Lemonldap-NG-Portal
13 results

 view release on metacpan or  search on metacpan

lib/Lemonldap/NG/Portal/Lib/Key.pm  view on Meta::CPAN 

package Lemonldap::NG::Portal::Lib::Key;

=pod

=head1 NAME

Lemonldap::NG::Portal::Lib::Key - A role for private key management in Portal
plugins

=head1 SYNOPSIS

use Mouse;

with 'Lemonldap::NG::Portal::Lib::Key';

=head1 DESCRIPTION

This role is meant to be composed into portal modules to give them the ability
to lookup private/public keys from the General parameters > Keys interface

All asymetric key retrieval should be performed through the functions provided
here

=head1 METHODS
=cut

use strict;
use Mouse::Role;

our $VERSION = '2.22.0';

requires qw(conf);

=pod

=head2 get_private_key

This method returns a private key structure containing the following fields

=over

=item private: PEM private key

=item password: optional password for key decryption

=item public: PEM public key or certificate

=item external_id: optional external key identified (kid)

=back

=cut

sub get_private_key {
    my ( $self, $key_id ) = @_;
    my $key_id_log = $key_id // '[undef]' || "[empty]";

    $self->logger->debug("Looking up private key $key_id_log");

    my $key_config = $self->_get_key_config($key_id);

    if ($key_config) {
        $self->logger->debug("Found private key $key_id_log");
        return {
            private     => $key_config->{keyPrivate},
            public      => $key_config->{keyPublic},
            external_id => $key_config->{keyId},
            password    => $key_config->{keyPrivatePwd},
        };
    }

    $self->logger->debug("Private key $key_id_log not found");
    return;
}

sub get_public_key {
    my ( $self, $key_id ) = @_;
    my $key_id_log = $key_id // '[undef]' || "[empty]";
    $self->logger->debug("Looking up public key $key_id_log");

    my $key_config = $self->_get_key_config($key_id);

    if ($key_config) {
        $self->logger->debug("Found public key $key_id_log");
        return {
            public      => $key_config->{keyPublic},
            external_id => $key_config->{keyId},
        };
    }

    $self->logger->debug("Public key $key_id_log not found");
    return;
}

sub _get_key_config {
    my ( $self, $key_id ) = @_;

    return unless $key_id;
    if ( my $key = $self->conf->{'keys'}->{$key_id} ) {
        return {
            keyPrivate    => $key->{keyPrivate},
            keyPrivatePwd => ( $key->{keyPrivatePwd} // "" ),
            keyPublic     => $key->{keyPublic},
            keyId         => ( $key->{keyId} || $key_id ),
        };
    }

    if ( $key_id eq "default-saml-sig" ) {
        if ( $self->conf->{samlServicePrivateKeySig} ) {
            return {
                keyPrivate    => $self->conf->{samlServicePrivateKeySig},
                keyPrivatePwd =>
                  ( $self->conf->{samlServicePrivateKeySigPwd} // '' ),
                keyPublic => $self->conf->{samlServicePublicKeySig},



( run in 0.897 second using v1.01-cache-2.11-cpan-13bb782fe5a )