Class: OpenID::Consumer::CheckIDRequest

Inherits:
Object
  • Object
show all
Defined in:
lib/openid/consumer/checkid_request.rb

Overview

An object that holds the state necessary for generating an OpenID authentication request. This object holds the association with the server and the discovered information with which the request will be made.

It is separate from the consumer because you may wish to add things to the request before sending it on its way to the server. It also has serialization options that let you encode the authentication request as a URL or as a form POST.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(assoc, endpoint) ⇒ CheckIDRequest

Users of this library should not create instances of this class. Instances of this class are created by the library when needed.



22
23
24
25
26
27
28
 
# File 'lib/openid/consumer/checkid_request.rb', line 22

def initialize(assoc, endpoint)
  @assoc = assoc
  @endpoint = endpoint
  @return_to_args = {}
  @message = Message.new(endpoint.preferred_namespace)
  @anonymous = false
end

Instance Attribute Details

#anonymousObject

Returns the value of attribute anonymous.



17
18
19
 
# File 'lib/openid/consumer/checkid_request.rb', line 17

def anonymous
  @anonymous
end

#endpointObject (readonly)

Returns the value of attribute endpoint.



17
18
19
 
# File 'lib/openid/consumer/checkid_request.rb', line 17

def endpoint
  @endpoint
end

#messageObject

Returns the value of attribute message.



16
17
18
 
# File 'lib/openid/consumer/checkid_request.rb', line 16

def message
  @message
end

#return_to_argsObject

Returns the value of attribute return_to_args.



16
17
18
 
# File 'lib/openid/consumer/checkid_request.rb', line 16

def return_to_args
  @return_to_args
end

Instance Method Details

#add_extension(extension_request) ⇒ Object

Add an object that implements the extension interface for adding arguments to an OpenID message to this checkid request.

extension_request: an OpenID::Extension object.



49
50
51
 
# File 'lib/openid/consumer/checkid_request.rb', line 49

def add_extension(extension_request)
  extension_request.to_message(@message)
end

#add_extension_arg(namespace, key, value) ⇒ Object

Add an extension argument to this OpenID authentication request. You probably want to use add_extension and the OpenID::Extension interface.

Use caution when adding arguments, because they will be URL-escaped and appended to the redirect URL, which can easily get quite long.



60
61
62
 
# File 'lib/openid/consumer/checkid_request.rb', line 60

def add_extension_arg(namespace, key, value)
  @message.set_arg(namespace, key, value)
end

#form_markup(realm, return_to = nil, immediate = false, form_tag_attrs = nil) ⇒ Object

Get html for a form to submit this request to the IDP.

form_tag_attrs is a hash of attributes to be added to the form tag. ‘accept-charset’ and ‘enctype’ have defaults that can be overridden. If a value is supplied for ‘action’ or ‘method’, it will be replaced.



148
149
150
151
152
 
# File 'lib/openid/consumer/checkid_request.rb', line 148

def form_markup(realm, return_to = nil, immediate = false,
  form_tag_attrs = nil)
  message = get_message(realm, return_to, immediate)
  message.to_form_markup(@endpoint.server_url, form_tag_attrs)
end

#get_message(realm, return_to = nil, immediate = false) ⇒ Object

Produce a OpenID::Message representing this request.

Not specifying a return_to URL means that the user will not be returned to the site issuing the request upon its completion.

If immediate mode is requested, the OpenID provider is to send back a response immediately, useful for behind-the-scenes authentication attempts. Otherwise the OpenID provider may engage the user before providing a response. This is the default case, as the user may need to provide credentials or approve the request before a positive response can be sent.



75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
 
# File 'lib/openid/consumer/checkid_request.rb', line 75

def get_message(realm, return_to = nil, immediate = false)
  if !return_to.nil?
    return_to = Util.append_args(return_to, @return_to_args)
  elsif immediate
    raise ArgumentError, '"return_to" is mandatory when using ' \
      '"checkid_immediate"'
  elsif @message.is_openid1
    raise ArgumentError, '"return_to" is mandatory for OpenID 1 ' \
      "requests"
  elsif @return_to_args.empty?
    raise ArgumentError, 'extra "return_to" arguments were specified, ' \
      "but no return_to was specified"
  end

  message = @message.copy

  mode = immediate ? "checkid_immediate" : "checkid_setup"
  message.set_arg(OPENID_NS, "mode", mode)

  realm_key = message.is_openid1 ? "trust_root" : "realm"
  message.set_arg(OPENID_NS, realm_key, realm)

  message.set_arg(OPENID_NS, "return_to", return_to) unless return_to.nil?

  unless @anonymous
    if @endpoint.is_op_identifier
      # This will never happen when we're in OpenID 1
      # compatibility mode, as long as is_op_identifier()
      # returns false whenever preferred_namespace returns
      # OPENID1_NS.
      claimed_id = request_identity = IDENTIFIER_SELECT
    else
      request_identity = @endpoint.get_local_id
      claimed_id = @endpoint.claimed_id
    end

    # This is true for both OpenID 1 and 2
    message.set_arg(OPENID_NS, "identity", request_identity)

    message.set_arg(OPENID2_NS, "claimed_id", claimed_id) if message.is_openid2
  end

  if @assoc && (message.is_openid1 || !%w[checkid_setup checkid_immediate].include?(mode))
    message.set_arg(OPENID_NS, "assoc_handle", @assoc.handle)
    assoc_log_msg = "with assocication #{@assoc.handle}"
  else
    assoc_log_msg = "using stateless mode."
  end

  Util.log("Generated #{mode} request to #{@endpoint.server_url} " \
    "#{assoc_log_msg}")
  message
end

#html_markup(realm, return_to = nil, immediate = false, form_tag_attrs = nil) ⇒ Object

Get a complete HTML document that autosubmits the request to the IDP with javascript. This method wraps form_markup - see that method’s documentation for help with the parameters.



157
158
159
160
161
162
163
164
165
 
# File 'lib/openid/consumer/checkid_request.rb', line 157

def html_markup(realm, return_to = nil, immediate = false,
  form_tag_attrs = nil)
  Util.auto_submit_html(form_markup(
    realm,
    return_to,
    immediate,
    form_tag_attrs,
  ))
end

#redirect_url(realm, return_to = nil, immediate = false) ⇒ Object

Returns a URL with an encoded OpenID request.

The resulting URL is the OpenID provider’s endpoint URL with parameters appended as query arguments. You should redirect the user agent to this URL.

OpenID 2.0 endpoints also accept POST requests, see ‘send_redirect?’ and ‘form_markup’.



137
138
139
140
 
# File 'lib/openid/consumer/checkid_request.rb', line 137

def redirect_url(realm, return_to = nil, immediate = false)
  message = get_message(realm, return_to, immediate)
  message.to_url(@endpoint.server_url)
end

#send_redirect?(realm, return_to = nil, immediate = false) ⇒ Boolean

Should this OpenID authentication request be sent as a HTTP redirect or as a POST (form submission)?

This takes the same parameters as redirect_url or form_markup



171
172
173
174
175
176
 
# File 'lib/openid/consumer/checkid_request.rb', line 171

def send_redirect?(realm, return_to = nil, immediate = false)
  return true if @endpoint.compatibility_mode

  url = redirect_url(realm, return_to, immediate)
  url.length <= OPENID1_URL_LIMIT
end