Apache-AuthTypeKey

 view release on metacpan or  search on metacpan

META.yml  view on Meta::CPAN

name: Apache-AuthTypeKey
version: 0.03
abstract: Apache authorization handler using TypeKey
author: Six Apart <cpan@sixapart.com>
license: perl
distribution_type: module
requires:
  Authen::TypeKey: 0.02
  Apache::AuthCookie: 3.08
no_index:
  directory:
    - t
    - inc
generated_by: Module::Install version 0.36

Makefile.PL  view on Meta::CPAN

abstract('Apache authorization handler using TypeKey');
author('Six Apart <cpan@sixapart.com>');
version_from('lib/Apache/AuthTypeKey.pm');
license('perl');
no_index(directory => 't');
sign(1);

include('ExtUtils::AutoInstall');

requires('Authen::TypeKey' => 0.02);
requires('Apache::AuthCookie' => 3.08);

auto_include();
auto_install();

&WriteAll;

README  view on Meta::CPAN

$Id: README 12 2004-08-21 08:36:19Z btrott $

This is Apache::AuthTypeKey, an implementation of TypeKey authentication and
authorization for Apache.

PREREQUISITES

    * Authen::TypeKey
    * Apache::AuthCookie

INSTALLATION

Apache::AuthTypeKey installation is straightforward. If your CPAN shell
is set up, you should just be able to do

    % perl -MCPAN -e 'install Apache::AuthTypeKey'

Download it, unpack it, then build it as per the usual:

lib/Apache/AuthTypeKey.pm  view on Meta::CPAN

our $VERSION = '0.03';

use Authen::TypeKey;
use mod_perl;
use constant MP2 => $mod_perl::VERSION >= 1.99;
BEGIN {
    require base;
    if (MP2) {
        require Apache2::Const;
        Apache2::Const->import(-compile => qw( SERVER_ERROR ));
        base->import(qw( Apache2::AuthCookie ));
    } else {
        require Apache::Constants;
        Apache::Constants->import(qw( SERVER_ERROR ));
        base->import(qw( Apache::AuthCookie ));
    }
}

sub authen_cred {
    my($self, $r, @cred) = @_;
    my $token = $r->dir_config('TypeKeyToken');
    unless ($token) {
        $r->log_error('TypeKeyToken is required');
        return;
    }

lib/Apache/AuthTypeKey.pm  view on Meta::CPAN

TypeKey is Six Apart's free, open service providing a central login for
people to comment on weblogs, get access to protected information, etc.

To use I<Apache::AuthTypeKey>, you'll need a TypeKey token that identifies
your site. So you'll need to sign up for a TypeKey account at
I<https://www.typekey.com/t/typekey/register>, then fill out the Preferences
form to include the URI of your application. Specifically, this URI should be
the URI for the I</login-protected> area above, because that's the URI that
TypeKey will return to after a user logs in.

I<Apache::AuthTypeKey> is a subclass of I<Apache::AuthCookie>, so it inherits
all of that module's cookie-handling and authorization code. It also inherits
all of that module's configuration settings and options.

=head2 Authentication

Authentication is handled for you through TypeKey, and cookie handling is
handled by I<Apache::AuthCookie>. The value of the cookie will be the string
returned from TypeKey, including the username, email address, name, and a
DSA signature on those values, preventing users from forging the cookie.

=head2 Login Screen

The actual login form is on I<http://www.typekey.com/>; the login screen
that you'll be providing should be just a simple page linking people to that
login screen, along with your TypeKey token and return URI. An example login
screen is in F<eg/login.pl>, but you'll probably wish to customize the HTML,
as it's fairly plain.

The login script functionality is inherited from I<Apache::AuthCookie>, so
it's implemented as a script that you must configure in your I<httpd.conf>
or I<.htaccess>. For example:

    PerlSetVar TypeKeyLoginScript /login.pl

If you'd rather use a different mechanism for your login screen, you can
subclass I<Apache::AuthTypeKey> and override the I<login_form> method. See
the L<Apache::AuthCookie> documentation for more details.

=head2 Authorization

I<Apache::AuthTypeKey>--coupled with TypeKey--will handle all of the
authentication for you, telling you whether someone is a valid TypeKey user.
For authorization, you have a couple of options:

=over 4

=item * Allow any TypeKey user

lib/Apache/AuthTypeKey.pm  view on Meta::CPAN

    require user bar

This will allow only the TypeKey users C<foo> and C<bar>.

=item * Override the authorization phase and handle it yourself

If you'd like to do something more complex, like look up valid TypeKey
usernames in a database listing authorized users, you can subclass
I<Apache::AuthTypeKey> and override the I<authorize> method. Note that
I<Apache::AuthTypeKey> doesn't actually provide its own I<authorize>
method anyway--it merely inherits I<Apache::AuthCookie-E<gt>authorize>.

=back

=head1 LICENSE

I<Apache::AuthTypeKey> is free software; you may redistribute it and/or modify
it under the same terms as Perl itself.

=head1 AUTHOR & COPYRIGHT

Except where otherwise noted, I<Apache::AuthTypeKey> is Copyright 2004 Six
Apart Ltd, cpan@sixapart.com. All rights reserved.

=head1 SEE ALSO

L<Apache::AuthCookie>, L<Authen::TypeKey>

=cut



( run in 1.266 second using v1.01-cache-2.11-cpan-bbb979687b5 )