Re: Concerning Single Sign-on, Bitcard (TypeKey), and OpenID (Complete OpenID Example)

I had a heck of a time figuring this all out, so here is a complete working example. FYI if you are installing Net::OpenID::Consumer it will want to install Crypt::DH, this will take a very long time (several hours) unless you install Math::BigInt:GMP. I couldn't find this anywhere except the bug reports, and it took a while to find which module was causing CPAN to hang (i'm no CPAN guru). I hope this helps out someone else.

#!/usr/bin/perl
use strict;
use warnings;

use Net::OpenID::Consumer;
use LWPx::ParanoidAgent;
use Digest::SHA1 qw(sha1);
use CGI;
use CGI::Session;
use Data::Dumper;

my $cgi     = new CGI;
my $session = new CGI::Session() or die CGI::Session->errstr;
$session->expire('+1h');


my $domain    = "http://www.movablecircus.com";
my $login_url = $domain . "/openid.pl";
my $home_url  = $domain . "/openid.pl";

my $openid  = $cgi->param("openid_url");

my $nonce_pattern = q(%s%d%d%s my secret code words here) . $0;
my $nonce = $session->param("nonce")
    || sha1(sprintf($nonce_pattern, time, (stat $0)[9], -s _, $session
+->id));

$session->param("nonce", $nonce);

if ($cgi->param("logout")) {
    $session->delete();
    print $cgi->redirect($login_url);
    exit 0;
}

my $csr = Net::OpenID::Consumer->new(
    ua    => LWPx::ParanoidAgent->new,
    args  => $cgi,
    consumer_secret => $nonce,
    required_root    => $domain,
);



if ($openid) {
    # a user entered, say, "bradfitz.com" as their identity.  The firs
+t
    # step is to fetch that page, parse it, and get a
    # Net::OpenID::ClaimedIdentity object:
    my $checked = $cgi->param("checked");
    if (!$checked) {
        # we arn't returning from a check, so send out the check
        my $claimed_identity = $csr->claimed_identity($cgi->param("ope
+nid_url"));
        if ($claimed_identity) {
            my $check_url = $claimed_identity->check_url(
                return_to  => $login_url . "?checked=1;openid_url=$ope
+nid",
            trust_root => $domain,
               );
                print $cgi->redirect($check_url);
            exit;
        }
    } elsif( my $setup_url = $csr->user_setup_url ) {
        # We only get here if we're not already logged into myopenid..
+.
        print $cgi->redirect( $setup_url
                . '&openid.sreg.optional='
                . 'email,nickname,fullname' );
            exit 0;
    } elsif( (my $vfid = $csr->verified_identity) ) {
        print $cgi->redirect($home_url);
        $session->param("user", $cgi->param("openid.identity"));
        exit 0;
    }
} elsif (not $session->param("user") ) {
    # user not logged in yet
        print $session->header();
        print "<html><body>\n";
    print <<HTML;
    <form method="GET" style="margin: 0">
        <input type="text" name="openid_url" id="openid_url" value="" 
+size="30" style="margin-bottom: 0" />
        <input type="submit" value="Sign in" style="margin: 0"/>
        <br /><small>e.g. http://username.myopenid.com</small>
    </form>
HTML
} else {
       # user logged in
        print $session->header();
    print "<html><body>\n";
    print "<p>Welcome " . $session->param("user") . "</p>";
    print "<a href='$login_url?logout=1'>Logout</a>";
    print "</body>";
}
[download]

___________
Eric Hodges

Comment on Re: Concerning Single Sign-on, Bitcard (TypeKey), and OpenID (Complete OpenID Example) Download Code


Problems? Is your data what you think it is?
	PerlMonks