NAME
OpenID::Login - A simple lightweight OpenID consumer with very few dependencies
VERSION
version 0.1.1
SYNOPSIS
Sending user to be authenticated:
my $claimed_id = 'https://example.openssl.com';
my $o = OpenID::Login->new(claimed_id => $claimed_id, return_to => 'https://example.com/auth');
my $auth_url = $o->get_auth_url();
Verifying the user was correctly authenticated:
my $o = OpenID::Login->new(cgi => $cgi, return_to => 'https://example.com/auth');
my $id = $o->verify_auth();
# $id is the verified identity, or false if it wasn't verified (eg by the user handcrafting the url, or disallowing access)
DESCRIPTION
OpenID::Login is an simple alternative OpenID consumer to Net::OpenID::Consumer with less dependencies especially not to Crypt::DH::GMP which itself has dependencies to libgmp, etc. and is sometimes difficult to install.
This module only does XRDS discovery, no YARDIS and will only do OpenID in "dumb" aka stateless mode.
OpenID::Login is inspired and based on Net::Google::FederatedLogin written by Glenn Fowler.
ATTRIBUTES
claimed_id
Required for "get_auth_url": The email address, or an OpenID URL of the identity to be checked.
realm
Optional field that is used to populate the openid.realm parameter. If not provided the parameter will not be used (as opposed to being calculated from the "return_to"" value).
ua
The useragent internally used for communications that the module needs to do. If not provided, a new LWP::UserAgent will be instantiated.
return_to
Required for "get_auth_url" and "verify_auth": The URL the user should be returned to after verifying their identity.
cgi
Required for "verify_auth": A CGI-like object (same param() method behaviour) that is used to access the parameters that assert the identity has been verified. May optionally be replaced by "cgi_params".
cgi_params
Required for "verify_auth" unless "cgi" is supplied: A hashref containing the cgi parameters for verifying the identity.
extensions
Hashref of OpenID::Login::Extension objects (keyed off the extension type URI).
endpoint
Static URI of the authorizing OpenID server. If set no XRDS discovery will be done.
METHODS
get_auth_url
Gets the URL to send the user to where they can verify their identity.
get_openid_endpoint
Gets the unadorned OpenID authentication URL (like "get_auth_url", but doesn't contain values specific to this request (return_to, mode etc))
normalize
Normalizes and checks the claimed OpenID identifier for synthactical validity.
verify_auth
Checks if the user has been validated based on the parameters in the "cgi" object, and checks that these parameters do come from the correct OpenID provider (rather than having been hand-crafted to appear to validate the identity). If the id is successfully verified, it is returned (otherwise a false value is returned).
get_extension
Retrieve a single OpenID::Login::Extension object, based on the type URI provided. This method is most likely to be useful for handling the response to an OpenID request.
set_extension
Save an extension into the list of extensions for this login object
AUTHOR
Holger Eiboeck <realholgi@cpan.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2012 by Holger Eiboeck.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.