Ruby open_id_authentication with Google OpenID

2019-02-15 19:42发布

问题:

I am in my first steps of implementing OpenID in my Rails app. open_id_authentication appeared to be a fairly easy-to-use plugin, which is why I decided to use it.

Logging in with my Google account seems to work perfectly, however I do not get the sreg/AX fields that I require. My code is currently as follows:

class SessionsController < ApplicationController

  def new; end

  def create
    open_id_authentication
  end


  protected
    def open_id_authentication
      authenticate_with_open_id(params[:openid_identifier], :required => ["http://axschema.org/contact/email"]) do |result, identity_url, registration|
        if result.successful?
          p registration.data
          @current_user = User.find_by_identity_url(identity_url)
          if @current_user
            successful_login
          else
            failed_login "Sorry, no user by that identity URL exists (#{identity_url})"
          end
        else
          failed_login result.message
        end
      end
    end


  private
    def successful_login
      session[:user_id] = @current_user.id
      redirect_to(root_url)
    end

    def failed_login(message)
      flash[:error] = message
      redirect_to(new_session_url)
    end
end

I have already read various discussions about Google OpenID and all only say that you need to require the AX schema instead of the sreg field email, but even when I am doing so (as you can see in the code above), registration.data will remain empty ({}).

How do I effectively require the email from most OpenID providers with open_id_authentication?

回答1:

The authenticate_with_open_id return the Sreg object, not the AX response. So you need instanciate this respone with Rack::OpenID::REPONSE like that :

ax_response = OpenID::AX::FetchResponse.from_success_response(request.env[Rack::OpenID::RESPONSE])

After you can fetch your data

ax_response['http://axschema.org/contact/email']
ax_response['http://axschema.org/namePerson/first']
ax_response['http://axschema.org/namePerson/last']


回答2:

I've also stitched together a complete solution to Ruby on Rails 3, OpenID, and Google: http://blog.sethladd.com/2010/09/ruby-rails-openid-and-google.html



回答3:

this post contains a good strategy to use AX for google and Sreg for others, to make this happen a little more seamlessly http://www.franzens.org/2009/01/using-google-federated-login-in-your.html