Provided by: libnet-openid-consumer-perl_1.18-2_all bug

NAME
       Net::OpenID::ClaimedIdentity - A not-yet-verified OpenID identity


VERSION
       version 1.18


SYNOPSIS
         use Net::OpenID::Consumer;
         my $csr = Net::OpenID::Consumer->new;
         ....
         my $cident = $csr->claimed_identity("bradfitz.com")
           or die $csr->err;

         if ($AJAX_mode) {
           my $url = $cident->claimed_url;
           my $openid_server = $cident->identity_server;
           # ... return JSON with those to user agent (whose request was
           # XMLHttpRequest, probably)
         }

         if ($CLASSIC_mode) {
           my $check_url = $cident->check_url(
             delayed_return => 1,
             return_to      => "http://example.com/get-identity.app",
             trust_root     => "http://*.example.com/",
           );
           WebApp::redirect($check_url);
         }


DESCRIPTION
       After Net::OpenID::Consumer crawls a user's declared identity URL and finds openid.server link tags in
       the HTML head, you get this object.  It represents an identity that can be verified with OpenID (the link
       tags are present), but hasn't been actually verified yet.


METHODS
       $url = $cident->claimed_url
           The  URL,  now canonicalized, that the user claims to own.  You can't know whether or not they do own
           it yet until you send them off to the check_url, though.

       $id_server = $cident->identity_server
           Returns the identity provider that will assert whether or not this claimed  identity  is  valid,  and
           sign a message saying so.

       $url = $cident->delegated_url
           If  the  claimed  URL  is using delegation, this returns the delegated identity that will actually be
           sent to the identity provider.

       $version = $cident->protocol_version
           Determines whether this identifier is to be verified by OpenID 1.1 or by OpenID 2.0. Returns 1  or  2
           respectively. This will affect the way the "check_url" is constructed.

       $cident->set_extension_args($ns_uri, $args)
           If  called  before  you access "check_url", the arguments given in the hashref $args will be added to
           the request in the given extension namespace.  For example, to use  the  Simple  Registration  (SREG)
           extension:

               $cident->set_extension_args(
                   'http://openid.net/extensions/sreg/1.1',
                   {
                       required => 'email',
                       optional => 'fullname,nickname',
                       policy_url => 'http://example.com/privacypolicy.html',
                   },
               );

           Note  that  when  making  an OpenID 1.1 request, only the Simple Registration extension is supported.
           There was no general extension mechanism defined in OpenID 1.1, so SREG (with the namespace URI as in
           the example above) is supported as a special case. All other extension namespaces  will  be  silently
           ignored when making a 1.1 request.

       $url = $cident->check_url( %opts )
           Makes  the  URL  that  you have to somehow send the user to in order to validate their identity.  The
           options to put in %opts are:

           "return_to"
               The URL that the identity provider should redirect the  user  with  either  a  verified  identity
               signature  -or-  a  setup_needed message (indicating actual interaction with the user is required
               before an assertion can be made).  This URL  may  contain  query  parameters,  and  the  identity
               provider must preserve them.

           "trust_root"
               The  URL that you want the user to actually see and declare trust for.  Your "return_to" URL must
               be at or below your trust_root.  Sending  the  trust_root  is  optional,  and  defaults  to  your
               "return_to"  value,  but  it's  highly  recommended  (and  prettier  for  users)  to see a simple
               trust_root.  Note that the trust root may contain a wildcard at the beginning of the  host,  like
               "http://*.example.com/"

           "delayed_return"
               If set to a true value, the check_url returned will indicate to the user's identity provider that
               it  has  permission to control the user's user-agent for awhile, giving them real pages (not just
               redirects) and lets them bounce around the identity provider site for a while until the requested
               assertion can be made, and they can finally be redirected back to your return_to URL above.

               The default value, false, means that the  identity  provider  will  immediately  return  to  your
               return_to  URL with either a "yes" or "no" answer.  In the "no" case, you'll instead have control
               of what to do, whether to retry the request with "delayed_return"  set  true  (the  only  way  to
               proceed  in version 2.0) or to somehow send (be it link, redirect, or pop-up window) the user the
               provider's user_setup_url (which is made available in version 1.0/1.1).

               When writing a dynamic "AJAX"-style application, you can't use delayed_return because the  remote
               site can't usefully take control of a 1x1 pixel hidden IFRAME, so you'll need to either (1.0/1.1)
               get  the  user_setup_url  and  present  it  to  the user somehow or (2.0) launch a delayed_return
               request from an actual window if the AJAX-style request fails.


COPYRIGHT, WARRANTY, AUTHOR
       See Net::OpenID::Consumer for author, copyright and licensing information.


SEE ALSO
       Net::OpenID::Consumer

       Net::OpenID::VerifiedIdentity

       Net::OpenID::Server

       Website:  <http://www.openid.net/>

perl v5.34.0                                       2022-06-30                  Net::OpenID::ClaimedIdentity(3pm)