Activator
view release on metacpan or search on metacpan
'Hash::Merge' => 0,
'Time::HiRes' => 0,
'Exception::Class::TryCatch' => 0,
'Exception::Class::DBI' => 0,
'Email::Send' => 0,
'MIME::Lite' => 0,
'HTML::Entities' => 0,
'Digest::SHA1' => 0,
'Crypt::CBC' => 0,
'MIME::Base64' => 0,
'CGI::Cookie' => 0,
'YAML::Syck' => 0,
'Template' => 0,
'Template::Plugin::HTML::Strip' => 0,
},
);
$build->create_build_script;
lib/Activator/Emailer.pm
lib/Activator/Exception.pm
lib/Activator/Log.pm
lib/Activator/Options.pm
lib/Activator/Pager.pm
lib/Activator/Registry.pm
lib/Activator/Tutorial.pm
lib/Catalyst/Plugin/Activator/Config.pm
lib/Catalyst/Plugin/Activator/Dictionary.pm
lib/Catalyst/Plugin/Activator/Exception.pm
lib/Catalyst/Plugin/SecureCookies.pm
MANIFEST This list of files
META.yml
README
share/apache2/conf.d/catalyst.conf.tt
share/apache2/conf/httpd.conf.tt
share/apache2/conf/magic.tt
share/conf/default-project.yml
t/Config-01.t
t/Config-02.t
t/Config-03.t
author: []
abstract: |-
Object Oriented framework to ease
creation and rapid development of multi-developer distributed mixed
environment perl based software projects, especially Catalyst based
websites.
license: perl
resources:
license: http://dev.perl.org/licenses/
requires:
CGI::Cookie: 0
Class::StrongSingleton: 0
Crypt::CBC: 0
Data::Dumper: 0
Digest::SHA1: 0
Email::Send: 0
Exception::Class: 0
Exception::Class::DBI: 0
Exception::Class::TryCatch: 0
HTML::Entities: 0
Hash::Merge: 0
Activator::Registry:
file: lib/Activator/Registry.pm
Activator::Tutorial:
file: lib/Activator/Tutorial.pm
Catalyst::Plugin::Activator::Config:
file: lib/Catalyst/Plugin/Activator/Config.pm
Catalyst::Plugin::Activator::Dictionary:
file: lib/Catalyst/Plugin/Activator/Dictionary.pm
Catalyst::Plugin::Activator::Exception:
file: lib/Catalyst/Plugin/Activator/Exception.pm
Catalyst::Plugin::SecureCookies:
file: lib/Catalyst/Plugin/SecureCookies.pm
version: 0.01
generated_by: Module::Build version 0.2808
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.2.html
version: 1.2
Class::StrongSingleton
Hash::Merge
Time::HiRes
Exception::Class::TryCatch
Exception::Class::DBI
Email::Send
MIME::Lite
Digest::SHA1
Crypt::CBC
MIME::Base64
CGI::Cookie
YAML::Syck
See `perldoc Activator` for more information.
COPYRIGHT AND LICENCE
---------------------
Copyright (c) 2007 Karim A. Nassar <karim.nassar@acm.org>
You may distribute under the terms of either the GNU General Public
lib/Activator.pm view on Meta::CPAN
# HTML::Lint \
# Catalyst::Plugin::Authentication::User::Hash \
# WWW::Mechanize \
# Catalyst::Plugin::Static::Simple \
# Catalyst::Plugin::Authentication \
# Catalyst::Plugin::Authentication::Store::DBIC \
# Catalyst::Plugin::Authentication::Credential::Password \
# Catalyst::Plugin::Authorization::Roles \
# Catalyst::Plugin::Session \
# Catalyst::Plugin::Session::Store::Memcached \
# Catalyst::Plugin::Session::State::Cookie \
# Catalyst::Plugin::Cache::Memcached \
#yum install \
perl-Data-Dumper \
perl-Scalar-Util \
perl-IO-Capture \
perl-Exception-Class \
perl-Test-Exception \
lib/Activator/Config.pm view on Meta::CPAN
#### realm that says where every variable came from.
=head1 COOKBOOK
#### TODO: these examples are probably complete baloney at this point.
This section gives some examples of how to utilze this module. Each
section below (cleverly) assumes we are writing a Cookbook application
that can fetch recipies from a database.
=head2 End User
Use Case: A user has a CPAN module that provides C<cookbook.pl> to
lookup recipies from a database. The project installs these files:
/etc/cookbook.d/org.yml
/usr/lib/perl5/site-perl/Cookbook.pm
/usr/bin/cookbook.pl
C<org.yml> has the following data:
---
default:
db_name: cookbook
db_user: chef
db_passwd: southpark
lib/Activator/Config.pm view on Meta::CPAN
cookbook.pl --conf_file=$HOME/$USER.yaml lookup beans
#### user creates $HOME/.cookbook.d
cookbook.pl lookup beans
=head2 Simple Development
Use Case: developer is working on C<cookbook.pl>. Project directory
looks like:
$HOME/src/Cookbook/lib/Cookbook.pm
$HOME/src/Cookbook/bin/cookbook.pl
$HOME/src/Cookbook/etc/cookbook.d/org.yml
$HOME/src/Cookbook/.cookbook.d/$USER.yml
With these configurations:
org.yml:
---
default:
db_name: cookbook
db_user: chef
db_passwd: southpark
lib/Activator/Config.pm view on Meta::CPAN
db_name: $USER
db_user: $USER
db_passwd: passwd
staging:
db_name: staging
db_user: test
db_passwd: test
#### when developing, call the script like this to lookup bean
#### recipies from developers personal db
cd $HOME/src/Cookbook
bin/cookbook.pl lookup beans
#### To demo the project to someone else, developer creates a demo
#### account, which has the environment variable ACT_CONFIG_realm set
#### to 'staging'. demo user then uses the script as if it were
#### installed, but connects to the staging database:
cookbook.pl lookup beans
#### if the developer wants to see what the demo user sees:
cd $HOME/src/Cookbook
bin/cookbook.pl --realm=staging lookup beans
=head1 TODO: complex development
Someday, we'll have a really neat example of all the goodness this
module is capable of.
=head1 FUTURE WORK
=over
lib/Activator/Options.pm view on Meta::CPAN
Since this module is part of L<Activator>, you can set your
L<Activator::Log> level to DEBUG to see how your C<$opts> are
generated.
#### TODO: in the future, there needs to be a 'lint' hash within the
#### realm that says where every variable came from.
=head1 COOKBOOK
This section gives some examples of how to utilze this module. Each
section below (cleverly) assumes we are writing a Cookbook application
that can fetch recipies from a database.
#### TODO: these examples use currently unimplemented features. FIX IT!
=head2 End User
Use Case: A user has a CPAN module that provides C<cookbook.pl> to
lookup recipies from a database. The project installs these files:
/etc/cookbook.d/org.yml
/usr/lib/perl5/site-perl/Cookbook.pm
/usr/bin/cookbook.pl
C<org.yml> has the following data:
---
default:
db_name: cookbook
db_user: chef
db_passwd: southpark
lib/Activator/Options.pm view on Meta::CPAN
cookbook.pl --conf_file=$HOME/$USER.yaml lookup beans
#### user creates $HOME/.cookbook.d
cookbook.pl lookup beans
=head2 Simple Development
Use Case: developer is working on C<cookbook.pl>. Project directory
looks like:
$HOME/src/Cookbook/lib/Cookbook.pm
$HOME/src/Cookbook/bin/cookbook.pl
$HOME/src/Cookbook/etc/cookbook.d/org.yml
$HOME/src/Cookbook/.cookbook.d/$USER.yml
With these configurations:
org.yml:
---
default:
db_name: cookbook
db_user: chef
db_passwd: southpark
lib/Activator/Options.pm view on Meta::CPAN
db_name: $USER
db_user: $USER
db_passwd: passwd
staging:
db_name: staging
db_user: test
db_passwd: test
#### when developing, call the script like this to lookup bean
#### recipies from developers personal db
cd $HOME/src/Cookbook
bin/cookbook.pl lookup beans
#### To demo the project to someone else, developer creates a demo
#### account, which has the environment variable ACT_OPT_realm set
#### to 'staging'. demo user then uses the script as if it were
#### installed, but connects to the staging database:
cookbook.pl lookup beans
#### if the developer wants to see what the demo user sees:
cd $HOME/src/Cookbook
bin/cookbook.pl --realm=staging lookup beans
=head1 TODO: complex development
Someday, we'll have a really neat example of all the goodness this
module is capable of.
=head1 SEE ALSO
lib/Catalyst/Plugin/SecureCookies.pm view on Meta::CPAN
package Catalyst::Plugin::SecureCookies;
use strict;
use CGI::Cookie;
use Symbol;
use Class::Accessor::Fast;
use Digest::SHA1;
use Crypt::CBC;
use MIME::Base64;
our $VERSION = 0.01;
our $CIPHER;
=head1 NAME
Catalyst::Plugin::SecureCookies - Tamper-resistant, encrypted HTTP Cookies
=head1 SYNOPSIS
use Catalyst qw/SecureCookies/;
MyApp->config->{SecureCookies} = {
key => $blowfish_key,
ssl => 1 # send the checksum over ssl
};
MyApp->setup;
# later, in another part of MyApp...
$c->request->exp_secure_cookies( $expiration );
$c->request->set_secure_cookie( 'my_cookie_name', $value );
my $secure_data = $c->request->get_secure_cookie('my_cookie_name');
lib/Catalyst/Plugin/SecureCookies.pm view on Meta::CPAN
When HTTP cookies are used to store a user's state or identity it's
important that your application is able to distinguish legitimate
cookies from those that have been edited or created by a malicious
user.
This module creates a pair of cookies which encrypt a form so the
user cannot modify cookie contents.
=head2 Implementation
SecureCookies is implemented using Crypt::CBC and MIME::Base64
to encrypt and encode a urlencoded string representing a perl
hash. The encoded string is then hashed using Digest::SHA1 to
prepare a sort of "checksum" or hash to make sure the user did
not modify the cookie.
=head1 CONFIGURATION
=over 4
=item key
MyApp->config->{SecureCookies}->{key} = $secret_key;
This parameter is B<required>, and sets the secret key that is used to
encrypt the cookies with Crypt::CBC Blowfish. This needs to be a
16 hex character string.
=item ssl
MyApp->config->{SecureCookies}->{ssl} = 0;
# or
MyApp->config->{SecureCookies}->{ssl} = 1;
This parameter is optional, and will default to C<1> if not set.
If C<1>, the checksum or hash cookie will be sent over SSL for
added security. This will prevent replay attacks from being
used against the server.
If C<0>, the checksum will be sent as a normal, non-secure cookie.
=back
lib/Catalyst/Plugin/SecureCookies.pm view on Meta::CPAN
=cut
=head1 METHODS
=head2 Catalyst Request Object Methods
=over 4
=cut
*{Symbol::qualify_to_ref('SecureCookies', 'Catalyst::Request')} =
Class::Accessor::Fast::make_accessor('Catalyst::Request', 'SecureCookies');
=item C<< $c->request->get_secure_cookie($cookie_name) >>
If a cookie was successfully authenticated then this method will
return the value of the cookie.
=cut
*{Symbol::qualify_to_ref('get_secure_cookie', 'Catalyst::Request')} = sub {
my $self = shift;
my $name = shift;
return $self->SecureCookies->{$name};
};
# add a secure cookie to the output
*{Symbol::qualify_to_ref('set_secure_cookie', 'Catalyst::Response')} = sub {
my $self = shift;
my $name = shift;
my $value = shift;
$self->{SecureCookies}->{$name} = $value;
};
## set the cookie exp time
*{Symbol::qualify_to_ref('exp_secure_cookies', 'Catalyst::Response')} =
Class::Accessor::Fast::make_accessor('Catalyst::Request', 'exp_secure_cookies');
sub setup {
my $self = shift;
$self->config->{SecureCookies}->{ssl} ||= 1;
return $self->NEXT::setup(@_);
}
# remove and check hash in Cookie Values
sub prepare_cookies {
my $c = shift;
$c->NEXT::prepare_cookies(@_);
## pull out our secure dudes
$c->request->{SecureCookies} = {};
my $rJ = $c->request->cookie( 'rJ' );
my $rC = $c->request->cookie( 'rC' );
## decrypt them
if( $rJ && $rC ) {
## decode it
my $secret_form = &_decrypt( $c,
$rJ->value, # encoded cookie
$rC->value ); # it's checksum
if( $secret_form ) {
foreach my $key (keys %$secret_form) {
$c->request->{SecureCookies}->{$key} = $secret_form->{$key};
}
}
}
return $c;
}
# alter all Cookie Values to include a hash
sub finalize_cookies {
my $c = shift;
my $sc = $c->response->{SecureCookies};
if( $sc ) {
## pull in the existing secure cookies
my $sco = $c->req->SecureCookies;
if( $sco ) {
foreach my $key (keys %$sco) {
if( ! defined($sc->{$key}) ) {
$sc->{$key} = $sco->{$key};
}
}
}
## first encode the form
my ($encoded, $csum) = &_encrypt( $c, $sc );
## ssl, yes or no?
my $ssl = $c->config->{SecureCookies}->{ssl};
my $ssl_val = $ssl ? 1 : 0;
## expiration?
my $exp = $c->response->exp_secure_cookies();
## make the two cookies
$c->response->cookies->{rJ} = { value => $encoded,
expires => $exp };
$c->response->cookies->{rC} = { value => $csum,
expires => $exp };
my $domain = $c->config->{SecureCookies}->{cookie_domain};
if( $domain ) {
$c->response->cookies->{rJ}->{domain} = ".$domain";
$c->response->cookies->{rJ}->{path} = '/';
$c->response->cookies->{rC}->{domain} = ".$domain";
$c->response->cookies->{rC}->{path} = '/';
}
}
$c->NEXT::finalize_cookies(@_);
return $c;
lib/Catalyst/Plugin/SecureCookies.pm view on Meta::CPAN
Return:
$encoded - the encoded form
$csum - the checksum
=cut
sub _encrypt {
my ( $c, $form_hashref ) = @_;
my $cipher = &_get_cipher( $c->config->{SecureCookies}->{key} );
## first url encode it
my $encoded = &_url_encode_hashref( $form_hashref );
## now we encrypt and mime encode it
my $encrypted = $cipher->encrypt( $encoded );
# $encrypted =~ s/^RandomIV//;
my $mimed = &_base64_encode_url( $encrypted );
## checksum it
lib/Catalyst/Plugin/SecureCookies.pm view on Meta::CPAN
$csum - csum for the form
Return:
$form_hashref - hashref of the variables
=cut
sub _decrypt {
my ( $c, $encoded, $csum ) = @_;
my $cipher = &_get_cipher( $c->config->{SecureCookies}->{key} );
## calc a csum for the encrypted block
my $ctx = new Digest::SHA1;
$ctx->add( $encoded );
my $this_csum = substr( &_base64_encode_url( $ctx->digest ), 3, 4 );
## compare it
if( $csum ne $this_csum ) { return undef; }
( run in 0.458 second using v1.01-cache-2.11-cpan-e9199f4ba4c )