Ruby on Rails | Screencasts | Download | Documentation | Weblog | Community | Source

Ticket #10231 (new enhancement)

Opened 11 months ago

Last modified 10 months ago

[PATCH] open_id_authentication support for OpenID::SETUP_NEEDED response

Reported by: ncr Assigned to: core
Priority: normal Milestone: 2.x
Component: Plugins Version: edge
Severity: normal Keywords: openid
Cc: pic@superfluo.org

Description

When someone uses a valid but not yet registered OpenID, response status is OpenID::SETUP_NEEDED. This is not supported now and the effect is that authenticate_with_open_id method will not yield. Attached patch with test.

Attachments

open_id_authentication_setup_needed_support.diff (2.1 kB) - added by ncr on 11/21/07 11:04:22.
open_id_authentication_immediate_mode_support.diff (3.4 kB) - added by pic on 11/27/07 08:59:15.
open_id_authentication_immediate_mode_support_with_tests.diff (6.4 kB) - added by ncr on 12/04/07 11:36:34.

Change History

11/21/07 11:04:22 changed by ncr

  • attachment open_id_authentication_setup_needed_support.diff added.

11/21/07 16:47:17 changed by david

Thanks for finding this. But do you have an idea why this message is being thrown? The error message for the user is not very helpful at all. Would be great to have it more descriptive so the user can know what to do to fix this.

11/21/07 17:16:24 changed by ncr

This status is returned when user enters a valid but not yet registered identity url. So the existing identity server returns SETUP_NEEDED with an url, user should be redirected to in order to create a new account. If you take a look at this doc you will see that the response object is initialized with the setup_url but the attribute is not exposed with attr_reader. I've created a ticket for this in ruby-openid tracker. So should we wait or instance_variable_get it and somehow (as a third argument maybe) expose it to the block given to authenticate_with_open_id?

11/27/07 08:58:02 changed by pic

  • cc set to pic@superfluo.org.

As far as my understanding goes, SETUP_NEEDED response is always associated with the immediate mode: 

SETUP_NEEDED = :setup_needed  	   	
Code returned by OpenID::OpenIDConsumer.complete_auth when the OpenIDConsumer
instance is in immediate mode and ther server sends back a URL for the user 
to login with.

(from http://openidenabled.com/files/ruby-openid/docs/1.9.0/)

so I'm attaching the patch I'm currently using that supports this mode as well as SETUP_NEEDED status

11/27/07 08:59:15 changed by pic

  • attachment open_id_authentication_immediate_mode_support.diff added.

11/27/07 10:26:15 changed by ncr

You're right about the immediate mode. Patch looks good for me (there's a typo: "unknow" should be "unknown"). +1

12/04/07 11:35:45 changed by ncr

I have corrected the typos and added tests that ensure the immediate mode works on begin_open_id_authentication and complete_open_id_authentication. I also added test that immediate mode flag is optional from the perspective of programmer.

12/04/07 11:36:34 changed by ncr

  • attachment open_id_authentication_immediate_mode_support_with_tests.diff added.