lib/els_token.rb in els_token-1.2.3 vs lib/els_token.rb in els_token-1.2.4

@@ -71,11 +71,11 @@
     
     # authenticates against ELS and returns the user token
     def authenticate(username,password,options={})
       begin
         response = els_http_request("/authenticate",
-          "uri=realm=aolcorporate&username=#{username}&password=#{password}",
+          {"uri"=>"realm=aolcorporate","username"=>"#{username}","password"=>"#{password}"},
           options)
         if response.code.eql? "200"
           # return the token
           response.body.chomp.sub(/token\.id=/,"")
         else
@@ -91,12 +91,12 @@
       end
     end
 
     # passes a token to els to see if it is still valid
     def is_token_valid?(token, options={})
-      response = els_http_request("/isTokenValid","tokenid=#{token}",options)
-      if response.code.eql? "200"
+      response = els_http_request("/isTokenValid",{"tokenid"=>"#{token}"},options)
+      if (response.code.eql? "200") && (response.body.chomp.eql? "boolean=true")
         true
       else
         false
       end
     end
@@ -110,11 +110,11 @@
 
     # get_token_identity wraps the ELS identity response
     # in a nice, friendly, object. If you don't like that object
     # or need the raw data, then use this.
     def get_raw_token_identity(token,options={})
-      response = els_http_request("/attributes","subjectid=#{token}",options)
+      response = els_http_request("/attributes",{"subjectid"=>"#{token}"},options)
       if response.code.eql? "200"
         response.body
       else
         response.error!
       end
@@ -140,19 +140,19 @@
       end
     end 
 
     private
 
-    def els_http_request(url_base_extension, query_string, options)
+    def els_http_request(url_base_extension, request_body={}, options)
       options = els_options.dup.merge(options)
       uri = URI.parse(options['uri'] + url_base_extension)
-      uri.query=query_string
-      http = Net::HTTP.new(uri.host,uri.port)
+      # uri.query=query_string
+      http = Net::HTTP.new(uri.host, uri.port)
       http.use_ssl = true
 
       # Use a known certificate if supplied
-      if rootca = options[:cert]
+      if rootca = options['cert']
         if File.exist? rootca
           http.ca_file = rootca
         elsif Dir.exist? rootca
           http.ca.path = rootca
         else
@@ -162,10 +162,11 @@
         http.verify_depth = 5
       else
         http.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
 
-      request = Net::HTTP::Get.new(uri.request_uri)
+      request = Net::HTTP::Post.new(uri.request_uri)
+      request.set_form_data(request_body)
 
       http.request(request)
     end
 
     def fake_it?