CGI-Application-Plugin-Authentication
view release on metacpan or search on metacpan
Fix failing tests on Win320.21 2017-03-15 22:54:23-05:00 America/ChicagoFix list-context calls to CGI::param().Fix failing testswithnewer CGI versions.0.20 Fri 29 Apr 2011Use Test::ConsistentVersion rather than Test::CheckVersionFixed spelling errors and added descriptions - Closes#rt63839Removed now unused login_styles method from core moduleAdded more tests completing test coverageforthe Cookie module.Changed from using the Digest::SHA1 module to usuing Digest::SHAinstead - Closes#rt678400.19 Wed 24 Nov 2010Incoporated developer changes. Made pod tests only runwhenTEST_AUTHOR=1.Automatically generate README.0.18_2 Mon 20 Jul 2010Separate out display code and provide Basic and Classic alternatives tothe login form. Added more examples. Implementd typo fix reported by
Other updates- Fix inconsistency in doc example (reported by POLETTIX)0.11 Wed Jul 26 11:16:12 EDT 2006- suppress warning about missing Color::Calcunlessthe user is actually- explicitly load CGI.pm since some users may be using CGI::Simple(reported by Ron Savage)- Fixed bug in Cookie store where the expirytimeof the cookie was ignored(patch by POLETTIX)0.10 Thu May 18 22:59:56 EDT 2006- Add supportforAuthen::Simple (all Authen::Simple modules canbe used directly as Drivers)- Made the login page much more customizable:- change any of the text- customize the colours - provide one base colour and lighter anddarker shades are automatically generated (requires Color::Calc)
0.08 Wed Nov 23 20:20:24 EST 2005API Changes- Removed ability to configure the DBI driverwitha DSN andusername/password. CGI::Application::Plugin::DBH should be usedforthat instead (Mark Stosberg)- DBI driver defaults to$self->dbh()ifDBH not provided (Mark Stosberg)Bug Fixes- Made MIME::Base64, Digest::SHA1 and CGI::Cookie mandatory requirementsand load them at compiletimeinstead of runtime in the Cookie store.(fixes problem reported by Richard Jones)Other updates- Added Driver that can authenticate against htpasswd files- Fixed typo in examples/sample.cgi- Fixed typo inlcfilter example (Mark Stosberg)- Updated docsforinitialize(), and made itreturntrue value(Mark Stosberg)
- add ability to timeout logins based onlastsuccessful login, orwitha custom callback(as well as the originallastaccess timeout)- add'last_access'and'last_login'methods- add'is_login_timeout'to showwhena loginrequest is caused by an idle login session- added lots more testsBug Fixes- login timeouts were not working properly- the Cookie Store was not honouring the EXPIRY option- using :all in protected_runmodes now works- fix test failurewhenTest::Warn not installed(fixed by Shawn Sorichetti)Experimental- subroutine attributes: you can specify that arunmode should be protectedwitha subroutineattribute. example:submy_rm :Authen { ... }This conflictswiththe AutoRunmode plugin right now
cred_1 to __CREDENTIAL_1__New Drivers- Dummy Driver - accepts any credentials as validNew Stuff- Added little icons to thedefaultlogin and passwordfields (only works in Mozilla based browsers)-ifSTORE config is notgiven, the plugin will detectifSession Store instead of the Cookie Store.- Added a lot of new documentationBug Fixes-'run_modes'method was incorrectly being used in thetest suite (reported by Ron Savage)0.02 Fri Sep 16 00:19:10 EDT 2005New Drivers- DBI DriverNew Stores- Cookie store (requiresnoserver side storage)New Stuff- Added field encoding supportfordatastores thatkeep passwords in an encodedformat, like Unixcrypt,or MD5.- Added encodersforcrypt, MD5 and SHA1- Added some more methods to Driver.pm that can simplifythe building of new Driver modules (find_option, encode,check_encoded, strip_field_names)- Added lots more tests to the test suite
lib/CGI/Application/Plugin/Authentication/Driver/Dummy.pmlib/CGI/Application/Plugin/Authentication/Driver/Filter/crypt.pmlib/CGI/Application/Plugin/Authentication/Driver/Filter/lc.pmlib/CGI/Application/Plugin/Authentication/Driver/Filter/md5.pmlib/CGI/Application/Plugin/Authentication/Driver/Filter/sha1.pmlib/CGI/Application/Plugin/Authentication/Driver/Filter/strip.pmlib/CGI/Application/Plugin/Authentication/Driver/Filter/uc.pmlib/CGI/Application/Plugin/Authentication/Driver/Generic.pmlib/CGI/Application/Plugin/Authentication/Driver/HTPasswd.pmlib/CGI/Application/Plugin/Authentication/Store.pmlib/CGI/Application/Plugin/Authentication/Store/Cookie.pmlib/CGI/Application/Plugin/Authentication/Store/Session.pmlocal/lib/perl5/Module/Build/API.podlocal/lib/perl5/Module/Build/Authoring.podlocal/lib/perl5/Module/Build/Base.pmlocal/lib/perl5/Module/Build/Bundling.podlocal/lib/perl5/Module/Build/Compat.pmlocal/lib/perl5/Module/Build/Config.pmlocal/lib/perl5/Module/Build/ConfigData.pmlocal/lib/perl5/Module/Build/Cookbook.pmlocal/lib/perl5/Module/Build/Dumper.pmlocal/lib/perl5/Module/Build/Notes.pmlocal/lib/perl5/Module/Build/PPMMaker.pmlocal/lib/perl5/Module/Build/Platform/Default.pmlocal/lib/perl5/Module/Build/Platform/MacOS.pmlocal/lib/perl5/Module/Build/Platform/Unix.pmlocal/lib/perl5/Module/Build/Platform/VMS.pmlocal/lib/perl5/Module/Build/Platform/VOS.pmlocal/lib/perl5/Module/Build/Platform/Windows.pmlocal/lib/perl5/Module/Build/Platform/aix.pm
CGI::Application::Plugin::Authentication::Driver::DBI and,CGI::Application::Plugin::Authentication::Driver::Dummy docsformoresuite of modulesforinformation on those drivers.Choosing a StoreThe Store modules keep information about the authentication status ofthe user persistent across multiple requests. The information that isstored in the store include the username, and the expirytimeof thelogin. There are two Store modules includedwiththis distribution. ASession based store, and a Cookie based store. If your application isalready using Sessions (through the CGI::Application::Plugin::Sessionauthentication. If you are not using the Session plugin, then you cancookie, which contains a checksum to ensure that users can not changethe information.If youdonot specify which Store module you wish touse, the pluginwilltryto determine the best oneforyou.Login pageThe Authentication plugin comeswithadefaultlogin page that can beusedifyoudonot want to create a custom login page. This login formwill automatically be usedifyoudonot provide either a LOGIN_URL or
],STOREHere you can choose how we store the authenticated informationaftera userhassuccessfully logged in. We need to store the username sothat on thenextrequest we cantellthe userhasalready logged in,and wedonot have to present themwithanother login form. If youdonot provide the STORE option, then the plugin will look to seeifyou are using the CGI::Application::Plugin::Session module and basedCookie module. If the module requires extra parameters, you can passan array reference that contains as the first parameter the name ofthe module, and the rest of the array should contain key value pairsof optionsforthis module. These storage modules generally liveunder the CGI::Application::Plugin::Authentication::Store::specifying the STORE parameter.STORE=>'Session'- or -STORE=> ['Cookie',NAME=>'MYAuthCookie',SECRET=>'FortyTwo',EXPIRY=>'1d',]POST_LOGIN_RUNMODEHere you can specify a runmode that the user will be redirected toifthey successfully login.POST_LOGIN_RUNMODE=>'welcome'
the only parameter.Timevaluesare specified in seconds. You can also specify thetimeby using a numberwiththe following suffixes (m h d w), whichrepresent minutes, hours, days and weeks. Thedefaultis 0 whichmeans the login will never timeout.Note that the login is also dependent on the type of STORE that isused. If the Session store is used, and the session expires, thenthe login will also automatically expire. The same goesfortheCookie store.For backwards compatibility,ifyou set LOGIN_SESSION_TIMEOUT to atimevalue instead of a hashref, it will be treated as an IDLE_FORtimeout.# force re-authentication if idle for more than 15 minutesLOGIN_SESSION_TIMEOUT=>'15m'# Everyone must re-authentication if idle for more than 30 minutes# also, everyone must re-authentication at least once a day
example/basic.cgi view on Meta::CPAN
my%config= (DRIVER=> ['Generic', {test=>'123'} ],STORE=>'Cookie',LOGOUT_RUNMODE=>'one',LOGIN_FORM=>{DISPLAY_CLASS=>'Basic',},);SampleLogin->authen->config(%config);SampleLogin->authen->protected_runmodes('two');subsetup {my$self=shift;
example/sample.cgi view on Meta::CPAN
my%config= (DRIVER=> ['Generic', {test=>'123'} ],STORE=>'Cookie',LOGOUT_RUNMODE=>'one',);SampleLogin->authen->config(%config);SampleLogin->authen->protected_runmodes('two');subsetup {my$self=shift;$self->start_mode('one');}
example/template.cgi view on Meta::CPAN
my%config= (DRIVER=> ['Generic', {test=>'123'} ],STORE=>'Cookie',LOGOUT_RUNMODE=>'one',LOGIN_RUNMODE=>'login',);SampleLogin->authen->config(%config);SampleLogin->authen->protected_runmodes('two');subsetup {my$self=shift;$self->start_mode('one');}
lib/CGI/Application/Plugin/Authentication.pm view on Meta::CPAN
L<CGI::Application::Plugin::Authentication::Driver::DBI> and,L<CGI::Application::Plugin::Authentication::Driver::Dummy> docsformoreof modulesforinformation on those drivers.=head2 Choosing a StoreThe Store modules keep information about the authentication status of the user persistentacross multiple requests. The information that is stored in the store include the username,and the expiry time of the login. There are two Store modules included with this distribution.A Session based store, and a Cookie based store. If your application is already usingSessions (through the L<CGI::Application::Plugin::Session> module), then I would recommendthat you use the Session store for authentication. If you are not using the Sessionplugin, then you can use the Cookie store. The Cookie store keeps all the authenticationin a cookie, which contains a checksum to ensure that users can not change the information.If you do not specify which Store module you wish to use, the plugin will try to determinethe best one for you.=head2 Login pageThe Authentication plugin comes with a default login page that can be used if you do notwant to create a custom login page. This login form will automatically be used if youdo not provide either a LOGIN_URL or LOGIN_RUNMODE parameter in the configuration.
lib/CGI/Application/Plugin/Authentication.pm view on Meta::CPAN
],=item STOREHere you can choose how we store the authenticated information after a user has successfullylogged in. We need to store the username so that on the next request we can tell the userhas already logged in, and we do not have to present them with another login form. If youdo not provide the STORE option, then the plugin will look to see if you are using theL<CGI::Application::Plugin::Session> module and based on that info use either the Sessionmodule, or fall back on the Cookie module. If the module requires extra parameters, youcan pass an array reference that contains as the first parameter the name of the module,and the rest of the array should contain key value pairs of options for this module.These storage modules generally live under the CGI::Application::Plugin::Authentication::Store::name-space, and this part of the package name can be left off when specifying the STOREparameter.STORE => 'Session'- or -STORE => ['Cookie',NAME => 'MYAuthCookie',SECRET => 'FortyTwo',EXPIRY => '1d',]=item POST_LOGIN_RUNMODEHere you can specify a runmode that the user will be redirected to if they successfully login.POST_LOGIN_RUNMODE => 'welcome'
lib/CGI/Application/Plugin/Authentication.pm view on Meta::CPAN
and falseifit is still active. This can allow you to be very selective about how the timeoutsystemworks. The authen object will be passed in as the only parameter.=backTime values are specified in seconds. You can also specify the time by using a number with thefollowing suffixes (m h d w), which represent minutes, hours, days and weeks. The defaultis 0 which means the login will never timeout.Note that the login is also dependent on the type of STORE that is used. If the Session store is used,and the session expires, then the login will also automatically expire. The same goes for the Cookiestore.For backwards compatibility, if you set LOGIN_SESSION_TIMEOUT to a time value instead of a hashref,it will be treated as an IDLE_FOR time out.# force re-authentication if idle for more than 15 minutesLOGIN_SESSION_TIMEOUT => '15m'# Everyone must re-authentication if idle for more than 30 minutes# also, everyone must re-authentication at least once a day
lib/CGI/Application/Plugin/Authentication.pm view on Meta::CPAN
# Fetch the configuration parameters for the storemy($store_module,@store_config);($store_module,@store_config) = @{$config->{STORE} }if$config->{STORE} &&ref$config->{STORE} eq'ARRAY';if(!$store_module) {# No STORE configuration was providedif($self->_cgiapp->can('session') && UNIVERSAL::isa($self->_cgiapp->session,'CGI::Session')) {# The user is already using the Session plugin($store_module,@store_config) = ('Session');}else{# Fall back to the Cookie Store($store_module,@store_config) = ('Cookie');}}# Load the the class for this storemy$store_class= _find_deligate_class('CGI::Application::Plugin::Authentication::Store::'.$store_module,$store_module) ||die"Store $store_module can not be found";# Create the store object
lib/CGI/Application/Plugin/Authentication/Store/Cookie.pm view on Meta::CPAN
$CGI::Application::Plugin::Authentication::Store::Cookie::VERSION='0.25';usestrict;usewarnings;usebaseqw(https://metacpan.org/pod/CGI::Application::Plugin::Authentication::Store">CGI::Application::Plugin::Authentication::Store);useMIME::Base64 ();useDigest::SHA ();useCGI::Cookie ();# CONFIGURABLE OPTIONS## - SECRET## If this value is defined, it will be used to protect# the Cookie values from tampering. To generate a good# secret, run the following perl script and cut and paste# the value it generates into this variable.## perl -MDigest::MD5=md5_base64 -l -e 'print md5_base64($$,time(),rand(9999))'#our$SECRET='';=head1 NAMECGI::Application::Plugin::Authentication::Store::Cookie - Cookie based Store=head1 SYNOPSISuse base qw(CGI::Application);use CGI::Application::Plugin::Session;use CGI::Application::Plugin::Authentication;__PACKAGE__->authen->config(STORE => ['Cookie', SECRET => "Shhh, don't tell anyone", NAME => 'CAPAUTH_DATA', EXPIRY => '+1y'],);=head1 DESCRIPTIONThis module uses a cookie to store authentication information across multiple requests.It works by creating a cookie that contains the information we would like to store (likethe name of the user that is currently authenticated), and then base64 encodingthe data. In order to ensure that the information is not manipulated by the end-user, we includea CRC checksum that is generated along with our secret. Since the user does not know the valueof the secret, they will not be able to recreate the checksum if they change some of the values, so we
lib/CGI/Application/Plugin/Authentication/Store/Cookie.pm view on Meta::CPAN
=head2 Configuring the secretThere are three ways that you can provide a secret to the module:=over 4=item Hardcode the secretYou can hardcode a secret right in the CGI::Application::Plugin::Authentication::Store::Cookie module,so that you don't have to remember to provide one every time you use the module. Just open thesource in a text editor and look at the top of the file where it defines 'our $SECRET' and followthe instruction listed there.=item Provide the SECRET option when using the moduleYou can also just provide the secret as an option when using the module using the SECRETparameter.__PACKAGE__->authen->config(STORE => ['Cookie', SECRET => "Shhh, don't tell anyone"],);=item Let the module choose a secret for youAnd lastly, if you forget to do either of these, the module will use the name of your applicationas the secret, but that is not a very good value to use, so a warning will be spit out everytimeit uses this. This is the least desirable choice, and is only included as a last resort.=back=head1 DEPENDENCIESThis module requires the following modules to be available.=over 4=item MIME::Base64=item Digest::SHA=item CGI::Cookie=back=head1 METHODS=head2 fetchThis method accepts a list of parameters and fetches them from the cookie data.=cut
lib/CGI/Application/Plugin/Authentication/Store/Cookie.pm view on Meta::CPAN
=head2 initializeThis method will check for an existing cookie, and decode the contents for later retrieval.=cutsubinitialize {my$self=shift;my@options=$self->options;die"Invalid Store Configuration for the Cookie store - options section must contain a hash of values"if@options% 2;my%options=@options;$self->{cookie}->{options} = \%options;my%cookies= CGI::Cookie->fetch;if($cookies{$self->cookie_name}) {my$rawdata=$cookies{$self->cookie_name}->value;$self->{cookie}->{data} =$self->_decode($rawdata);}# $self->_register_postrun_callback;return;}=head2 cookie_name
lib/CGI/Application/Plugin/Authentication/Store/Cookie.pm view on Meta::CPAN
my$self=shift;my$store=$self->authen->store;my$rawdata=$store->_encode($store->{cookie}->{data});my%cookie_params= (-name=>$store->cookie_name,-value=>$rawdata,);$cookie_params{'-expires'} =$store->{cookie}->{options}->{EXPIRY}if$store->{cookie}->{options}->{EXPIRY};my$cookie= new CGI::Cookie(%cookie_params);$self->header_add(-cookie=> [$cookie]);return;}# _decode## Take a raw cookie value, and decode and verify the datasub_decode {my$self=shift;my$rawdata= MIME::Base64::decode(shift);
lib/CGI/Application/Plugin/Authentication/Store/Cookie.pm view on Meta::CPAN
my%hash=%$hash;my$checksum= Digest::SHA::sha1_base64(join("\0",$self->_secret,sortvalues%hash));$hash{c} =$checksum;my$rawdata=join("\0",map{join('=',$_,$hash{$_}) }keys%hash);returnMIME::Base64::encode($rawdata,"");}# _secret## A unique value for this application that is used to secure the Cookiessub_secret {my$self=shift;my$secret=$self->{cookie}->{options}->{SECRET} ||$SECRET;unless($secret) {$secret= Digest::SHA::sha1_base64(ref$self->authen->_cgiapp );warn"using default SECRET! Please provide a proper SECRET when using the Cookie store (See CGI::Application::Plugin::Authentication::Store::Cookie for details)";}return$secret;}=head1 SEE ALSOL<CGI::Application::Plugin::Authentication::Store>, L<CGI::Application::Plugin::Authentication>, perl(1)=head1 AUTHOR
local/lib/perl5/Module/Build/API.pod view on Meta::CPAN
[version 0.26]Adds a new type of entry to the build process. Accepts a singlestring specifying its type-name. There must also be a methoddefinedto process things of that type, e.g.ifyou add a build element calledC<'foo'>, then you must also define a method calledC<process_foo_files()>.See alsoL<Module::Build::Cookbook/"Adding new file types to the build process">.=item add_to_cleanup(@files)[version 0.03]You may call C<< $self->add_to_cleanup(@patterns) >> to tellC<Module::Build> that certain files should be removed when the userperforms the C<Build clean> action. The arguments to the method arepatterns suitable for passing to Perl's C<glob()> function, specifiedin either Unix format or the current machine's native format. It's
local/lib/perl5/Module/Build/API.pod view on Meta::CPAN
Copyright (c) 2001-2006 Ken Williams. All rights reserved.This library is free software; you can redistribute it and/ormodify it under the same terms as Perl itself.=head1 SEE ALSOperl(1), L<Module::Build>(3), L<Module::Build::Authoring>(3),L<Module::Build::Cookbook>(3), L<ExtUtils::MakeMaker>(3)F<META.yml> Specification:L<CPAN::Meta::Spec>=cut
local/lib/perl5/Module/Build/Authoring.pod view on Meta::CPAN
Bug reports are also welcome atThe latest development version is available from the Gitrepository at <https://github.com/Perl-Toolchain-Gang/Module-Build>=head1 SEE ALSOperl(1), L<Module::Build>(3), L<Module::Build::API>(3),L<Module::Build::Cookbook>(3), L<ExtUtils::MakeMaker>(3), L<YAML>(3)F<META.yml> Specification:L<CPAN::Meta::Spec>=cut
local/lib/perl5/Module/Build/Bundling.pod view on Meta::CPAN
Development questions, bug reports, and patches should be sent to theModule-Build mailing list at <module-build@perl.org>.Bug reports are also welcome at=head1 SEE ALSOperl(1), L<inc::latest>, L<Module::Build>(3), L<Module::Build::API>(3),L<Module::Build::Cookbook>(3),=cut# vim: tw=75
local/lib/perl5/Module/Build/Cookbook.pm view on Meta::CPAN
packageModule::Build::Cookbook;usestrict;usewarnings;our$VERSION='0.4234';=head1 NAMEModule::Build::Cookbook - Examples of Module::Build Usage=head1 DESCRIPTIONC<Module::Build> isn't conceptually very complicated, but examples arealways helpful. The following recipes should help developers and/orinstallers put together the pieces from the other parts of thedocumentation.=head1 BASIC RECIPES
t/03_destination.t view on Meta::CPAN
usestrict;usewarnings;taint_checking_ok('taint checking is on');useCGI ();my$cap_options={DRIVER=> ['Generic', {user1=>'123'} ],STORE=> ['Cookie',SECRET=>"Shhh, don't tell anyone",NAME=> 'CAPAUTH_DATA', EXPIRY => '+1y'],POST_LOGIN_CALLBACK=> \&TestAppAuthenticate::post_login,};{
t/03_destination.t view on Meta::CPAN
local$cap_options->{LOGIN_FORM}->{DISPLAY_CLASS} ='Basic';my$query= CGI->new( {rm=>'two'} );my$cgiapp= TestAppAuthenticate->new(QUERY=>$query);ok_regression(sub{make_output_timeless($cgiapp->run)},"t/out/redirection_failure_basic","redirection_failure [Basic]");};submake_output_timeless {my$output=shift;$output=~ s/^(Set-Cookie: CAPAUTH_DATA=\w+\%3D(?:\%3D)?\; path=\/\; expires=\w{3},\s\d{2}(?:\-|\s)\w{3}(?:\-|\s)\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Set-Cookie: CAPAUTH_DATA=; path=\/; expires=;$2/m;$output=~ s/^(Expires:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Expires$2/m;$output=~ s/^(Date:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Date$2/m;#$output =~ s/\r//g;return$output;}
t/03_login_box.t view on Meta::CPAN
usestrict;usewarnings;useCGI ();taint_checking_ok('taint checking is on');$ENV{CGI_APP_RETURN_ONLY} = 1;my$cap_options={DRIVER=> ['Generic', {user1=>'123'} ],STORE=> ['Cookie',SECRET=>"Shhh, don't tell anyone",NAME=> 'CAPAUTH_DATA', EXPIRY => '+1y'],POST_LOGIN_CALLBACK=> \&TestAppAuthenticate::post_login,};{
t/03_login_box_basic.t view on Meta::CPAN
usestrict;usewarnings;useCGI ();taint_checking_ok('taint checking is on');$ENV{CGI_APP_RETURN_ONLY} = 1;my$cap_options={DRIVER=> ['Generic', {user1=>'123'} ],STORE=> ['Cookie',SECRET=>"Shhh, don't tell anyone",NAME=> 'CAPAUTH_DATA', EXPIRY => '+1y'],POST_LOGIN_CALLBACK=> \&TestAppAuthenticate::post_login,LOGIN_FORM=>{DISPLAY_CLASS=>'Basic',},};{
t/03_login_box_other.t view on Meta::CPAN
t/03_login_box_other.t view on Meta::CPAN
my$query= CGI->new( {rm=>'two'} );my$cgiapp= TestAppAuthenticate->new(QUERY=>$query);ok_regression(sub{make_output_timeless($cgiapp->run)},"t/out/grey2","grey");};submake_output_timeless {my$output=shift;$output=~ s/^(Set-Cookie: CAPAUTH_DATA=\w+\%3D\%3D\; path=\/\; expires=\w{3},\s\d{2}(?:\-|\s)\w{3}(?:\-|\s)\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Set-Cookie: CAPAUTH_DATA=; path=\/; expires=;$2/m;$output=~ s/^(Expires:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Expires$2/m;$output=~ s/^(Date:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Date$2/m;#$output =~ s/\r//g;return$output;}
t/03_missing_color.t view on Meta::CPAN
usestrict;usewarnings;taint_checking_ok('taint checking is on');useCGI ();my$cap_options={DRIVER=> ['Generic', {user1=>'123'} ],STORE=> ['Cookie',SECRET=>"Shhh, don't tell anyone",NAME=> 'CAPAUTH_DATA', EXPIRY => '+1y'],POST_LOGIN_CALLBACK=> \&TestAppAuthenticate::post_login,};{
t/03_missing_color.t view on Meta::CPAN
plantests=> 1;my$query= CGI->new( {rm=>'two'} );my$cgiapp= TestAppAuthenticate->new(QUERY=>$query);ok_regression(sub{make_output_timeless($cgiapp->run)},"t/out/missing_color","Missing color");};submake_output_timeless {my$output=shift;$output=~ s/^(Set-Cookie: CAPAUTH_DATA=\w+\%3D\%3D\; path=\/\; expires=\w{3},\s\d{2}(?:\-|\s)\w{3}(?:\-|\s)\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Set-Cookie: CAPAUTH_DATA=; path=\/; expires=;$2/m;$output=~ s/^(Expires:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Expires$2/m;$output=~ s/^(Date:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Date$2/m;#$output =~ s/\r//g;return$output;}# Test::NoWarn doesn't play nice with the windows skip_allrequireTest::NoWarnings;Test::NoWarnings::had_no_warnings();
t/50_driver_missing_modules.t view on Meta::CPAN
t/50_driver_undefined.t view on Meta::CPAN
t/55_driver_missing_authensimple.t view on Meta::CPAN
t/60_parsimony.t view on Meta::CPAN
'<html><head/><body>This is public.</body></html>','TestAppParsimony, unprotected');}{my$app= TestAppParsimony->new();$app->query(CGI->new({'rm'=>'protected',auth_username=>'test',auth_password=>'123'}));response_like($app,qr{^Set-Cookie: CGISESSID=\w{1,100}; path=/|Date: \w{3}, \d{1,2} \w{3} \d{4} \d{2}:\d{2}:\d{2} \d{3}|Content-Type: text/html; charset=ISO-8859-1$},'<html><head/><body>This is private.</body></html>','TestAppParsimony, protected');}{my$app= TestAppParsimony->new();$app->query(CGI->new({'rm'=>'unprotected'}));response_like($app,
t/60_store_cookie.t view on Meta::CPAN
useCGI::Util;useTest::More;plantests=> 17;{__PACKAGE__->authen->config(DRIVER=> ['Generic', {'test'=>'123'} ],STORE=> ['Cookie',SECRET=>"Shhh, don't tell anyone",NAME=> 'CUSTOM_NAME', EXPIRY => '+1y' ],CREDENTIALS=> [qw(auth_username auth_password)],);subget_store_entries {my$class=shift;my$cgiapp=shift;my$results=shift;my($capauth_data,$therest) =$results=~qr/^Set\-Cookie:\s+CUSTOM_NAME=([\d\w%]+);(.*)$/m;returnundefunless$capauth_data;main::like($therest,qr/expires=/,'Expiry on the cookie is set');my$data= CGI::Util::unescape($capauth_data);return$data?$cgiapp->authen->store->_decode($data) :undef;}submaintain_state {my$class=shift;my$old_cgiapp=shift;my$old_results=shift;my$new_query=shift;delete$ENV{'COOKIE'};$old_results=~qr/Set\-Cookie:\s+(CUSTOM_NAME=[\d\w%]+);/;$ENV{'COOKIE'} = $1if$1;}subclear_state {my$class=shift;delete$ENV{'COOKIE'};$class->SUPER::clear_state(@_);}}TestAppStoreCookie->run_store_tests;
t/61_cookie_badargs.t view on Meta::CPAN
useCGI::Util;useTest::More;useTest::NoWarnings;plantests=> 2;{__PACKAGE__->authen->config(DRIVER=> ['Generic', {'test'=>'123'} ],STORE=> ['Cookie',EXPIRY=>'+1y','YAH_BOO_SUCKS'],CREDENTIALS=> [qw(auth_username auth_password)],);subrun_store_tests {my$class=shift;my($cgiapp,$results,$store_entries);# Regular call to unprotected page shouldn't create a store entrythrows_ok {($cgiapp,$results,$store_entries) =$class->run_app( {rm=>'unprotected'} );}qr/Error executing run mode 'unprotected': Invalid Store Configuration for the Cookie store - options section must contain a hash of values/,'invalid args';}}TestAppStoreCookie->run_store_tests;
t/61_store_cookie_noexpiry.t view on Meta::CPAN
#!/usr/bin/perlusestrict;usewarnings;useReadonly;Readonlymy$SECRET_WARN=>qr/using default SECRET\! Please provide a proper SECRET when using the Cookie store/;useTest::NoWarnings;useCGI::Util;useTest::More;plantests=> 21;{__PACKAGE__->authen->config(DRIVER=> ['Generic', {'test'=>'123'} ],STORE=> ['Cookie'],CREDENTIALS=> [qw(auth_username auth_password)],);subget_store_entries {my$class=shift;my$cgiapp=shift;my$results=shift;my($capauth_data,$therest) =$results=~qr/^Set\-Cookie:\s+CAPAUTH_DATA=([\d\w%]+);(.*)$/m;returnundefunless$capauth_data;main::unlike($therest,qr/expires=/,'Expiry on the cookie is not set');my$data= CGI::Util::unescape($capauth_data);return$data?$cgiapp->authen->store->_decode($data) :undef;}submaintain_state {my$class=shift;my$old_cgiapp=shift;my$old_results=shift;my$new_query=shift;delete$ENV{'COOKIE'};$old_results=~qr/Set\-Cookie:\s+(CAPAUTH_DATA=[\d\w%]+);/;$ENV{'COOKIE'} = $1if$1;}subclear_state {my$class=shift;delete$ENV{'COOKIE'};$class->SUPER::clear_state(@_);}subrun_store_tests {
t/61_store_cookie_noexpiry.t view on Meta::CPAN
ok($cgiapp->authen->is_authenticated,'successful login');ok($store_entries,"Store entry created when calling protected page with valid login");is($store_entries->{username},'test',"Store entry contained the right username");ok(!$store_entries->{login_attempts},"Store entry cleared login_attempts");}}TestAppStoreCookie->run_store_tests;
t/61_store_cookie_other.t view on Meta::CPAN
#!/usr/bin/perlusestrict;usewarnings;useReadonly;Readonlymy$SECRET_WARN=>qr/using default SECRET\! Please provide a proper SECRET when using the Cookie store/;useTest::NoWarnings;useCGI::Util;useTest::More;plantests=> 25;{__PACKAGE__->authen->config(DRIVER=> ['Generic', {'test'=>'123'} ],STORE=> ['Cookie',EXPIRY=>'+1y'],CREDENTIALS=> [qw(auth_username auth_password)],);subget_store_entries {my$class=shift;my$cgiapp=shift;my$results=shift;my($capauth_data,$therest) =$results=~qr/^Set\-Cookie:\s+CAPAUTH_DATA=([\d\w%]+);(.*)$/m;returnundefunless$capauth_data;main::like($therest,qr/expires=/,'Expiry on the cookie is set');my$data= CGI::Util::unescape($capauth_data);return$data?$cgiapp->authen->store->_decode($data) :undef;}submaintain_state {my$class=shift;my$old_cgiapp=shift;my$old_results=shift;my$new_query=shift;delete$ENV{'COOKIE'};$old_results=~qr/Set\-Cookie:\s+(CAPAUTH_DATA=[\d\w%]+);/;$ENV{'COOKIE'} = $1if$1;}subclear_state {my$class=shift;delete$ENV{'COOKIE'};$class->SUPER::clear_state(@_);}subrun_store_tests {
t/61_store_cookie_other.t view on Meta::CPAN
my%hash= (c=>'I am not a checksum',f=>'Bubble');my$rawdata=join("\0",map{join('=',$_,$hash{$_}) }keys%hash);my$nonsense;warning_like {$nonsense=$cgiapp->authen->store->_decode(MIME::Base64::encode($rawdata));}$SECRET_WARN,'decode warning';is($nonsense,undef,'decode nonsense');{$CGI::Application::Plugin::Authentication::Store::Cookie::SECRET='you would never guess';}$nonsense=$cgiapp->authen->store->_decode(MIME::Base64::encode($rawdata));is($nonsense,undef,'decode nonsense with secret');}}TestAppStoreCookie->run_store_tests;
t/70_action_dispatch.t view on Meta::CPAN
usestrict;usewarnings;useCGI ();taint_checking_ok('taint checking is on');my$cap_options={DRIVER=> ['Generic', {user1=>'123'} ],STORE=> ['Cookie',SECRET=>"Shhh, don't tell anyone",NAME=> 'CAPAUTH_DATA', EXPIRY => '+1y'],POST_LOGIN_CALLBACK=> \&TestAppAuthenticate::post_login,};{
t/70_action_dispatch.t view on Meta::CPAN
ok_regression(sub{make_output_timeless($cgiapp->run)},"t/out/success","success");ok($cgiapp->authen->is_authenticated,'login success');is($cgiapp->authen->username,'user1',"login success - username set");is($cgiapp->authen->login_attempts, 0,"successful login - failed login count");is($cgiapp->param('post_login'),1,'successful login - POST_LOGIN_CALLBACK executed');};submake_output_timeless {my$output=shift;$output=~ s/^(Set-Cookie: CAPAUTH_DATA=\w+\%3D\%3D\; path=\/\; expires=\w{3},\s\d{2}(?:\-|\s)\w{3}(?:\-|\s)\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Set-Cookie: CAPAUTH_DATA=; path=\/; expires=;$2/m;$output=~ s/^(Expires:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Expires$2/m;$output=~ s/^(Date:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Date$2/m;#$output =~ s/\r//g;return$output;}
t/80_devpopup.t view on Meta::CPAN
t/80_devpopup.t view on Meta::CPAN
my$cgiapp= TestAppAuthenticate->new(QUERY=>$query);ok_regression(sub{make_output_timeless($cgiapp->run)},"t/out/success-dev","success");ok($cgiapp->authen->is_authenticated,'login success');is($cgiapp->authen->username,'user1',"login success - username set");is($cgiapp->authen->login_attempts, 0,"successful login - failed login count");};submake_output_timeless {my$output=shift;$output=~ s/^(Set-Cookie: CAPAUTH_DATA=\w+\%3D\%3D\; path=\/\; expires=\w{3},\s\d{2}(?:\-|\s)\w{3}(?:\-|\s)\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Set-Cookie: CAPAUTH_DATA=; path=\/; expires=;$2/m;$output=~ s/^(Expires:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Expires$2/m;$output=~ s/^(Date:\s\w{3},\s\d{2}\s\w{3}\s\d{4}\s\d{2}:\d{2}:\d{2}\s\w{3})([\r\n\s]*)$/Date$2/m;#$output =~ s/\r//g;return$output;}
Set-Cookie: CAPAUTH_DATA=; path=/; expires=;DateContent-Type: text/html; charset=ISO-8859-1<html><body>TWO</body></html>
t/out/generic_login view on Meta::CPAN
Set-Cookie: CAPAUTH_DATA=; path=/; expires=;DateContent-Type: text/html; charset=ISO-8859-1<!DOCTYPE htmlPUBLIC"-//W3C//DTD XHTML 1.0 Transitional//EN"<head><title>Sign In</title><meta http-equiv="Content-Type"content="text/html; charset=iso-8859-1"/>
t/out/loginurl view on Meta::CPAN
( run in 0.410 second using v1.01-cache-2.11-cpan-eab888a1d7d )