XDI::SPIT - XDI Service Provider Interface Toolkit

XDI-SPIT documentation Contained in the XDI-SPIT distribution.

Index

Code Index:

NAME

Top

XDI::SPIT - XDI Service Provider Interface Toolkit

SYNOPSIS

Top

  use XDI::SPIT;

  my $iname = '@blueoxen*eekim';
  my $rtnUrl = 'http://www.blueoxen.org/?';

  my $spit = new XDI::SPIT;
  my ($idBroker, $inumber) = $spit->resolveBroker($iname);

  my $redirectUrl = $spit->getAuthUrl($idBroker, $iname, $rtnUrl);
      # Use this to redirect to identity broker login screen

DESCRIPTION

Top

Perl library for Service Providers to authenticate and synchronize data with data brokers.

METHODS

Top

new

Constructor.

resolveBroker($iname)

Resolves the XRI e-name. Returns the identity broker and e-number corresponding to an e-name.

getAuthUrl($idBroker, $iname, $returnUrl)

Returns the redirection URL for sending the user to the identity broker for login. Send the following HTTP header to redirect:

  Location: $redirectUrl\n\n

where $redirectUrl is the result of getAuthUrl().

validateSession($idBroker, $iname, $xsid)

Validates with $idBroker that user $iname is indeed logged in. $xsid is passed by the identity broker when it redirects to the return URL (specified in &getAuthUrl). Returns 1 or 0.

logout($idBroker, $iname, $xsid)

Logs out of a sessions with the identity broker. Returns 1 or 0.

SEE ALSO

Top

XRI.

More information is available at the Identity Commons Wiki:

  http://wiki.idcommons.net/moin.cgi/FrontPage

and especially the following pages:

  http://wiki.idcommons.net/moin.cgi/SSO

  http://wiki.idcommons.net/moin.cgi/SPIT

AUTHOR

Top

Eugene Eric Kim, <eekim@blueoxen.org>

COPYRIGHT AND LICENSE

Top

Copyright (c) Blue Oxen Associates 2004. All rights reserved.

See COPYING for licensing terms.

XDI-SPIT documentation Contained in the XDI-SPIT distribution. 
# XDI::SPIT.pm
#
# $Id: SPIT.pm,v 1.3 2004/08/03 21:05:36 eekim Exp $
#
# Copyright (c) Blue Oxen Associates 2004.  All rights reserved.
#
# See COPYING for licensing terms.

package XDI::SPIT;

use strict;
use HTTP::Request;
use LWP::UserAgent;
use URI::Escape;
use XRI;
use XRI::Descriptor;

our $VERSION = '1.11';

### constructor

sub new {
    bless {}, shift;
}

### methods

sub resolveBroker {
    my $self = shift;
    my $iname = shift;

    my $xri = XRI->new($iname);
    my $xml;
    eval {
        $xml = $xri->resolveToAuthorityXML;
    };
    if ($@ || !$xml) {
        return 0;
    }
    else {
        my $xriDescriptor = XRI::Descriptor->new($xml);
        my @localAccess = $xriDescriptor->getLocalAccess;
        my $idBroker = ${$localAccess[0]->uris}[0];
        my $inumber = $xriDescriptor->getMappings->[0];
        return $idBroker, $inumber;
    }
}

sub getAuthUrl {
    my $self = shift;
    my ($idBroker, $iname, $returnUrl) = @_;

    # FIXME: Use inumber instead?
    return "$idBroker?xri_cmd=auth&xri_iname=" . uri_escape($iname) .
        '&xri_rtn=' . uri_escape($returnUrl);
}

sub validateSession {
    my $self = shift;
    my ($idBroker, $iname, $xsid) = @_;

    return &_xriCmd($idBroker, $iname, $xsid, "verify");
}

sub logout {
    my $self = shift;
    my ($idBroker, $iname, $xsid) = @_;

    return &_xriCmd($idBroker, $iname, $xsid, "logout");
}

### private methods

sub _xriCmd {
    my ($idBroker, $iname, $xsid, $cmd) = @_;
    my $ua = LWP::UserAgent->new;
    $ua->agent("Identity Commons SPIT/$VERSION");

    my $request = HTTP::Request->new(GET=>"$idBroker?xri_cmd=$cmd&xri_iname="
                                     . uri_escape($iname) .
                                     '&xri_xsid=' . uri_escape($xsid));
    my $response = $ua->request($request);
    if ($response->is_success) {
        ($response->content =~ /true/) ? return 1 : return 0;
    }
    else {  # FIXME: should parse status code
        return 0;
    }
}

1;
__END__