annotate Lib/IMPL/Security/Auth/Simple.pm @ 347:3eafa6fefa9f

sync
author cin
date Mon, 30 Sep 2013 17:36:17 +0400
parents 0057f48f7945
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
1 package IMPL::Security::Auth::Simple;
71
wizard
parents: 68
diff changeset
2 use strict;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
3
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
4 use Digest::MD5 qw(md5_hex);
249
0057f48f7945 fixed simple auth package to work with utf8 strings
sergey
parents: 239
diff changeset
5 use Encode qw(encode);
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
6
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
7 use IMPL::Security::Auth qw(:Const);
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
8
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
9 use IMPL::Const qw(:prop);
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
10 use IMPL::declare {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
11 require => {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
12 Exception => 'IMPL::Exception',
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
13 WrongDataException => '-IMPL::WrongDataException'
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
14 },
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
15 base => [
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
16 'IMPL::Security::Auth' => undef,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
17 'IMPL::Object' => undef
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
18 ],
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
19 props => [
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
20 _stage => PROP_ALL,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
21 _salt => PROP_ALL,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
22 _image => PROP_ALL
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
23 ]
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
24 };
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
25
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
26 use constant {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
27 STAGE_INIT => 1,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
28 STAGE_DONE => 2
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
29 };
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
30
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
31 sub CTOR {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
32 my ($this,$secData) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
33
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
34 my ($stage,$salt,$img) = split /\|/,$secData;
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
35
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
36 die WrongDataException->new() unless grep $_ == $stage, (STAGE_INIT, STAGE_DONE);
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
37
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
38 $this->_stage($stage);
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
39 $this->_salt($salt);
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
40 $this->_image($img);
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
41
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
42 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
43
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
44 sub secData {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
45 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
46
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
47 return join ('|',$this->_stage, $this->_salt , $this->_image );
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
48 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
49
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
50 sub isTrusted {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
51 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
52
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
53 $this->_stage == STAGE_DONE ? 1 : 0;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
54 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
55
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
56 sub DoAuth {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
57 my ($this,$challenge) = @_;
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
58
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
59 my $salt = $this->_salt;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
60
249
0057f48f7945 fixed simple auth package to work with utf8 strings
sergey
parents: 239
diff changeset
61 if (md5_hex($salt,encode('utf-8', $challenge), $salt) eq $this->_image) {
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
62 if ($this->_stage == STAGE_INIT) {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
63 $this->_stage(STAGE_DONE);
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
64 }
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
65 return (AUTH_SUCCESS, undef);
239
23daf2fae33a *security subsytem bugfixes
sergey
parents: 230
diff changeset
66 } else {
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
67 return (AUTH_FAIL, undef);
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
68 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
69 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
70
71
wizard
parents: 68
diff changeset
71 sub CreateSecData {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
72 my ($self,%args) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
73
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
74 die new IMPL::InvalidArgumentException("The parameter is required",'password') unless $args{password};
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
75
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
76 my $salt = $self->GenSSID();
249
0057f48f7945 fixed simple auth package to work with utf8 strings
sergey
parents: 239
diff changeset
77 return return join ('|',STAGE_INIT, $salt, md5_hex($salt,encode('utf-8', $args{password}),$salt));
71
wizard
parents: 68
diff changeset
78 }
wizard
parents: 68
diff changeset
79
wizard
parents: 68
diff changeset
80 sub SecDataArgs {
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
81 password => 'SCALAR'
71
wizard
parents: 68
diff changeset
82 }
wizard
parents: 68
diff changeset
83
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
84 1;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
85
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
86 __END__
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
87
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
88 =pod
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
89
71
wizard
parents: 68
diff changeset
90 =head1 NAME
wizard
parents: 68
diff changeset
91
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
92 C<IMPL::Security::Auth::Simple> Модуль простой авторизации.
71
wizard
parents: 68
diff changeset
93
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
94 =head1 DESCRIPTION
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
95
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
96 Использует алгоритм MD5 для хранения образа пароля.
71
wizard
parents: 68
diff changeset
97
72
wizard
parents: 71
diff changeset
98 =head1 MEMBERS
71
wizard
parents: 68
diff changeset
99
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
100 =head2 C<CTOR($secData)>
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
101
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
102 Создает объект аутентификации, передавая ему данные для инициализации.
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
103
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
104 =head2 C<[get]secData>
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
105
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
106 Возвращает данные безопасности, которые можно использовать для восстановления
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
107 состояния объекта.
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
108
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
109 =head2 C<[get]isTrusted>
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
110
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
111 Является ли объект доверенным для аутентификации сессии (тоесть хранит данные
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
112 для аутентификации сессии).
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
113
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
114 =head2 C<DoAuth($challenge)>
72
wizard
parents: 71
diff changeset
115
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
116 Аутентифицирует пользователя. Используется один этап. C<$challenge>
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
117 открытый пароль пользователя или cookie сессии.
72
wizard
parents: 71
diff changeset
118
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
119 Возвращает C<($status,$challenge)>
72
wizard
parents: 71
diff changeset
120
wizard
parents: 71
diff changeset
121 =over
wizard
parents: 71
diff changeset
122
wizard
parents: 71
diff changeset
123 =item C<$status>
wizard
parents: 71
diff changeset
124
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
125 Результат либо C<AUTH_SUCCESS>, либо C<AUTH_FAIL>
72
wizard
parents: 71
diff changeset
126
73
wizard
parents: 72
diff changeset
127 =item C<$challenge>
wizard
parents: 72
diff changeset
128
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
129 В случае успеха возвращает cookie (уникальный номер) сессии, либо C<undef>
72
wizard
parents: 71
diff changeset
130
wizard
parents: 71
diff changeset
131 =back
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
132
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
133 =cut