WebAuth::Token::Login(3) WebAuth login tokens


my $token = WebAuth::Token::Login->new;
$token->username ('user');
$token->password ($password);
print $token->encode ($keyring), "\n";


A WebAuth login token, used to communicate the user's username and password or other authentication secret from the WebLogin server to the WebKDC.


new ()
Create a new, empty WebAuth::Token::Login. At least some attributes will have to be set using the accessor methods described below before the token can be used.


As with WebAuth module functions, failures are signaled by throwing WebAuth::Exception rather than by return status.

General Methods

encode (KEYRING)
Generate the encoded and encrypted form of this token using the provided KEYRING. The encryption key used will be the one returned by the best_key() method of WebAuth::Keyring on that KEYRING.

Accessor Methods

username ([USERNAME])
Get or set the username for which this token holds login credentials. This is a site-specific identifier and may or may not be a fully-qualified principal name.
password ([PASSWORD])
Get or set the password for this user. Either this, the otp() attribute, or the device_id() attribute will be set.
otp ([OTP])
Get or set the one-time password code for this user. Either this, the password() attribute, or the device_id() attribute will be set.
otp_type ([TYPE])
Get or set the one-time password type. This should be a WebAuth factor code corresponding to the type of one-time password that this login token represents. It may be left unset if the caller doesn't know.
device_id ([ID])
Get or set the device ID. This must be set if the password() and otp() attributes are not set. If this is set and otp() is not, it indicates an attempt to authenticate using that device in some out-of-band way that does not require a code.
creation ([TIMESTAMP])
Get or set the creation timestamp for this token in seconds since epoch. If not set, the encoded token will have a creation time set to the time of encoding.


Russ Allbery <[email protected]>