Step 4 - Verify the Identity 

• make another 'Net::OpenID::Consumer'

• this time, it seems to read GET args from '$r'

• it uses magic, smoke, mirrors and handwaving