Commit | Line | Data |
b2cd5ce7 |
1 | package Catalyst::Authentication::Credential::HTTP::Proxy; |
2 | use base qw/Catalyst::Authentication::Credential::HTTP/; |
3 | |
4 | use strict; |
5 | use warnings; |
6 | |
7 | use String::Escape (); |
8 | use URI::Escape (); |
9 | use Catalyst::Authentication::Credential::HTTP::Proxy::User; |
10 | |
bcd7b9c8 |
11 | our $VERSION = "0.06"; |
bbec9b61 |
12 | |
13 | __PACKAGE__->mk_accessors(qw/ |
14 | url |
15 | /); |
b2cd5ce7 |
16 | |
17 | sub init { |
18 | my ($self) = @_; |
19 | |
bbec9b61 |
20 | my $type = $self->type || 'basic'; |
b2cd5ce7 |
21 | |
22 | if (!$self->_config->{url}) { |
23 | Catalyst::Exception->throw(__PACKAGE__ . " configuration does not include a 'url' key, cannot proceed"); |
24 | } |
25 | |
26 | if (!grep /^$type$/, ('basic')) { |
27 | Catalyst::Exception->throw(__PACKAGE__ . " used with unsupported authentication type: " . $type); |
28 | } |
bbec9b61 |
29 | $self->type($type); |
b2cd5ce7 |
30 | } |
31 | |
32 | sub authenticate_basic { |
33 | my ( $self, $c, $realm, $auth_info ) = @_; |
34 | |
35 | $c->log->debug('Checking http basic authentication.') if $c->debug; |
36 | |
37 | my $headers = $c->req->headers; |
38 | |
39 | if ( my ( $user, $password ) = $headers->authorization_basic ) { |
40 | my $ua = Catalyst::Authentication::Credential::HTTP::Proxy::User->new; |
41 | $ua->credentials($user, $password); |
bbec9b61 |
42 | my $resp = $ua->get($self->url); |
b2cd5ce7 |
43 | if ( $resp->is_success ) { |
44 | # Config username_field TODO |
45 | my $user_obj = $realm->find_user( { username => $user }, $c); |
46 | unless ($user_obj) { |
47 | $c->log->debug("User '$user' doesn't exist in the default store") |
48 | if $c->debug; |
49 | return; |
50 | } |
51 | $c->set_authenticated($user_obj); |
52 | return 1; |
53 | } |
54 | else { |
55 | $c->log->info('Remote authentication failed:'.$resp->message); |
56 | return 0; |
57 | } |
58 | } |
59 | elsif ( $c->debug ) { |
60 | $c->log->info('No credentials provided for basic auth'); |
61 | return 0; |
62 | } |
63 | } |
64 | |
bbec9b61 |
65 | 1; |
66 | |
b2cd5ce7 |
67 | __END__ |
68 | |
69 | =pod |
70 | |
71 | =head1 NAME |
72 | |
73 | Catalyst::Authentication::Credential::HTTP::Proxy - HTTP Proxy authentication |
810e6799 |
74 | for Catalyst. |
b2cd5ce7 |
75 | |
76 | =head1 SYNOPSIS |
77 | |
78 | use Catalyst qw/ |
79 | Authentication |
80 | /; |
81 | |
82 | $c->config( authentication => { |
83 | realms => { |
84 | example => { |
85 | credential => { |
86 | class => 'HTTP::Proxy', |
87 | type => 'basic', # Only basic supported |
88 | url => 'http://elkland.no/auth', |
89 | }, |
90 | }, |
91 | store => { |
92 | class => 'Minimal', |
93 | users => { |
12aaae34 |
94 | Mufasa => { }, |
b2cd5ce7 |
95 | }, |
96 | }, |
97 | }, |
98 | }); |
99 | |
100 | sub foo : Local { |
101 | my ( $self, $c ) = @_; |
102 | |
103 | $c->authenticate(); |
104 | |
105 | # either user gets authenticated or 401 is sent |
106 | |
107 | do_stuff(); |
108 | } |
109 | |
110 | =head1 DESCRIPTION |
111 | |
bbec9b61 |
112 | This module lets you use HTTP Proxy authentication with |
b2cd5ce7 |
113 | L<Catalyst::Plugin::Authentication>. |
114 | |
115 | Currently this module only supports the Basic scheme, but upon request Digest |
116 | will also be added. Patches welcome! |
117 | |
118 | =head1 CONFIG |
119 | |
120 | All configuration is stored in C<< YourApp->config(authentication => { yourrealm => { credential => { class => 'HTTP::Proxy', %config } } } >>. |
121 | |
122 | This should be a hash, and it can contain the following entries: |
123 | |
124 | =over 4 |
125 | |
126 | =item url |
127 | |
128 | Required. A url protected with basic authentication to authenticate against. |
129 | |
130 | =item type |
131 | |
132 | Must be either C<basic> or not present (then it defaults to C<basic>). |
133 | |
134 | This will be used to support digest authentication in future. |
135 | |
136 | =back |
137 | |
138 | =head1 METHODS |
139 | |
140 | =over |
141 | |
142 | =item init |
143 | |
144 | Initializes the configuration. |
145 | |
146 | =item authenticate_basic |
147 | |
148 | Looks inside C<< $c->request->headers >> and processes the basic (badly named) |
149 | authorization header. Then authenticates this against the provided url. |
150 | |
151 | =back |
152 | |
153 | =head1 AUTHORS |
154 | |
155 | Marcus Ramberg <mramberg@cpan.org> |
156 | |
157 | Tomas Doran <bobtfish@bobtfish.net> |
158 | |
159 | =head1 COPYRIGHT & LICENSE |
160 | |
161 | Copyright (c) 2005-2008 the aforementioned authors. All rights |
162 | reserved. This program is free software; you can redistribute |
163 | it and/or modify it under the same terms as Perl itself. |
164 | |
165 | =cut |
166 | |