# require "rack/openid"
require 'devise/strategies/base'
require 'uri'

module Devise
  module Strategies
    # Default strategy for signing in a user, based on openid
    # Redirects to sign_in page if it's not authenticated
    class OpenId < Warden::Strategies::Base
      include Devise::Strategies::Base

      def valid?
        params[scope] && params[scope][:identity_url].present?
      end

      # Authenticate a user based on identity_url params, returning to warden
      # success and the authenticated user if everything is okay. Otherwise redirect
      # to sign in page.
      def authenticate!
        if resp = env["rack.openid.response"]
          case resp.status
          when :success
            u = User.find_by_identity_url(resp.identity_url)
            success!(u)
          when :cancel
            fail!(:invalid_open_id)
          when :failure
            fail!(:invalid_open_id)
          end
        else
          custom!([401, {"WWW-Authenticate" => "OpenID identifier=#{params[scope][:identity_url]}"}, "OpenID plz"])
        end
      end

    end
  end
end

Warden::Strategies.add(:open_id, Devise::Strategies::OpenId)