annotate Lib/IMPL/Security/Auth/Simple.pm @ 201:0c018a247c8a

Reworked REST resource classes to be more transparent and intuitive
author sergey
date Tue, 24 Apr 2012 19:52:07 +0400
parents 4d0e1962161c
children 6d8092d8ce1b
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
1 package IMPL::Security::Auth::Simple;
71
wizard
parents: 68
diff changeset
2 use strict;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
3
166
4267a2ac3d46 Added Class::Template,
wizard
parents: 87
diff changeset
4 use parent qw(IMPL::Object IMPL::Security::Auth);
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
5 use Digest::MD5;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
6
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
7 use IMPL::Class::Property;
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
8 use IMPL::Security::Auth qw(:Const);
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
9
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
10 BEGIN {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
11 private property _passwordImage => prop_all;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
12 private property _sessionCookie => prop_all;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
13 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
14
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
15 sub CTOR {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
16 my ($this,$secData) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
17
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
18 my ($passImg,$cookie) = split /\|/,$secData;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
19
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
20 $this->_passwordImage($passImg);
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
21 $this->_sessionCookie($cookie);
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
22 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
23
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
24 sub secData {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
25 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
26
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
27 if ($this->_sessionCookie) {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
28 return join ('|',$this->_passwordImage, $this->_sessionCookie );
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
29 } else {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
30 return $this->_passwordImage;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
31 }
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
32 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
33
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
34 sub isTrusted {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
35 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
36
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
37 $this->_sessionCookie ? 1 : 0;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
38 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
39
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
40 sub DoAuth {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
41 my ($this,$challenge) = @_;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
42
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
43 if (Digest::MD5::md5_hex($challenge) eq $this->_passwordImage) {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
44 return (AUTH_SUCCESS,$this->_sessionCookie($this->GenSSID));
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
45 } elsee {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
46 return (AUTH_FAIL,$this->_sessionCookie(undef));
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
47 }
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
48 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
49
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
50 sub ValidateSession {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
51 my ($this,$cookie) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
52
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
53 die new IMPL::InvalidOperationException("The context is untrusted") unless $this->_sessionCookie;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
54
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
55 if ($cookie eq $this->_sessionCookie) {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
56 return (AUTH_SUCCESS,undef);
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
57 } else {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
58 return (AUTH_FAIL,undef);
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
59 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
60 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
61
71
wizard
parents: 68
diff changeset
62 sub CreateSecData {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
63 my ($self,%args) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
64
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
65 die new IMPL::InvalidArgumentException("The parameter is required",'password') unless $args{password};
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
66
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
67 return Digest::MD5::md5_hex($args{password});
71
wizard
parents: 68
diff changeset
68 }
wizard
parents: 68
diff changeset
69
wizard
parents: 68
diff changeset
70 sub SecDataArgs {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
71 password => 'SCALAR'
71
wizard
parents: 68
diff changeset
72 }
wizard
parents: 68
diff changeset
73
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
74 1;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
75
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
76 __END__
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
77
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
78 =pod
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
79
71
wizard
parents: 68
diff changeset
80 =head1 NAME
wizard
parents: 68
diff changeset
81
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
82 C<IMPL::Security::Auth::Simple> Модуль простой авторизации.
71
wizard
parents: 68
diff changeset
83
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
84 =head1 DESCRIPTION
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
85
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
86 Использует алгоритм MD5 для хранения образа пароля.
71
wizard
parents: 68
diff changeset
87
72
wizard
parents: 71
diff changeset
88 =head1 MEMBERS
71
wizard
parents: 68
diff changeset
89
72
wizard
parents: 71
diff changeset
90 =over
wizard
parents: 71
diff changeset
91
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
92 =item C<CTOR($secData)>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
93
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
94 Создает объект аутентификации, передавая ему данные для инициализации.
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
95
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
96 =item C<[get]secData>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
97
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
98 Возвращает данные безопасности, которые можно использовать для восстановления
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
99 состояния объекта.
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
100
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
101 =item C<[get]isTrusted>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
102
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
103 Является ли объект доверенным для аутентификации сессии (тоесть хранит данные
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
104 для аутентификации сессии).
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
105
72
wizard
parents: 71
diff changeset
106 =item C<DoAuth($challenge)>
wizard
parents: 71
diff changeset
107
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
108 Аутентифицирует пользователя. Используется один этап. C<$challenge>
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
109 открытый пароль пользователя.
72
wizard
parents: 71
diff changeset
110
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
111 Возвращает C<($status,$challenge)>
72
wizard
parents: 71
diff changeset
112
wizard
parents: 71
diff changeset
113 =over
wizard
parents: 71
diff changeset
114
wizard
parents: 71
diff changeset
115 =item C<$status>
wizard
parents: 71
diff changeset
116
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
117 Результат либо C<AUTH_SUCCESS>, либо C<AUTH_FAIL>
72
wizard
parents: 71
diff changeset
118
73
wizard
parents: 72
diff changeset
119 =item C<$challenge>
wizard
parents: 72
diff changeset
120
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
121 В случае успеха возвращает cookie (уникальный номер) сессии
73
wizard
parents: 72
diff changeset
122
wizard
parents: 72
diff changeset
123 =back
wizard
parents: 72
diff changeset
124
wizard
parents: 72
diff changeset
125 =item C<ValidateSession($challenge)>
wizard
parents: 72
diff changeset
126
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
127 Проверяет аутентичность сессии. Использует один этап. C<$challenge> cookie
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
128 сессии, полученный при выполнении метода C<DoAuth>.
73
wizard
parents: 72
diff changeset
129
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
130 Возвращает C<($status,$challenge)>
73
wizard
parents: 72
diff changeset
131
wizard
parents: 72
diff changeset
132 =over
wizard
parents: 72
diff changeset
133
wizard
parents: 72
diff changeset
134 =item C<$status>
wizard
parents: 72
diff changeset
135
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
136 Результат либо C<AUTH_SUCCESS>, либо C<AUTH_FAIL>
73
wizard
parents: 72
diff changeset
137
wizard
parents: 72
diff changeset
138 =item C<$challenge>
wizard
parents: 72
diff changeset
139
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
140 Всегда C<undef>
72
wizard
parents: 71
diff changeset
141
wizard
parents: 71
diff changeset
142 =back
wizard
parents: 71
diff changeset
143
wizard
parents: 71
diff changeset
144 =back
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
145
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
146 =cut