Authen-ModAuthPubTkt
view release on metacpan or search on metacpan
eg/mod_auth_pubtkt.pl view on Meta::CPAN
use strict;
use warnings;
use Getopt::Long;
use Authen::ModAuthPubTkt;
use File::Basename qw/basename/;
sub parse_command_line;
sub show_help;
sub show_version;
my $private_key_file;
my $public_key_file;
my $key_type;
my $ticket;
my $username = $ENV{USER};
my $ip = "127.0.0.1";
my $valid_until = time() + 86400 ;
my $grace_period = 3600 ;
my $tokens;
my $userdata;
my $operation;
my $quiet;
##
## Program Start
##
parse_command_line();
if ( $operation eq "generate" ) {
my $ticket = pubtkt_generate(
privatekey => $private_key_file,
keytype => $key_type,
clientip => $ip,
userid => $username,
validuntil => $valid_until,
graceperiod=> $grace_period,
tokens => $tokens,
userdata => $userdata );
print $ticket,"\n";
}
eg/mod_auth_pubtkt.pl view on Meta::CPAN
}
##
## Program End
##
sub parse_command_line
{
my $rc = GetOptions(
"help" => \&show_help,
"private-key=s" => \$private_key_file,
"public-key=s" => \$public_key_file,
"rsa" => sub { $key_type = "rsa" ; },
"dsa" => sub { $key_type = "dsa" ; },
"ticket=s" => \$ticket,
"ip=s" => \$ip,
"username=s" => \$username,
"valid-until=i" => \$valid_until,
"grace-period=i" => \$grace_period,
"tokens=s" => \$tokens,
"userdata=s" => \$userdata,
eg/mod_auth_pubtkt.pl view on Meta::CPAN
"verify" => sub { $operation = "verify" ; },
"quiet" => \$quiet,
"version" => \&show_version,
);
exit 1 unless $rc;
die "Error: No operation specified. Use --generate or --verify. See --help for details.\n" unless $operation;
if ( $operation eq "generate" ) {
die "Error: missing private key file. Use --private-key=FILE. See --help for details.\n" unless $private_key_file;
}
elsif ( $operation eq "verify" ) {
die "Error: missing ticket. Use --ticket TICKET. See --help for details.\n" unless $ticket;
}
die "Error: missing key type. Use --rsa or --dsa. See --help for details." unless $key_type;
}
sub show_version
{
my $version = $Authen::ModAuthPubTkt::VERSION;
lib/Authen/ModAuthPubTkt.pm view on Meta::CPAN
=item B<userdata>
Optional. Any textual string. If given. will be added to the signed ticket string.
=back
=cut
sub pubtkt_generate
{
my %args = @_;
my $private_key_file = $args{privatekey} or croak "Missing \"privatekey\" parameter";
croak "Invalid \"privatekey\" value ($private_key_file): file doesn't exist/not readable"
unless -r $private_key_file;
my $keytype = $args{keytype} or croak "Missing \"keytype\" parameter";
croak "Invalid \"keytype\" value ($keytype): expecting 'dsa' or 'rsa'\n"
unless $keytype eq "dsa" || $keytype eq "rsa";
my $user_id = $args{userid} or croak "Missing \"userid\" parameter";
my $valid_until = $args{validuntil} or croak "Missing \"validuntil\" parameter";
croak "Invalid \"validuntil\" value ($valid_until), expecting a numeric value."
unless $valid_until =~ /^\d+$/;
lib/Authen/ModAuthPubTkt.pm view on Meta::CPAN
$tkt .= "validuntil=$valid_until;";
$tkt .= "graceperiod=" . ($valid_until - $grace_period) . ";" if $grace_period;
$tkt .= "tokens=$tokens;";
$tkt .= "udata=$user_data";
my $algorithm_param = ( $keytype eq "dsa" ) ? "-dss1" : "-sha1";
my @cmd = ( $openssl_bin,
"dgst", $algorithm_param,
"-binary",
"-sign", $private_key_file ) ;
my ($stdin, $stdout, $stderr);
$stdin = $tkt;
run3 \@cmd, \$stdin, \$stdout, \$stderr;
my $exitcode = $?;
if ($exitcode != 0) {
warn "pubtkt_generate failed: openssl returned exit code $exitcode, stderr = $stderr\n";
return;
( run in 0.229 second using v1.01-cache-2.11-cpan-2b0bae70ee8 )