package Catalyst::Authentication::Credential::OpenID;
use strict;
-# use warnings; no warnings "uninitialized"; # for testing, not production
-use parent "Class::Accessor::Fast";
-
-BEGIN {
- __PACKAGE__->mk_accessors(qw/ _config realm debug secret /);
-}
-
-our $VERSION = "0.15";
+use warnings;
+use base "Class::Accessor::Fast";
+
+__PACKAGE__->mk_accessors(qw/
+ realm debug secret
+ openid_field
+ consumer_secret
+ ua_class
+ ua_args
+ extension_args
+ errors_are_fatal
+ extensions
+/);
+
+our $VERSION = "0.16";
use Net::OpenID::Consumer;
use Catalyst::Exception ();
-sub new : method {
+sub new {
my ( $class, $config, $c, $realm ) = @_;
- my $self = { _config => { %{ $config },
- %{ $realm->{config} }
- }
+ my $self = {
+ %{ $config },
+ %{ $realm->{config} }
};
bless $self, $class;
# 2.0 spec says "SHOULD" be named "openid_identifier."
- $self->_config->{openid_field} ||= "openid_identifier";
+ $self->{openid_field} ||= "openid_identifier";
- $self->debug( $self->_config->{debug} );
-
- my $secret = $self->_config->{consumer_secret} ||= join("+",
+ my $secret = $self->{consumer_secret} ||= join("+",
__PACKAGE__,
$VERSION,
sort keys %{ $c->config }
$secret = substr($secret,0,255) if length $secret > 255;
$self->secret($secret);
# If user has no preference we prefer L::PA b/c it can prevent DoS attacks.
- $self->_config->{ua_class} ||= eval "use LWPx::ParanoidAgent" ?
+ my $ua_class = $self->{ua_class} ||= eval "use LWPx::ParanoidAgent" ?
"LWPx::ParanoidAgent" : "LWP::UserAgent";
- my $agent_class = $self->_config->{ua_class};
+ my $agent_class = $self->ua_class;
eval "require $agent_class"
or Catalyst::Exception->throw("Could not 'require' user agent class " .
- $self->_config->{ua_class});
+ $self->ua_class);
$c->log->debug("Setting consumer secret: " . $secret) if $self->debug;
return $self;
}
-sub authenticate : method {
+sub authenticate {
my ( $self, $c, $realm, $authinfo ) = @_;
$c->log->debug("authenticate() called from " . $c->request->uri) if $self->debug;
- my $field = $self->{_config}->{openid_field};
+ my $field = $self->openid_field;
my $claimed_uri = $authinfo->{ $field };
my $csr = Net::OpenID::Consumer->new(
- ua => $self->_config->{ua_class}->new(%{$self->_config->{ua_args} || {}}),
+ ua => $self->ua_class->new(%{$self->ua_args || {}}),
args => $c->req->params,
consumer_secret => $self->secret,
);
- if ( $self->_config->{extension_args} and $self->debug )
+ if ( $self->extension_args and $self->debug )
{
- $c->log->info("The configuration key 'extension_args' is deprecated; use 'extensions'");
+ # FIXME - Only on startup, remove extension_args accessor
+ $c->log->warn("The configuration key 'extension_args' is deprecated; use 'extensions'");
}
- my @extensions = $self->_config->{extensions} ?
- @{ $self->_config->{extensions} } : $self->_config->{extension_args} ?
- @{ $self->_config->{extension_args} } : ();
+ my @extensions = $self->extensions ?
+ @{ $self->extensions } : $self->extension_args ?
+ @{ $self->extension_args } : ();
if ( $claimed_uri )
{
my $identity = $csr->claimed_identity($claimed_uri);
unless ( $identity )
{
- if ( $self->_config->{errors_are_fatal} )
+ if ( $self->errors_are_fatal )
{
Catalyst::Exception->throw($csr->err);
}
}
else
{
- $self->_config->{errors_are_fatal} ?
+ $self->errors_are_fatal ?
Catalyst::Exception->throw("Error validating identity: " . $csr->err)
:
$c->log->error( $csr->err);
=head1 VERSION
-0.15
+0.16
=head1 BACKWARDS COMPATIBILITY CHANGES
=head2 MORE ON CONFIGURATION
+=over 4
+
=item ua_args and ua_class
L<LWPx::ParanoidAgent> is the default agent E<mdash> C<ua_class> E<mdash> if it's available, L<LWP::UserAgent> if not. You don't have to set