I think RPX support a javascript-based sign-in form that runs modal over the current page, rather than redirecting to the rpx site.

Support for this seems to be a limitation in rpx_now at the moment. The "obtrusive javascript" mode has issues with webkit-based browsers, but I'm not sure it is invoking the correct rpx features anyway. Need to investigate further...

To date, I've been manually testing authlogic_rpx. Getting meaningful automated tests working has been a bit of a brain-teaser, since the interesting bits rely on interaction with the external RPX service.

Should get automated tests running, at least to verify the core framework.

Hi

Why did you restrict authlogic_rpx-1.2.0 to authlogic-2.1.6 if authlogic_rpx-1.1.1 works fine with authlogic 3.0.3 ?

In the AddUsersRpxIdentifier migration you create a column with name :rpx_identifier but destroy one with name :openid_identifier.

I'm trying this under rails3 with odorcicd's rails3 branch of authlogic and it fails as follows when I try to mix in authlogic_rpx:

NameError (uninitialized constant AuthlogicRpx::Session::Config::RPXNow):
/Users/dball/.bundle/ruby/1.8/gems/authlogic_rpx-1.1.1/lib/authlogic_rpx/session.rb:38:in rpx_key_value' /Users/dball/.bundle/ruby/1.8/gems/authlogic_rpx-1.1.1/lib/authlogic_rpx/session.rb:34:inrpx_key'
/Users/dball/src/eatrealgood/app/models/user_session.rb:2

Has anyone else gotten this working in rails3?

I needed to lock down my development environment so I added some basic HTTP authentication in Apache. Once I added this I was unable to sign in using Janrain. I had it working immediately before I added the HTTP authentication.

    AuthType Basic
    AuthUserFile /srv/auth/.htpasswd
    AuthName "Please Authenticate ..."
    Require valid-user

Can you point me in the direction to figure out what is going on ... Here is the error I am dumping:
--- &id002 !ruby/object:Authlogic::Session::Validation::Errors
base: &id001 !ruby/object:UserSession
attempted_record:
errors: *id002
rpx_data:
scope:
errors: !omap

• base:

  • !ruby/object:ActiveRecord::Error
    attribute: :base
    base: *id001
    message: Authentication failed. Please try again.
    options: {}

    type: Authentication failed. Please try again.

Thanks,

Jeremiah

I have a product page; when a logged out user logs in from this page using rpx, he is always redirected to the default URL.

Any way to have the user redirected 'back' to the product page as expected?

Thanks,
Chris

Allow multiple rpx identifiers to be associated with the same user. See also issue #1 which concerns adding RPX-enabled account mapping.

I would like my users to be able to sign in with any of the available SSO providers.

As it is now, a user account has a single rpx_identifier field, and can only be associated with one SSO provider at a time.

It would be great for a user to be able to have an arbitrary number of rpx_identifiers. This could be done with an entire extra table, or it would perhaps be an okay design to just store this as a serialized ruby array in the db.

If you are interested in supporting this, I would be happy to help writing it.

Thanks for listening,
John

What do you think of making a branch of authlogic_rpx with the experimental map_id features? (and taking them out of the master branch).

This would simplify the main code and provide some development compartmentalization and focus.

map_rpx_data in the UserSession model is not called when adding RPX login to an existing account (:add_rpx => true).

It is desirable to call map_rpx_data in the UserSession model when using :add_rpx => true, to allow updating the user record with rpx attributes (like providerName)

I've added an some initial account merge capability. adding an already-used ID to another account will cause it to be migrated, with a callback that can be used to migrate application objects if required

http://github.com/tardate/authlogic_rpx/commit/dd63f8c852f8fc5c07439371babcb4f454c9afae

I've been thinking about the account merging case for a few days. It's a big messy problem, in terms of user experience, and is going to change a lot on an application-to-application basis.

And that said, I think your solution is ideal -- let the integrator decide what happens to perform the merge, then you do the merge of the identifiers.

I think the best answer to your question delete/disable 'another_user' account? is the simplest one -- just like before the merge, let the integrator decide what to do. Invoke after_merge_rpx_data, and in the docs, suggest that this method should probably destroy or disable the old user.

Currently, you can't do proxy authentication by supplying an rpx_identifier programmatically.

Per question received on how to do this. Would be useful to have such methods for handling membership activities.

The docs say:

WARNING: if you are using auto-registration, any fields you map should NOT have constraints enforced at the database level. Authlogic_rpx will optimistically attempt to save the user record during registration, and violating a database constraint will cause the authentication/registration to fail.

However, looking at the code it seems possible that a more general auto-registration feature could be built for Authlogic, which doesn't save bad data to the db (e.g. violating uniqueness constraints on username and such).

I'm going to look into this for my own sake, but would appreciate your thoughts if you have any opinion on the matter.

Hey there,

I have all my auth classes namespaced, like so:

module Auth
  class Session
    # ...
  end
  class User
    # ...
  end
  # etc
end

I'm seeing the following error when trying to save a session:

`@auth::user' is not allowed as an instance variable name

I followed the stack traces a little bit, and it looks like it's triggered whenever find_by_rpx_identifier is called. There's a bunch of metaprogramming stuff in acts_as_authentic.rb, which seems to be sending the method auth::user to the session. Ideas?

I have a scenario where in a user can associate multiple emails with his account. We store all the emails associated to the user in a seperate model "UserEmail".

A user will register via google account "[email protected]" (which is authenticated and stored in the users table itself) and add another email say "[email protected]". So we have 2 UserEmail records for the user. Now can you suggest me on how can I authenticate if the user is trying to login with his yahoo id without treating him as a new user (Since the users yahoo id is in user_emails table)? I do not have much experience with authlogic_rpx and this is the first time I am using it.

(re: http://github.com/tardate/authlogic_rpx/commit/8fd426675c24d5fd73527caaf475e1baad47d797)

awesome -- that's something i was going to build in my end in a day or two and propose to you. i haven't done any research/experiments with it -- it would be good to be able to be confident about the namespace consistency going forward. a couple things I was going to explore:

• one problem I saw in the RPX docs[1]: if the provider is not "well-known", then the value of providerName is "other".
• a single company with two authentication service. for example, google has its google… thing, but also has a completely separate openid endpoint (google.com/profiles/johnjosephbachir). do they both report the same provider_name?

[1] https://rpxnow.com/docs#profile_data

currently authlogic_rpx does not pass miscellaneoous options to rpx_now (e.g. :language). Should change this to allow developers more flexibility.

I've encountered this issue when verifying the authenticity of the token in heroku. Any ideas?

Environment

trevors-macbook-4:chexscheduler trevor$ heroku rake gems
(in /disk1/home/slugs/179378_c676ac0_6c60/mnt)

• [I] authlogic >= 2.1.3
  • [R] activesupport
• [I] rpx_now >= 0.6.12
  • [I] json_pure
• [I] authlogic_rpx >= 1.1.1
  • [I] authlogic >= 2.1.3
    • [R] activesupport
  • [I] rpx_now >= 0.6.12
    • [I] json_pure

I = Installed
F = Frozen
R = Framework (loaded before rails starts)

logs

trevors-macbook-4:chexscheduler trevor$

Processing UserSessionsController#create (for 202.44.172.65 at 2010-05-04 23:24:13) [POST]
Parameters: {"token"=>"a77241332a855586f23e5eda25e988e919e02080", "action"=>"create", "authenticity_token"=>"R4PJnXYOH3wn2D/G8fW0WvI4b+ruYWEBeAgUWccFvBA=", "controller"=>"user_sessions"}

NoMethodError (undefined method add_rpx_identifier' for #<User:0x2b243cc2b538>): /home/slugs/179378_c676ac0_6c60/mnt/.gems/gems/authlogic_rpx-1.1.1/lib/authlogic_rpx/session.rb:165:invalidate_by_rpx'
authlogic (2.1.3) lib/authlogic/session/callbacks.rb:72:in validate' authlogic (2.1.3) lib/authlogic/session/validation.rb:64:invalid?'
authlogic (2.1.3) lib/authlogic/session/existence.rb:65:in save' app/controllers/user_sessions_controller.rb:22:increate'
/home/heroku_rack/lib/static_assets.rb:9:in call' /home/heroku_rack/lib/last_access.rb:25:incall'
/home/heroku_rack/lib/date_header.rb:14:in call' thin (1.0.1) lib/thin/connection.rb:80:inpre_process'
thin (1.0.1) lib/thin/connection.rb:78:in catch' thin (1.0.1) lib/thin/connection.rb:78:inpre_process'
thin (1.0.1) lib/thin/connection.rb:57:in process' thin (1.0.1) lib/thin/connection.rb:42:inreceive_data'
eventmachine (0.12.6) lib/eventmachine.rb:240:in run_machine' eventmachine (0.12.6) lib/eventmachine.rb:240:inrun'
thin (1.0.1) lib/thin/backends/base.rb:57:in start' thin (1.0.1) lib/thin/server.rb:150:instart'
thin (1.0.1) lib/thin/controllers/controller.rb:80:in start' thin (1.0.1) lib/thin/runner.rb:173:insend'
thin (1.0.1) lib/thin/runner.rb:173:in run_command' thin (1.0.1) lib/thin/runner.rb:139:inrun!'
thin (1.0.1) bin/thin:6
/usr/local/bin/thin:20:in `load'
/usr/local/bin/thin:20

Probably need a more elegant way of handling database constraint violations during auto-registration

e.g. if unique index on username field, and a duplicate username registration is attempted, will throw a fatal error during the auto-registration: acts_as_authentic/session_maintenance.rb:73

when creating a new account, presence of email validations are ignored. when adding an rpx provider to an existing account, they are not ignored.

last night i was trying to fix this and found the relevant place in the code to fix this, but now i can't find it.

if you don't even know what i'm talking about, let me know. if i figure out what my idea was, i'll share it here.

cheers,
john

wrong:

See "7. Allow users to "Add RPX" to existing accounts"

right:

See "8. Allow users to "Add RPX" to existing accounts"

:-)

John

Is this available with a basic account? I would like to make additional calls to the opengraph api if the user logged in with a facebook account, but I am not sure if this is provided by janrain or if there is another way of accessing it

Account mapping is a feature of the paid versions of RPX. It lets you associate the multiple signons a user may use with one account identity on your website.

Currently, this is not supported in authlogic_rpx

Hi, sorry for bad English. (in this app rails-authlogic-rpx-sample - http://rails-authlogic-rpx-sample.heroku.com/)
Is there best way to validate passwords? For now if you will log through rpx (not standart registration) and go to profile page and change for example password on 1 letter and does't changhe password_confirmation then validation of password skips. For now i've made workaround

def validate_password_not_rpx?
  !session_class.controller.params[:user][:password].blank? or !session_class.controller.params[:user][:password_confirmation].blank?
end

i think there is the best way?

I implemented the instructions in the sample app and docs. It seems when I try to login (using a gmail account) I get the following error while trying to save the @user_session, in UserSessionsController => create action. I know that the login information is correct and in fact the @rpx_data object contains some legit profile info, the rpx pop up seems to think it worked, but I get a failure. Also, in my janrain dashboard I see the login counts getting recorded.

Here is teh link to the key source file

http://pastie.org/1040188

In addition to this, the other thing I see is that @attempted_record is nil in the create action as well.

<Authlogic::Session::Validation::Errors:0x7f0aa1315c60 @errors=#<OrderedHash {"base"=>[#<ActiveRecord::Error:0x7f0aa12f8458 @options={}, @Attribute=:base, @message="We did not find any accounts with that login. Enter your details and create an account.", @base=#<UserSession: no credentials provided>, @type="We did not find any accounts with that login. Enter your details and create an account.">]}>, @base=#<UserSession: no credentials provided>>

a few embedded explicit references to remove...

Hi there
I have followed the instructions on how to setup AuthlogicRPX but it is not able to add an RPX account to an existing user when the model is an STI. How should I make it work?

Thanks in advance,

Parama

class Record < ActiveRecord::Base
end

class User < Record
acts_as_authentic do |config|
config.account_mapping_mode :internal
config.account_merge_enabled true
end
end

The sample app (http://github.com/tardate/rails-authlogic-rpx-sample) failed with gems versions mentioned in the subj. The error message is http://gist.github.com/385696

Could you test it?

I'm having trouble testing due to the time-sensitive nature of the RPX tokens, and not knowing how to generate one myself or stub out the necessary interactions internally. Could we have a few lines on this in the docs?