Provides a more HTTPish API around the ruby-openid library.
You trigger an OpenID request similar to HTTP authentication. From your app, return a “401 Unauthorized” and a “WWW-Authenticate” header with the identifier you would like to validate.
On completition, the OpenID response is automatically verified and assigned to env.
MyApp = lambda { |env|
if resp = env["rack.openid.response"]
case resp.status
when :success
...
when :failure
...
else
[401, {"WWW-Authenticate" => 'OpenID identity="http://example.com/"'}, []]
end
}
use Rack::OpenID
run MyApp