Class: Masq::ServerController

Inherits:

BaseController

• Object
• ActionController::Base
• BaseController
• Masq::ServerController

Defined in:

app/controllers/masq/server_controller.rb

Instance Method Summary

• #cancel ⇒ Object

  Cancels the current OpenID request.

• #complete ⇒ Object

  This action is called by submitting the decision form, the information entered by the user is used to answer the request.

• #decide ⇒ Object

  Displays the decision page on that the user can confirm the request and choose which data should be transferred to the relying party.

• #index ⇒ Object

  This is the server endpoint which handles all incoming OpenID requests.

• #proceed ⇒ Object

  This action decides how to process the current request and serves as dispatcher and re-entry in case the request could not be processed directly (for instance if the user had to log in first).

Instance Method Details

#cancel ⇒ Object

Cancels the current OpenID request

# File 'app/controllers/masq/server_controller.rb', line 114

def cancel
  if checkid_request
    redirect_to(checkid_request.cancel_url)
  else
    reset_session
    redirect_to(login_path)
  end
end

#complete ⇒ Object

This action is called by submitting the decision form, the information entered by the user is used to answer the request. If the user decides to always trust the relying party, a new site according to the release policies will be created.

# File 'app/controllers/masq/server_controller.rb', line 73

def complete
  if params[:cancel]
    cancel
  else
    resp = checkid_request.answer(true, nil, identifier(current_account))
    if params[:always]
      @site = current_account.sites.where(persona_id: params[:site][:persona_id], url: params[:site][:url]).first_or_create
      @site.update(site_params)
    elsif sreg_request || ax_fetch_request
      @site = current_account.sites.where(persona_id: params[:site][:persona_id], url: params[:site][:url]).first_or_create
      @site.attributes = site_params
    elsif ax_store_request
      @site = current_account.sites.where(persona_id: params[:site][:persona_id], url: params[:site][:url]).first_or_create
      not_supported = []
      not_accepted = []
      accepted = []
      ax_store_request.data.each do |type_uri, values|
        property = Persona.attribute_name_for_type_uri(type_uri)
        if property
          store_attribute = params[:site][:ax_store][property.to_sym]
          if store_attribute && !store_attribute[:value].blank?
            @site.persona.update_attribute(property, values.first)
            accepted << type_uri
          else
            not_accepted << type_uri
          end
        else
          not_supported << type_uri
        end
      end
      ax_store_response = (accepted.count > 0) ? OpenID::AX::StoreResponse.new : OpenID::AX::StoreResponse.new(false, "None of the attributes were accepted.")
      resp.add_extension(ax_store_response)
    end
    resp = add_pape(resp, auth_policies, auth_level, auth_time)
    resp = add_sreg(resp, @site.sreg_properties) if sreg_request && @site.sreg_properties
    resp = add_ax(resp, @site.ax_properties) if ax_fetch_request && @site.ax_properties
    render_response(resp)
  end
end

#decide ⇒ Object

Displays the decision page on that the user can confirm the request and choose which data should be transferred to the relying party.

# File 'app/controllers/masq/server_controller.rb', line 65

def decide
  @site = current_account.sites.where(url: checkid_request.trust_root).first_or_initialize
  @site.persona = current_account.personas.find_by(params[:persona_id]) || current_account.personas.first if sreg_request || ax_store_request || ax_fetch_request
end

#index ⇒ Object

This is the server endpoint which handles all incoming OpenID requests. Associate and CheckAuth requests are answered directly - functionality therefor is provided by the ruby-openid gem. Handling of CheckId requests dependents on the users login state (see handle_checkid_request). Yadis requests return information about this endpoint.

# File 'app/controllers/masq/server_controller.rb', line 20

def index
  clear_checkid_request
  respond_to do |format|
    format.html do
      if openid_request.is_a?(OpenID::Server::CheckIDRequest)
        handle_checkid_request
      elsif openid_request
        handle_non_checkid_request
      else
        render(plain: t(:this_is_openid_not_a_human_resource))
      end
    end
    format.xrds
  end
end

#proceed ⇒ Object

This action decides how to process the current request and serves as dispatcher and re-entry in case the request could not be processed directly (for instance if the user had to log in first). When the user has already trusted the relying party, the request will be answered based on the users release policy. If the request is immediate (relying party wants no user interaction, used e.g. for ajax requests) the request can only be answered if no further information (like simple registration data) is requested. Otherwise, the user will be redirected to the decision page.

# File 'app/controllers/masq/server_controller.rb', line 45

def proceed
  identity = identifier(current_account)
  @site = current_account.sites.find_by(url: checkid_request.trust_root)
  if @site
    resp = checkid_request.answer(true, nil, identity)
    resp = add_sreg(resp, @site.sreg_properties) if sreg_request
    resp = add_ax(resp, @site.ax_properties) if ax_fetch_request
    resp = add_pape(resp, auth_policies, auth_level, auth_time)
    render_response(resp)
  elsif checkid_request.immediate && (sreg_request || ax_store_request || ax_fetch_request)
    render_response(checkid_request.answer(false))
  elsif checkid_request.immediate
    render_response(checkid_request.answer(true, nil, identity))
  else
    redirect_to(decide_path)
  end
end