Authen-HTTP-Signature
5 results

 view release on metacpan or  search on metacpan

lib/Authen/HTTP/Signature.pm  view on Meta::CPAN 


our $VERSION = '0.03';

=head1 SYNOPSIS

Create signatures:

    use 5.010;
    use Authen::HTTP::Signature;
    use File::Slurp qw(read_file);
    use HTTP::Request::Common;

    my $key_string = read_file("/my/priv/key.pem") or die $!;

    my $signer = Authen::HTTP::Signature->new(
        key => $key_string,
        key_id => 'Test',
    );

    my $req = POST('http://example.com/foo?param=value&pet=dog',
            Content_Type => 'application/json',

lib/Authen/HTTP/Signature.pm  view on Meta::CPAN 

    my $signed_req = $signer->sign($req);

    # adds then signs the 'Date' header with private key using
    # RSA-SHA256, then adds 'Authorization' header to
    # $req

Validate signatures:

    use 5.010;
    use Authen::HTTP::Signature::Parser;
    use HTTP::Request::Common;
    use File::Slurp qw(read_file);
    use Try::Tiny;

    my $req = POST('http://example.com/foo?param=value&pet=dog',
            Content_Type => 'application/json',
            Content_MD5 => 'Sd/dVLAcvNLSq16eXua5uQ==',
            Content_Length => 18,
            Date => 'Thu, 05 Jan 2012 21:31:40 GMT',
            Authorization => q{Signature keyId="Test",algorithm="rsa-sha256",signature="ATp0r26dbMIxOopqw0OfABDT7CKMIoENumuruOtarj8n/97Q3htHFYpH8yOSQk3Z5zh8UxUym6FYTb5+A0Nz3NRsXJibnYi7brE/4tx5But9kkFGzG+xpUmimN4c3TMN7OFH//+r8hBf7BT9/GmHDUVZT2JzWGLZES...
            Content => '{"hello": "world"}'

t/01-basic-sign.t  view on Meta::CPAN 

412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc
mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7
kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA
gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW
G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI
7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==
-----END RSA PRIVATE KEY-----
_EOT

use Authen::HTTP::Signature;
use HTTP::Request;

my $req = HTTP::Request->parse($reqstr);

my $default_auth = Authen::HTTP::Signature->new(
    key => $private_str,
    request => $req,
    key_id => 'Test',
);

isa_ok($default_auth, 'Authen::HTTP::Signature', 'constructed object');
my $signed_req = $default_auth->sign();
is($signed_req->header('Authorization'), $default, 'default auth header matches');

t/02-basic-verify.t  view on Meta::CPAN 

my $public_str = <<_EOT;
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3
6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6
Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw
oYi+1hqp1fIekaxsyQIDAQAB
-----END PUBLIC KEY-----
_EOT

use Authen::HTTP::Signature::Parser;
use HTTP::Request;

my $req = HTTP::Request->parse($reqstr);
$req->header(Authorization => $default);

my $exception = exception { Authen::HTTP::Signature::Parser->new($req)->parse() };
like($exception, qr/skew/, "clock skew error");

my $pr = Authen::HTTP::Signature::Parser->new(
    skew => 0,
);

my $p = $pr->parse($req);

t/03-hmac.t  view on Meta::CPAN 

  splice(@string,23,0,'-');
  return join('', @string);
}

my $key = generate();

diag "Key is $key";

use Authen::HTTP::Signature;
use Authen::HTTP::Signature::Parser;
use HTTP::Request;

my $req = HTTP::Request->parse($reqstr);

my $default_auth = Authen::HTTP::Signature->new(
    key => $key,
    request => $req,
    key_id => 'unit',
    algorithm => 'hmac-sha1',
);

isa_ok($default_auth, 'Authen::HTTP::Signature', 'constructed object');
my $signed_req = $default_auth->sign();

t/04-parser.t  view on Meta::CPAN 


my $invalid_hdr = q|Signature keyId="parser_test",algorithm="hmac-sha1",headers="request-line date foobar",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;
my $dup_hdr = q|Signature keyId="parser_test",algorithm="hmac-sha1",headers="request-line date date",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;
my $no_key_id = q|Signature keyId="",algorithm="hmac-sha1",headers="request-line date",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;
my $no_algo = q|Signature keyId="parser_test",algorithm="",headers="request-line date",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;
my $bogus_algo = q|Signature keyId="parser_test",algorithm="crap",headers="request-line date",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;
my $degenerate = q|Signature keyId="fo,o",algorithm="hmac-sha1",headers="rEQUest-LiNe dATe",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;
my $ext = q|Signature keyId="foo",algorithm="hmac-sha1",headers="request-line date",ext="foobar",signature="eQjZuLJsT/Uy05xjC4BXHC+UYBE==="|;

use Authen::HTTP::Signature;
use HTTP::Request;

my $req = HTTP::Request->parse($reqstr);

my $c = Authen::HTTP::Signature->new(
    key => $key,
    key_id => 'parser_test',
    request => $req,
    algorithm => 'hmac-sha1',
    headers => [qw(request-line date)],
);

my $sr = $c->sign();



( run in 0.607 second using v1.01-cache-2.11-cpan-de7293f3b23 )