discourse/lib/auth/open_id_authenticator.rb

class Auth::OpenIdAuthenticator < Auth::Authenticator

  attr_reader :name, :identifier

  def initialize(name, identifier, opts = {})
    @name = name
    @identifier = identifier
    @opts = opts
  end

  def after_authenticate(auth_token)

    result = Auth::Result.new

    data = auth_token[:info]
    identity_url = auth_token[:extra][:identity_url]
    result.email = email = data[:email]

    # If the auth supplies a name / username, use those. Otherwise start with email.
    result.name = name = data[:name] || data[:email]
    result.username = username = data[:nickname] || data[:email]

    user_open_id = UserOpenId.find_by_url(identity_url)

    if !user_open_id && @opts[:trusted] && user = User.find_by_email(email)
      user_open_id = UserOpenId.create(url: identity_url , user_id: user.id, email: email, active: true)
    end

    result.user = user_open_id.try(:user)
    result.extra_data = {
      openid_url: identity_url,
      # note email may change by the time after_create_account runs
      email: email
    }
    result.email_valid = @opts[:trusted]

    result
  end

  def after_create_account(user, auth)
    data = auth[:extra_data]
    UserOpenId.create(
      user_id: user.id,
      url: data[:openid_url],
      email: data[:email],
      active: true
    )
  end


  def register_middleware(omniauth)
    omniauth.provider :open_id,
           :setup => lambda { |env|
              strategy = env["omniauth.strategy"]
              strategy.options[:store] = OpenID::Store::Redis.new($redis)
           },
           :name => name,
           :identifier => identifier,
           :require => "omniauth-openid"
  end
end
major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-23 02:20:43 -04:00			`class Auth::OpenIdAuthenticator < Auth::Authenticator`

Fixed all broken specs Moved middleware config into authenticators 2013-08-25 21:04:16 -04:00			`attr_reader :name, :identifier`

			`def initialize(name, identifier, opts = {})`
major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-23 02:20:43 -04:00			`@name = name`
Fixed all broken specs Moved middleware config into authenticators 2013-08-25 21:04:16 -04:00			`@identifier = identifier`
major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-23 02:20:43 -04:00			`@opts = opts`
			`end`

			`def after_authenticate(auth_token)`

			`result = Auth::Result.new`

			`data = auth_token[:info]`
			`identity_url = auth_token[:extra][:identity_url]`
			`result.email = email = data[:email]`

			`# If the auth supplies a name / username, use those. Otherwise start with email.`
			`result.name = name = data[:name] \|\| data[:email]`
			`result.username = username = data[:nickname] \|\| data[:email]`

			`user_open_id = UserOpenId.find_by_url(identity_url)`

			`if !user_open_id && @opts[:trusted] && user = User.find_by_email(email)`
			`user_open_id = UserOpenId.create(url: identity_url , user_id: user.id, email: email, active: true)`
			`end`

			`result.user = user_open_id.try(:user)`
			`result.extra_data = {`
fix open id so it creates records properly 2013-08-23 03:00:01 -04:00			`openid_url: identity_url,`
			`# note email may change by the time after_create_account runs`
			`email: email`
major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-23 02:20:43 -04:00			`}`
			`result.email_valid = @opts[:trusted]`

			`result`
			`end`
fix open id so it creates records properly 2013-08-23 03:00:01 -04:00
			`def after_create_account(user, auth)`
			`data = auth[:extra_data]`
			`UserOpenId.create(`
			`user_id: user.id,`
			`url: data[:openid_url],`
			`email: data[:email],`
			`active: true`
			`)`
			`end`
Fixed all broken specs Moved middleware config into authenticators 2013-08-25 21:04:16 -04:00

			`def register_middleware(omniauth)`
			`omniauth.provider :open_id,`
BUGFIX: When running under a forking server (apache or unicorn) openid strategy was caching a redis connection from the parent, this made "login with google" only work some of the time. 2013-08-27 00:44:06 -04:00			`:setup => lambda { \|env\|`
			`strategy = env["omniauth.strategy"]`
			`strategy.options[:store] = OpenID::Store::Redis.new($redis)`
			`},`
Fixed all broken specs Moved middleware config into authenticators 2013-08-25 21:04:16 -04:00			`:name => name,`
			`:identifier => identifier,`
			`:require => "omniauth-openid"`
			`end`
major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-23 02:20:43 -04:00			`end`