Skip to content

SixArm/sixarm_rails_openid_tech_demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits

.github

.github

 
 

app

app

 
 

config

config

 
 

db

db

 
 

doc

doc

 
 

lib

lib

 
 

log

log

 
 

public

public

 
 

script

script

 
 

spec

spec

 
 

.gitignore

.gitignore

 
 

.rspec

.rspec

 
 

CODEOWNERS

CODEOWNERS

 
 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

 
 

Gemfile

Gemfile

 
 

Gemfile.lock

Gemfile.lock

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

config.ru

config.ru

 
 

Repository files navigation

Rails » OpenID » Tech demo for programmers

This Rails OpenID tech demo shows a simple example of authentication using Rails 3, RSpec 2, and the ruby-openid gem.

This tech demo is intended for programmers who want to see source code.

Step 1

  • To get the code, clone this git repository.
  • Customize the file ./app/controllers/openid_controller.rb by setting the variables realm and return_to. The file explains how to do this.

Step 2

Step 3

  • When you enter your OpenID URL, your browser redirects you to your OpenID server, and asks you to sign in.
  • When you sign in, your OpenID site may show you some confirmation messages and will send you back to your site.
  • The app shows a result message for "Success", "Failure", "Cancel", or "Setup Needed".

What's next?

If you want to understand more about OpenID source code, we suggest reading the ruby-openid gem's source code because it's well written and has plenty of comments.

If you want to use OpenID in your web application, we suggest learning about OpenID integration with web frameworks and and authentication gems:

Google OpenID variations

Google provides a unique ID that is independent of the user's name and email address:

http://code.google.com/apis/accounts/docs/OpenID.html

The Google-supplied identifier, which has no connection to the user's actual Google account name or password, is a persistent value; it remains constant even if the user changes their Google user name and/or email address. This identifier is also a "directed identity", that is, Google returns a different value to each relying party. Google uses the request parameter openid.realm to recognize the relying party, so if the third-party application decides to change this value, all user identifiers will change.

Troubleshooting SessionRestoreError

If you get an error like this:

  • ActionDispatch::Session::SessionRestoreError

Then you need to clear out the session store. This demo uses the in-memory cookie store because it is more secure on multi-app systems, and the easiest way to clear out the session store is to invalidate the existing cookies by changing the app's secret token:

  • Edit config/initializers/secret_token.rb
  • Change the token to anything different.
  • Restart the server.

Credits

The Ruby OpenID gem is by JanRain, and it has excellent code with comments and examples. This demo is derived from the gem.

This demo is by Joel Parker Henderson, thanks to the University of California, Berkeley and the University of California, Irvine.

Feedback is welcome. Pull requests are welcome too.

About

SixArm.com » Rails » OpenID » Tech demo for programmers

Topics

ruby rails demo openid

Resources

Readme

Code of conduct

Code of conduct
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages