNUSED)
  if message.is_openid1()
    session_type = message.get_arg(OPENID_NS, 'session_type')
    if session_type == 'no-encryption'
      Util.log('Received OpenID 1 request with a no-encryption ' +
               'association session type. Continuing anyway.')
    elsif !session_type
      session_type = 'no-encryption'
    end
  else
    session_type = message.get_arg(OPENID2_NS, 'session_type')
    if !session_type
      raise ProtocolError.new(message,
                              text="session_type missing from request")
    end
  end

  session_class = @@session_classes[session_type]

  if !session_class
    raise ProtocolError.new(message,
            sprintf("Unknown session type %s", session_type))
  end

  begin
    session = session_class.from_message(message)
  rescue ArgumentError => why
    # XXX
    raise ProtocolError.new(message,
                            sprintf('Error parsing %s session: %s',
                                    session_type, why))
  end

  assoc_type = message.get_arg(OPENID_NS, 'assoc_type', 'HMAC-SHA1')
  if !session.allowed_assoc_type?(assoc_type)
    msg = sprintf('Session type %s does not support association type %s',
                  session_type, assoc_type)
    raise ProtocolError.new(message, msg)
  end

  obj = self.new(session, assoc_type)
  obj.message = message
  return obj
end

Instance Method Details

#answer(assoc) ⇒ Object

Respond to this request with an association.

assoc

The association to send back.

Returns a response with the association information, encrypted to the consumer’s public key if appropriate.



363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
# File 'lib/openid/server.rb', line 363

def answer(assoc)
  response = OpenIDResponse.new(self)
  response.fields.update_args(OPENID_NS, {
      'expires_in' => sprintf('%d', assoc.expires_in()),
      'assoc_type' => @assoc_type,
      'assoc_handle' => assoc.handle,
      })
  response.fields.update_args(OPENID_NS,
                             @session.answer(assoc.secret))
  unless (@session.session_type == 'no-encryption' and
          @message.is_openid1)
    response.fields.set_arg(
        OPENID_NS, 'session_type', @session.session_type)
  end

  return response
end

#answer_unsupported(message, preferred_association_type = nil, preferred_session_type = nil) ⇒ Object

Respond to this request indicating that the association type or association session type is not supported.



383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
# File 'lib/openid/server.rb', line 383

def answer_unsupported(message, preferred_association_type=nil,
                       preferred_session_type=nil)
  if @message.is_openid1()
    raise ProtocolError.new(@message)
  end

  response = OpenIDResponse.new(self)
  response.fields.set_arg(OPENID_NS, 'error_code', 'unsupported-type')
  response.fields.set_arg(OPENID_NS, 'error', message)

  if preferred_association_type
    response.fields.set_arg(
        OPENID_NS, 'assoc_type', preferred_association_type)
  end

  if preferred_session_type
    response.fields.set_arg(
        OPENID_NS, 'session_type', preferred_session_type)
  end

  return response
end