{ "mode": "perldoc", "parameter": "Net::OpenID::ClaimedIdentity", "section": "", "url": "https://www.chedong.com/phpMan.php/perldoc/Net%3A%3AOpenID%3A%3AClaimedIdentity/json", "generated": "2026-06-11T12:48:54Z", "synopsis": "use Net::OpenID::Consumer;\nmy $csr = Net::OpenID::Consumer->new;\n....\nmy $cident = $csr->claimedidentity(\"bradfitz.com\")\nor die $csr->err;\nif ($AJAXmode) {\nmy $url = $cident->claimedurl;\nmy $openidserver = $cident->identityserver;\n# ... return JSON with those to user agent (whose request was\n# XMLHttpRequest, probably)\n}\nif ($CLASSICmode) {\nmy $checkurl = $cident->checkurl(\ndelayedreturn => 1,\nreturnto => \"http://example.com/get-identity.app\",\ntrustroot => \"http://*.example.com/\",\n);\nWebApp::redirect($checkurl);\n}", "sections": { "NAME": { "content": "Net::OpenID::ClaimedIdentity - A not-yet-verified OpenID identity\n", "subsections": [] }, "VERSION": { "content": "version 1.18\n", "subsections": [] }, "SYNOPSIS": { "content": "use Net::OpenID::Consumer;\nmy $csr = Net::OpenID::Consumer->new;\n....\nmy $cident = $csr->claimedidentity(\"bradfitz.com\")\nor die $csr->err;\n\nif ($AJAXmode) {\nmy $url = $cident->claimedurl;\nmy $openidserver = $cident->identityserver;\n# ... return JSON with those to user agent (whose request was\n# XMLHttpRequest, probably)\n}\n\nif ($CLASSICmode) {\nmy $checkurl = $cident->checkurl(\ndelayedreturn => 1,\nreturnto => \"http://example.com/get-identity.app\",\ntrustroot => \"http://*.example.com/\",\n);\nWebApp::redirect($checkurl);\n}\n", "subsections": [] }, "DESCRIPTION": { "content": "After Net::OpenID::Consumer crawls a user's declared identity URL and finds openid.server link\ntags in the HTML head, you get this object. It represents an identity that can be verified with\nOpenID (the link tags are present), but hasn't been actually verified yet.\n", "subsections": [] }, "METHODS": { "content": "$url = $cident->claimedurl\nThe URL, now canonicalized, that the user claims to own. You can't know whether or not they\ndo own it yet until you send them off to the checkurl, though.\n\n$idserver = $cident->identityserver\nReturns the identity provider that will assert whether or not this claimed identity is\nvalid, and sign a message saying so.\n\n$url = $cident->delegatedurl\nIf the claimed URL is using delegation, this returns the delegated identity that will\nactually be sent to the identity provider.\n\n$version = $cident->protocolversion\nDetermines whether this identifier is to be verified by OpenID 1.1 or by OpenID 2.0. Returns\n1 or 2 respectively. This will affect the way the \"checkurl\" is constructed.\n\n$cident->setextensionargs($nsuri, $args)\nIf called before you access \"checkurl\", the arguments given in the hashref $args will be\nadded to the request in the given extension namespace. For example, to use the Simple\nRegistration (SREG) extension:\n\n$cident->setextensionargs(\n'http://openid.net/extensions/sreg/1.1',\n{\nrequired => 'email',\noptional => 'fullname,nickname',\npolicyurl => 'http://example.com/privacypolicy.html',\n},\n);\n\nNote that when making an OpenID 1.1 request, only the Simple Registration extension is\nsupported. There was no general extension mechanism defined in OpenID 1.1, so SREG (with the\nnamespace URI as in the example above) is supported as a special case. All other extension\nnamespaces will be silently ignored when making a 1.1 request.\n\n$url = $cident->checkurl( %opts )\nMakes the URL that you have to somehow send the user to in order to validate their identity.\nThe options to put in %opts are:\n\n\"returnto\"\nThe URL that the identity provider should redirect the user with either a verified\nidentity signature -or- a setupneeded message (indicating actual interaction with the\nuser is required before an assertion can be made). This URL may contain query\nparameters, and the identity provider must preserve them.\n\n\"trustroot\"\nThe URL that you want the user to actually see and declare trust for. Your \"returnto\"\nURL must be at or below your trustroot. Sending the trustroot is optional, and\ndefaults to your \"returnto\" value, but it's highly recommended (and prettier for users)\nto see a simple trustroot. Note that the trust root may contain a wildcard at the\nbeginning of the host, like \"http://*.example.com/\"\n\n\"delayedreturn\"\nIf set to a true value, the checkurl returned will indicate to the user's identity\nprovider that it has permission to control the user's user-agent for awhile, giving them\nreal pages (not just redirects) and lets them bounce around the identity provider site\nfor a while until the requested assertion can be made, and they can finally be\nredirected back to your returnto URL above.\n\nThe default value, false, means that the identity provider will immediately return to\nyour returnto URL with either a \"yes\" or \"no\" answer. In the \"no\" case, you'll instead\nhave control of what to do, whether to retry the request with \"delayedreturn\" set true\n(the only way to proceed in version 2.0) or to somehow send (be it link, redirect, or\npop-up window) the user the provider's usersetupurl (which is made available in\nversion 1.0/1.1).\n\nWhen writing a dynamic \"AJAX\"-style application, you can't use delayedreturn because\nthe remote site can't usefully take control of a 1x1 pixel hidden IFRAME, so you'll need\nto either (1.0/1.1) get the usersetupurl and present it to the user somehow or (2.0)\nlaunch a delayedreturn request from an actual window if the AJAX-style request fails.\n\nCOPYRIGHT, WARRANTY, AUTHOR\nSee Net::OpenID::Consumer for author, copyright and licensing information.\n", "subsections": [] }, "SEE ALSO": { "content": "Net::OpenID::Consumer\n\nNet::OpenID::VerifiedIdentity\n\nNet::OpenID::Server\n\nWebsite: \n", "subsections": [] } }, "summary": "Net::OpenID::ClaimedIdentity - A not-yet-verified OpenID identity", "flags": [], "examples": [], "see_also": [] }