annotate Lib/IMPL/Security/Auth.pm @ 393:69a1f1508696

minor security refactoring
author cin
date Fri, 14 Feb 2014 16:41:12 +0400
parents 6cb0d4d325d7
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
1 package IMPL::Security::Auth;
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
2 use strict;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
3
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
4 use Digest::MD5 qw(md5_hex);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
5
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
6 use constant {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
7 AUTH_SUCCESS => 1,
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
8 AUTH_INCOMPLETE => 2,
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
9 AUTH_FAIL => 3
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
10 };
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
11
166
4267a2ac3d46 Added Class::Template,
wizard
parents: 87
diff changeset
12 use parent qw(Exporter);
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
13
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
14 our @EXPORT_OK = qw(&AUTH_SUCCESS &AUTH_INCOMPLETE &AUTH_FAIL &GenSSID);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
15 our %EXPORT_TAGS = (Const => [qw(&AUTH_SUCCESS &AUTH_INCOMPLETE &AUTH_FAIL)]);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
16
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
17 {
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
18 my $i = 0;
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
19 sub GenSSID {
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
20 return md5_hex(time,rand,$i++);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
21 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
22 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
23
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
24 sub DoAuth {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
25 die new IMPL::NotImplementedException;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
26 }
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
27
73
wizard
parents: 72
diff changeset
28 sub isTrusted {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
29 0;
73
wizard
parents: 72
diff changeset
30 }
wizard
parents: 72
diff changeset
31
87
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
32 sub Create {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
33 my ($self,%args) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
34
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
35 return $self->new($self->CreateSecData(%args));
87
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
36 }
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
37
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
38 1;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
39
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
40 __END__
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
41
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
42 =pod
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
43
71
wizard
parents: 70
diff changeset
44 =head1 NAME
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
45
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
46 C<IMPL::Security::Auth> Базовыйы класс для объектов аутентификации.
71
wizard
parents: 70
diff changeset
47
wizard
parents: 70
diff changeset
48 =head1 DESCRIPTION
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
49
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
50 C<[Abstract]>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
51
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
52 Объект аутентификации служет для аутентификации клиента, в случае успеха
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
53 образуется сессия идентифицирующая клиента, которая представлена на стороне
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
54 сервера объектом аутентификации.
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
55
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
56 Аутентификация носит итеративный характер, объект аутентификации сохраняет
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
57 состояние между итерациями.
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
58
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
59 Результатом аутентификации является сессия, состояние этой сессии также хранит объект
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
60 аутентификации.
70
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
61
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
62 В процессе авторизации клиент и сервер обмениеваются данными безопасности C<$challenge>.
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
63 И результатом каждой итерации является либо упех (C<AUTH_SUCCESS>), либо запрос на продолжение
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
64 (C<AUTH_INCOMPLETE>), либо неудача (C<AUTH_FAIL>). Количество итераций может быть разным,
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
65 зависит от пакета аутентификации.
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
66
71
wizard
parents: 70
diff changeset
67 =head1 EXPORT
wizard
parents: 70
diff changeset
68
wizard
parents: 70
diff changeset
69 =over
wizard
parents: 70
diff changeset
70
wizard
parents: 70
diff changeset
71 =item C<:Const>
wizard
parents: 70
diff changeset
72
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
73 Константы результата аутентификации
71
wizard
parents: 70
diff changeset
74
wizard
parents: 70
diff changeset
75 =over
wizard
parents: 70
diff changeset
76
wizard
parents: 70
diff changeset
77 =item C<AUTH_SUCCESS>
wizard
parents: 70
diff changeset
78
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
79 Успешная аутентификация
71
wizard
parents: 70
diff changeset
80
wizard
parents: 70
diff changeset
81 =item C<AUTH_INCOMPLETE>
wizard
parents: 70
diff changeset
82
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
83 Требуются дополнительные шаги
71
wizard
parents: 70
diff changeset
84
72
wizard
parents: 71
diff changeset
85 =item C<AUTH_FAIL>
71
wizard
parents: 70
diff changeset
86
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
87 Аутентификация неуспешна.
71
wizard
parents: 70
diff changeset
88
wizard
parents: 70
diff changeset
89 =back
wizard
parents: 70
diff changeset
90
wizard
parents: 70
diff changeset
91 =back
wizard
parents: 70
diff changeset
92
wizard
parents: 70
diff changeset
93 =head1 MEMBERS
wizard
parents: 70
diff changeset
94
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
95 =over
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
96
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
97 =item C<CTOR($SecData)>
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
98
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
99 Создает пакет для авторизации на основе данных безопасности для пользователя.
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
100 C<$SecData> - Зависит от пакета аутентификации.
71
wizard
parents: 70
diff changeset
101
73
wizard
parents: 72
diff changeset
102 =item C<[get] isTrusted>
wizard
parents: 72
diff changeset
103
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
104 Флаг того, что аутентификация закончена успешно и сессия создана. Данный объект
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
105 может быть создан для аутентификации сессии.
73
wizard
parents: 72
diff changeset
106
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
107 =item C<DoAuth($challenge)>
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
108
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
109 Производит аутентификацию пользователя, возвращает результат
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
110 аутентификации, в виде массива ($status,$challenge).
71
wizard
parents: 70
diff changeset
111
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
112 Даже после успешной аутентификации полученные данные C<$challenge> должны быть
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
113 отправлены клиенту для завершения аутентификации на стороне клиента.
71
wizard
parents: 70
diff changeset
114
wizard
parents: 70
diff changeset
115 =item C<[static] CreateSecData(%args)>
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
116
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
117 Создает данные безопасности, на основе параметров. Параметры зависят от пакета
327
sergey
parents: 230
diff changeset
118 аутентификации. Возвращает строку с данными безопасности.
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
119
87
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
120 =item C<[static] Create(%args)>
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
121
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
122 Создает объект аутентификации, на основе параметров. Параметры зависят от
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
123 пакета аутентификации. Внутри вызывает метод C<CreateSecData(%args)>.
87
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
124
71
wizard
parents: 70
diff changeset
125 =item C<[static] SecDataArgs()>
wizard
parents: 70
diff changeset
126
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
127 Возвращает хеш с описанием параметров для функции C<CreateSecData>.
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
128 Ключами являются имена параметров, значениями - типы.
73
wizard
parents: 72
diff changeset
129
wizard
parents: 72
diff changeset
130 =back
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
131
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 166
diff changeset
132 =cut