annotate lib/IMPL/Security/Auth.pm @ 410:9335cf010b23 ref20150831

refactoring
author cin
date Mon, 14 Sep 2015 01:11:53 +0300
parents c6e90e02dd17
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
407
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
1 package IMPL::Security::Auth;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
2 use strict;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
3
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
4 use Digest::MD5 qw(md5_hex);
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
5
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
6 use constant {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
7 AUTH_SUCCESS => 1,
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
8 AUTH_INCOMPLETE => 2,
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
9 AUTH_FAIL => 3
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
10 };
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
11
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
12 use parent qw(Exporter);
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
13
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
14 our @EXPORT_OK = qw(&AUTH_SUCCESS &AUTH_INCOMPLETE &AUTH_FAIL &GenSSID);
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
15 our %EXPORT_TAGS = (Const => [qw(&AUTH_SUCCESS &AUTH_INCOMPLETE &AUTH_FAIL)]);
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
16
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
17 {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
18 my $i = 0;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
19 sub GenSSID {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
20 return md5_hex(time,rand,$i++);
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
21 }
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
22 }
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
23
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
24 sub DoAuth {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
25 die new IMPL::NotImplementedException;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
26 }
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
27
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
28 sub isTrusted {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
29 0;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
30 }
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
31
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
32 sub Create {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
33 my ($self,%args) = @_;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
34
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
35 return $self->new($self->CreateSecData(%args));
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
36 }
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
37
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
38 1;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
39
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
40 __END__
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
41
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
42 =pod
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
43
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
44 =head1 NAME
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
45
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
46 C<IMPL::Security::Auth> Базовыйы класс для объектов аутентификации.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
47
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
48 =head1 DESCRIPTION
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
49
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
50 C<[Abstract]>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
51
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
52 Объект аутентификации служет для аутентификации клиента, в случае успеха
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
53 образуется сессия идентифицирующая клиента, которая представлена на стороне
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
54 сервера объектом аутентификации.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
55
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
56 Аутентификация носит итеративный характер, объект аутентификации сохраняет
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
57 состояние между итерациями.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
58
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
59 Результатом аутентификации является сессия, состояние этой сессии также хранит объект
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
60 аутентификации.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
61
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
62 В процессе авторизации клиент и сервер обмениеваются данными безопасности C<$challenge>.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
63 И результатом каждой итерации является либо упех (C<AUTH_SUCCESS>), либо запрос на продолжение
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
64 (C<AUTH_INCOMPLETE>), либо неудача (C<AUTH_FAIL>). Количество итераций может быть разным,
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
65 зависит от пакета аутентификации.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
66
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
67 =head1 EXPORT
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
68
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
69 =over
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
70
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
71 =item C<:Const>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
72
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
73 Константы результата аутентификации
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
74
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
75 =over
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
76
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
77 =item C<AUTH_SUCCESS>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
78
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
79 Успешная аутентификация
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
80
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
81 =item C<AUTH_INCOMPLETE>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
82
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
83 Требуются дополнительные шаги
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
84
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
85 =item C<AUTH_FAIL>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
86
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
87 Аутентификация неуспешна.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
88
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
89 =back
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
90
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
91 =back
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
92
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
93 =head1 MEMBERS
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
94
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
95 =over
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
96
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
97 =item C<CTOR($SecData)>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
98
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
99 Создает пакет для авторизации на основе данных безопасности для пользователя.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
100 C<$SecData> - Зависит от пакета аутентификации.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
101
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
102 =item C<[get] isTrusted>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
103
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
104 Флаг того, что аутентификация закончена успешно и сессия создана. Данный объект
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
105 может быть создан для аутентификации сессии.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
106
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
107 =item C<DoAuth($challenge)>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
108
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
109 Производит аутентификацию пользователя, возвращает результат
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
110 аутентификации, в виде массива ($status,$challenge).
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
111
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
112 Даже после успешной аутентификации полученные данные C<$challenge> должны быть
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
113 отправлены клиенту для завершения аутентификации на стороне клиента.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
114
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
115 =item C<[static] CreateSecData(%args)>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
116
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
117 Создает данные безопасности, на основе параметров. Параметры зависят от пакета
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
118 аутентификации. Возвращает строку с данными безопасности.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
119
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
120 =item C<[static] Create(%args)>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
121
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
122 Создает объект аутентификации, на основе параметров. Параметры зависят от
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
123 пакета аутентификации. Внутри вызывает метод C<CreateSecData(%args)>.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
124
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
125 =item C<[static] SecDataArgs()>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
126
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
127 Возвращает хеш с описанием параметров для функции C<CreateSecData>.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
128 Ключами являются имена параметров, значениями - типы.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
129
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
130 =back
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
131
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
132 =cut