#!/usr/bin/perl use strict; use warnings; use Net::OpenID::Consumer; use LWPx::ParanoidAgent; use Digest::SHA1 qw(sha1); use CGI; use CGI::Session; use Data::Dumper; my $cgi = new CGI; my $session = new CGI::Session() or die CGI::Session->errstr; $session->expire('+1h'); my $domain = "http://www.movablecircus.com"; my $login_url = $domain . "/openid.pl"; my $home_url = $domain . "/openid.pl"; my $openid = $cgi->param("openid_url"); my $nonce_pattern = q(%s%d%d%s my secret code words here) . $0; my $nonce = $session->param("nonce") || sha1(sprintf($nonce_pattern, time, (stat $0)[9], -s _, $session->id)); $session->param("nonce", $nonce); if ($cgi->param("logout")) { $session->delete(); print $cgi->redirect($login_url); exit 0; } my $csr = Net::OpenID::Consumer->new( ua => LWPx::ParanoidAgent->new, args => $cgi, consumer_secret => $nonce, required_root => $domain, ); if ($openid) { # a user entered, say, "bradfitz.com" as their identity. The first # step is to fetch that page, parse it, and get a # Net::OpenID::ClaimedIdentity object: my $checked = $cgi->param("checked"); if (!$checked) { # we arn't returning from a check, so send out the check my $claimed_identity = $csr->claimed_identity($cgi->param("openid_url")); if ($claimed_identity) { my $check_url = $claimed_identity->check_url( return_to => $login_url . "?checked=1;openid_url=$openid", trust_root => $domain, ); print $cgi->redirect($check_url); exit; } } elsif( my $setup_url = $csr->user_setup_url ) { # We only get here if we're not already logged into myopenid... print $cgi->redirect( $setup_url . '&openid.sreg.optional=' . 'email,nickname,fullname' ); exit 0; } elsif( (my $vfid = $csr->verified_identity) ) { print $cgi->redirect($home_url); $session->param("user", $cgi->param("openid.identity")); exit 0; } } elsif (not $session->param("user") ) { # user not logged in yet print $session->header(); print "\n"; print <
e.g. http://username.myopenid.com HTML } else { # user logged in print $session->header(); print "\n"; print "

Welcome " . $session->param("user") . "

"; print "Logout"; print ""; }