X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2Fstemmaweb%2FAuthentication%2FCredential%2FGoogle.pm;h=267127f3e32e638030d3f4c7933f1421f23d34b6;hb=c13343b3881c35e0c1acfb575a93ade1cc22abaa;hp=07a3c5ffb1fc49c4d8a9ba71fd7ccbe60ef1700b;hpb=fad4df2573e1f42fc93308a05564679b43541d6f;p=scpubgit%2Fstemmaweb.git

diff --git a/lib/stemmaweb/Authentication/Credential/Google.pm b/lib/stemmaweb/Authentication/Credential/Google.pm
index 07a3c5f..267127f 100644
--- a/lib/stemmaweb/Authentication/Credential/Google.pm
+++ b/lib/stemmaweb/Authentication/Credential/Google.pm
@@ -48,11 +48,18 @@ sub authenticate {
         Catalyst::Exception->throw("id_token not specified.");
     }
 
+    my $email = $authinfo->{email};
+    $email ||= $c->req->method eq 'GET' ? $c->req->query_params->{email} :
+    $c->req->body_params->{email};
+
     my $userinfo = $self->decode($id_token);
+    $userinfo->{email} = $authinfo->{email};
 
     my $sub = $userinfo->{sub};
     my $openid = $userinfo->{openid_id};
 
+    $userinfo->{email} = $email if $email;
+
     if (!$sub || !$openid) {
         Catalyst::Exception->throw(
             'Could not retrieve sub and openid from token! Is the token
@@ -90,8 +97,42 @@ Decoded JSON object containing certificates.
 sub retrieve_certs {
     my ($self, $url) = @_;
 
-    $url ||= ( $self->{_app}->config->{'Authentication::Credential::Google'}->{url} || 'https://www.googleapis.com/oauth2/v1/certs' );
-    return decode_json(get($url));
+    my $c = $self->{_app};
+    my $cached = 0;
+    my $certs;
+    my $cache;
+
+    $url ||= ( $c->config->{'Authentication::Credential::Google'}->{public_cert_url} || 'https://www.googleapis.com/oauth2/v1/certs' );
+
+    if ( ($c->registered_plugins('Catalyst::Plugin::Cache')) && ($cache = $c->cache) ) {
+        if ($certs = $cache->get('certs')) {
+            $certs = decode_json($certs);
+
+            foreach my $key (keys %$certs) {
+                my $cert = $certs->{$key};
+                my $x509 = Crypt::OpenSSL::X509->new_from_string($cert);
+
+                if ($self->is_cert_expired($x509)) {
+                    $cached = 0;
+                    last;
+                } else {
+                    $cached = 1;
+                }
+            }
+        }
+    }
+
+    if (!$cached) {
+        my $certs_encoded = get($url);
+
+        if ($cache) {
+            $cache->set('certs', $certs_encoded);
+        }
+
+        $certs = decode_json($certs_encoded);
+    }
+
+    return $certs;
 }
 
 =head2 get_key_from_cert