/usr/share/perl5/Jifty/Plugin/OpenID.pm is in libjifty-plugin-openid-perl 1.02-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 | use strict;
use warnings;
package Jifty::Plugin::OpenID;
use base qw/Jifty::Plugin/;
our $VERSION = '1.02';
=head1 NAME
Jifty::Plugin::OpenID - Provides OpenID authentication for your jifty app
=head1 DESCRIPTION
Provides OpenID authentication for your app
=head1 USAGE
=head2 Config
please provide C<OpenIDSecret> in your F<etc/config.yml> , the C<OpenIDUA> is
B<optional> , OpenID Plugin will use L<LWPx::ParanoidAgent> by default.
---
application:
OpenIDSecret: 1234
OpenIDUA: LWP::UserAgent
or you can set C<OpenIDUserAgent> environment var in command-line:
OpenIDUserAgent=LWP::UserAgent bin/jifty server
if you are using L<LWPx::ParanoidAgent> as your openid agent.
you will need to provide C<JIFTY_OPENID_WHITELIST_HOST> for your own OpenID server.
export JIFTY_OPENID_WHITELIST_HOST=123.123.123.123
=head2 User Model
Create your user model , and let it uses
L<Jifty::Plugin::OpenID::Mixin::Model::User> to mixin "openid" column.
and a C<name> method.
use TestApp::Record schema {
column email =>
type is 'varchar';
};
use Jifty::Plugin::OpenID::Mixin::Model::User;
sub name {
my $self = shift;
return $self->email;
}
Note: you might need to declare a C<name> method. because the OpenID
CreateOpenIDUser action and SkeletonApp needs current_user->username to show
welcome message and success message , which calls C<brief_description> method.
See L<Jifty::Record> for C<brief_description> method.
=head2 View
OpenID plugin provides AuthenticateOpenID Action. so that you can render an
AuthenticateOpenID in your template:
form {
my $openid = new_action( class => 'AuthenticateOpenID',
moniker => 'authenticateopenid' );
render_action( $openid );
};
this action renders a form which provides openid url field.
and you will need to provide a submit button in your form.
form {
my $openid = new_action( class => 'AuthenticateOpenID',
moniker => 'authenticateopenid' );
# ....
render_action( $openid );
outs_raw(
Jifty->web->return(
to => '/openid_verify_done',
label => _("Login with OpenID"),
submit => $openid
));
};
the C<to> field is for verified user to redirect to.
so that you will need to implement a template called C</openid_verify_done>:
template '/openid_verify_done' => page {
h1 { "Done" };
};
=head2 Attribute Exchange
You can retrieve information from remote profile on authentication server with
OpenID Attribute Exchange service extension.
Set in your config.yml
- OpenID:
ax_param: openid.ns.ax=http://openid.net/srv/ax/1.0&openid.ax.mode=fetch_request&openid.ax.type.email=http://axschema.org/contact/email&openid.ax.type.firstname=http://axschema.org/namePerson/first&openid.ax.type.lastname=http://axschema.org/namePerson/last&openid.ax.required=firstname,lastname,email
ax_values: value.email,value.firstname,value.lastname
ax_mapping: "{ 'email': 'value.email', 'name': 'value.firstname value.lastname' }"
this parameters are usuable for all OpenID endpoints supporting Attribute
Exchange extension. They can be overriden in your application. Watch and/or
override C<openid/wayf> template from L<Jifty::Plugin::OpenID::View>.
Or you can use in your view C<show('openid/wayf','/url_return_to');>.
=head3 ax_param
is the url send to authentication server. It defines namespace, mode, attributes
types and requested attributes.
hints : MyOpenID use schema.openid.net schemas instead of axschema.org, Google
provides lastname and firstname, Yahoo only fullname
=head3 ax_values
keys of attributes values read from authentication server response.
=head3 ax_mapping
mapping of receive values with our application fields in json format.
=cut
__PACKAGE__->mk_accessors(qw(ax_mapping ax_values ax_param));
sub init {
my $self = shift;
my %opt = @_;
my $ua_class = $self->get_ua_class;
eval "require $ua_class";
$self->ax_param($opt{ax_param});
$self->ax_mapping($opt{ax_mapping});
$self->ax_values($opt{ax_values});
Jifty->web->add_css('openidplugin.css');
}
sub get_ua_class {
return Jifty->config->app('OpenIDUA')
|| $ENV{OpenIDUserAgent}
|| 'LWPx::ParanoidAgent' ;
}
sub new_ua {
my $class = shift;
my $ua;
my $ua_class = $class->get_ua_class;
Jifty->log->info( "OpenID Plugin is using $ua_class as UserAgent" );
if( $ua_class eq 'LWPx::ParanoidAgent' ) {
$ua = LWPx::ParanoidAgent->new(
whitelisted_hosts => [ $ENV{JIFTY_OPENID_WHITELIST_HOST} ]
);
}
else {
$ua = $ua_class->new;
}
return $ua;
}
sub get_csr {
my $class = shift;
return Net::OpenID::Consumer->new(
ua => $class->new_ua ,
cache => Cache::FileCache->new,
args => scalar Jifty->handler->cgi->Vars,
consumer_secret => Jifty->config->app('OpenIDSecret'),
@_,
);
}
=head1 AUTHORS
Alex Vandiver, Cornelius <cornelius.howl {at} gmail.com >, Yves Agostini
=head1 LICENSE
Copyright 2005-2010 Best Practical Solutions, LLC.
This program is free software and may be modified and distributed under the same terms as Perl itself.
=cut
1;
|