class OpenID::Server::AssociateRequest

A request to establish an association.

See OpenID Specs, Section 8: Establishing Associations <openid.net/specs/openid-authentication-2_0-12.html#associations>

Attributes

assoc_type[RW]

The type of association. Supported values include HMAC-SHA256 and HMAC-SHA1

session[RW]

An object that knows how to handle association requests of a certain type.

Public Class Methods

from_message(message, op_endpoint=UNUSED) click to toggle source

Construct me from an OpenID Message.

# File lib/openid/server.rb, line 312
def self.from_message(message, op_endpoint=UNUSED)
  if message.is_openid1()
    session_type = message.get_arg(OPENID_NS, 'session_type')
    if session_type == 'no-encryption'
      Util.log('Received OpenID 1 request with a no-encryption ' +
               'association session type. Continuing anyway.')
    elsif !session_type
      session_type = 'no-encryption'
    end
  else
    session_type = message.get_arg(OPENID2_NS, 'session_type')
    if !session_type
      raise ProtocolError.new(message,
                              "session_type missing from request")
    end
  end

  session_class = @@session_classes[session_type]

  if !session_class
    raise ProtocolError.new(message,
            sprintf("Unknown session type %s", session_type))
  end

  begin
    session = session_class.from_message(message)
  rescue ArgumentError => why
    # XXX
    raise ProtocolError.new(message,
                            sprintf('Error parsing %s session: %s',
                                    session_type, why))
  end

  assoc_type = message.get_arg(OPENID_NS, 'assoc_type', 'HMAC-SHA1')
  if !session.allowed_assoc_type?(assoc_type)
    msg = sprintf('Session type %s does not support association type %s',
                  session_type, assoc_type)
    raise ProtocolError.new(message, msg)
  end

  obj = self.new(session, assoc_type)
  obj.message = message
  return obj
end
new(session, assoc_type) click to toggle source

Construct me.

The session is assigned directly as a class attribute. See my class documentation for its description.

Calls superclass method OpenID::Server::OpenIDRequest.new
# File lib/openid/server.rb, line 303
def initialize(session, assoc_type)
  super()
  @session = session
  @assoc_type = assoc_type

  @mode = "associate"
end

Public Instance Methods

answer(assoc) click to toggle source

Respond to this request with an association.

assoc

The association to send back.

Returns a response with the association information, encrypted to the consumer's public key if appropriate.

# File lib/openid/server.rb, line 363
def answer(assoc)
  response = OpenIDResponse.new(self)
  response.fields.update_args(OPENID_NS, {
      'expires_in' => sprintf('%d', assoc.expires_in()),
      'assoc_type' => @assoc_type,
      'assoc_handle' => assoc.handle,
      })
  response.fields.update_args(OPENID_NS,
                             @session.answer(assoc.secret))
  unless (@session.session_type == 'no-encryption' and
          @message.is_openid1)
    response.fields.set_arg(
        OPENID_NS, 'session_type', @session.session_type)
  end

  return response
end
answer_unsupported(message, preferred_association_type=nil, preferred_session_type=nil) click to toggle source

Respond to this request indicating that the association type or association session type is not supported.

# File lib/openid/server.rb, line 383
def answer_unsupported(message, preferred_association_type=nil,
                       preferred_session_type=nil)
  if @message.is_openid1()
    raise ProtocolError.new(@message)
  end

  response = OpenIDResponse.new(self)
  response.fields.set_arg(OPENID_NS, 'error_code', 'unsupported-type')
  response.fields.set_arg(OPENID_NS, 'error', message)

  if preferred_association_type
    response.fields.set_arg(
        OPENID_NS, 'assoc_type', preferred_association_type)
  end

  if preferred_session_type
    response.fields.set_arg(
        OPENID_NS, 'session_type', preferred_session_type)
  end

  return response
end