view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN

0.03  2006.04.21
    - Basic auth now supports crypted/hashed passwords, by using
      Catalyst::Plugin::Authentication::Credential::Password internally
      in the case of Basic authentication. Thanks to Gosuke Miyashita for
      the patch.

0.02  2006.01.04
    - Authentication plugin now properly emits WWW-Authenticate header,
      and sends the proper HTTP response code, when authentication header
      is empty or has improper credentials. Thanks to Tatsuhiko Miyagawa
      for the catch.

0.01  2006.01.04
    - Initial distribution.

lib/Catalyst/Plugin/Authentication/Credential/Atom.pm  view on Meta::CPAN

use MIME::Base64 qw( encode_base64 decode_base64 );
use Digest::SHA1 qw( sha1 );
use XML::Atom::Util qw( first textValue );

use constant NS_WSSE => 'http://schemas.xmlsoap.org/ws/2002/07/secext';
use constant NS_WSU => 'http://schemas.xmlsoap.org/ws/2002/07/utility';

sub login_atom {
    my $c = shift;
    my($username, $cred) = $c->_extract_credentials;
    unless ($username) {
        return $c->_atom_auth_error(401);
    }

    if (my $user = $c->get_user($username)) {
        if ($c->_validate_credentials($user, $cred)) {
            $c->set_authenticated($user);
            return $username;
        }
    }
    return $c->_atom_auth_error(403);
}

sub _atom_auth_error {
    my $c = shift;
    my($code) = @_;
    $c->response->status($code);
    $c->response->header('WWW-Authenticate',
        'WSSE profile="UsernameToken", Basic');
    return 0;
}

sub _extract_credentials {
    my $c = shift;
    my $req = $c->request;
    my($tokens, $username, %cred);
    ## SOAP wrapper only supports WSSE?
    if ($req->is_soap) {
        my $xml = $req->body_parsed;
        my $auth = first($xml, NS_WSSE, 'UsernameToken');
        $username = $cred{Username} = textValue($auth, NS_WSSE, 'Username');
        $cred{PasswordDigest} = textValue($auth, NS_WSSE, 'Password');
        $cred{Nonce} = textValue($auth, NS_WSSE, 'Nonce');

lib/Catalyst/Plugin/Authentication/Credential/Atom.pm  view on Meta::CPAN

            my($k, $v) = split /=/, $pair, 2;
            $v =~ s/^"//;
            $v =~ s/"$//;
            $cred{$k} = $v;
        }
        $username = delete $cred{Username};
    }
    ($username, \%cred);
}

sub _validate_credentials {
    my $c = shift;
    my($user, $cred) = @_;
    if ($cred->{password}) {
        return $c->_check_password($user, $cred->{password})
    } elsif ($cred->{PasswordDigest}) {
        my $pass = $user->password;
        my $expected = encode_base64(sha1(
            decode_base64($cred->{Nonce}) . $cred->{Created} . $pass
        ), '');
        return $expected eq $cred->{PasswordDigest};