I had a heck of a time figuring this all out, so here is a complete working example. FYI if you are installing Net::OpenID::Consumer it will want to install Crypt::DH, this will take a very long time (several hours) unless you install Math::BigInt:GMP. I couldn't find this anywhere except the bug reports, and it took a while to find which module was causing CPAN to hang (i'm no CPAN guru). I hope this helps out someone else.
#!/usr/bin/perl
use strict;
use warnings;
use Net::OpenID::Consumer;
use LWPx::ParanoidAgent;
use Digest::SHA1 qw(sha1);
use CGI;
use CGI::Session;
use Data::Dumper;
my $cgi = new CGI;
my $session = new CGI::Session() or die CGI::Session->errstr;
$session->expire('+1h');
my $domain = "http://www.movablecircus.com";
my $login_url = $domain . "/openid.pl";
my $home_url = $domain . "/openid.pl";
my $openid = $cgi->param("openid_url");
my $nonce_pattern = q(%s%d%d%s my secret code words here) . $0;
my $nonce = $session->param("nonce")
|| sha1(sprintf($nonce_pattern, time, (stat $0)[9], -s _, $session
+->id));
$session->param("nonce", $nonce);
if ($cgi->param("logout")) {
$session->delete();
print $cgi->redirect($login_url);
exit 0;
}
my $csr = Net::OpenID::Consumer->new(
ua => LWPx::ParanoidAgent->new,
args => $cgi,
consumer_secret => $nonce,
required_root => $domain,
);
if ($openid) {
# a user entered, say, "bradfitz.com" as their identity. The firs
+t
# step is to fetch that page, parse it, and get a
# Net::OpenID::ClaimedIdentity object:
my $checked = $cgi->param("checked");
if (!$checked) {
# we arn't returning from a check, so send out the check
my $claimed_identity = $csr->claimed_identity($cgi->param("ope
+nid_url"));
if ($claimed_identity) {
my $check_url = $claimed_identity->check_url(
return_to => $login_url . "?checked=1;openid_url=$ope
+nid",
trust_root => $domain,
);
print $cgi->redirect($check_url);
exit;
}
} elsif( my $setup_url = $csr->user_setup_url ) {
# We only get here if we're not already logged into myopenid..
+.
print $cgi->redirect( $setup_url
. '&openid.sreg.optional='
. 'email,nickname,fullname' );
exit 0;
} elsif( (my $vfid = $csr->verified_identity) ) {
print $cgi->redirect($home_url);
$session->param("user", $cgi->param("openid.identity"));
exit 0;
}
} elsif (not $session->param("user") ) {
# user not logged in yet
print $session->header();
print "<html><body>\n";
print <<HTML;
<form method="GET" style="margin: 0">
<input type="text" name="openid_url" id="openid_url" value=""
+size="30" style="margin-bottom: 0" />
<input type="submit" value="Sign in" style="margin: 0"/>
<br /><small>e.g. http://username.myopenid.com</small>
</form>
HTML
} else {
# user logged in
print $session->header();
print "<html><body>\n";
print "<p>Welcome " . $session->param("user") . "</p>";
print "<a href='$login_url?logout=1'>Logout</a>";
print "</body>";
}