Apache2-Authen-OdinAuth
view release on metacpan or search on metacpan
lib/Apache2/Authen/OdinAuth.pm view on Meta::CPAN
########################################################### 2) we might need auth - see if we have a valid cookie#my$cookie_is_invalid='by default';my$cookie_user='?';my$cookie_roles='_';my$cookies=&parse_cookie_jar($r->headers_in->{'Cookie'});my$cookie=$cookies->{config->{cookie}};if($cookie) {my($user,$roles);eval{($user,$roles) =Crypt::OdinAuth::check_cookie(config->{secret},$cookie,$r->headers_in->{'User-Agent'});
lib/Crypt/OdinAuth.pm view on Meta::CPAN
my$hmac_received= Digest::HMAC->new($secret, Digest->new("SHA-256"));my$hmac_calculated= Digest::HMAC->new($secret, Digest->new("SHA-256"));$hmac_received->add($hmac);$hmac_calculated->add(hmac_for($secret,$user,$roles,$ts,$ua));die"Invalid signature\n"if($hmac_received->digest ne$hmac_calculated->digest );die"Cookie is old\n"if($ts<time() - OLD_COOKIE );die"Cookie is in future\n"if($ts>time() + 5*60 );return$user,$roles;}=head1 AUTHORMaciej Pasternacki, C<< <maciej at pasternacki.net> >>=head1 BUGS
'netcat')}qr/^Invalid signature$/;throws_ok {Crypt::OdinAuth::check_cookie('secret',Crypt::OdinAuth::cookie_for('secret','login_name','role1,role2,role3','netcat',time()-2*Crypt::OdinAuth::OLD_COOKIE),'netcat')}qr/^Cookie is old$/;throws_ok {Crypt::OdinAuth::check_cookie('secret',Crypt::OdinAuth::cookie_for('secret','login_name','role1,role2,role3','netcat',time()+10*60),'netcat')}qr/^Cookie is in future$/;subtry_to_authorize {my($user,$roles);eval{($user,$roles) = Crypt::OdinAuth::check_cookie('secret'.(shift||''),Crypt::OdinAuth::cookie_for('secret','login_name','role1,role2,role3','netcat'),'netcat');} orreturn$@;
( run in 0.490 second using v1.01-cache-2.11-cpan-64827b87656 )