vikrant
February 26, 2009, 11:09am
1
Hi,
There is a little bug in open_id_authentication plug-in at line 87 of
file lib/open_id_authentication.rb
identifier = “http://#{identifier}” unless identifier =~ /^http/i
this line will silently ignore the uri “httpd.apache.org ” without
normalising it to “http://httpd.apache.org/ ”
at present, writing OpenIdAuthentication.normalize_identifier
(‘httpd.apache.org ’) raises a NoMethodError.
Proposed solution is to replace /^http/i with /^http:/i
identifier = “http://#{identifier}” unless identifier =~ /^http:/i
def self.normalize_identifier(identifier)
# clean up whitespace
identifier = identifier.to_s.strip
# if an XRI has a prefix, strip it.
identifier.gsub!(/xri:\/\//i, '')
# dodge XRIs -- TODO: validate, don't just skip.
unless ['=', '@', '+', '$', '!', '('].include?(identifier.at(0))
# does it begin with http? if not, add it.
identifier = "http://#{identifier}" unless identifier =~ /^http/i
# strip any fragments
identifier.gsub!(/\#(.*)$/, '')
begin
uri = URI.parse(identifier)
uri.scheme = uri.scheme.downcase # URI should do this
identifier = uri.normalize.to_s
rescue URI::InvalidURIError
raise InvalidOpenId.new("#{identifier} is not an OpenID identifier")
I’m reporting this bug here, because don’t know how to submit patch
(or whatever we call it) for Git repository. Also guys at
lighthouseapp.com will let you sign-in with an OpenID but won’t let
you sign-up with one! So bad.
there is a bug, it actually should be -
identifier = “http://#{identifier}” unless identifier =~ /^https?:/i