Class: Masq::ConsumerController
- Inherits:
-
BaseController
- Object
- ActionController::Base
- BaseController
- Masq::ConsumerController
- Defined in:
- app/controllers/masq/consumer_controller.rb
Instance Method Summary collapse
Instance Method Details
#complete ⇒ Object
67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 |
# File 'app/controllers/masq/consumer_controller.rb', line 67 def complete parameters = params.to_unsafe_h.reject { |k, _v| request.path_parameters[k.to_sym] } open_id_req = openid_consumer.complete(parameters, url_for({})) case open_id_req.status when OpenID::Consumer::SETUP_NEEDED flash[:alert] = t(:immediate_request_failed_setup_needed) when OpenID::Consumer::CANCEL flash[:alert] = t(:openid_transaction_cancelled) when OpenID::Consumer::FAILURE flash[:alert] = open_id_req.display_identifier ? t(:verification_of_identifier_failed, identifier: open_id_req.display_identifier, message: open_id_req.) : t(:verification_failed_message, message: open_id_req.) when OpenID::Consumer::SUCCESS flash[:notice] = t(:verification_of_identifier_succeeded, identifier: open_id_req.display_identifier) if params[:did_sreg] sreg_resp = OpenID::SReg::Response.from_success_response(open_id_req) = "\n\n" + t(:simple_registration_data_requested) if sreg_resp.empty? << ", " + t(:but_none_was_returned) else << ". " + t(:the_following_data_were_sent) + "\n" sreg_resp.data.each { |k, v| << "#{k}: #{v}\n" } end flash[:notice] += end if params[:did_ax_fetch] ax_fetch_resp = OpenID::AX::FetchResponse.from_success_response(open_id_req) = "\n\n" + t(:attribute_exchange_data_requested) if ax_fetch_resp << ". " + t(:the_following_data_were_sent) + "\n" ax_fetch_resp.data.each { |k, v| << "#{k}: #{v}\n" } else << ", " + t(:but_none_was_returned) end flash[:notice] += end if params[:did_ax_store] ax_store_resp = OpenID::AX::StoreResponse.from_success_response(open_id_req) = "\n\n" + t(:attribute_exchange_store_requested) << if ax_store_resp if ax_store_resp.succeeded? " " + t(:and_saved_at_the_identity_provider) else ", " + t(:but_an_error_occured, error_message: ax_store_resp.) end else ", " + t(:but_got_no_response) end flash[:notice] += end if params[:did_pape] pape_resp = OpenID::PAPE::Response.from_success_response(open_id_req) = "\n\n" + t(:authentication_policies_requested) if pape_resp.auth_policies.empty? << ", " + t(:but_the_server_did_not_report_one) else << ", " + t(:and_server_reported_the_following) + "\n" pape_resp.auth_policies.each { |p| << "#{p}\n" } end << "\n" + t(:authentication_time) + ": #{pape_resp.auth_time}" if pape_resp.auth_time << "\nNIST Auth Level: #{pape_resp.nist_auth_level}" if pape_resp.nist_auth_level flash[:notice] += end else # NOOP # This should never happen. end redirect_to(action: "index") end |
#index ⇒ Object
5 6 |
# File 'app/controllers/masq/consumer_controller.rb', line 5 def index end |
#start ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'app/controllers/masq/consumer_controller.rb', line 8 def start begin open_id_req = openid_consumer.begin(params[:openid_identifier]) rescue OpenID::OpenIDError => e redirect_to(consumer_path, alert: "Discovery failed for #{params[:openid_identifier]}: #{e}") return end if params[:use_sreg] open_id_sreg_req = OpenID::SReg::Request.new open_id_sreg_req.policy_url = "http://www.policy-url.com" open_id_sreg_req.request_fields(["nickname", "email"], true) # required open_id_sreg_req.request_fields(["fullname", "dob"], false) # optional open_id_req.add_extension(open_id_sreg_req) open_id_req.return_to_args["did_sreg"] = "y" end if params[:use_ax_fetch] axreq = OpenID::AX::FetchRequest.new requested_attrs = [ ["https://openid.tzi.de/spec/schema", "uid", true], ["http://axschema.org/namePerson/friendly", "nickname", true], ["http://axschema.org/contact/email", "email", true], ["http://axschema.org/namePerson", "fullname"], ["http://axschema.org/contact/web/default", "website", false, 2], ["http://axschema.org/contact/postalCode/home", "postcode"], ["http://axschema.org/person/gender", "gender"], ["http://axschema.org/birthDate", "birth_date"], ["http://axschema.org/contact/country/home", "country"], ["http://axschema.org/pref/language", "language"], ["http://axschema.org/pref/timezone", "timezone"], ] requested_attrs.each { |a| axreq.add(OpenID::AX::AttrInfo.new(a[0], a[1], a[2] || false, a[3] || 1)) } open_id_req.add_extension(axreq) open_id_req.return_to_args["did_ax_fetch"] = "y" end if params[:use_ax_store] ax_store_req = OpenID::AX::StoreRequest.new ax_store_req.set_values("http://axschema.org/contact/email", %w([email protected])) ax_store_req.set_values("http://axschema.org/birthDate", %w(1976-08-07)) ax_store_req.set_values("http://axschema.org/customValueThatIsNotSupported", %w(unsupported)) open_id_req.add_extension(ax_store_req) open_id_req.return_to_args["did_ax_store"] = "y" end if params[:use_pape] open_id_pape_req = OpenID::PAPE::Request.new open_id_pape_req.add_policy_uri(OpenID::PAPE::AUTH_PHISHING_RESISTANT) open_id_pape_req.max_auth_age = 60 open_id_req.add_extension(open_id_pape_req) open_id_req.return_to_args["did_pape"] = "y" end if params[:force_post] open_id_req.return_to_args["force_post"] = "x" * 2048 end if open_id_req.send_redirect?(consumer_url, consumer_complete_url, params[:immediate]) redirect_to(open_id_req.redirect_url(consumer_url, consumer_complete_url, params[:immediate])) else @form_text = open_id_req.form_markup(consumer_url, consumer_complete_url, params[:immediate], {"id" => "checkid_form"}) end end |