NAME

Net::BrowserID::Verify - Verify BrowserID assertions.

VERSION

version 0.003

SYNOPSIS

  # Procedural API
  use Net::BrowserID::Verify qw(verify_remotely);
  my $data = verify_remotely('assertion', 'audience');

  # OO API
  use Net::BrowserID::Verify;
  my $verifier = Net::BrowserID::Verify->new({
      type     => q{remote},
      audience => q{http://localhost},
  });

  my $data = $verifier->verify('assertion');

EXPORTS

The following functions can be exported from the Net::BrowserID::Verify module. No functions are exported by default.

verify_remotely(assertion, audience, opts)

Returns the result of either a verified assertion, a failed assertion or a failed request. See below for which fields are contained in the returned data.

The following params are required:

assertion

This is the assertion you receive in the browser from the onlogin callback which you should post to your server for verification. It is an opaque value which you should not change.

audience

This is your website, essentially http://example.com. This is required by the verifier to make sure the assertion is for your site.

The following names options can be passed as an opts hash:

url

This is the URL that you would prefer to use when using a remote verifier. It has the default 'https://verifier.login.persona.org/verify'.

RETURNED DATA

Once you have $data from the verifier function of your choosing, you can then check if the status was okay.

  if ( $data->{status} eq 'okay' ) {
      # read $data->{email} to set up/login your user
      print $data->{email};
  }
  else {
      # something went wrong with the verification or the request
      print $data->{reason};
  }

Fields

The assertion format you receive when using Persona/BrowserID needs to be sent from your browser to the server and verified there. This library helps you verify that the assertion is correct.

The data returned by verify_remotely(), (eventually) verify_locally() or $verifier->verify() contains the following fields:

status

The status of the verification. Either 'okay' or 'failure'.

email

The email address which has been verified.

Provided only when status is 'okay'.

issuer

The issuer/identity provider, which should be either the domain of the email address being verified, or the fallback IdP.

Provided only when status is 'okay'.

expires

The expiry (in ms from epoch). e.g. 1354217396705.

Provided only when status is 'okay'.

audience

The audience you passed to the verifier.

Provided only when status is 'okay'.

reason

Gives the reason why something went wrong.

Only provided if the status is 'failure'.

AUTHOR

Andrew Chilton "chilts@mozilla.com"

COPYRIGHT AND LICENSE

Copyright (c) 2013 Mozilla.

This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.