Class: CS50

Inherits:
Object
  • Object
show all
Defined in:
lib/cs50.rb

Overview

User authentication using CS50 ID.

Licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License

See Also:

Author:

Version:

Class Method Summary (collapse)

Class Method Details

+ (String) getLoginUrl(directory, trust_root, return_to, session, fields = ["email", "fullname"], attributes = [])

Get URL to which user can be redirected to authenticate using CS50 ID.

Parameters:

  • (String) directory

    Path to directory used to store state (i.e., Rails.root.join("tmp") for Ruby on Rails)

  • (String) trust_root

    URL that CS50 ID should prompt user to trust

  • (String) return_to

    URL to which CS50 should return user after login

  • session

    Session variable (i.e. session for Ruby on Rails)

  • (Array) fields (defaults to: ["email", "fullname"])

    Simple registration fields

  • (Array) attributes (defaults to: [])

    Attribute exchange fields

Returns:

  • (String)

    URL for CS50 ID authentication 



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/cs50.rb', line 27

def self.getLoginUrl(directory, trust_root, return_to, session, fields = ["email", "fullname"], attributes = [])
    # prepare request
    store = OpenID::Store::Filesystem.new(Pathname.new(directory))
    consumer = OpenID::Consumer.new(session, store)
    auth_request = consumer.begin("https://id.cs50.net/")

    # simple registration fields
    if (fields.kind_of?(Array) && fields.length > 0)
        auth_request.add_extension(OpenID::SReg::Request.new(nil, fields))
    end

    # attribute exchange fields
    if (attributes.kind_of?(Array) && attributes.length > 0)
        ax_request = OpenID::AX::FetchRequest.new
        attributes.each do |attribute|
            ax_request.add(OpenID::AX::AttrInfo.new(attribute, 1, false))
        end
        auth_request.add_extension(ax_request)
    end

    # generate url for redirection
    return auth_request.redirect_url(trust_root, return_to)
end

+ (Hash) getUser(directory, return_to, session, params)

Note:

A unique ID for the user will be returned, and the user’s email and name may be returned.

If user has been authenticated by CS50 ID, get the user’s information.

Parameters:

  • (String) directory

    Path to directory used to store state (i.e., Rails.root.join("tmp") for Ruby on Rails)

  • (String) return_to

    URL to which CS50 should return user after login

  • session

    Session variable (i.e., session for Ruby on Rails)

  • params

    Parameters array (i.e., params for Ruby on Rails)

Returns:

  • (Hash)

    User’s :id, :email and :name 



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
 
# File 'lib/cs50.rb', line 60

def self.getUser(directory, return_to, session, params)
    # clean rails parameters from the URL (else Janrain fails)
    parameters = params.clone
    parameters.delete(:controller)
    parameters.delete(:action)

    # get response
    store = OpenID::Store::Filesystem.new(Pathname.new(directory))
    consumer = OpenID::Consumer.new(session, store)
    response = consumer.complete(parameters, return_to)

    if (response.status == OpenID::Consumer::SUCCESS)
        user = { "identity" => response.identity_url }

        # simple registration fields
        sreg_resp = OpenID::SReg::Response.from_success_response(response)
        if (sreg_resp)
            user.merge!(sreg_resp.data)
        end
        
        # get attribute exchange attributes
        ax_resp = OpenID::AX::FetchResponse.from_success_response(response)
        if (ax_resp)
            user.merge!(ax_resp.data)
        end

        return user
        
    # response failure
    else
        return false
    end
end