def finish(consumer, session, req)
oid = consumer.complete(req.params, req.url)
pp oid if $DEBUG
req.env['rack.auth.openid.response'] = oid
goto = session.fetch :site_return, @realm
body = []
case oid.status
when ::OpenID::Consumer::FAILURE
session.clear
session['authenticated'] = false
req.env['rack.errors'].puts oid.message
goto = @options[:login_fail] if @options.key? :login_fail
body << "Authentication unsuccessful.\n"
when ::OpenID::Consumer::SUCCESS
session.clear
extensions.each do |ext, args|
session[ext::NS_URI] = ext::Response.
from_success_response(oid).
get_extension_args
end
session['authenticated'] = true
session['identity'] = oid.identity_url
session['identifier'] = oid.display_identifier
goto = @options[:login_good] if @options.key? :login_good
body << "Authentication successful.\n"
when ::OpenID::Consumer::CANCEL
session.clear
session['authenticated'] = false
goto = @options[:login_fail] if @options.key? :login_fail
body << "Authentication cancelled.\n"
when ::OpenID::Consumer::SETUP_NEEDED
session[:setup_needed] = true
unless o_id = session[:openid_param]
raise('Required values missing.')
end
goto = req.script_name+
'?'+@options[:openid_param]+
'='+o_id
body << "Reauthentication required.\n"
end
body << oid.message if oid.message
[ 303, {'Location'=>goto}, body]
end