Authen::TypeKey::Sign - TypeKey authentication signature generation
use Authen::TypeKey::Sign;
my $tk = Authen::TypeKey::Sign->new;
$tk->token('typekey-token');
$tk->key('./TYPEKEYS');
my $user = { name=>'foo', nick=>'Dr. Foo',
email=>'drfoo@spectre.evilorg' };
my $querystring = $tk->sign($user) or die $tk->errstr;
Authen::TypeKey::Sign is an implementation of the TypeKey authentication signature process. For information on the TypeKey protocol and using TypeKey in other applications, see http://www.movabletype.org/docs/tk-apps.html.
Create a new Authen::TypeKey::Sign object.
Get/set the TypeKey token used when creating the original sign-in link. This is required to successfully validate the signature in TypeKey 1.1 and higher, which includes the token in the plaintext.
This must be set before calling sign.
Gets/sets the DSA key. If no parameter is passed it returns the key as a Crypt::DSA::Key object. With a parameter it also sets the key. The parameter may be one of the following:
A reference to a populated Crypt::DSA::Key object.
A HASH reference containing keys of p, g, q, pub_key, and priv_key carrying the applicable values as per DSA key generation standard.
A SCALAR containing the full path and filename of a text file containing the DSA keys including the private key. The format consists of five keys (p, g, q, pub_key, and priv_key) and their applicable values as per the DSA key generation standard. One per line. Keys and values are delimited by an equal sign.
p=someDSAkeyvalue g=someDSAkeyvalue q=someDSAkeyvalue pub_key=someDSAkeyvalue priv_key=someDSAkeyvalue
You can use the typekeygen utility script to generate this file.
This must be set before calling sign.
Generates a TypeKey signature and returns a HTTP query string on success that can be used in its response to a TypeKey-enabled client. The method takes a required parameter of either a HASH reference or an object that supports a param method such as CGI or Apache::Request. The following hash keys are recognized:
The unique username of the TypeKey user. Required.
The user's display name. Required.
The user's email address. Required. If hide_email is set to true, sign will automatically encode the email address as a SHA-1 hash of the string mailto:<email>.
Elements for ts (timestamp) and token will be handled by the sign method. ts will be set to the current time (seconds since epoch). If using TypeKey Protocol version 1.1 or higher, token will be the value set using the token method.
If generation is unsuccessful, sign will return undef, and the error message can be found in $tk->errstr.
Get/set the version of the TypeKey protocol to use. The default version if 1.1.
Get/set whether the TypeKey signature should "hide" the email address by encoding the value as a SHA-1 hash. Default is true (1).
http://www.movabletype.org/docs/tk-apps.html
Authen::TypeKey, Apache::AuthTypeKey, typekeygen
Crypt::DSA Crypt::DSA::Key Crypt::DSA::Signature MIME::Base64 Getopt::Long 2.33+ Pod::Usage
The software is released under the Artistic License. The terms of the Artistic License are described at http://www.perl.com/language/misc/Artistic.html.
TypeKey is a trademark of Six Apart Ltd. TypeKey Authentication Protocol is Copyright 2004 Six Apart Ltd, cpan@sixapart.com. All rights reserved.
Except where otherwise noted, Authen::TypeKey::Sign is Copyright 2004, Timothy Appnel, cpan@timaoutloud.org. All rights reserved.
