require 'openid'
require 'openid/store/filesystem'
require 'openid/extensions/sreg'

class OpenidController < ApplicationController
  def checkid

    if request.post?
      # got identity URI, redirect to provider in order to check it
      begin
        checkid = openid_consumer.begin params[:openid_url]
        sreg = OpenID::SReg::Request.new
        sreg.request_fields(%w(fullname email nickname), false)
        checkid.add_extension(sreg)
        return redirect_to checkid.redirect_url(
          url_for(:action => :index, :only_path => false),
          url_for(:action => :checkid, :id => params[:id], :only_path => false)
        )
      rescue OpenID::DiscoveryFailure => failure
        flash[:error] = failure.to_s
      end

    elsif params.keys.any? {|param| param =~ /^openid/}
      # process provider's response to check identity request
      parameters = params.reject {|k,v| request.path_parameters[k]}
      response = openid_consumer.complete parameters,
        url_for(:action => :checkid, :id => params[:id], :only_path => false)

      case response.status
      when :success
        session[:openid] = response.identity_url
        logger.error "id: #{params[:id]}"
        sreg = OpenID::SReg::Response.from_success_response(response)
        sreg.get_extension_args.each_pair {|k,v| logger.error "sreg.#{k}: #{v}"}
        return redirect_to url_for(:action => :index)
      when :failure       
        flash[:error] = response.message
      when :cancel        
        flash[:error] = 'Login cancelled'
      else
        flash[:error] = response.status.to_s
      end

      redirect_to url_for(:action => :checkid)
    end
  end

  def index
  end

protected

  def openid_consumer
    @openid_consumer ||= OpenID::Consumer.new(session,      
      OpenID::Store::Filesystem.new("#{RAILS_ROOT}/tmp/openid"))
  end
end