On Apache
Under GNU General Public License
2012-05-24 21:12 @38.107.179.237 Crawled by CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Net::OpenID::Consumer(3pm) User Contributed Perl Documentation Net::OpenID::Consumer(3pm)
NAME
Net::OpenID::Consumer - library for consumers of OpenID identities
SYNOPSIS
use Net::OpenID::Consumer;
my $csr = Net::OpenID::Consumer->new(
ua => LWPx::ParanoidAgent->new,
cache => Some::Cache->new,
args => $cgi,
consumer_secret => ...,
required_root => "http://site.example.com/",
);
# a user entered, say, "bradfitz.com" as their identity. The first
# step is to fetch that page, parse it, and get a
# Net::OpenID::ClaimedIdentity object:
my $claimed_identity = $csr->claimed_identity("bradfitz.com");
# now your app has to send them at their identity server's endpoint
# to get redirected to either a positive assertion that they own
# that identity, or where they need to go to login/setup trust/etc.
my $check_url = $claimed_identity->check_url(
return_to => "http://example.com/openid-check.app?yourarg=val",
trust_root => "http://example.com/",
);
# so you send the user off there, and then they come back to
# openid-check.app, then you see what the identity server said;
if (my $setup_url = $csr->user_setup_url) {
# redirect/link/popup user to $setup_url
} elsif ($csr->user_cancel) {
# restore web app state to prior to check_url
} elsif (my $vident = $csr->verified_identity) {
my $verified_url = $vident->url;
print "You are $verified_url !";
} else {
die "Error validating identity: " . $csr->err;
}
DESCRIPTION
This is the Perl API for (the consumer half of) OpenID, a distributed identity system
based on proving you own a URL, which is then your identity. More information is
available at:
http://www.danga.com/openid/
CONSTRUCTOR
"new"
my $csr = Net::OpenID::Consumer->new([ %opts ]);
You can set the "ua", "cache", "consumer_secret", "required_root", and "args" in the
constructor. See the corresponding method descriptions below.
METHODS
$csr->ua($user_agent)
$csr->ua
Getter/setter for the LWP::UserAgent (or subclass) instance which will be used when
web donwloads are needed. It's highly recommended that you use LWPx::ParanoidAgent,
or at least read its documentation so you're aware of why you should care.
$csr->cache($cache)
$csr->cache
Getter/setter for the optional (but recommended!) cache instance you want to use for
storing fetched parts of pages. (identity server public keys, and the <head> section
of user's HTML pages)
The $cache object can be anything that has a ->get($key) and ->set($key,$value)
methods. See URI::Fetch for more information. This cache object is just passed to
URI::Fetch directly.
$nos->consumer_secret($scalar)
$nos->consumer_secret($code)
$code = $nos->consumer_secret; ($secret) = $code->($time);
The consumer secret is used to generate self-signed nonces for the return_to URL, to
prevent spoofing.
In the simplest (and least secure) form, you configure a static secret value with a
scalar. If you use this method and change the scalar value, any outstanding requests
from the last 30 seconds or so will fail.
The more robust (but more complicated) form is to supply a subref that returns a
secret based on the provided $time, a unix timestamp. And if one doesn't exist for
that time, create, store and return it (with appropriate locking so you never return
different secrets for the same time.)
Your secret may not exceed 255 characters.
$csr->args($ref)
$csr->args($param)
$csr->args
Can be used in 1 of 3 ways:
1. Setting the way which the Consumer instances obtains GET parameters:
$csr->args( $reference )
Where $reference is either a HASH ref, CODE ref, Apache $r, Apache::Request $apreq, or
CGI.pm $cgi. If a CODE ref, the subref must return the value given one argument (the
parameter to retrieve)
2. Get a paramater:
my $foo = $csr->args("foo");
When given an unblessed scalar, it retrieves the value. It croaks if you haven't
defined a way to get at the parameters.
3. Get the getter:
my $code = $csr->args;
Without arguments, returns a subref that returns the value given a parameter name.
$nos->required_root($url_prefix)
$url_prefix = $nos->required_root
If provided, this is the required string that all return_to URLs must start with. If
it doesn't match, it'll be considered invalid (spoofed from another site)
$csr->claimed_identity($url)
Given a user-entered $url (which could be missing http://, or have extra whitespace,
etc), returns either a Net::OpenID::ClaimedIdentity object, or undef on failure.
Note that this identity is NOT verified yet. It's only who the user claims they are,
but they could be lying.
If this method returns undef, you can rely on the following errors codes (from
$csr->errcode) to decide what to present to the user:
no_identity_server
empty_url
bogus_url
no_head_tag
url_fetch_err
$csr->user_setup_url( [ %opts ] )
Returns the URL the user must return to in order to login, setup trust, or do whatever
the identity server needs them to do in order to make the identity assertion which
they previously initiated by entering their claimed identity URL. Returns undef if
this setup URL isn't required, in which case you should ask for the verified_identity.
The base URL this this function returns can be modified by using the following options
in %opts:
"post_grant"
What you're asking the identity server to do with the user after they setup trust.
Can be either "return" or "close" to return the user back to the return_to URL, or
close the browser window with JavaScript. If you don't specify, the behavior is
undefined (probably the user gets a dead-end page with a link back to the
return_to URL). In any case, the identity server can do whatever it wants, so
don't depend on this.
$csr->user_cancel
Returns true if the user declined to share their identity, false otherwise. (This
function is literally one line: returns true if "openid.mode" eq "cancel")
It's then your job to restore your app to where it was prior to redirecting them off
to the user_setup_url, using the other query parameters that you'd sent along in your
return_to URL.
$csr->verified_identity( [ %opts ] )
Returns a Net::OpenID::VerifiedIdentity object, or undef. Verification includes
double-checking the reported identity URL declares the identity server, verifying the
signature, etc.
The options in %opts may contain:
"required_root"
Sets the required_root just for this request. Values returns to its previous
value afterwards.
$csr->err
Returns the last error, in form "errcode: errtext"
$csr->errcode
Returns the last error code.
$csr->errtext
Returns the last error text.
$csr->json_err
Returns the last error code/text in JSON format.
COPYRIGHT
This module is Copyright (c) 2005 Brad Fitzpatrick. All rights reserved.
You may distribute under the terms of either the GNU General Public License or the
Artistic License, as specified in the Perl README file. If you need more liberal
licensing terms, please contact the maintainer.
WARRANTY
This is free software. IT COMES WITHOUT WARRANTY OF ANY KIND.
SEE ALSO
OpenID website: http://www.danga.com/openid/
Net::OpenID::ClaimedIdentity -- part of this module
Net::OpenID::VerifiedIdentity -- part of this module
Net::OpenID::Server -- another module, for acting like an OpenID server
AUTHORS
Brad Fitzpatrick <brad AT danga.com>
perl v5.10.0 2007-12-30 Net::OpenID::Consumer(3pm)
Generated by $Id: phpMan.php,v 4.49 2006/02/26 13:18:18 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2012-05-24 21:12 @38.107.179.237 Crawled by CCBot/1.0 (+http://www.commoncrawl.org/bot.html)