Provided by: libwebkdc-perl_4.5.5-2_all bug

NAME
       WebKDC::WebResponse - Encapsulates a response from a WebAuth WebKDC


SYNOPSIS
           use WebKDC::WebResponse

           my $resp = WebKDC::WebResponse->new;
           $resp->subject ($user);
           $resp->requester_subject ($req_subject);
           $resp->response_token_type ('id');
           $resp->response_token ($id);
           $resp->return_url ($url);


DESCRIPTION
       A WebKDC::WebResponse object encapsulates a response from a WebAuth WebKDC, representing the result of a
       login attempt for a particular WebAuth Application Server.  It is filled in by the WebKDC module as the
       result of a make_request_token_request call.  The object has very little inherent functionality.  It's
       mostly a carrier for data.


CLASS METHODS
       new ()
           Create  a new, empty WebKDC::WebResponse object.  At least some parameters must be set using accessor
           functions as described below to do anything useful with the object.


INSTANCE METHODS
       app_state ([STATE])
           Returns or sets the application state token.  If this is set in the  response,  the  WebLogin  server
           should return it to the WebAuth application server as the WEBAUTHS parameter in the URL.

       authz_subject ([SUBJECT])
           Retrieve  or  set  the  asserted  authorization  identity.   This  is  an  identity separate from the
           authentication identity that is vetted by the WebKDC and asserted for authorization purposes  to  the
           remote  site.  It is included in the id or proxy token, but is also included directly in the response
           for display reasons in the WebLogin code.

       factor_configured ([FACTOR, ...])
       factor_needed ([FACTOR, ...])
           Returns or sets the authentication factors this user has configured or that the  WebAuth  application
           server  requires.   These  are  set  when  the user's authentication was rejected because multifactor
           authentication was required and are used by the WebLogin server to determine what  factor  to  prompt
           for or to customize an error message explaining to the user what factors they need to configure.

       login_canceled_token ([LC])
           Returns  or sets a login cancellation token.  If the user decides to cancel this authentication, this
           token should be returned to the WebAuth application server as the WEBAUTHR parameter in the URL.

       login_history ([RECORD, ...])
           Returns the list of login history records or adds new login history records.  If any  parameters  are
           given,  they are history records that will be added to the list.  Note that there is no way to remove
           an entry from the list once it has been added.

           Each RECORD should be an anonymous hash with an "ip" key whose value is the IP address from which the
           user logged in and a "timestamp" key whose value is the time of that login in  seconds  since  epoch.
           There  may  optionally  be  a "hostname" key that, if present, gives the hostname from which the user
           logged in.

       permitted_authz ([SUBJECT, ...])
           Returns the list of permitted authorization identities or sets them.  If any  parameters  are  given,
           the  list  of  acceptable  authorization identities is replaced with the list of subjects given.  The
           permitted authorization identities are unique to this authenticated user and destination site.

       cookie (TYPE[, VALUE][, EXPIRATION])
           Returns or sets a cookie of the specified type.  The TYPE parameter should be the type of the cookie.
           The VALUE, if present, is the corresponding token, suitable for being set as a browser  cookie.   The
           EXPIRATION,  if  present, is the value the cookie expiration should be set for.  Returns the token of
           the given type, if any is set.

       cookies ()
           Returns all cookies as a hash, whose keys are the  types  and  whose  values  are  the  tokens.   The
           returned  hash  is a reference to the hash inside the WebKDC::WebResponse object and therefore should
           not be modified by the caller.

       return_url ([URL])
           Returns or sets the return URL to which the user should be directed after authentication.

       requester_subject ([SUBJECT])
           Returns or sets the identity of the WebAuth application  server  that  prompted  this  authentication
           attempt.

       response_token ([TOKEN])
       response_token_type ([TYPE])
           Returns  or  sets  the  token  that  is the result of the authentication attempt, or the type of that
           token.  This will be either an id token or a proxy token, depending on what the  WebAuth  application
           server requested.

       subject ([SUBJECT])
           Returns or sets the authenticated user identity.

       password_expiration ([EXPIRATION])
           Returns  or  sets  the  password  expiration  time for the authenticating user, in seconds since UNIX
           epoch.

       user_message ([TEXT])
           Text passed back from the user information service as a message to display to the user as explanatory
           text.


AUTHOR
       Roland Schemers and Russ Allbery <rra@stanford.edu>


SEE ALSO
       WebKDC(3)

       This module is part of WebAuth.  The current version is available from <http://webauth.stanford.edu/>.

perl v5.18.1                                       2013-10-22                           WebKDC::WebResponse(3pm)