The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.


Jifty::Plugin::OpenID - Provides OpenID authentication for your jifty app


Provides OpenID authentication for your app



please provide OpenIDSecret in your etc/config.yml , the OpenIDUA is optional , OpenID Plugin will use LWPx::ParanoidAgent by default.

        OpenIDSecret: 1234
        OpenIDUA: LWP::UserAgent

or you can set OpenIDUserAgent environment var in command-line:

    OpenIDUserAgent=LWP::UserAgent bin/jifty server

if you are using LWPx::ParanoidAgent as your openid agent. you will need to provide JIFTY_OPENID_WHITELIST_HOST for your own OpenID server.


User Model

Create your user model , and let it uses Jifty::Plugin::OpenID::Mixin::Model::User to mixin "openid" column. and a name method.

    use TestApp::Record schema {

        column email =>
            type is 'varchar';

    use Jifty::Plugin::OpenID::Mixin::Model::User;

    sub name {
        my $self = shift;
        return $self->email;

Note: you might need to declare a name method. because the OpenID CreateOpenIDUser action and SkeletonApp needs current_user->username to show welcome message and success message , which calls brief_description method. See Jifty::Record for brief_description method.


OpenID plugin provides AuthenticateOpenID Action. so that you can render an AuthenticateOpenID in your template:

    form {
        my $openid = new_action( class   => 'AuthenticateOpenID',
                                moniker => 'authenticateopenid' );
        render_action( $openid );

this action renders a form which provides openid url field. and you will need to provide a submit button in your form.

    form {
        my $openid = new_action( class   => 'AuthenticateOpenID',
                                moniker => 'authenticateopenid' );

        # ....

        render_action( $openid );
                to     => '/openid_verify_done',
                label  => _("Login with OpenID"),
                submit => $openid

the to field is for verified user to redirect to. so that you will need to implement a template called /openid_verify_done:

    template '/openid_verify_done' => page {
        h1 { "Done" };

Attribute Exchange

You can retrieve information from remote profile on authentication server with OpenID Attribute Exchange service extension.

Set in your config.yml

    - OpenID:
       ax_mapping: "{ 'email': '', 'name': 'value.firstname value.lastname' }"

this parameters are usuable for all OpenID endpoints supporting Attribute Exchange extension. They can be overriden in your application. Watch and/or override openid/wayf template from Jifty::Plugin::OpenID::View.

Or you can use in your view show('openid/wayf','/url_return_to');.


is the url send to authentication server. It defines namespace, mode, attributes types and requested attributes.

hints : MyOpenID use schemas instead of, Google provides lastname and firstname, Yahoo only fullname


keys of attributes values read from authentication server response.


mapping of recieve values with your application fields in json format.


Alex Vandiver, Cornelius <cornelius.howl {at} >, Yves Agostini


Copyright 2005-2010 Best Practical Solutions, LLC.

This program is free software and may be modified and distributed under the same terms as Perl itself.