| CARVIEW |
Select Language
HTTP/2 302
server: nginx
date: Thu, 07 Aug 2025 03:32:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
x-archive-redirect-reason: found capture at 20090626162934
location: https://web.archive.org/web/20090626162934/https://github.com/rails/open_id_authentication/tree
server-timing: captures_list;dur=0.618258, exclusion.robots;dur=0.022229, exclusion.robots.policy;dur=0.011027, esindex;dur=0.011340, cdx.remote;dur=29.457796, LoadShardBlock;dur=251.998929, PetaboxLoader3.datanode;dur=102.379149, PetaboxLoader3.resolve;dur=48.673399
x-app-server: wwwb-app210
x-ts: 302
x-tr: 350
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=1
set-cookie: wb-p-SERVER=wwwb-app210; path=/
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
HTTP/2 301
server: nginx
date: Thu, 07 Aug 2025 03:32:55 GMT
content-type: text/html; charset=utf-8
content-length: 124
x-archive-orig-server: nginx/0.6.31
x-archive-orig-date: Fri, 26 Jun 2009 16:29:31 GMT
x-archive-orig-connection: close
x-archive-orig-status: 301 Moved Permanently
location: https://web.archive.org/web/20090626162934/https://github.com/rails/open_id_authentication/tree/master
x-archive-orig-x-runtime: 445ms
x-archive-orig-cache-control: no-cache
x-archive-orig-content-length: 124
cache-control: max-age=1800
memento-datetime: Fri, 26 Jun 2009 16:29:34 GMT
link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Tue, 26 Aug 2008 07:58:16 GMT", ; rel="memento"; datetime="Fri, 26 Jun 2009 16:29:34 GMT", ; rel="next memento"; datetime="Sun, 06 Sep 2009 03:47:00 GMT", ; rel="last memento"; datetime="Sun, 18 Apr 2010 17:24:49 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org
x-archive-src: 52_10_20090626124616_crawl101-c/52_10_20090626160645_crawl101.arc.gz
server-timing: captures_list;dur=0.462882, exclusion.robots;dur=0.019591, exclusion.robots.policy;dur=0.009686, esindex;dur=0.010204, cdx.remote;dur=20.821331, LoadShardBlock;dur=134.946553, PetaboxLoader3.datanode;dur=86.722253, PetaboxLoader3.resolve;dur=209.503697, load_resource;dur=221.631832
x-app-server: wwwb-app210
x-ts: 301
x-tr: 406
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
HTTP/2 200
server: nginx
date: Thu, 07 Aug 2025 03:32:55 GMT
content-type: text/html; charset=utf-8
x-archive-orig-server: nginx/0.6.26
x-archive-orig-date: Fri, 26 Jun 2009 16:29:34 GMT
x-archive-orig-connection: close
x-archive-orig-status: 200 OK
x-archive-orig-x-runtime: 249ms
x-archive-orig-etag: "64dc7b4ba6a51f71948966034c290027"
x-archive-orig-cache-control: private, max-age=0, must-revalidate
x-archive-orig-content-length: 32353
x-archive-guessed-content-type: text/html
x-archive-guessed-charset: utf-8
memento-datetime: Fri, 26 Jun 2009 16:29:34 GMT
link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Thu, 31 Jul 2008 15:52:41 GMT", ; rel="prev memento"; datetime="Wed, 27 May 2009 11:25:42 GMT", ; rel="memento"; datetime="Fri, 26 Jun 2009 16:29:34 GMT", ; rel="next memento"; datetime="Tue, 14 Jul 2009 03:41:04 GMT", ; rel="last memento"; datetime="Wed, 25 Sep 2024 19:15:27 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org
x-archive-src: 52_10_20090626124616_crawl101-c/52_10_20090626160645_crawl101.arc.gz
server-timing: captures_list;dur=0.453619, exclusion.robots;dur=0.016656, exclusion.robots.policy;dur=0.008523, esindex;dur=0.009365, cdx.remote;dur=23.480792, LoadShardBlock;dur=123.025337, PetaboxLoader3.datanode;dur=130.787211, PetaboxLoader3.resolve;dur=226.180917, load_resource;dur=245.428890
x-app-server: wwwb-app210
x-ts: 200
x-tr: 447
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=1
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
content-encoding: gzip
rails's open_id_authentication at master - GitHub
This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon () is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
| Description: | OpenID authentication plugin edit |
| Homepage: | https://rubyonrails.org edit |
| Public Clone URL: |
git://github.com/rails/open_id_authentication.git
Give this clone URL to anyone.
git clone git://github.com/rails/open_id_authentication.git
|
| Your Clone URL: |
Use this clone URL yourself.
git clone git@github.com:rails/open_id_authentication.git
|
| name | age | message | |
|---|---|---|---|
 |
CHANGELOG | Thu Aug 21 15:44:09 -0700 2008 | Fake HTTP method from OpenID server since they ... [josh] |
| |
README | Mon Jan 12 13:14:00 -0800 2009 | Added short section for AX data requests [peat] |
| |
Rakefile | Mon Feb 26 17:29:20 -0800 2007 | Added simple OpenID authentication Rails plugin... [david] |
 |
generators/ | Thu Mar 27 16:26:52 -0700 2008 | Updated OpenIdAuthentication to use Ruby OpenID... [josh] |
| |
init.rb | Mon Jan 26 13:15:08 -0800 2009 | Set ruby-openid gem's logger to the Rails logger [josh] |
| |
lib/ | Sat May 16 08:52:08 -0700 2009 | Remove incomplete memcache store Follow its pr... [josh] |
| |
tasks/ | Thu Mar 27 16:26:52 -0700 2008 | Updated OpenIdAuthentication to use Ruby OpenID... [josh] |
| |
test/ | Sat May 16 08:52:08 -0700 2009 | Remove incomplete memcache store Follow its pr... [josh] |
OpenIdAuthentication ==================== Provides a thin wrapper around the excellent ruby-openid gem from JanRan. Be sure to install that first: gem install ruby-openid To understand what OpenID is about and how it works, it helps to read the documentation for lib/openid/consumer.rb from that gem. The specification used is https://openid.net/specs/openid-authentication-2_0.html. Prerequisites ============= OpenID authentication uses the session, so be sure that you haven't turned that off. It also relies on a number of database tables to store the authentication keys. So you'll have to run the migration to create these before you get started: rake open_id_authentication:db:create Or, use the included generators to install or upgrade: ./script/generate open_id_authentication_tables MigrationName ./script/generate upgrade_open_id_authentication_tables MigrationName Alternatively, you can use the file-based store, which just relies on on tmp/openids being present in RAILS_ROOT. But be aware that this store only works if you have a single application server. And it's not safe to use across NFS. It's recommended that you use the database store if at all possible. To use the file-based store, you'll also have to add this line to your config/environment.rb: OpenIdAuthentication.store = :file This particular plugin also relies on the fact that the authentication action allows for both POST and GET operations. If you're using RESTful authentication, you'll need to explicitly allow for this in your routes.rb. The plugin also expects to find a root_url method that points to the home page of your site. You can accomplish this by using a root route in config/routes.rb: map.root :controller => 'articles' This plugin relies on Rails Edge revision 6317 or newer. Example ======= This example is just to meant to demonstrate how you could use OpenID authentication. You might well want to add salted hash logins instead of plain text passwords and other requirements on top of this. Treat it as a starting point, not a destination. Note that the User model referenced in the simple example below has an 'identity_url' attribute. You will want to add the same or similar field to whatever model you are using for authentication. Also of note is the following code block used in the example below: authenticate_with_open_id do |result, identity_url| ... end In the above code block, 'identity_url' will need to match user.identity_url exactly. 'identity_url' will be a string in the form of 'https://example.com' - If you are storing just 'example.com' with your user, the lookup will fail. There is a handy method in this plugin called 'normalize_url' that will help with validating OpenID URLs. OpenIdAuthentication.normalize_url(user.identity_url) The above will return a standardized version of the OpenID URL - the above called with 'example.com' will return 'https://example.com/' It will also raise an InvalidOpenId exception if the URL is determined to not be valid. Use the above code in your User model and validate OpenID URLs before saving them. config/routes.rb map.root :controller => 'articles' map.resource :session app/views/sessions/new.erb <% form_tag(session_url) do %> <p> <label for="name">Username:</label> <%= text_field_tag "name" %> </p> <p> <label for="password">Password:</label> <%= password_field_tag %> </p> <p> ...or use: </p> <p> <label for="openid_identifier">OpenID:</label> <%= text_field_tag "openid_identifier" %> </p> <p> <%= submit_tag 'Sign in', :disable_with => "Signing in…" %> </p> <% end %> app/controllers/sessions_controller.rb class SessionsController < ApplicationController def create if using_open_id? open_id_authentication else password_authentication(params[:name], params[:password]) end end protected def password_authentication(name, password) if @current_user = @account.users.authenticate(params[:name], params[:password]) successful_login else failed_login "Sorry, that username/password doesn't work" end end def open_id_authentication authenticate_with_open_id do |result, identity_url| if result.successful? if @current_user = @account.users.find_by_identity_url(identity_url) successful_login else failed_login "Sorry, no user by that identity URL exists (#{identity_url})" end else failed_login result.message end end end private def successful_login session[:user_id] = @current_user.id redirect_to(root_url) end def failed_login(message) flash[:error] = message redirect_to(new_session_url) end end If you're fine with the result messages above and don't need individual logic on a per-failure basis, you can collapse the case into a mere boolean: def open_id_authentication authenticate_with_open_id do |result, identity_url| if result.successful? && @current_user = @account.users.find_by_identity_url(identity_url) successful_login else failed_login(result.message || "Sorry, no user by that identity URL exists (#{identity_url})") end end end Simple Registration OpenID Extension ==================================== Some OpenID Providers support this lightweight profile exchange protocol. See more: https://www.openidenabled.com/openid/simple-registration-extension You can support it in your app by changing #open_id_authentication def open_id_authentication(identity_url) # Pass optional :required and :optional keys to specify what sreg fields you want. # Be sure to yield registration, a third argument in the #authenticate_with_open_id block. authenticate_with_open_id(identity_url, :required => [ :nickname, :email ], :optional => :fullname) do |result, identity_url, registration| case result.status when :missing failed_login "Sorry, the OpenID server couldn't be found" when :invalid failed_login "Sorry, but this does not appear to be a valid OpenID" when :canceled failed_login "OpenID verification was canceled" when :failed failed_login "Sorry, the OpenID verification failed" when :successful if @current_user = @account.users.find_by_identity_url(identity_url) assign_registration_attributes!(registration) if current_user.save successful_login else failed_login "Your OpenID profile registration failed: " + @current_user.errors.full_messages.to_sentence end else failed_login "Sorry, no user by that identity URL exists" end end end end # registration is a hash containing the valid sreg keys given above # use this to map them to fields of your user model def assign_registration_attributes!(registration) model_to_registration_mapping.each do |model_attribute, registration_attribute| unless registration[registration_attribute].blank? @current_user.send("#{model_attribute}=", registration[registration_attribute]) end end end def model_to_registration_mapping { :login => 'nickname', :email => 'email', :display_name => 'fullname' } end Attribute Exchange OpenID Extension =================================== Some OpenID providers also support the OpenID AX (attribute exchange) protocol for exchanging identity information between endpoints. See more: https://openid.net/specs/openid-attribute-exchange-1_0.html Accessing AX data is very similar to the Simple Registration process, described above -- just add the URI identifier for the AX field to your :optional or :required parameters. For example: authenticate_with_open_id(identity_url, :required => [ :email, 'https://schema.openid.net/birthDate' ]) do |result, identity_url, registration| This would provide the sreg data for :email, and the AX data for 'https://schema.openid.net/birthDate' Copyright (c) 2007 David Heinemeier Hansson, released under the MIT license
This feature is coming soon. Sit tight!