AuthSrv

From I-names Development Wiki

Jump to: navigation, search

AuthSrv is a Perl CGI script that acts as a simplistic XRI authority resolution server.

It serves XRDS documents from the file system.

Installation

1. Download the script [here]

2. Rename it to authsrv.pl

3. Save it to your web server's cgi-bin directory

4. Make sure that the execute bit is set. This is usually done with: 

$ chmod +x authsrv.pl

5. Create a directory to store your XRD fragments. This should ideally be outside of the web server root 

$ mkdir /content/xrdfiles

6. Let authsrv.pl know where to find these fragments by either:

6a. Set the environment variable XRI_DATA from your web server config or .htaccess. For example, in httpd.conf: 

<Directory "/var/www/cgi-bin">
    ### other directives like AllowOverride, Order, Allow go here unchanged

    <Files authsrv.pl>
        SetEnv URL_PREFIX /cgi-bin/authsrv.pl
        SetEnv XRI_DATA /content/xrdfiles
    </Files>
</Directory>

6b. Alternatively, edit the $dir variable in authsrv.pl 

### the directory in which to look for XRD fragments.
### comment out original
# my $dir = $ENV{XRI_DATA} || '.';
my $dir = '/content/xrdfiles';

7. Let authsrv.pl know the URL path to itself, again, by setting environment variable as in 6a or modifying the script itself: 

### the path up to this script
### comment out original
# my $url_prefix = $ENV{URL_PREFIX} || '';
my $url_prefix = '/cgi-bin/authsrv.pl';

If you access the script with the following URL:

http://yourserver.biz/cgi-bin/authsrv.pl

The corresponding $url_prefix should be:

/cgi-bin/authsrv.pl


Query Mapping

authsrv.pl maps queries to XRD fragments on the filesystem. For example, the URI responsible for names under =foo might be 

http://yourserver.biz/cgi-bin/authsrv.pl/=foo/

To query =foo*bar, the following URI is constructed: 

http://yourserver.biz/cgi-bin/authsrv.pl/=foo/*bar


The following procedure is used to map queries to XRD fragment files:

  1. Start with the REQUEST_URI, with the example above it is /cgi-bin/authsrv.pl/=foo/*bar
  2. Strip $url_prefix from the beginning, yielding /=foo/*bar
  3. Remove all slashes, yielding =foo*bar
  4. Lowercase everything, then percent encode any character other than !, * and [a-z0-9]. This yields %3Dfoo*bar
  5. Prefix it with $dir (XRI_DATA), yielding the file /content/xrdfiles/%3Dfoo*bar

The actual process is a little more complicated than that due to multi-level lookahead resolution support. So, if a lookahead query like /cgi-bin/authsrv.pl/=foo/*bar*baz was received, it attempts to construct 2 XRD's - one for =foo*bar and another for =foo*bar*baz.

Another example to clarify the encoding rules: 

URL: http://yourserver.biz/cgi-bin/authsrv.pl/=fOO/*bar.baz
Result: /content/xrdfiles/%3Dfoo*bar%2Ebaz


Format of XRD Fragments

Generally, the XRD fragment file should contain children of the <XRD> element, sans the <Status> or <Query> elements as they are added dynamically by the script. Often, it would be a list of <Service> elements.

For example, the XRD fragment for =foo*bar saved in the file /content/xrdfiles/%3Dfoo*bar: 

 <Service>
  <Type select="true">xri://$res*auth*($v*2.0)</Type>
  <MediaType>application/xrds+xml;trust=none</MediaType>
  <URI>http://yourserver.biz/cgi-bin/authsrv.pl/=foo/*bar/</URI>
 </Service>

 <Service>
  <Type select="true">http://openid.net/signon/1.0</Type>
  <URI>http://myopenidserver.biz/openid</URI>
 </Service>

This publishes an authority resolution service that makes =foo*bar a community, as well as an OpenID endpoint for it.

Retrieved from "http://dev.inames.net/wiki/AuthSrv"