49
|
1 package Engine::Security::Auth;
|
|
2 use strict;
|
|
3 use Common;
|
|
4 our @ISA = qw(Object);
|
|
5 use Security;
|
|
6 use Security::Auth;
|
|
7 use Engine::Security::AccessDeniedException;
|
|
8
|
|
9 BEGIN {
|
|
10 DeclareProperty ClientSecData => ACCESS_READ;
|
|
11 DeclareProperty SecPackage => ACCESS_READ;
|
|
12 DeclareProperty DataSource => ACCESS_READ;
|
|
13 DeclareProperty DefaultUser => ACCESS_READ;
|
|
14 DeclareProperty _AuthMod => ACCESS_NONE; # construct on demand
|
|
15 }
|
|
16
|
|
17 sub CTOR {
|
|
18 my $this = shift;
|
|
19 $this->SUPER::CTOR(@_);
|
|
20 eval "require $this->{$ClientSecData};" or warn $@;
|
|
21 }
|
|
22
|
|
23 sub DoAuth {
|
|
24 my ($this) = @_;
|
|
25
|
|
26 my $data = $this->{$ClientSecData}->ReadSecData($this);
|
|
27 my $SSID = $this->{$ClientSecData}->ReadSSID($this);
|
|
28
|
|
29 my $AuthResult;
|
|
30
|
|
31 if ($SSID) {
|
|
32 $AuthResult = $this->AuthMod->AuthenticateSession($SSID,$data);
|
|
33 } else {
|
|
34 $AuthResult = new Security::AuthResult(State => Security::AUTH_NOAUTH);
|
|
35 }
|
|
36
|
|
37 if ($AuthResult->State == Security::AUTH_SUCCESS) {
|
|
38 #warn "Session authenticated: ".$AuthResult->Session->User->Name;
|
|
39 } else {
|
|
40 #warn "Session is not authenticated: ".$AuthResult->State;
|
|
41 if ($this->{$DefaultUser}) {
|
|
42 $AuthResult = $this->AuthMod->AuthenticateUser($this->{$DefaultUser},undef);
|
|
43 }
|
|
44 }
|
|
45
|
|
46 return $AuthResult;
|
|
47 }
|
|
48
|
|
49 sub SetAuthResult {
|
|
50 my ($this,$AuthResult) = @_;
|
|
51
|
|
52 if ($AuthResult and $AuthResult->State == Security::AUTH_SUCCESS) {
|
|
53 $this->_CurrentSession($AuthResult->Session);
|
|
54 $this->{$ClientSecData}->WriteSecData($AuthResult->ClientSecData,$this);
|
|
55 } else {
|
|
56 $this->_CurrentSession(undef);
|
|
57 $this->{$ClientSecData}->WriteSecData(undef,$this);
|
|
58 }
|
|
59 }
|
|
60
|
|
61 sub _CurrentSession {
|
|
62 my ($this,$Session) = @_;
|
|
63
|
|
64 if (@_ >= 2) {
|
|
65 $this->AuthMod->DS->CloseSession(Security->CurrentSession) if Security->CurrentSession;
|
|
66
|
|
67 $this->{$ClientSecData}->WriteSSID($Session ? $Session->SSID : undef);
|
|
68 Security->CurrentSession($Session);
|
|
69 } else {
|
|
70 return Security->CurrentSession;
|
|
71 }
|
|
72 }
|
|
73
|
|
74 sub AuthMod {
|
|
75 my ($this) = @_;
|
|
76 if (not $this->{$_AuthMod}) {
|
|
77 if ($this->{$DataSource} and $this->{$SecPackage}) {
|
|
78 eval qq {
|
|
79 require $this->{$DataSource};
|
|
80 require $this->{$SecPackage};
|
|
81 } or warn $@;
|
|
82 $this->{$_AuthMod} = Security::Auth->new(
|
|
83 DS => $this->{$DataSource},
|
|
84 SecPackage => $this->{$SecPackage}
|
|
85 );
|
|
86 } else {
|
|
87 #construct default
|
|
88 $this->{$_AuthMod} = Security::Auth->construct;
|
|
89 }
|
|
90 }
|
|
91 return $this->{$_AuthMod};
|
|
92 }
|
|
93
|
|
94 1;
|