annotate Lib/IMPL/Web/QueryHandler/SecureCookie.pm @ 103:c289ed9662ca

Schema beta 2 More strict validation, support for inflating a simple nodes and properties
author wizard
date Fri, 07 May 2010 18:17:40 +0400
parents 964587c5183c
children a9f4ba4783eb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
73
wizard
parents: 69
diff changeset
1 package IMPL::Web::QueryHandler::SecureCookie;
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
2 use strict;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
3
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
4 use base qw(IMPL::Web::QueryHandler);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
5 use Digest::MD5 qw(md5_hex);
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
6
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
7 use IMPL::Class::Property;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
8 use IMPL::Security::Auth qw(:Const);
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
9 use IMPL::Security;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
10
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
11 BEGIN {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
12 public property salt => prop_all;
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
13 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
14
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
15 sub CTOR {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
16 my ($this) = @_;
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
17
75
wizard
parents: 74
diff changeset
18 $this->salt('DeadBeef') unless $this->salt;
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
19 }
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
20
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
21 sub Process {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
22 my ($this,$action,$nextHandler) = @_;
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
23
75
wizard
parents: 74
diff changeset
24 return undef unless $nextHandler;
wizard
parents: 74
diff changeset
25
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
26 local $IMPL::Security::authority = $this;
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
27
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
28 my $method = $action->query->cookie('method') || 'simple';
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
29
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
30 if ($method eq 'simple') {
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
31
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
32 my $sid = $action->query->cookie('sid');
75
wizard
parents: 74
diff changeset
33 my $cookie = $action->query->cookie('sdata');
wizard
parents: 74
diff changeset
34 my $sign = $action->query->cookie('sign');
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
35
75
wizard
parents: 74
diff changeset
36 if (
wizard
parents: 74
diff changeset
37 $sid and
wizard
parents: 74
diff changeset
38 $cookie and
wizard
parents: 74
diff changeset
39 $sign and
wizard
parents: 74
diff changeset
40 $sign eq md5_hex(
wizard
parents: 74
diff changeset
41 $this->salt,
wizard
parents: 74
diff changeset
42 $sid,
wizard
parents: 74
diff changeset
43 $cookie,
wizard
parents: 74
diff changeset
44 $this->salt
wizard
parents: 74
diff changeset
45 )
wizard
parents: 74
diff changeset
46 ) {
89
3d1f584aea60 small fix in the activator and secure cookie
wizard
parents: 75
diff changeset
47 my $context = $action->application->security->sourceSession->find(
3d1f584aea60 small fix in the activator and secure cookie
wizard
parents: 75
diff changeset
48 { id => $sid }
3d1f584aea60 small fix in the activator and secure cookie
wizard
parents: 75
diff changeset
49 ) or return $nextHandler->();
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
50
74
wizard
parents: 73
diff changeset
51 my ($result,$challenge) = $context->auth->ValidateSession($cookie);
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
52
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
53 if ($result == AUTH_SUCCESS) {
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
54 $context->authority($this);
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
55 return $context->Impersonate($nextHandler);
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
56 } else {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
57 return $nextHandler->();
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
58 }
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
59 } else {
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
60 return $nextHandler->();
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
61 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
62 } else {
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
63 return $nextHandler->();
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
64 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
65 }
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
66
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
67 sub WriteResponse {
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
68 my ($this,$response,$sid,$cookie,$method) = @_;
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
69
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
70 my $sign = md5_hex(
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
71 $this->salt,
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
72 $sid,
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
73 $cookie,
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
74 $this->salt
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
75 );
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
76
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
77 $response->setCookie(sid => $sid);
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
78 $response->setCookie(sdata => $cookie);
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
79 $response->setCookie(sign => $sign);
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 95
diff changeset
80 $response->setCookie(method => $method) if $method;
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
81 }
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 89
diff changeset
82
75
wizard
parents: 74
diff changeset
83 1;
68
739f1288ca84 Auth in progress
wizard
parents:
diff changeset
84
75
wizard
parents: 74
diff changeset
85 __END__
wizard
parents: 74
diff changeset
86
wizard
parents: 74
diff changeset
87 =pod
wizard
parents: 74
diff changeset
88
wizard
parents: 74
diff changeset
89 =head1 NAME
wizard
parents: 74
diff changeset
90
wizard
parents: 74
diff changeset
91 C<IMPL::Web::QueryHandler::SecureCookie>
wizard
parents: 74
diff changeset
92
wizard
parents: 74
diff changeset
93 =head1 DESCRIPTION
wizard
parents: 74
diff changeset
94
wizard
parents: 74
diff changeset
95 C<use base qw(IMPL::Web::QueryHandler)>
wizard
parents: 74
diff changeset
96
wizard
parents: 74
diff changeset
97 Возобновляет сессию пользователя на основе информации переданной через Cookie.
wizard
parents: 74
diff changeset
98
wizard
parents: 74
diff changeset
99 Использует механизм подписи информации для проверки верности входных данных перед
wizard
parents: 74
diff changeset
100 началом каких-либо действий.
wizard
parents: 74
diff changeset
101
wizard
parents: 74
diff changeset
102 Данный обработчик возвращает результат выполнения следдующего обработчика.
wizard
parents: 74
diff changeset
103
wizard
parents: 74
diff changeset
104 =head1 MEMBERS
wizard
parents: 74
diff changeset
105
wizard
parents: 74
diff changeset
106 =over
wizard
parents: 74
diff changeset
107
wizard
parents: 74
diff changeset
108 =item C<[get,set] salt>
wizard
parents: 74
diff changeset
109
wizard
parents: 74
diff changeset
110 Скаляр, использующийся для подписи данных.
wizard
parents: 74
diff changeset
111
wizard
parents: 74
diff changeset
112 =back
wizard
parents: 74
diff changeset
113
wizard
parents: 74
diff changeset
114 =cut