Add support for fetching attributes via AX as well as SReg

[rails.git] / app / controllers / user_controller.rb

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index cc4ae4cd82e455479c5697bffa30862e39bbddbe..a42f932a9226146bece195ee1f3891ec1c6b08ac 100644 (file)
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -46,7 +46,7 @@ class UserController < ApplicationController
       @title = t 'user.terms.title'
       @user = User.new(params[:user]) if params[:user]
 
-      if params[:user][:openid_url] and @user.pass_crypt.empty?
+      if params[:user] and params[:user][:openid_url] and @user.pass_crypt.empty?
         # We are creating an account with OpenID and no password
         # was specified so create a random one
         @user.pass_crypt = ActiveSupport::SecureRandom.base64(16) 
@@ -60,7 +60,7 @@ class UserController < ApplicationController
         elsif @user.terms_agreed?
           # Already agreed to terms, so just show settings
           redirect_to :action => :account, :display_name => @user.display_name
-        elsif params[:user][:openid_url]
+        elsif params[:user] and params[:user][:openid_url]
           # Verify OpenID before moving on
           session[:new_user] = @user
           openid_verify(params[:user][:openid_url], @user)
@@ -231,7 +231,7 @@ class UserController < ApplicationController
       else
         password_authentication(params[:username], params[:password])
       end
-    else
+    elsif flash[:notice].nil?
       flash.now[:notice] =  t 'user.login.notice'
     end
   end
@@ -427,13 +427,13 @@ private
     # If we don't appear to have a user for this URL then ask the
     # provider for some extra information to help with signup
     if openid_url and User.find_by_openid_url(openid_url)
-      optional = nil
+      required = nil
     else
-      optional = [:nickname, :email]
+      required = [:nickname, :email, "http://axschema.org/namePerson/friendly", "http://axschema.org/contact/email"]
     end
 
     # Start the authentication
-    authenticate_with_open_id(openid_expand_url(openid_url), :optional => optional) do |result, identity_url, registration|
+    authenticate_with_open_id(openid_expand_url(openid_url), :required => required) do |result, identity_url, sreg, ax|
       if result.successful?
         # We need to use the openid url passed back from the OpenID provider
         # rather than the one supplied by the user, as these can be different.
@@ -458,7 +458,9 @@ private
           # to the create account page with username and email filled
           # in if they have been given by the OpenID provider through
           # the simple registration protocol.
-          redirect_to :controller => 'user', :action => 'new', :nickname => registration['nickname'], :email => registration['email'], :openid => identity_url
+          nickname = sreg["nickname"] || ax["http://axschema.org/namePerson/friendly"]
+          email = sreg["email"] || ax["http://axschema.org/contact/email"]
+          redirect_to :controller => 'user', :action => 'new', :nickname => nickname, :email => email, :openid => identity_url
         end
       elsif result.missing?
         failed_login t('user.login.openid missing provider')