[Catalyst] OpenID authentication

Yuval Kogman nothingmuch at woobling.org
Sun Nov 13 11:16:01 CET 2005


On Sun, Nov 13, 2005 at 01:19:57 -0800, Benjamin Trott wrote:
> OpenID is a credential verifier. It provides identity based on a URI, which
> is first "claimed" by a user, then verified/asserted by the third-party
> service that the URI points to using service auto-discovery.

Okay, then I think I get it.

(note that in this part I assume you've read the link at the bottom
of the email)

So what we would really like is to turn the credential verification
process on it's head - first verify the ID, and then get the user
for that ID, as opposed to first get the user for the ID, and then
get the user.

In this case the plugin, used on it's own, should be able to verify
an ID, but additionally it should do this:

	if ( $c->isa("Catalyst::Plugin::Authentication") ) {
		$c->set_authenticated( $c->get_user( $id ) )
	}

And it should also be able to verify a user object like this:

	my $user = shift;
	my $openid = $user->id;

	# do your stuff

	$c->set_authenticated( $user ) if $is_ok;

That way your plugin can be used on it's own, or in concert with
Catalyst::Plugin::Authentication, and most importantly any auth
store.

> So, that's all the plugin does--it's a very simple wrapper around
> Net::OpenID::Consumer, which does all of the actual verification.

Most catalyst plugins are like that - gluing a generic module so
that it's integrated with other catalyst goodness.. However, this is
still a very important job that someone has to do =)

> 
> Could you point me at the new authentication/authorization stuff you're
> referring to? And let me know what other ideas you have re: simplification.

http://lists.rawmode.org/pipermail/catalyst/2005-November/002356.html


-- 
 ()  Yuval Kogman <nothingmuch at woobling.org> 0xEBD27418  perl hacker &
 /\  kung foo master: /me dodges cabbages like macalypse log N: neeyah!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.rawmode.org/pipermail/catalyst/attachments/20051113/9d70045f/attachment.pgp


More information about the Catalyst mailing list