My thoughts on Japan’s casino bribery scandal

A month ago, prosecutors arrested Akimoto, a Liberal Democratic Party lawmaker that was in charge of casino policy, on suspicion he received bribes from a company owned by the Chinese seeking to establish a live casino in Japan.

The arrest has hardened public opposition to the least popular plan to give the green light to casinos. The response of the government was that they intend to consider adding rules to basic policy so that when resort operators make contact with secretaries.


When you play live casino, you can meet dealers from across any locations and talk to them. There is also a live dealer but in an online casino – オンラインカジノ, there is a random number generator, a dealer is a person that interacts with you when you play live casino that replaces a real dealer. In simple words, a live casino player deals with a real human and has all the actual fun.

Integrate your Perl application with Google Apps Marketplace

I spent most of the last week trying to figure out how to take a Perl web app and integrate it with the Google Apps Marketplace. This is where the supposedly 3 million businesses who signed up for Google Apps go for third-party integrations.

You have to sign up as a vendor in order to make your web application available to Google Apps customers. The other requirement is that your app supports OpenID Single Sign-on. This is where the integration turned difficult for me.

I assumed you would use Net::OpenID::Consumer to handle the consumer-side processing. However, after only a little headway, and asking around on StackOverflow as well as the Google Marketplace forums, I was stuck. I could not close the OpenID circuit and continue on to my app.

I eventually solved the problem by switching modules. I changed to the skimpily documented Net::Google::FederatedLogin, and finally got things working.

The code is as follows (substitute below for your actual developer’s domain).

First, you have to login your Google Apps Marketplace vendor profile, and add the URL to index.cgi in your application manifest, with the required ${DOMAIN_NAME} variable. ${DOMAIN_NAME} will be replaced by the domain of the user who installs your app. This parameter is integral to the authentication scheme.


The application manifest is like the installer for your web app. It’s detailed here, but is kind of outside of the scope of this post.

Once you’ve gotten the application manifest done, add the following code to your servers.


use CGI;
use Net::Google::FederatedLogin;

my $q = CGI->new();

my $domain = $q->param('domain');
if (!$domain) {
    print $q->header(), 'Provide domain please.';
    exit 0;

my $fl = Net::Google::FederatedLogin->new(
    claimed_id => 
        '' . $domain,
    return_to =>
    extensions => [
            ns          => 'ax',
            uri         => '',
            attributes  => {
                mode        => 'fetch_request',
                required    => 'email',
                type        => {
                    email => ''
    ] );

print $q->redirect($fl->get_auth_url());

Note that $domain above is used in the claimed_id parameter and is sent to Google for verification. The extensions parameter informs Google what user data to send back to your site when it redirects to return_to. Which, in this case, is


use CGI;
use Net::Google::FederatedLogin;
use LWP::UserAgent;
use HTTP::Request::Common;
use URI;
use URI::Escape qw(uri_escape);
use Net::OAuth;

# OAuth (to access user's Google data)
# You get these from your vendor profile in Google Apps. Same place
# where you edit the application manifest.
my $CONSUMER_KEY = '??????????????';
my $CONSUMER_SECRET = '??????????????????';

# We want to get some calendar data from the user
my $URL = 

my $q = CGI->new();
print $q->header();

# OpenID final step
my $fl = Net::Google::FederatedLogin->new(  
    cgi => $q,
    return_to =>
        '' );

eval { $fl->verify_auth(); };
if ([email protected]) {
    print 'Error: ' . [email protected];
else {
    my $ext = $fl->get_extension('');

# OAuth
sub get_calendar_oauth {
    my $email = shift;

    my $oauth_request =
              consumer_key => $CONSUMER_KEY,
              consumer_secret => $CONSUMER_SECRET,
              request_url => $URL,
              request_method => 'GET',
              signature_method => 'HMAC-SHA1',
              timestamp => time,
              nonce => nonce(),
              extra_params => {
            'xoauth_requestor_id' => $email
    my $req = HTTP::Request->new(
        GET => $URL . '?xoauth_requestor_id=' . uri_escape($email) );

    $req->header('Content-type' => 'application/atom+xml');
        'Authorization' => $oauth_request->to_authorization_header);

    my $ua = LWP::UserAgent->new;
    my $oauth_response = $ua->simple_request($req);
    while($oauth_response->is_redirect) {

      my $url = URI->new($oauth_response->header('Location'));


      my %query = $url->query_form;
      foreach my $param (keys %query) {
        $oauth_request->{extra_params}->{$param} = $query{$param};

      $url->query(undef); # clear out the query parameters
      $oauth_request->{request_url} = $url;
      $oauth_request->sign; # resign
        'Authorization' => $oauth_request->to_authorization_header );

      $oauth_response = $ua->simple_request($req);

    print $oauth_response->as_string;

} # get_calendar_oauth

sub nonce {
  my @a = ('A'..'Z', 'a'..'z', 0..9);
  my $nonce = '';
  for(0..31) {
    $nonce .= $a[rand(scalar(@a))];


The final OpenID step is quite minimal, as you can see above. You simply create a new Net::Google::FederatedLogin object and pass it the CGI object plus return_to value. Then you verify, and if there isn’t an error, you should be able to access the extension data via the call to get_extension().

Much of the above script is devoted to doing OAuth in order to access the user’s Google data, in this case his calendar. If you only need to authenticate a user and not access Google data, you could omit the call to get_calendar_oauth() entirely.


When you create your app in the vendor section of Google Apps Marketplace, it will be assigned a Consumer Secret and a Consumer Key. These must be present in the parameters when you instantiate your Net::OAuth object. In the above code, you would set $CONSUMER_KEY and $CONSUMER_SECRET to these values.

The data is returned as Atom/XML. In the above code I do nothing with it except print it out. The code in get_calendar_oauth has been borrowed almost directly from this blog post by Jeremy Smith.

That’s basically it. This was intended to be a sparse example covering the two main points for integrating with Google Apps from Perl — OpenID to grant access to your app via Google credentials, and OAuth for accessing Google data on behalf of the user.