Export (0) Print
Expand All

Running the Ruby Samples for Delegated Authentication

Cc287647.note(en-us,MSDN.10).gifNote:
This topic describes functionality that will be obsolete. This functionality is provided only to support legacy applications. Live Connect incorporates features that provide equivalent functionality.

This topic explains how to install, run, and extend the samples provided in the Ruby programming language.

Cc287647.note(en-us,MSDN.10).gifImportant:
The Ruby samples are preconfigured to use default values for the policy URL and return URL parameters. You must update these parameters before you can use the samples. For more information about how to update these parameters, see "Configuring the Samples" later in this topic.

When you install the samples, you put their files in the correct locations on your Web server. In this discussion, we assume that you have direct access to your Web server and that you develop and browse your site from the server.

Cc287647.note(en-us,MSDN.10).gifImportant:
To run these samples, you must install Ruby version 1.8.5 or later.

To install the sample

  1. On an openSUSE 10.3 Linux platform, make sure that Apache 2 and Ruby 1.8.5 or later are installed by means of the YaST tool.
  2. Sign in as the superuser by issuing the su command.
  3. Go to the /etc/apache2/ directory and use a text editor to open the default-server.conf file.
  4. Locate the <Directory "/srv/www/htdocs"> section (where "/srv/www/htdocs" is the document root for http://<YourServerHostName>/) and change the AllowOverride None line to AllowOverride All. This modification permits the .htaccess file that is included in the Delegated Authentication Ruby package to take effect. You can inspect this file and make changes directly in the Apache configuration if you do not want to enable .htaccess overrides on the server.
  5. Save the default-server.conf file and reload the Apache configuration by issuing the following command. /etc/init.d/apache2 reload
  6. Go to the /srv/www/htdocs directory and uncompress the Ruby package by issuing the following command. tar -zxvf <path>/delauth-ruby-1.2.tar.gz where <path> is the path to the delauth-ruby-1.2.tar.gz file that you downloaded.
  7. Rename the delauth-ruby-1.2 directory to "delauth" so that http://<YourServerHostName>/delauth/sample1/ is the URL entry point for the first sample and http://<YourServerHostName>/delauth/sample2/ is the URL entry point for the second sample.

The Ruby samples are installed. The Ruby library, named WindowsLiveLogin.rb, contains functions shared by both samples.

Cc287647.note(en-us,MSDN.10).gifImportant:
Included in the samples are files named DelAuth-Sample1.xml and DelAuth-Sample2.xml. Make sure that the folder that contains these files cannot be accessed from the Internet, because the files contain important confidential information.

The samples require some configuration changes before you can run them. The following steps describe how to update the configuration files included with the samples.

To configure the samples

Cc287647.note(en-us,MSDN.10).gifImportant:
You must register your application with Microsoft before you run the samples, so that they can access the Windows Live ID service.
  1. Register your application and obtain a client ID. For more information about registering an application, see Getting Your Client ID for Delegated Authentication.
    Cc287647.note(en-us,MSDN.10).gifNote:
       You need both the secret key and the client ID, supplied to you after registration, to complete the configuration process for both samples.
  2. Use a text editor to open the sample files DelAuth-Sample1.xml and DelAuth-Sample2.xml. These files are located in C:\Inetpub\wwwroot\delauth\sampleX, where X is the sample number.
  3. In the appID element, specify the client ID you received while registering the application. The following example illustrates the resulting element.
    <appid>0016000080000709</appid>
    
  4. In the secret element, specify the secret key you established while registering the application. The following example illustrates the resulting element.
    <secret>S!tr0ngPa55worD</secret>
    
  5. For the first sample, in the returnurl element, specify the return URL for the sample. The value for the first sample should be set to the following.
    <returnurl>http://<YourServerHostName>/delauth/sample1/delauth-handler.cgi</returnurl>
    
    The second sample uses the return URL you specified when registering your application. You cannot override the return URL for the second sample.
  6. In the policyurl element, specify privacy policy URL for the sample. The value for the first sample should be set to the following.
    <policyurl>http://<YourServerHostName>/delauth/sample1/policy.html</policyurl>
    
    The value of the second sample should be set to the following.
    <policyurl>http://<YourServerHostName>/delauth/sample2/policy.html</policyurl>
    
  7. Save and close the sample configuration files.

After you install the samples, you can run them to see a demonstration of how Windows Live ID Delegated Authentication works.

The first sample demonstrates how to use the GetConsentUrl, ProcessConsent, and ProcessConsentToken functions (included in the Ruby library) to request, process, and parse a consent token from the Windows Live ID consent service.

To run the first sample

  1. Go to http://<YourServerHostName>/delauth/sample1/.
  2. Click click here. You are redirected to the consent-request URL for the Windows Live ID consent service.
  3. If you have not yet signed in to the Windows Live ID service, click Sign in. You are redirected to the Windows Live ID sign-in page.
  4. Type your valid Windows Live ID and password to sign in. After you have signed in, the Windows Live ID consent service attempts to retrieve a consent token and redirects you to the sample application's handler page.
  5. The sample application's handler page redirects you to the sample application's default page.
  6. If a consent token is successfully retrieved, the sample application's default page processes the consent token, stores it in a cookie, and displays the various elements contained within the consent token, as well as the entire consent token.
  7. Click here on the sample application's default page to delete the consent token. You are redirected to the consent application's handler page, where the cookie is expired.

The second sample demonstrates how to combine Web Authentication and Delegated Authentication functionality to sign in a Windows Live ID user; request, process, and parse a consent token from the Windows Live ID consent service; and then sign the user out.

Cc287647.note(en-us,MSDN.10).gifNote:
This sample uses a number of Ruby library functions and handling techniques intended for Web Authentication purposes. For more information about those functions and techniques, see Using Web Authentication in the Windows Live ID Web Authentication SDK.

To run the second sample

  1. Go to http://<YourServerHostName>/delauth/sample2/.
  2. If the text of the first link on the page is Sign in, click Sign in. You are redirected to the Windows Live ID sign-in page.
  3. Type your valid Windows Live ID and password to sign in. You are redirected to the sample application's default page. The Sign in link has now changed to Sign out and your user ID is displayed on the sample application's default page.
  4. Click click here. You are redirected to the consent request URL for the Windows Live ID consent service. The Windows Live ID consent service attempts to retrieve a consent token and redirects you to the sample application's handler page.
  5. The sample application's handler page redirects you to the sample application's default page.
  6. If a consent token is successfully retrieved, the sample application's default page displays the various elements contained within the consent token, as well as the entire consent token.
  7. Click Sign out. You are signed out.

Now you're ready to explore ways to develop the sample code further to meet your site's needs.

The first sample requests access to a single, hard-coded permission. You could modify this permission to meet your needs, or replace the hard-coded permission with a text box to test access to the various offers and actions defined by a resource provider. The second sample builds on the first sample and provides a more complete example of integrating Web Authentication and Delegated Authentication together on your Web site.

Both samples focus on sending a single offer/action to a resource provider. You can extend these samples to handle multiple offer/actions. To accomplish this, separate each offer/action with a comma. For more information about how to build the consent request that sends these offer/actions, see Requesting Consent.

Look through the Ruby library to see what additional functionality is available to you. The Ruby library provides several functions that make it easier to integrate Web Authentication and Delegated Authentication into your Web site, and you can expand the library as needed to suit the requirements of your site.

Finally, you can share your discoveries and learn from others by participating in the Windows Live ID Development Forum.

Other Resources

Live Connect

Show:
© 2014 Microsoft