Logging in with WebFinger and OpenID

Posted by Ryan on Stack Overflow See other posts from Stack Overflow or by Ryan
Published on 2010-04-05T10:33:30Z Indexed on 2010/04/05 10:43 UTC
Read the original article Hit count: 323

Filed under:
|

I would like to apologize in advance for the ugly formatting. In order to talk about the problem, I need to be posting a bunch of URLs, but the excessive URLs and my lack of reputation makes StackOverflow think I could be a spammer. Any instance of 'ht~tp' is supposed to be 'http'. '{dot}' is supposed to be '.' and '{colon}' is supposed to be ':'. Also, my lack of reputation has prevented me from tagging my question with 'webfinger' and 'google-profiles'.

Onto my question:

I am messing around with WebFinger and trying to create a small rails app that enables a user to log in using nothing but their WebFinger account. I can succesfully finger myself, and I get back an XRD file with the following snippet:

Link rel="ht~tp://specs{dot}openid{dot}net/auth/2.0/provider" href="ht~tp://www{dot}google{dot}com/profiles/{redacted}"/

Which, to me, reads, "I have an OpenID 2.0 login at the url: ht~tp://www{dot}google{dot}com/profiles/{redacted}". But when I try to use that URL to log in, I get the following error

OpenID::DiscoveryFailure (Failed to fetch identity URL ht~tp://www{dot}google{dot}com/profiles/{redacted} : Error encountered in redirect from ht~tp://www{dot}google{dot}com/profiles/{redacted}: Error fetching /profiles/{Redacted}: Connection refused - connect(2)):

When I replace the profile URL with 'ht~tps://www{dot}google{dot}com/accounts/o8/id', the login works perfectly.

here is the code that I am using (I'm using RedFinger as a plugin, and JanRain's ruby-openid, installed without the gem)

require "openid"
require 'openid/store/filesystem.rb'

class SessionsController < ApplicationController
  def new
    @session = Session.new
    #render a textbox requesting a webfinger address, and a submit button
  end

  def create
#######################
#
#  Pay Attention to this section right here
#
#######################
    #use given webfinger address to retrieve openid login
    finger = Redfinger.finger(params[:session][:webfinger_address])
    openid_url = finger.open_id.first.to_s
    #openid_url is now: ht~tp://www{dot}google{dot}com/profiles/{redacted}

    #Get needed info about the acquired OpenID login
    file_store = OpenID::Store::Filesystem.new("./noncedir/")
    consumer = OpenID::Consumer.new(session,file_store)
    response = consumer.begin(openid_url)  #ERROR HAPPENS HERE

    #send user to OpenID login for verification
    redirect_to response.redirect_url('ht~tp://localhost{colon}3000/','ht~tp://localhost{colon}3000/sessions/complete')
  end

  def complete
    #interpret return parameters
    file_store = OpenID::Store::Filesystem.new("./noncedir/")
    consumer = OpenID::Consumer.new(session,file_store)
    response = consumer.complete params
    case response.status
    when OpenID::SUCCESS
      session[:openid] = response.identity_url
      #redirect somehwere here
    end
  end
end

Is it possible for me to use the URL I received from my WebFinger to log in with OpenID?

© Stack Overflow or respective owner

Related posts about openid

Related posts about ruby-openid