Apache2-Authen-OdinAuth
view release on metacpan or search on metacpan
lib/Apache2/Authen/OdinAuth.pm view on Meta::CPAN
185186187188189190191192193194195196197198199200201202203204205#########################################################
#
# 2) we might need auth - see if we have a valid cookie
#
my
$cookie_is_invalid
=
'by default'
;
my
$cookie_user
=
'?'
;
my
$cookie_roles
=
'_'
;
my
$cookies
=
&parse_cookie_jar
(
$r
->headers_in->{
'Cookie'
});
my
$cookie
=
$cookies
->{config->{cookie}};
if
(
$cookie
) {
my
(
$user
,
$roles
);
eval
{
(
$user
,
$roles
) =
Crypt::OdinAuth::check_cookie(
config->{secret},
$cookie
,
$r
->headers_in->{
'User-Agent'
});
lib/Crypt/OdinAuth.pm view on Meta::CPAN
8990919293949596979899100101102103104105106107108109110111112
my
$hmac_received
= Digest::HMAC->new(
$secret
, Digest->new(
"SHA-256"
));
my
$hmac_calculated
= Digest::HMAC->new(
$secret
, Digest->new(
"SHA-256"
));
$hmac_received
->add(
$hmac
);
$hmac_calculated
->add(hmac_for(
$secret
,
$user
,
$roles
,
$ts
,
$ua
));
die
"Invalid signature\n"
if
(
$hmac_received
->digest ne
$hmac_calculated
->digest );
die
"Cookie is old\n"
if
(
$ts
<
time
() - OLD_COOKIE );
die
"Cookie is in future\n"
if
(
$ts
>
time
() + 5*60 );
return
$user
,
$roles
;
}
=head1 AUTHOR
Maciej Pasternacki, C<< <maciej at pasternacki.net> >>
=head1 BUGS
4950515253545556575859606162636465666768697071727374757677
'netcat'
)
}
qr/^Invalid signature$/
;
throws_ok {
Crypt::OdinAuth::check_cookie(
'secret'
,
Crypt::OdinAuth::cookie_for(
'secret'
,
'login_name'
,
'role1,role2,role3'
,
'netcat'
,
time
()-2
*Crypt::OdinAuth::OLD_COOKIE
),
'netcat'
)
}
qr/^Cookie is old$/
;
throws_ok {
Crypt::OdinAuth::check_cookie(
'secret'
,
Crypt::OdinAuth::cookie_for(
'secret'
,
'login_name'
,
'role1,role2,role3'
,
'netcat'
,
time
()+10*60),
'netcat'
)
}
qr/^Cookie is in future$/
;
sub
try_to_authorize {
my
(
$user
,
$roles
);
eval
{
(
$user
,
$roles
) = Crypt::OdinAuth::check_cookie(
'secret'
.(
shift
||
''
),
Crypt::OdinAuth::cookie_for(
'secret'
,
'login_name'
,
'role1,role2,role3'
,
'netcat'
),
'netcat'
);
} or
return
$@;
( run in 0.328 second using v1.01-cache-2.11-cpan-0d8aa00de5b )