package Catalyst::Authentication::Credential::Remote;
+use Moose;
+use namespace::autoclean;
-use strict;
-use warnings;
+with 'MooseX::Emulate::Class::Accessor::Fast';
-use base 'Class::Accessor::Fast';
+use Try::Tiny qw/ try catch /;
-BEGIN {
- __PACKAGE__->mk_accessors(
- qw/allow_re deny_re cutname_re source realm username_field/);
-}
+__PACKAGE__->mk_accessors(
+ qw/allow_re deny_re cutname_re source realm username_field/);
sub new {
my ( $class, $config, $app, $realm ) = @_;
bless $self, $class;
# we are gonna compile regular expresions defined in config parameters
- # and explicitly throw an exception saying what parameter was invalid
- if (defined($config->{allow_regexp}) && ($config->{allow_regexp} ne "")) {
- eval { $self->allow_re( qr/$config->{allow_regexp}/ ) };
- Catalyst::Exception->throw( "Invalid regular expression in ".
- "'allow_regexp' configuration parameter") if $@;
+ # and explicitly throw an exception saying what parameter was invalid
+ if (defined($config->{allow_regexp}) && ($config->{allow_regexp} ne "")) {
+ try { $self->allow_re( qr/$config->{allow_regexp}/ ) }
+ catch {
+ Catalyst::Exception->throw( "Invalid regular expression in ".
+ "'allow_regexp' configuration parameter");
+ };
}
- if (defined($config->{deny_regexp}) && ($config->{deny_regexp} ne "")) {
- eval { $self->deny_re( qr/$config->{deny_regexp}/ ) };
- Catalyst::Exception->throw( "Invalid regular expression in ".
- "'deny_regexp' configuration parameter") if $@;
+ if (defined($config->{deny_regexp}) && ($config->{deny_regexp} ne "")) {
+ try { $self->deny_re( qr/$config->{deny_regexp}/ ) }
+ catch {
+ Catalyst::Exception->throw( "Invalid regular expression in ".
+ "'deny_regexp' configuration parameter");
+ };
}
- if (defined($config->{cutname_regexp}) && ($config->{cutname_regexp} ne "")) {
- eval { $self->cutname_re( qr/$config->{cutname_regexp}/ ) };
- Catalyst::Exception->throw( "Invalid regular expression in ".
- "'cutname_regexp' configuration parameter") if $@;
+ if (defined($config->{cutname_regexp}) && ($config->{cutname_regexp} ne "")) {
+ try { $self->cutname_re( qr/$config->{cutname_regexp}/ ) }
+ catch {
+ Catalyst::Exception->throw( "Invalid regular expression in ".
+ "'cutname_regexp' configuration parameter");
+ };
}
$self->source($config->{source} || 'REMOTE_USER');
$self->realm($realm);
my $remuser;
if ($self->source eq "REMOTE_USER") {
# compatibility hack:
- if (defined($c->engine->env)) {
+ if ($c->engine->can('env') && defined($c->engine->env)) {
# BEWARE: $c->engine->env was broken prior 5.80005
$remuser = $c->engine->env->{REMOTE_USER};
}
# maybe show warning that we are gonna use DEPRECATED $req->user
if (ref($c->req->user)) {
# I do not know exactly when this happens but it happens
- Catalyst::Exception->throw( "Cannot get remote user from ".
- "\$c->req->user as it seems to be a reference not a string" );
- }
- else {
- $remuser = $c->req->user;
- }
+ Catalyst::Exception->throw( "Cannot get remote user from ".
+ "\$c->req->user as it seems to be a reference not a string" );
+ }
+ else {
+ $remuser = $c->req->user;
+ }
}
}
elsif ($self->source =~ /^(SSL_CLIENT_.*|CERT_*|AUTH_USER)$/) {
$usr = $1;
}
}
-
- $authinfo->{id} = $authinfo->{ $self->username_field } = $usr;
- $authinfo->{remote_user} = $remuser; # just to keep the original value
+
+ $authinfo->{ $self->username_field } = $usr;
my $user_obj = $realm->find_user( $authinfo, $c );
return ref($user_obj) ? $user_obj : undef;
}
Besides the common methods like HTTP Basic and Digest authentication you can
also use sophisticated ones like so called "integrated authentication" via
NTLM or Kerberos (popular in corporate intranet applications running in Windows
-Active Directory enviroment) or even the SSL authentication when users
+Active Directory environment) or even the SSL authentication when users
authenticate themself using their client SSL certificates.
The main idea of this module is based on a fact that webserver passes the name
This config item is B<OPTIONAL> - no default value.
If param B<cutname_regexp> is specified we try to cut the final usename passed to
-Catalyst application as a substring from WEBUSER. This is usefull for
+Catalyst application as a substring from WEBUSER. This is useful for
example in case of SSL authentication when WEBUSER looks like this
'CN=john, OU=Unit Name, O=Company, C=CZ' - from this format we can simply cut
pure usename by cutname_regexp set to 'CN=(.*), OU=Unit Name, O=Company, C=CZ'.