Net::OpenID::Server questions

[Nathaniel Gephart]

Hi,

I'm trying to write a simple OpenID provider mostly for testing purposes at this point. I'm still pretty new to Perl and CGI. Can anyone give me a better explanation of what goes in each of the callback methods (get_user, get_identity, is_identity, and is_trusted)? I've been looking at the documentation here: http://search.cpan.org/~mart/Net-OpenID-Server-1.02/lib/Net/OpenID/Server.pm, but haven't found it especially helpful.

I'm also having some issues with the login process. I've got a server page where the OpenID::Server object is, and a login page that authenticates users. During setup, the user is redirected to the login page. I've gotten to the point where the login page works, but now, I think I have to tell the server about the successful authentication. What's the best way to accomplish that? I think I have to maintain some kind of state from the login page.

Documentation and tutorials for the server side of OpenID are pretty sparse... lots of stuff for the consumer though.

Thanks,

Nate Gephart

--
You received this message because you are subscribed to the Google Groups "Net::OpenID for Perl" group.
To post to this group, send email to openi...@googlegroups.com.
To unsubscribe from this group, send email to openid-perl...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/openid-perl?hl=en.

[Adam Sjøgren]

On Tue, 20 Apr 2010 11:38:24 -0400, Nathaniel wrote:

> I'm trying to write a simple OpenID provider mostly for testing
> purposes at this point.

I wrote an extremely simple one (~9K, including HTML) because I wanted
to run my own provider - it is based on Net::OpenID::Server, but with
some modifications to the module to make it work with the sites I
wanted to login to (mainly hacking in SHA256-support):

* http://github.com/asjo/libnet-openid-perl/commits/master

> I'm still pretty new to Perl and CGI. Can anyone give me a better
> explanation of what goes in each of the callback methods (get_user,
> get_identity, is_identity, and is_trusted)?

I'm using Mason¹ in my little project, but that doesn't make much of a
difference.

I'm not sure what you're asking, though, get_user, get_identity,
is_identity and is_trusted are just simple functions that should return
what the say - if the identity/password is provided and checks out, they
should return the data/information asked for.

Basically I've got:

my $get_user=sub {
return $m->notes('user');
};

my $get_identity=sub {
my ($user)=@_;
return 0 if (!defined $user);
return $user->{identity};
};

my $is_identity=sub {
my ($user, $identity_url)=@_;
return 0 if (!defined $user);
# XXX Check that $user owns $identity_url:
return $user->{ok};
};

my $is_trusted=sub {
my ($user, $trust_root, $is_ident)=@_;
return 0 if (!defined $user or !$is_ident);
# XXX Check that $user trusts $trust_root:
return $user->{ok};
};

(Feel free to jump in and correct me, anyone!)

> I'm also having some issues with the login process. I've got a server
> page where the OpenID::Server object is, and a login page that
> authenticates users. During setup, the user is redirected to the login
> page. I've gotten to the point where the login page works, but now, I
> think I have to tell the server about the successful authentication.
> What's the best way to accomplish that? I think I have to maintain
> some kind of state from the login page.

I used a testing-website that I found valuable in getting things to
work. I can remember if it was on openid.net or run by janrain, or
both...

I can't find it again, but I just stumbled over this one:
http://test-id.org/ - which seems quite comprehensive.

> Documentation and tutorials for the server side of OpenID are pretty
> sparse... lots of stuff for the consumer though.

Yeah, and some things you'll find out by trial and error; like getting
SHA256 to work... :-)


Best regards,

Adam

--
"Achtung, babies!" Adam Sjøgren
as...@koldfront.dk