view release on metacpan or  search on metacpan

lib/Apache/AuthTypeKey.pm  view on Meta::CPAN

    my $token = $r->dir_config('TypeKeyToken');
    unless ($token) {
        $r->log_error('TypeKeyToken is required');
        return;
    }
    my $tk = Authen::TypeKey->new;
    $tk->token($token);
    $tk->version(1.1);
    my $key = $r->args;
    my $q = Apache::AuthTypeKey::Query->new($key);
    my $res = $tk->verify($q);
    unless ($res) {
        $r->log_error('TypeKey verification failed: ' . $tk->errstr);
    }
    $q->delete('destination');
    $res ? $q->as_string : undef;
}

sub authen_ses_key {
    my($self, $r, $key) = @_;
    my $token = $r->dir_config('TypeKeyToken');
    unless ($token) {
        $r->log_reason('TypeKeyToken is required');
        return MP2 ? Apache::SERVER_ERROR() : Apache::Constants::SERVER_ERROR();
    }
    my $tk = Authen::TypeKey->new;
    $tk->token($token);
    $tk->version(1.1);
    ## When checking the validity of the session key, we need to skip the
    ## expiration check on the signature.
    $tk->skip_expiry_check(1);
    my $res = $tk->verify(Apache::AuthTypeKey::Query->new($key));
    $res ? $res->{name} : undef;
}

## This is needed for 2 reasons:
## 1. Authen::TypeKey currently expects a Query-type object.
## 2. Apache->args breaks on '=' signs in the key/value pairs.
package Apache::AuthTypeKey::Query;
use URI::Escape qw( uri_escape uri_unescape );

sub new {