Guide to External Authentication - OpenID Connect

Introduction

External authentication allows your server's users to log in to WHM, cPanel, and Webmail through OpenID Connect-compliant identity providers. The OpenID Connect Provider Module configures a server to connect to and authenticate through the identity provider. Create the identity provider module in the /var/cpanel/perl/Cpanel/Security/Authn/Provider/ directory and use theCpanel::Security::Authn::Provider::OpenIdConnectBase base class.

Note:

Additional examples that demonstrate other methods are available in the /usr/local/cpanel/Cpanel/Security/Authn/Provider/directory with the .sample file extension.

 

Warning:

After you install the identity provider module, you must obtain credentials from that identity provider and then use WHM's Manage External Authentications interface (Home>> Security Center >> Manage External Authentications) to configure the identity provider module with those credentials.

 

OpenID Connect's authentication chain

When you use an identity provider, the system performs the following steps:

  1. The cPanel service login interface displays a list of configured and enabled identity providers.
  2. The user clicks the desired identity provider.
  3. The browser redirects the user to the login interface for the identity provider.
  4. The user enters their credentials for the identity provider.
  5. The browser returns the user to the cPanel service login interface.
  6. If the user has not yet associated their authentication credentials with the account in cPanel's Change Password interface (Home >> Preferences >> Change Password), the server asks for their local server credentials.
  7. If the user has associated their authentication credentials with the account, the server will automatically log them in to the cPanel service.

OpenID Connect's provider methods

The tables below contain the required, recommended, and optional methods.

Required

Warning:

You must configure the following methods in the Cpanel::Security::Authn::Provider::OpenIdConnectBase base class. If you do not configure a required method, it will die with a Cpanel::Exception::NotImplemented exception.

Method name

Type

Description

Possible Values

Example

_DISPLAY_NAME

 string 

The identity provider's friendly name. cPanel & WHM interfaces display this value.

A valid string.

Izzy

_PROVIDER_NAME

string

The identity provider's system name. 

Notes:

  • This method must be unique among the installed OpenID Connect identity providers.
  • This method should consist of lower-case letters, numbers, dashes, periods, and underscores in 7-bit ASCII. We recommend that you enter the identity provider name in lower case in order to avoid case conversion issues.

A valid string in lower case.

izzy

_WELL_KNOWN_CONFIG_URI

string

The well-known configuration URI of the OpenID Connect implementation. The system uses the configuration to discover the endpoints to use in the OpenID Connect exchange.

Notes:

  • The system retrieves the configuration on demand and caches it for 24 hours.
  • Upon receipt of a fresh configuration file, the system will update the changes in the remote endpoints for OpenID Connect authorization.
  • For more information about well-known configuration URIs, read RFC 5785.

A valid URI.

https://accounts.izzy.com/.well-known/openid-configuration

 

Suggested

We strongly recommend that you update the following methods in order to properly label your OpenID Connect implementation.

Method name

 

Description

 

Example

_BUTTON_COLOR

string

The background color of the button on the cPanel interface.

This value defaults tocccccc.

A valid RGB hexadecimal  value.

dd4b39

_BUTTON_ICON

string

The icon file to display in the button on the cPanel login interface.

This value defaults to empty string.

A valid Base64-encoded image file.

(see example in above code)

_BUTTON_ICON_TYPE

string

The icon file's MIME type.

A valid image format's MIME type.

image/svg+xml

_BUTTON_LABEL

string

The text label of the login icon on the cPanel login interface.

This value defaults to Log in with an OpenID Connect.

A valid string.

Log in with Izzy account

 _BUTTON_TEXT_COLOR 

string

The color of the text label on the cPanel login interface.

This value defaults to000000.

 A valid RGB hexadecimal color value. 

ffffff

 _DOCUMENTATION_URL 

 string 

 The public URL of the OpenID implementation's documentation at the openid.netwebsite. 

 A valid URL.

 https://developers.izzy.com/identity/protocols/OpenIDConnect 

 

Other

The following methods may not precisely conform to the specification of the OpenID Connect identity provider's protocol. Also, your identity provider may include newer or custom features that you wish to use.

Method Name

Type

Description

Possible Values

Example

_CAN_VERIFY

boolean

Whether the OpenID Connect identity provider supports signature verification of the identity tokens that the authorization server sends.

This value defaults to 1.
  • 1 — The authorization server supports signature verification.
  • 0 — The authorization server does not support signature verification.

1

 _CONFIG

hash

A hash of the identity provider's configuration settings.

This hash contains the id, secret,authorize_url,access_token_uri,user_info_uri, andredirect_urisparameters.

 

id

string

The client ID that you received when you registered your application with the authorization server.

For more information, readRFC-6749.

A valid string.

123456789012345678901

secret

string

The client secret that you received when you registered your application with the authorization server.

For more information, readRFC-6749.

A valid string.

Victoria

authorize_url

string

The URI to the authorization endpoint of the authentication server.

Notes:

  • This value defaults to the URI that the system retrieves from the well-known configuration.
  • For more information, readOpenID's Authorization Endpointdocumentation.

A valid URI.

http://authorize.izzy.com/

access_token_uri

string

The URI to the token endpoint of the authorization server.

Notes:

  • This value defaults to the URI that the system retrieves from the well-known configuration.
  • For more information, readOpenID's Token Endpointdocumentation.

A valid URI.

https://accounts.izzy.com/tokens/

user_info_uri

string

The URI to the user_infoendpoint of the authorization server.

Notes:

  • This value defaults to the URI that the system retrieves from the well-known configuration.
  • For more information, readOpenID's User Infodocumentation.

A valid URI.

https://accounts.izzy.com/user_info/

redirect_uris

array of strings

A list of valid redirection URIs that you sent when you registered your application to the authorization server.

Notes:

  • This value defaults to the values that the WHM configuration interface generates.
  • For more information, readRFC-6749.

An array of valid URIs.

http://izzy.com/

_CONFIG_FIELDS

hash of hashes

A hash of the identity provider's configuration fields.

This hash contains the field_nameparameter.

 

field_name

hash

A hash of a configuration field's parameters.

Note:

The hash uses the configuration field's name as a parameter name.

(varies)

 

label

string

The configuration entry's display name.

(varies)

 

description

string

The configuration entry's description.

(varies)

 

value

string

The configuration entry's default value, which will beundef if the identity provider has not set a value

(varies)

 

_DISPLAY_CONFIG

hash

A hash of the identity provider's display configuration values.

This hash  containslabel, color,textcolor, icon,icon_type,display_name,provider_name,  and documentationparameters.

 

label

string

The text label of the login button on the cPanel login interface.

This value defaults to_BUTTON_LABEL.

A valid string.

Log in to Izzy.

color

string

The background color of the button on the cPanel interface.

This value defaults to_BUTTON_COLOR.

A valid RGB hexadecimal color value.

cccccc

textcolor

string

The text color of the button on the cPanel interface.

This value defaults to_BUTTON_TEXT_COLOR.

A valid RGB hexadecimal color value.

000000

icon

string

The icon file to display in the button on the cPanel login interface.

This value defaults to_BUTTON_ICON. If_BUTTON_ICON returns 0, empty string, or undef, then the hash will not include this value.

 

 

A valid Base64-encoded image file.

 

 

 

icon_type

string

The icon file's MIME type.

A valid image format's MIME type.

image/svg+xml

display_name

string

The identity provider's friendly name.

This value defaults to_DISPLAY_NAME.

A valid string.

Izzy

provider_name

string

The identity provider's system name.

This value defaults to_PROVIDER_NAME.

A valid string.

 

izzy

documentation

string

The public URL of the OpenID implementation's documentation at theopenid.net website.

A valid publicly-available URL.

 https://developers.izzy.com/identity/protocols/OpenIDConnect 

_POSSIBLE_DISPLAY_USERNAME_KEY_NAMES

array

An array that contains a list of keys in an attempt to get the display username from theUserInfo response.

Notes:

  • This value defaults to theemail entry, and then uses thename entry if theemail entry is not available.
  • You may need to adjust this value in order to match the desired value for your identity provider.
  • For more information, readOpenID's UserInfoResponsedocumentation.

An array of valid strings.

email, name

 _POSSIBLE_DISPLAY_USERNAME_SUBKEY_NAMES 

array

An array that contains a list of sub keys in an attempt to get the display username from the UserInfo response.

Notes:

  • This value defaults to thepreferred entry, and then uses theaccount entry if the preferredentry is not available.
  • You may need to adjust this value in order to match the desired value for your identity provider.
  • For more information, readOpenID's UserInfoResponsedocumentation.

An array of valid strings.

preferred, account, business, personal

_POSSIBLE_ID_TOKEN_KEY_NAMES

array

An array that contains a list of ID Token keys in an attempt to get the ID token from theToken response.

Notes:

  • This value defaults to the id_tokenentry.
  • You may need to adjust this value in order to match the desired value for your identity provider.
  • For more information, read OpenID's TokenResponsedocumentation.

An array of valid strings.

id_token

_POSSIBLE_UNIQUE_IDENTIFIER_KEY_NAMES

array

An array that contains a list of keys in an attempt to get the subject unique identifier from the access token response.

Notes:

  • This value defaults to theemail entry, and then uses thename entry if theemail entry is not available.
  • You may need to adjust this value in order to match the desired value for your identity provider.
  • For more information, readOpenID's TokenEndpointdocumentation.

An array of valid strings.

email, name

 _GET_SECRET_BASED_SIGNING_KEY_PLAINTEXT 

string

This method returns the secret that the system used to verify the signature of the ID tokens.

Note:

This value defaults to the client's secret.

A valid string.

Victoria

_SCOPE

string

This method allows you to declare an alternate or add an additional scope to the claim of your authorization request.

Notes:

  • This value defaults to openid profile email.
  • For more information about scopes, readOpenID's scopedocumentation.

A valid string.

openid profile email

 

Example

The following example uses the Cpanel::Security::Authn::Provider::OpenIdConnectBase base class and overrides the necessary methods to create an identity provider that connects to Google's authentication service:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
package Cpanel::Security::Authn::Provider::Izzy;
 
# cpanel - Cpanel/Security/Authn/Provider/Izzy.pm
#                                                 Copyright(c) 2015 cPanel, Inc.
#                                                           All rights Reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
 
use strict;
 
use parent 'Cpanel::Security::Authn::Provider::OpenIdConnectBase';
 
my $image = <<EOF;
iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAKq2lDQ1BJQ0MgUHJvZmlsZQAASImV
lgdQU+kWx7970xstAQEpoffeQUroofcmKiGhhBJiICDYEXEFVhQRacqCrjQFV6XIKiIWRFkUG/YF
WRTUdbFgQ+Vd4BHee/N23rwzc3J/c+Z8/3vul++b+QNAvsfi81NgCQBSeRmCIA9nekRkFB33O8AC
JUAC2kCFxU7nMwICfMDfxoe7AJp73jKY0/r7vv8akpy4dDYAUADCsZx0dirCp5DsZvMFGQCgkARq
WRn8OS5HmCZABkT46BwnLHDPHMcu8O35npAgF4QnAMCTWSxBAgCk90idnslOQHTINISNeRwuD2FX
hB3YiSwOwnkI66emps3xcYS1Y/9FJ+HfNGNFmixWgogXvmU+8K7cdH4KK/v/3I7/HakpwsV3qCJJ
ThR4BiFPGWTPGpLTvEXMi/XzX2QuZ75/nhOFnqGLzE53iVpkDsvVe5GFyaGMRWYJltZyM5ghiyxI
CxLpx6W7BYv045g+ohlS/EQcz3VnLnJOYkj4Imdyw/wWOT052Hupx0VUFwiDRDPHC9xF35iavjQb
m7U0Q0ZiiOfSbBGiGThxrm6iOi9U1M/PcBZp8lMCRP1xKR6ienpmsGhtBnLAFjmJ5RWwpBMg2h/A
AMEgFEk6CAOewBSYI4lMlRG3bu5MA5c0fraAm5CYQWcgtyaOzuSxDfXppsYmFgDM3cGFv/jd9fm7
BcnGLtWykPUrviNnkbBUi3gKwDGkJs9aqmluBkAaBUBbL1soyFyooed+MIAIxAENyCF3XA254wbI
ZJbADjgBN+AF/EEIiASrARskglQgAFlgA9gK8kEh2A32gUpQAw6BBnAMnAAd4Aw4Dy6Da+AGuAMe
ghEwDl6CKfABzEAQhIMoEBWSg5QhDUgPMoWsIQfIDfKBgqBIKAZKgHiQENoAbYMKoRKoEqqFGqFf
oNPQeagfGoLuQ6PQJPQW+gKjYDJMgxVhTdgItoYZsDccAq+CE+C1cA6cB++Cy+E6+CjcDp+Hr8F3
4BH4JTyNAigSSgalgjJAWaNcUP6oKFQ8SoDahCpAlaHqUC2oLlQf6hZqBPUK9RmNRVPRdLQB2g7t
iQ5Fs9Fr0ZvQRehKdAO6HX0RfQs9ip5Cf8dQMAoYPYwthomJwCRgsjD5mDLMEUwb5hLmDmYc8wGL
xcpgtbBWWE9sJDYJux5bhD2AbcX2YIewY9hpHA4nh9PD2eP8cSxcBi4fV4E7ijuHu4kbx33Ck/DK
eFO8Oz4Kz8Pn4svwTfhu/E38c/wMQYKgQbAl+BM4hGxCMeEwoYtwnTBOmCFKErWI9sQQYhJxK7Gc
2EK8RHxEfEcikVRJNqRAEpe0hVROOk66QholfSZLkXXJLuRospC8i1xP7iHfJ7+jUCiaFCdKFCWD
sovSSLlAeUL5JEYVMxRjinHENotVibWL3RR7LU4Q1xBniK8WzxEvEz8pfl38lQRBQlPCRYIlsUmi
SuK0xLDEtCRV0kTSXzJVskiySbJfckIKJ6Up5SbFkcqTOiR1QWqMiqKqUV2obOo26mHqJeo4DUvT
ojFpSbRC2jHaIG1KWkraXDpMep10lfRZ6REZlIymDFMmRaZY5oTMXZkvyxSXMZbFLdu5rGXZzWUf
ZZfLOsnGyRbItsrekf0iR5dzk0uW2yPXIfdYHi2vKx8onyV/UP6S/KvltOV2y9nLC5afWP5AAVbQ
VQhSWK9wSGFAYVpRSdFDka9YoXhB8ZWSjJKTUpJSqVK30qQyVdlBmatcqnxO+QVdms6gp9DL6Rfp
UyoKKp4qQpValUGVGVUt1VDVXNVW1cdqRDVrtXi1UrVetSl1ZXVf9Q3qzeoPNAga1hqJGvs1+jQ+
ampphmvu0OzQnNCS1WJq5Wg1az3Spmg7aq/VrtO+rYPVsdZJ1jmgc0MX1rXQTdSt0r2uB+tZ6nH1
DugN6WP0bfR5+nX6wwZkA4ZBpkGzwaihjKGPYa5hh+FrI3WjKKM9Rn1G340tjFOMDxs/NJEy8TLJ
NekyeWuqa8o2rTK9bUYxczfbbNZp9sZczzzO/KD5PQuqha/FDotei2+WVpYCyxbLSSt1qxiraqth
a5p1gHWR9RUbjI2zzWabMzafbS1tM2xP2P5lZ2CXbNdkN7FCa0XcisMrxuxV7Vn2tfYjDnSHGIef
HEYcVRxZjnWOT53UnDhOR5yeM3QYSYyjjNfOxs4C5zbnjy62LhtdelxRrh6uBa6DblJuoW6Vbk/c
Vd0T3JvdpzwsPNZ79HhiPL0993gOMxWZbGYjc8rLymuj10Vvsnewd6X3Ux9dH4FPly/s6+W71/eR
n4Yfz6/DH/gz/ff6Pw7QClgb8GsgNjAgsCrwWZBJ0IagvmBq8JrgpuAPIc4hxSEPQ7VDhaG9YeJh
0WGNYR/DXcNLwkcijCI2RlyLlI/kRnZG4aLCoo5ETa90W7lv5Xi0RXR+9N1VWqvWrepfLb86ZfXZ
NeJrWGtOxmBiwmOaYr6y/Fl1rOlYZmx17BTbhb2f/ZLjxCnlTMbZx5XEPY+3jy+Jn0iwT9ibMJno
mFiW+Irrwq3kvknyTKpJ+pjsn1yfPJsSntKaik+NST3Nk+Il8y6mKaWtSxvi6/Hz+SNrbdfuWzsl
8BYcSYfSV6V3ZtAQszMg1BZuF45mOmRWZX7KCss6uU5yHW/dQLZu9s7s5znuOT+vR69nr+/doLJh
64bRjYyNtZugTbGbejerbc7bPL7FY0vDVuLW5K2/5RrnluS+3xa+rStPMW9L3th2j+3N+WL5gvzh
HXY7an5A/8D9YXCn2c6Knd8LOAVXC40Lywq/FrGLrv5o8mP5j7O74ncNFlsWH9yN3c3bfXeP456G
EsmSnJKxvb5720vppQWl7/et2ddfZl5Ws5+4X7h/pNynvLNCvWJ3xdfKxMo7Vc5VrdUK1TurPx7g
HLh50OlgS41iTWHNl5+4P92r9ahtr9OsKzuEPZR56NnhsMN9P1v/3HhE/kjhkW/1vPqRhqCGi41W
jY1NCk3FzXCzsHnyaPTRG8dcj3W2GLTUtsq0Fh4Hx4XHX/wS88vdE94nek9an2w5pXGquo3aVtAO
tWe3T3Ukdox0RnYOnfY63dtl19X2q+Gv9WdUzlSdlT5b3E3szuuePZdzbrqH3/PqfML5sd41vQ8v
RFy4fTHw4uAl70tXLrtfvtDH6Dt3xf7KmX7b/tNXra92XLO81j5gMdD2m8VvbYOWg+3Xra533rC5
0TW0Yqj7puPN87dcb12+zbx97Y7fnaG7oXfvDUcPj9zj3Ju4n3L/zYPMBzMPtzzCPCp4LPG47InC
k7rfdX5vHbEcOTvqOjrwNPjpwzH22Ms/0v/4Op73jPKs7Lny88YJ04kzk+6TN16sfDH+kv9y5lX+
n5J/Vr/Wfn3qL6e/BqYipsbfCN7Mvi16J/eu/r35+97pgOknH1I/zHws+CT3qeGz9ee+L+Ffns9k
fcV9Lf+m863ru/f3R7Ops7N8loA1bwUQZwDg+HgA3tYDQIkEgHoDAKLYgkeeD2jB188T+Dte8NHz
YQnA4R4A5qwa0wmACoS1EKZuAWDOIiHWCDYzE+U/Iz3ezHRBiyyPWJOe2dm3swDgYgD4Njg7O1M+
O/utDBkW8dfn/Ba8+byP4QKg/g7AOjX9jXVbwH/EPwCGGQVDbR7I2wAAAAlwSFlzAAALEwAACxMB
AJqcGAAAAgRpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRv
YmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYgeG1sbnM6
cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAg
PHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0
cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iCiAgICAgICAgICAgIHhtbG5zOnRpZmY9Imh0dHA6
Ly9ucy5hZG9iZS5jb20vdGlmZi8xLjAvIj4KICAgICAgICAgPGV4aWY6UGl4ZWxZRGltZW5zaW9u
PjM5MzwvZXhpZjpQaXhlbFlEaW1lbnNpb24+CiAgICAgICAgIDxleGlmOlBpeGVsWERpbWVuc2lv
bj41MTU8L2V4aWY6UGl4ZWxYRGltZW5zaW9uPgogICAgICAgICA8dGlmZjpPcmllbnRhdGlvbj4x
PC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9yZGY6UkRG
Pgo8L3g6eG1wbWV0YT4KxfVkQAAACgpJREFUWAmNV1lvG9cZPTMcLsN9EUmJlCzJ+9oEaZAu6WIU
CVD0pb+lr31x3/oL8hKgaOOiQVugRV10SZG2dlGntqPElmzZliWLEimJkkhxEfchh5ye71LMQ2Cg
HXI4w5k793zL+c53R3McZ4T/Y+M4NUrTNHUcjYYYDm11brgMaLpLnTtwoPHzv7YJrPHliV/1oIyZ
AA/6XTx//CmKu3nYgyH6/QEE78rrb+HC5dehiZ3jn1dN9aVrGnSZeDK5AE32ycgJeHHnJSqlAtwe
E51mHceVffQ6NTTqFRQL27j1y/ewuvIZwTWMRuNoTeZ41VECKsHUD4q76HbbaszEmIlBo9FIGbeb
38CtX/wUrUZFjZs5dRr+oB8ejwfBkIlIPIFgfA4f/eG3KB3uQdd15cirgCfXxpnU4Dozl7mR29zA
Pg1pt5oYjmy4XC643W410WBg4Y8fvodWs4OF8+cxlV5QwAd7GzSoBZfhQnwqBq/P5PMWnj1+gFgy
icRU+gsjJg5NwCdHuW643F40jluoVmp4uvoUhttAOBJBPJHA/OIi2rVDHOS34I/GGe4an+0TzIDH
68dxowCfPwgzOMSFqxe4X8L6sw38+oMP8KMf/wTBQFBhSRplm6RT/ZH//Bg2may5NLgNLzyayUtA
q9VBu9PFxtoKuod59G0X6kUJv0PiDWhkALMLZ7D29KlKkdc0MbB6+Oc//o3l53v4zpuXUC5uwz1/
bhxJTVeYr4qEIXdUroXK2gjMOgxDg1ezkMu9RK9tMRKz+Nb3vst7OnIvPsfC6TOYnklhevYUKpUq
U+bmuA5e5Kr45EUZ0zE/0o/v4b33f4ZAOIZsJouZ6TTS6TRi0RiCwSCjE4DP9MEYDGzmdJzvISVB
rCwVC9h8toqdwwbOz6cxf3oej5ZX0Kx38e73r2Nl6QEuXbuKuYV5HB830LcsVkUVn9+7j93NEqw3
stg/alEbdOXM/sEunj9/hkq1gS7H+v0mkskEMplpGH/501+Ryc4gNZ1CNB5HIBjA6vOXOCqUkT01
i7m5Gdy9ex+f5i28/do5FHLb8IfCrJwen5vFTn4HAf5vVOpYnI4AzTJqlQpWn72ESQ4kOGf2VAap
qZTihEGC2/aQz3dRrzfg8jj6jZer63jy6Cm2clsolcowmYJTmSnYFJlINIBHT9ZhUW9WN/IIDDs4
e+40UjMM59QUmo0mfD4fRiRaMkrSuU3uHhgs0Xari4P9A2yu57C2to7t7QKqtSqEd5KGbDYDw8s8
mAG/IsnAtrWVpcfOO+98jWXEXMWGWq8/cEL+APJPt5XAtFuzrJpjlp+blRBFeiaDWrVMHYjCzYq4
du0iljfyGlPruGmEyzDg9XhVuXY7PWxsbDEdG5TxIdOja/poOCKzbQgXmH4nkghj/7CCkdvFHM84
NZaox+dHLGLira9eQIq5K1fr6Pb6NJq5TKdU5TSbTbhIrMpxE8f1uiNixLqDQzGzbVvt/MOqcCEU
DmAqEUc0GnMMqUUpr5HDKmBbklotHpRx9z99xONhjJgvP6O0eO4s5skHw+OCTo8GtgVn2ACVS+V6
UKqhzxK9/MZrqLR76PVtiszYiJEzlAJTBMdQg+3YPJDwOnuBAPKrrBULpSSFKM1Gh9qew1GFHtEr
h5M0qA9dhk60/rjWQP1oh2NHiJLVsWgUnY6lyOVnSvd29tCllgw5dlz/DC+Bxl1U5hjvrlQ8foO+
QwLA+9KZVJuVUtE9hkZeiEKgUathmhGYSsaVuHg8BlLRCCKJGDQaFaAU23Sk37dQKOzig5sfolNr
oUxSt6kRkgZp08IJg7vIvUaBUkI0JICgy5f4TAfoTRce0+cM+n006bmb0bSsvpLqKIGlEbXqdSQS
EQST5+ANVfEV3cB6bgtrlPQgQrB6HVSKh1hfXqaEAeFYCkk6kWTJx6YS5EBUDKDbdF/CI+eOhIJW
WATuk5hyTdJyjVq/ub6FK1cvYo51PTs7gw7Fp16tIBHJwGHTSqcSFJsqlj7+F+KZOWbUgS8SIFVZ
nlwjCJ92Xmxi7fEjoRvi3giYgtgN3lVA45XMybmUBI3SGapyqY4LFxYRCQVUiNOsFL/XgOn1KRJG
kmGs3L4NG26kZ7MUFzd+/+ePkGbFdFttusCokqzs/jB8HopdmDoQhsY0koQTcN7nKWOgTuQoBsjd
TqevJHeBkpyjGH3y8R0Ut/NIZrPokPHN4gGqrR5uvv9zHLCCrr97nU+BXTMArxkg+JBz0QhZxjEK
0tAGFLkheaEiMAGVhwRepUOWVSot7A0Mc4rCdO3qeaSnkySfH8lMho0miifLT3Dnb7dZuhVs7JSw
VThk81pAkVXw6dIjhMMhpQVDgo+XamMMqTjBMtSv8pM3CKowxXtVtzo6vR5CpheF7T2l4abfhxBJ
GI5PsVsWcO+zxziotGhMCKn5OeS2d2Dee4jM3Cmm5A4FzlLSSyw1pxIEpkKcFh+FnGqTC/JRFvAg
obcZujZzGGRJFkoHVMgjyrwPJapjqXKM7fwu1pgSf8BUHbXB5mJ3W9jObamKCZF+smISLZCoisfi
oEJS/7kgcUSiFA8IOhISqGGKpV1670glcHkm205+D4uLc2rxsbu7rxqRTcUrU7qbzQaOKNE7+SLe
+uabFKEeTK4XRzZXEeLNiQECr7KrrjECCk9NLz8CLhvlkmSRRYZouiZPcOuzNK12F/IG0OL60SGz
q/Um7t5/iFxhDy222KNGGVeunOGiZQalZlUq+gRc/JZKkBAw/yxtkWhyQCbnKMk/zyaWihBpDJ0u
5o/xWUKiYroy5JjipDkuZGen8WB5HSOOYwPE21//Bi5fPoNc3iuzcbnHfIuyjcOg4E6mU/Oy88vG
S2Icj5INa0ARojeqmchVGilkabLkNOqCpEVC17O6XNWk8cMffFtx5ezZWVykXkQpPpFIiE/wjUlW
11xzDhkt6QnKzS8sUCQUwSHISZglPF0VZnlroXCI5SRjOhbHk2ebBO1DI7Es8kOiIxGZyyRx9dJp
zGeTFBifCm+AxIVBIwjqD/uVECnckx8xRD66m8vwkdTcyQ0BGHL54+bEkmu+OinS+Px+VI4OsXtQ
Yo/g5Lwr7BYDfaJuAR9Ljrxh5ERocly6wa6pdaE/HOH0KsQKRqBU5Hmim14vJ1LtiI46ir0Crlqo
jDoZqR4y/Li/tIIBx8diIZYe1wbMsURClRkHieqVyxXcuXOfD5toNNtclh1xHOlG4k1IILQQr3Uv
u5pcFJweV6w0X02osBX4eKCLQCm24pWVJ0zFBvXeBS/zyzdBjNcdLDcSRafxD6iAS9xnZuIq9/LO
MM7+JPCCLhFhmoVo8no9YNlZJ8RT6jQB51idr94Wjev2LIRCEfzmd3/H9s6hYrjX64bJpiIeyLRL
D5/j5q9ucd0wTTKPu6mLTkqEtBNHxRj15f//Ah9jPXoBZ9CgAAAAAElFTkSuQmCC
EOF
 
sub _DISPLAY_NAME          { return 'Izzy'; }
sub _PROVIDER_NAME         { return 'izzy'; }
sub _WELL_KNOWN_CONFIG_URI { return 'https://accounts.izzy.com/.well-known/openid-configuration'; }
sub _DOCUMENTATION_URL     { return 'https://developers.izzy.com/identity/protocols/OpenIDConnect'; }
 
sub _BUTTON_LABEL      { return 'Log in with a Izzy Account'; }
sub _BUTTON_COLOR      { return 'dd4b39'; }
sub _BUTTON_TEXT_COLOR { return 'FFFFFF'; }
sub _BUTTON_ICON       { $image =~ s/\n//g; return $image; }
sub _BUTTON_ICON_TYPE  { return 'image/svg+xml';}
sub _CAN_VERIFY        { return 1; }
 
1;

Package the module

1
 package Cpanel::Security::Authn::Provider::Google;

This declaration instructs Perl to treat all of the file's functions as part of the Cpanel::Security::Authn::Provider::Izzy namespace.

For more information, read perldoc.perl.org's package documentation.

Set the strict pragma

9
use strict;

This declaration instructs Perl to return errors if the file contains potentially unsafe code.

For more information, read perldoc.perl.org's strict documentation.

Specify the class's parents

11
use parent 'Cpanel::Security::Authn::Provider::OpenIdConnectBase';

This declaration instructs Perl to use the Cpanel::Security::Authn::Provider::OpenIdConnectBase module as a parent to this module.

Set the image variable

13
14
15
16
17
18
19
my $image = <<EOF;
iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAKq2lDQ1BJQ0MgUHJvZmlsZQAASImV
<div class="line number15 index2
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

The cPanel Interface

For  cPanel  &  WHM  version  58 Overview The cPanel interface is...

User Preferences

For cPanel & WHM version 58 Overview This document outlines how to access your cPanel...

Manage External Authentications

For cPanel & WHM version 58 Overview Manage credentials Additional documentation...

What is cPanelID?

In This Article:  Overview ServicesHow to get a cPanelID cPanelID External...

Guide to cPanel Interface Customization - cPanel Style Development

Introduction You can develop custom styles that modify the appearance of the cPanel interface....