Provided by: libwebkdc-perl_4.0.2-1_all bug

NAME

       WebKDC::Token - token objects for use with WebAuth

SYNOPSIS

         use WebKDC::Token;
         # includes WebKDC::{App,Id,Proxy,Request,Response,Service}Token

         # manually create a new token, and then encode/encrypt it
         my $id_token = new WebKDC::IdToken;

         $id_token->subject_auth('krb5');
         $id_token->subject_auth_data($sad);
         $id_token->creation_time(time());
         $id_token->expiration_time($et);

         my $id_token_str = bas64_encode($id_token->to_token($key));

         # parse an encrypted/encoded token, given the encrypted/encoded token,
         # the keyring used to encrypt it, and an optional time to live.  If the
         # TTL is not zero, the token is treated as invalid if its creation time is
         # more than ttl ago (this is not needed if the token had an expiration
         # time set when it was created).
         my $req_token = new WebKDC::RequestToken($req_token_str, $key, $ttl);

DESCRIPTION

       WebKDC::Token is the base class for all the Token objects, which are available upon using
       WebKDC::Token:

        WebKDC::AppToken
        WebKDC::IdToken
        WebKDC::ProxyToken
        WebKDC::RequestToken
        WebKDC::ErrorToken
        WebKDC::CredToken
        WebKDC::WebKDCProxyToken
        WebKDC::WebKDCServiceToken

       It contains the functions that are common across all the token objects, as well as some
       functions that must be overridden in the subclasses.

EXPORT

       None

METHODS

       to_token(key_or_keyring)
           $binary_token = $token->to_token($key_or_keyring);

           Takes a token object and encrypts/encodes it into a binary string.
           WebAuth::base64_encode should be used if the token needs to base64 encoded.

       to_string()
           $str = $token->to_string();

           used mainly for debugging to get a dump of all the attributes in a token. The Token
           object all overloads '""', so calling this function is optional, you can just use a
           token object as a string to get the same result.

       new
            $token = new WebKDC::SubclassToken;
            $token = new WebKDC::SubclassToken($binary_token, $key_or_ring, $ttl);

           The new constructor for tokcns is used to create a token object. The first form is
           used to construct new tokens, while the second form is used to parse a binary token
           into a token object. Note, only subclasses of Token should be constructed using new.
           To parse an unknown token, use the parse class method.

       parse
            $token = WebKDC::Token::parse($binary_token, $key_or_ring, $ttl);

           Used to create a from a binary token when you don't know ahead of time what the
           resulting token type will be. The type of the returened token can be checked with
           token_type() or the UNIVERSAL isa method.

       validate_token
           This method should be overridden by subclasses. It is used to validate that a
           particular token contains the correct attributes. It gets called by the to_token
           method before the token is encoded, and by the constructor with args after a token has
           been parsed.

       init
           This method should be ovveridden by subclasses and is used to initialize a token when
           the constructor with no args is called.

       token_type([$new_value])
            $token->token_type($new_value);
            $type = $token->token_type();

           The first form is used to set the token type, the second form is used to get the token
           type.

WebKDC::AppToken

       The WebKDC::AppToken object is used to represent WebAuth app-tokens.

         $token = new WebKDC::AppToken;
         $token = new WebKDC::AppToken($binary_token, $key_or_ring, $ttl);

         $token->app_data($name[, $new_value])
         $token->creation_time([$new_value])
         $token->expiration_time([$new_value])
         $token->lastused_time([$lastused_time])
         $token->subject([$new_value])
         $token->session_key([$new_value])
         $token->initial_factors([$new_value, ...])
         $token->session_factors([$new_value, ...])
         $token->loa([$new_value])

WebKDC::CredToken

       The WebKDC::CredToken object is used to represent WebAuth cred-tokens.

         $token = new WebKDC::CredToken;
         $token = new WebKDC::CredToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->expiration_time([$new_value])
         $token->cred_type([$new_value])
         $token->cred_subject([$new_value])
         $token->cred_data([$new_value])
         $token->subject([$new_value])

WebKDC::IdToken

       The WebKDC::IdToken object is used to represent WebAuth id-tokens.

         $token = new WebKDC::IdToken;
         $token = new WebKDC::IdToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->expiration_time([$new_value])
         $token->subject([$new_value])
         $token->subject_auth([$new_value])
         $token->subject_auth_data([$new_value])
         $token->initial_factors([$new_value, ...])
         $token->session_factors([$new_value, ...])
         $token->loa([$new_value])

WebKDC::LoginToken

       The WebKDC::LoginToken object is used to represent WebAuth login-tokens.

         $token = new WebKDC::LoginToken;
         $token = new WebKDC::LoginToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->password([$new_value])
         $token->otp([$new_value])
         $token->username([$new_value])

WebKDC::ProxyToken

       The WebKDC::ProxyToken object is used to represent WebAuth proxy-tokens.

         $token = new WebKDC::ProxyToken;
         $token = new WebKDC::ProxyToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->expiration_time([$new_value])
         $token->proxy_type([$new_value])
         $token->subject([$new_value])
         $token->webkdc_token([$new_value])
         $token->initial_factors([$new_value, ...])
         $token->session_factors([$new_value, ...])
         $token->loa([$new_value])

WebKDC::RequestToken

       The WebKDC::RequestToken object is used to represent WebAuth request-tokens.

         $token = new WebKDC::RequestToken;
         $token = new WebKDC::RequestToken($binary_token, $key_or_ring, $ttl);

         $token->app_state([$new_value])
         $token->creation_time([$new_value])
         $token->proxy_type([$new_value])
         $token->request_options([$new_value])
         $token->requested_token_type([$new_value])
         $token->return_url([$new_value])
         $token->subject_auth([$new_value])
         $token->initial_factors([$new_value, ...])
         $token->session_factors([$new_value, ...])
         $token->loa([$new_value])

WebKDC::ErrorToken

       The WebKDC::ErrorToken object is used to represent WebAuth error-tokens.

         $token = new WebKDC::ErrorToken;
         $token = new WebKDC::ErrorToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->error_code([$new_value])
         $token->error_message([$new_value])

WebKDC::WebKDCProxyToken

       The WebKDC::WebKDCProxyToken object is used to represent WebAuth webkdc-proxy-tokens.

         $token = new WebKDC::WebKDCProxyToken;
         $token = new WebKDC::WebKDCProxyToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->expiration_time([$new_value])
         $token->proxy_data([$new_value])
         $token->proxy_subject([$new_value])
         $token->proxy_type([$new_value])
         $token->subject([$new_value])
         $token->initial_factors([$new_value, ...])
         $token->loa([$new_value])

WebKDC::WebKDCServiceToken

       The WebKDC::WebKDCServiceToken object is used to represent WebAuth webkdc-service-tokens.

         $token = new WebKDC::WebKDCServiceToken;
         $token = new WebKDC::WebKDCServiceToken($binary_token, $key_or_ring, $ttl);

         $token->creation_time([$new_value])
         $token->expiration_time([$new_value])
         $token->subject([$new_value])
         $token->session_key([$new_value])

AUTHOR

       Roland Schemers (schemers@stanford.edu)

SEE ALSO

       WebAuth.