[Catalyst] OpenID authentication

[Benjamin Trott]

> So what we would really like is to turn the credential verification
> process on it's head - first verify the ID, and then get the user
> for that ID, as opposed to first get the user for the ID, and then
> get the user
> 
> In this case the plugin, used on it's own, should be able to verify
> an ID, but additionally it should do this:

I'm not sure what you mean by "used on its own." Do you mean, used outside
of Catalyst? I'm not sure what the point of that would be--after all, if
someone wanted to write an OpenID consumer outside of Catalyst, the best
approach would be to use Net::OpenID::Consumer directly.

The only purpose of this module is to provide the glue between Catalyst--the
request & response objects, mainly--and Net::OpenID::Consumer. Let me know
if I'm misunderstanding...

> 
> if ( $c->isa("Catalyst::Plugin::Authentication") ) {
> $c->set_authenticated( $c->get_user( $id ) )
> }
> 
> And it should also be able to verify a user object like this:
> 
> my $user = shift;
> my $openid = $user->id;
> 
> # do your stuff
> 
> $c->set_authenticated( $user ) if $is_ok;
> 
> That way your plugin can be used on it's own, or in concert with
> Catalyst::Plugin::Authentication, and most importantly any auth
> store.

I'm assuming that an auth store is something like a session plugin--is that
right? My usage of this plugin basically goes like as described in the
example in the POD docs:

<http://search.cpan.org/~btrott/Catalyst-Plugin-Authentication-OpenID-0.01/l
ib/Catalyst/Plugin/Authentication/OpenID.pm#EXAMPLE>

Does that make it clearer how the module can currently be used, and can
interact with a session store?

Ben