OpenID::Login - A simple lightweight OpenID consumer with very few dependencies
Sending user to be authenticated:
my $claimed_id = 'https://example.openssl.com'; my $o = OpenID::Login->new(claimed_id => $claimed_id, return_to => 'https://example.com/auth'); my $auth_url = $o->get_auth_url();
Verifying the user was correctly authenticated:
my $o = OpenID::Login->new(cgi => $cgi, return_to => 'https://example.com/auth'); my $id = $o->verify_auth(); # $id is the verified identity, or false if it wasn't verified (eg by the user handcrafting the url, or disallowing access)
OpenID::Login is an simple alternative OpenID consumer to Net::OpenID::Consumer with less dependencies especially not to Crypt::DH::GMP which itself has dependencies to libgmp, etc. and is sometimes difficult to install.
This module only does XRDS discovery, no YARDIS and will only do OpenID in "dumb" aka stateless mode.
OpenID::Login is inspired and based on Net::Google::FederatedLogin written by Glenn Fowler.
Required for "get_auth_url": The email address, or an OpenID URL of the identity to be checked.
Optional field that is used to populate the openid.realm parameter. If not provided the parameter will not be used (as opposed to being calculated from the "return_to"" value).
The useragent internally used for communications that the module needs to do. If not provided, a new LWP::UserAgent will be instantiated.
Required for "verify_auth": A CGI-like object (same param() method behaviour) that is used to access the parameters that assert the identity has been verified. May optionally be replaced by "cgi_params".
Hashref of OpenID::Login::Extension objects (keyed off the extension type URI).
Static URI of the authorizing OpenID server. If set no XRDS discovery will be done.
Gets the URL to send the user to where they can verify their identity.
Gets the unadorned OpenID authentication URL (like "get_auth_url", but doesn't contain values specific to this request (return_to, mode etc))
Normalizes and checks the claimed OpenID identifier for synthactical validity.
Checks if the user has been validated based on the parameters in the "cgi" object, and checks that these parameters do come from the correct OpenID provider (rather than having been hand-crafted to appear to validate the identity). If the id is successfully verified, it is returned (otherwise a false value is returned).
Retrieve a single OpenID::Login::Extension object, based on the type URI provided. This method is most likely to be useful for handling the response to an OpenID request.
Save an extension into the list of extensions for this login object
Holger Eiboeck <email@example.com>
This software is copyright (c) 2012 by Holger Eiboeck.