Rack::OpenID::Proxy

To view this screencast, add it to your cart and checkout. You can buy this screencast for any price, including FREE!

rack openid authentication appengine middleware proxy ruby

Why?

If you have a Ruby web application that you want to use OpenID in, check out Rack::OpenID.

If you …

have lots of applications and you only want to implement one OpenID consumer OR …
you have a web app running in an environment (like Google AppEngine) where OpenID consumers don’t work properly

If you don’t need a proxy to be an OpenID consumer, this likely isn’t for you. I created this because we’ve been using Google AppEngine and OpenID doesn’t work very well on AppEngine.

How?

Rack::OpenID::Proxy runs as a standalone Rack application (or it can be run as middleware).

Let’s say you run this proxy on Heroku at http://openid-proxy.heroku.com.

From a different web application, when you want to authenticate a user against OpenID, redirect them to http://openid-proxy.heroku.com/openid?url=the-users.open-id-provider.com. This will redirect the user to the OpenID providers’ login and then redirect back to whatever URL your request originally came from (via the referer) with an extra querystring, eg: http://yoursite.com/original-path?token=1234abcd

Now the user is back on your site and has been through the OpenID process (via 1 simple redirect). To get the OpenID response (to find out if the login was successful), you can fetch the response via: http://openid-proxy.heroku.com/openid.json?token=1234abcd

Here’s an example consumer implementation written in Sinatra:

 1 require 'sinatra'
 2 require 'open-uri'
 3 
 4 PROXY = 'http://my-open-id-proxy.com'
 5 
 6 get '/' do
 7   if params['token']
 8     # this is the redirect coming back from the proxy.
 9     # the OpenID response is accessible using the token we were given.
10     response = open("#{ PROXY }/openid?token=#{ params['token'] }")
11     "OpenID response: #{ response }"
12   else
13     haml :openid_login_form
14   end
15 end
16 
17 post '/login' do
18   # redirect to the proxy to do the OpenID authentication for us.
19   # the proxy will redirect back to this app with a token param.
20   redirect "#{ PROXY }/openid?url=#{ params['openid-url'] }"
21 end
22 
23 __END__
24 
25 @@ openid_login_form
26 
27 %form{ :action => '/login', :method => 'post' }
28   %label
29     OpenID URL: 
30     %input{ :type => 'text', :name => 'openid-url' }
31   %input{ :type => 'submit', :value => 'Login via OpenID' }

http://github.com/devfu/rack-openid-proxy

remi's screencasts

you name the price!

Rack::OpenID::Proxy

Why?

How?