Authen-ModAuthPubTkt

 view release on metacpan or  search on metacpan

eg/mod_auth_pubtkt.pl  view on Meta::CPAN

use strict;
use warnings;
use Getopt::Long;
use Authen::ModAuthPubTkt;
use File::Basename qw/basename/;

sub parse_command_line;
sub show_help;
sub show_version;

my $private_key_file;
my $public_key_file;
my $key_type;
my $ticket;
my $username = $ENV{USER};
my $ip = "127.0.0.1";
my $valid_until = time() + 86400 ;
my $grace_period = 3600 ;
my $tokens;
my $userdata;
my $operation;
my $quiet;

##
## Program Start
##
parse_command_line();

if ( $operation eq "generate" ) {
	my $ticket = pubtkt_generate(
		privatekey => $private_key_file,
		keytype    => $key_type,
		clientip   => $ip,
		userid     => $username,
		validuntil => $valid_until,
		graceperiod=> $grace_period,
		tokens     => $tokens,
		userdata   => $userdata );

	print $ticket,"\n";
}

eg/mod_auth_pubtkt.pl  view on Meta::CPAN

}

##
## Program End
##

sub parse_command_line
{
	my $rc = GetOptions(
			"help" => \&show_help,
			"private-key=s" => \$private_key_file,
			"public-key=s" => \$public_key_file,
			"rsa" => sub { $key_type = "rsa" ; },
			"dsa" => sub { $key_type = "dsa" ; },
			"ticket=s" => \$ticket,
			"ip=s" => \$ip,
			"username=s" => \$username,
			"valid-until=i" => \$valid_until,
			"grace-period=i" => \$grace_period,
			"tokens=s" => \$tokens,
			"userdata=s" => \$userdata,

eg/mod_auth_pubtkt.pl  view on Meta::CPAN

			"verify"   => sub { $operation = "verify" ; },
			"quiet"    => \$quiet,
			"version"  => \&show_version,
	);
	exit 1 unless $rc;


	die "Error: No operation specified. Use --generate or --verify. See --help for details.\n" unless $operation;

	if ( $operation eq "generate" ) {
		die "Error: missing private key file. Use --private-key=FILE. See --help for details.\n" unless $private_key_file;
	}
	elsif ( $operation eq "verify" ) {
		die "Error: missing ticket. Use --ticket TICKET. See --help for details.\n" unless $ticket;
	}
	die "Error: missing key type. Use --rsa or --dsa. See --help for details." unless $key_type;
}

sub show_version
{
	my $version = $Authen::ModAuthPubTkt::VERSION;

lib/Authen/ModAuthPubTkt.pm  view on Meta::CPAN

=item B<userdata>

Optional. Any textual string. If given. will be added to the signed ticket string.

=back

=cut
sub pubtkt_generate
{
	my %args = @_;
	my $private_key_file = $args{privatekey} or croak "Missing \"privatekey\" parameter";
	croak "Invalid \"privatekey\" value ($private_key_file): file doesn't exist/not readable"
		unless -r $private_key_file;

	my $keytype = $args{keytype} or croak "Missing \"keytype\" parameter";
	croak "Invalid \"keytype\" value ($keytype): expecting 'dsa' or 'rsa'\n"
		unless $keytype eq "dsa" || $keytype eq "rsa";

	my $user_id = $args{userid} or croak "Missing \"userid\" parameter";

	my $valid_until = $args{validuntil} or croak "Missing \"validuntil\" parameter";
	croak "Invalid \"validuntil\" value ($valid_until), expecting a numeric value."
		unless $valid_until =~ /^\d+$/;

lib/Authen/ModAuthPubTkt.pm  view on Meta::CPAN

	$tkt .= "validuntil=$valid_until;";
	$tkt .= "graceperiod=" . ($valid_until - $grace_period) . ";" if $grace_period;
	$tkt .= "tokens=$tokens;";
	$tkt .= "udata=$user_data";

	my $algorithm_param  = ( $keytype eq "dsa" ) ? "-dss1" : "-sha1";

	my @cmd = ( $openssl_bin,
		    "dgst", $algorithm_param,
		    "-binary",
		    "-sign", $private_key_file ) ;

	my ($stdin, $stdout, $stderr);

	$stdin = $tkt;
	run3 \@cmd, \$stdin, \$stdout, \$stderr;
	my $exitcode = $?;

	if ($exitcode != 0) {
		warn "pubtkt_generate failed: openssl returned exit code $exitcode, stderr = $stderr\n";
		return;



( run in 0.255 second using v1.01-cache-2.11-cpan-4d50c553e7e )