require "rack/openid"
require "warden"

use Rack::OpenID
use Warden::Manager do |manager|
  Warden::Strategies.add(:openid) do
    def authenticate!
      if resp = env["rack.openid.response"]
        case resp.status
        when :success
          u = User.find_by_identity_url(resp.identity_url)
          success!(u)
        when :cancel
          fail!("OpenID auth cancelled")
        when :failure
          fail!("OpenID auth failed")
        end
      else
        custom!([401, {"WWW-Authenticate" => 'OpenID identifier="https://www.google.com/accounts/o8/id"'}, "OpenID plz"])
      end
    end
  end
  manager.default_strategies :openid
  manager.failure_app = lambda do
    Rack::Response.new("Failed").finish
  end
end