man WebKDC::Token () - token objects for use with WebAuth
NAME
WebKDC::Token - token objects for use with WebAuth
SYNOPSIS
use WebKDC::Token;
# includes WebKDC::{App,Id,Proxy,Request,Response,Service}Token
# manually create a new token, and then encode/encrypt it my $id_token = new WebKDC::Token;
$id_token->subject_auth('krb5');
$id_token->subject_auth_data($sad);
$id_token->creation_time(time());
$id_token->subject_expiration_time($et);
my $id_token_str = bas64_encode($id_token->to_token($key));
# parse an encrypted/encoded token my $req_token = new WebKDC::RequestToken($req_token_str, $key, $ttl, 1);
DESCRIPTION
WebKDC::Token is the base class for all the Token objects, which are available upon using WebKDC::Token:
WebKDC::AppToken WebKDC::IdToken WebKDC::ProxyToken WebKDC::RequestToken WebKDC::ErrorToken WebKDC::CredToken WebKDC::WebKDCProxyToken WebKDC::WebKDCServiceToken
It contains the functions that are common across all the token objects, as well as some functions that must be overridden in the subclasses.
EXPORT
None
METHODS
- to_token(key_or_keyring)
- $binary_token = CW$token->to_token($key_or_keyring); Takes a token object and encrypts/encodes it into a binary string. WebAuth::base64_encode should be used if the token needs to base64 encoded.
- to_string()
- $str = CW$token->to_string(); used mainly for debugging to get a dump of all the attributes in a token. The Token object all overloads '""', so calling this function is optional, you can just use a token object as a string to get the same result.
- new
-
$token = new WebKDC::SubclassToken; $token = new WebKDC::SubclassToken($binary_token, $key_or_ring, $ttl);
The new constructor for tokcns is used to create a token object. The first form is used to construct new tokens, while the second form is used to parse a binary token into a token object. Note, only subclasses of Token should be constructed using new. To parse an unknown token, use the parse class method. - parse
-
$token = WebKDC::Token::parse($binary_token, $key_or_ring, $ttl);
Used to create a from a binary token when you don't know ahead of time what the resulting token type will be. The type of the returened token can be checked with token_type() or the UNIVERSAL isa method. - validate_token
- This method should be overridden by subclasses. It is used to validate that a particular token contains the correct attributes. It gets called by the to_token method before the token is encoded, and by the constructor with args after a token has been parsed.
- init
- This method should be ovveridden by subclasses and is used to initialize a token when the constructor with no args is called.
- token_type([$new_value])
-
$token->token_type($new_value); $type = $token->token_type();
The first form is used to set the token type, the second form is used to get the token type.
WebKDC::AppToken
The WebKDC::AppToken object is used to represent WebAuth app-tokens.
$token = new WebKDC::AppToken; $token = new WebKDC::AppToken($binary_token, $key_or_ring, $ttl);
$token->app_data($name[, $new_value]) $token->creation_time([$new_value]) $token->expiration_time([$new_value]) $token->lastused_time([$lastused_time]) $token->subject([$new_value])
WebKDC::CredToken
The WebKDC::CredToken object is used to represent WebAuth cred-tokens.
$token = new WebKDC::CredToken; $token = new WebKDC::CredToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->expiration_time([$new_value]) $token->cred_type([$new_value]) $token->cred_data([$new_value]) $token->subject([$new_value])
WebKDC::IdToken
The WebKDC::IdToken object is used to represent WebAuth id-tokens.
$token = new WebKDC::IDToken; $token = new WebKDC::IdToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->subject([$new_value]) $token->subject_auth([$new_value]) $token->subject_auth_data([$new_value]) $token->subject_expiration_time([$new_value])
WebKDC::LoginToken
The WebKDC::LoginToken object is used to represent WebAuth login-tokens.
$token = new WebKDC::LoginToken; $token = new WebKDC::LoginToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->password([$new_value]) $token->username([$new_value])
WebKDC::ProxyToken
The WebKDC::ProxyToken object is used to represent WebAuth proxy-tokens.
$token = new WebKDC::ProxyToken; $token = new WebKDC::ProxyToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->expiration_time([$new_value]) $token->proxy_type([$new_value]) $token->subject([$new_value]) $token->webkdc_token([$new_value])
WebKDC::RequestToken
The WebKDC::RequestToken object is used to represent WebAuth request-tokens.
$token = new WebKDC::RequestToken; $token = new WebKDC::RequestToken($binary_token, $key_or_ring, $ttl);
$token->app_state([$new_value]) $token->creation_time([$new_value]) $token->proxy_type([$new_value]) $token->request_options([$new_value]) $token->requested_token_type([$new_value]) $token->return_url([$new_value]) $token->subject_auth([$new_value])
WebKDC::ErrorToken
The WebKDC::ErrorToken object is used to represent WebAuth error-tokens.
$token = new WebKDC::ErrorToken; $token = new WebKDC::ErrorToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->error_code([$new_value]) $token->error_message([$new_value])
WebKDC::WebKDCProxyToken
The WebKDC::WebKDCProxyToken object is used to represent WebAuth webkdc-proxy-tokens.
$token = new WebKDC::WebKDCProxyToken; $token = new WebKDC::WebKDCProxyToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->expiration_time([$new_value]) $token->proxy_data([$new_value]) $token->proxy_subject([$new_value]) $token->proxy_type([$new_value]) $token->subject([$new_value])
WebKDC::WebKDCServiceToken
The WebKDC::WebKDCServiceToken object is used to represent WebAuth webkdc-service-tokens.
$token = new WebKDC::WebKDCServiceToken; $token = new WebKDC::WebKDCServiceToken($binary_token, $key_or_ring, $ttl);
$token->creation_time([$new_value]) $token->expiration_time([$new_value]) $token->subject([$new_value]) $token->session_key([$new_value])
AUTHOR
Roland Schemers (schemers@stanford.edu)
SEE ALSO
WebAuth.