man WebKDC::Token () - token objects for use with WebAuth

NAME

WebKDC::Token - token objects for use with WebAuth

SYNOPSIS

  use WebKDC::Token;
  # includes WebKDC::{App,Id,Proxy,Request,Response,Service}Token

  # manually create a new token, and then encode/encrypt it
  my $id_token = new WebKDC::Token;

  $id_token->subject_auth('krb5');
  $id_token->subject_auth_data($sad);
  $id_token->creation_time(time());
  $id_token->subject_expiration_time($et);

  my $id_token_str = bas64_encode($id_token->to_token($key));

  # parse an encrypted/encoded token
  my $req_token = new WebKDC::RequestToken($req_token_str, $key, $ttl, 1);

DESCRIPTION

WebKDC::Token is the base class for all the Token objects, which are available upon using WebKDC::Token:

 WebKDC::AppToken
 WebKDC::IdToken
 WebKDC::ProxyToken
 WebKDC::RequestToken
 WebKDC::ErrorToken
 WebKDC::CredToken
 WebKDC::WebKDCProxyToken
 WebKDC::WebKDCServiceToken

It contains the functions that are common across all the token objects, as well as some functions that must be overridden in the subclasses.

EXPORT

None

METHODS

to_token(key_or_keyring)
$binary_token = CW$token->to_token($key_or_keyring); Takes a token object and encrypts/encodes it into a binary string. WebAuth::base64_encode should be used if the token needs to base64 encoded.
to_string()
$str = CW$token->to_string(); used mainly for debugging to get a dump of all the attributes in a token. The Token object all overloads '""', so calling this function is optional, you can just use a token object as a string to get the same result.
new
 $token = new WebKDC::SubclassToken;
 $token = new WebKDC::SubclassToken($binary_token, $key_or_ring, $ttl);
The new constructor for tokcns is used to create a token object. The first form is used to construct new tokens, while the second form is used to parse a binary token into a token object. Note, only subclasses of Token should be constructed using new. To parse an unknown token, use the parse class method.
parse
 $token = WebKDC::Token::parse($binary_token, $key_or_ring, $ttl);
Used to create a from a binary token when you don't know ahead of time what the resulting token type will be. The type of the returened token can be checked with token_type() or the UNIVERSAL isa method.
validate_token
This method should be overridden by subclasses. It is used to validate that a particular token contains the correct attributes. It gets called by the to_token method before the token is encoded, and by the constructor with args after a token has been parsed.
init
This method should be ovveridden by subclasses and is used to initialize a token when the constructor with no args is called.
token_type([$new_value])
 $token->token_type($new_value);
 $type = $token->token_type();
The first form is used to set the token type, the second form is used to get the token type.

WebKDC::AppToken

The WebKDC::AppToken object is used to represent WebAuth app-tokens.

  $token = new WebKDC::AppToken;
  $token = new WebKDC::AppToken($binary_token, $key_or_ring, $ttl);

  $token->app_data($name[, $new_value])
  $token->creation_time([$new_value])
  $token->expiration_time([$new_value])
  $token->lastused_time([$lastused_time])
  $token->subject([$new_value])

WebKDC::CredToken

The WebKDC::CredToken object is used to represent WebAuth cred-tokens.

  $token = new WebKDC::CredToken;
  $token = new WebKDC::CredToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->expiration_time([$new_value])
  $token->cred_type([$new_value])
  $token->cred_data([$new_value])
  $token->subject([$new_value])

WebKDC::IdToken

The WebKDC::IdToken object is used to represent WebAuth id-tokens.

  $token = new WebKDC::IDToken;
  $token = new WebKDC::IdToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->subject([$new_value])
  $token->subject_auth([$new_value])
  $token->subject_auth_data([$new_value])
  $token->subject_expiration_time([$new_value])

WebKDC::LoginToken

The WebKDC::LoginToken object is used to represent WebAuth login-tokens.

  $token = new WebKDC::LoginToken;
  $token = new WebKDC::LoginToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->password([$new_value])
  $token->username([$new_value])

WebKDC::ProxyToken

The WebKDC::ProxyToken object is used to represent WebAuth proxy-tokens.

  $token = new WebKDC::ProxyToken;
  $token = new WebKDC::ProxyToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->expiration_time([$new_value])
  $token->proxy_type([$new_value])
  $token->subject([$new_value])
  $token->webkdc_token([$new_value])

WebKDC::RequestToken

The WebKDC::RequestToken object is used to represent WebAuth request-tokens.

  $token = new WebKDC::RequestToken;
  $token = new WebKDC::RequestToken($binary_token, $key_or_ring, $ttl);

  $token->app_state([$new_value])
  $token->creation_time([$new_value])
  $token->proxy_type([$new_value])
  $token->request_options([$new_value])
  $token->requested_token_type([$new_value])
  $token->return_url([$new_value])
  $token->subject_auth([$new_value])

WebKDC::ErrorToken

The WebKDC::ErrorToken object is used to represent WebAuth error-tokens.

  $token = new WebKDC::ErrorToken;
  $token = new WebKDC::ErrorToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->error_code([$new_value])
  $token->error_message([$new_value])

WebKDC::WebKDCProxyToken

The WebKDC::WebKDCProxyToken object is used to represent WebAuth webkdc-proxy-tokens.

  $token = new WebKDC::WebKDCProxyToken;
  $token = new WebKDC::WebKDCProxyToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->expiration_time([$new_value])
  $token->proxy_data([$new_value])
  $token->proxy_subject([$new_value])
  $token->proxy_type([$new_value])
  $token->subject([$new_value])

WebKDC::WebKDCServiceToken

The WebKDC::WebKDCServiceToken object is used to represent WebAuth webkdc-service-tokens.

  $token = new WebKDC::WebKDCServiceToken;
  $token = new WebKDC::WebKDCServiceToken($binary_token, $key_or_ring, $ttl);

  $token->creation_time([$new_value])
  $token->expiration_time([$new_value])
  $token->subject([$new_value])
  $token->session_key([$new_value])

AUTHOR

Roland Schemers (schemers@stanford.edu)

SEE ALSO

WebAuth.