Catalyst-Authentication-Realm-Adaptor
view release on metacpan or search on metacpan
lib/Catalyst/Authentication/Realm/Adaptor.pm view on Meta::CPAN
}
return($resulthash);
}
sub _munge_value {
my ($modvalue, $referencehash) = @_;
my $newvalue;
if ($modvalue =~ m/^([+-])\((.*)\)$/) {
my $action = $1;
my $keypath = $2;
## do magic
if ($action eq '+') {
## action = string '-' means delete the element from the source array.
## otherwise it means copy it from a field in the original hash with nesting
## indicated via '.' - IE similar to Template Toolkit handling of nested hashes
my @hashpath = split /\./, $keypath;
my $val = $referencehash;
foreach my $subkey (@hashpath) {
if (ref($val) eq 'HASH') {
$val = $val->{$subkey};
} elsif (ref($val) eq 'ARRAY') {
$val = $val->[$subkey];
} else {
## failed to find that key in the hash / array
$val = undef;
last;
}
}
$newvalue = $val;
} else {
## delete the value... so we return a scalar ref to '-'
$newvalue = \'-';
}
} elsif (ref($modvalue) eq 'ARRAY') {
$newvalue = [];
foreach my $row (0..$#{$modvalue}) {
if (defined($modvalue->[$row])) {
my $val = _munge_value($modvalue->[$row], $referencehash);
## this is the first time I've ever wanted to use unless
## to make things clearer
unless (ref($val) eq 'SCALAR' && ${$val} eq '-') {
$newvalue->[$row] = $val;
}
}
}
} else {
$newvalue = $modvalue;
}
return $newvalue;
}
=head1 SYNOPSIS
The Catalyst::Authentication::Realm::Adaptor allows for modification of
authentication parameters within the catalyst application. It's basically a
filter used to adjust authentication parameters globally within the
application or to adjust user retrieval parameters provided by the credential
in order to be compatible with a different store. It provides for better
control over interaction between credentials and stores. This is particularly
useful when working with external authentication such as OpenID or OAuth.
__PACKAGE__->config(
'Plugin::Authentication' => {
'default' => {
class => 'Adaptor'
credential => {
class => 'Password',
password_field => 'secret',
password_type => 'hashed',
password_hash_type => 'SHA-1',
},
store => {
class => 'DBIx::Class',
user_class => 'Schema::Person',
},
store_adaptor => {
method => 'merge_hash',
merge_hash => {
status => [ 'temporary', 'active' ]
}
}
},
}
}
);
The above example ensures that no matter how $c->authenticate() is called
within your application, the key 'status' is added to the authentication hash.
This allows you to, among other things, set parameters that should always be
applied to your authentication process or modify the parameters to better
connect a credential and a store that were not built to work together. In the
above example, we are making sure that the user search is restricted to those
with a status of either 'temporary' or 'active.'
This realm works by intercepting the original authentication information
between the time C<< $c->authenticate($authinfo) >> is called and the time the
realm's C<< $realm->authenticate($c,$authinfo) >> method is called, allowing for
the $authinfo parameter to be modified or replaced as your application
requires. It can also operate after the call to the credential's
C<authenticate()> method but before the call to the store's C<find_user>
method.
If you don't know what the above means, you probably do not need this module.
=head1 CONFIGURATION
The configuration for this module goes within your realm configuration alongside your
credential and store options.
This module can operate in two points during authentication processing.
The first is prior the realm's C<authenticate> call (immediately after the call to
C<< $c->authenticate() >>.) To operate here, your filter options should go in a hash
under the key C<credential_adaptor>.
The second point is after the call to credential's C<authenticate> method but
immediately before the call to the user store's C<find_user> method. To operate
prior to C<find_user>, your filter options should go in a hash under the key
C<store_adaptor>.
( run in 0.892 second using v1.01-cache-2.11-cpan-ceb78f64989 )