+0.1006
+ - Pass $c along to find_user method so overridden user_class users can
+ get at models (or whatever crazy things they might do) (gphat)
+
+0.1005 30 April 2009
+ - Stop throwing an exception when the lookup_user method fails
+ to find a user and instead return undef. (t0m)
+ - Add tests for above (t0m)
- Change documentation which still refers to the old ::Plugin:: style
auth system to use ->authenticate instead of ->login, and not say that
you need to do things manually to have multiple stores. (t0m)
-use inc::Module::Install;
+use inc::Module::Install 0.87;
name('Catalyst-Authentication-Store-LDAP');
abstract('Authenticate Users against LDAP Directories');
build_requires('Net::LDAP::Server::Test' => '0.07');
build_requires('Test::More');
build_requires('Test::MockObject');
+build_required('Test::Exception');
auto_install();
+resources repository => 'http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Authentication-Store-LDAP/trunk/';
+
&WriteAll;
use strict;
use warnings;
-our $VERSION = '0.1004';
+our $VERSION = '0.1005';
use Catalyst::Authentication::Store::LDAP::Backend;
use strict;
use warnings;
-our $VERSION = '0.1004';
+our $VERSION = '0.1005';
use Catalyst::Authentication::Store::LDAP::User;
use Net::LDAP;
return $self;
}
-=head2 find_user( I<authinfo> )
+=head2 find_user( I<authinfo>, $c )
Creates a L<Catalyst::Authentication::Store::LDAP::User> object
for the given User ID. This is the preferred mechanism for getting a
sub find_user {
my ( $self, $authinfo, $c ) = @_;
- return $self->get_user( $authinfo->{id} || $authinfo->{username} );
+ return $self->get_user( $authinfo->{id} || $authinfo->{username}, $c );
}
=head2 get_user($id)
Creates a L<Catalyst::Authentication::Store::LDAP::User> object
-for the given User ID. This is the preferred mechanism for getting a
-given User out of the Store.
+for the given User ID, or calls C<new> on the class specified in
+C<user_class>. This instance of the store object, the results of
+C<lookup_user> and $c are passed as arguments (in that order) to C<new>.
+This is the preferred mechanism for getting a given User out of the Store.
=cut
sub get_user {
- my ( $self, $id ) = @_;
+ my ( $self, $id, $c ) = @_;
my $user = $self->user_class->new( $self,
- $self->lookup_user($id) );
+ $self->lookup_user($id), $c );
return $user;
}
A) Bind to the directory using the configured binddn and bindpw
B) Perform a search for the User Object in the directory, using
user_basedn, user_filter, and user_scope.
- C) Assuming we found the object, we will walk it's attributes
+ C) Assuming we found the object, we will walk it's attributes
using L<Net::LDAP::Entry>'s get_value method. We store the
- results in a hashref.
- D) Return a hashref that looks like:
-
+ results in a hashref. If we do not find the object, then
+ undef is returned.
+ D) Return a hashref that looks like:
+
$results = {
'ldap_entry' => $entry, # The Net::LDAP::Entry object
'attributes' => $attributes,
push( @searchopts, %{ $self->user_search_options } );
}
my $usersearch = $ldap->search(@searchopts);
- if ( $usersearch->is_error ) {
- Catalyst::Exception->throw(
- "LDAP Error while searching for user: " . $usersearch->error );
- }
+
+ return if ( $usersearch->is_error );
+
my $userentry;
my $user_field = $self->user_field;
my $results_filter = $self->user_results_filter;
use strict;
use warnings;
-our $VERSION = '0.1004';
+our $VERSION = '0.1005';
BEGIN { __PACKAGE__->mk_accessors(qw/user store _ldap_connection/) }
=head1 METHODS
-=head2 new($store, $user)
+=head2 new($store, $user, $c)
Takes a L<Catalyst::Authentication::Store::LDAP::Backend> object
as $store, and the data structure returned by that class's "get_user"
-method as $user.
+method as $user. The final argument is an instance of your application,
+which is passed along for those wanting to subclass User and perhaps use
+models for fetching data.
Returns a L<Catalyst::Authentication::Store::LDAP::User> object.
=cut
sub new {
- my ( $class, $store, $user ) = @_;
+ my ( $class, $store, $user, $c ) = @_;
return unless $user;
use warnings;
use Catalyst::Exception;
-use Test::More tests => 7;
+use Test::More tests => 11;
use Test::MockObject::Extends;
+use Test::Exception;
use Net::LDAP::Entry;
use lib 't/lib';
eval "use Catalyst::Model::LDAP";
if ($@) {
- skip "Catalyst::Model::LDAP not installed", 7;
+ skip "Catalyst::Model::LDAP not installed", 11;
}
use_ok("Catalyst::Authentication::Store::LDAP::Backend");
$ldap->mock('unbind' => sub {});
$ldap->mock('disconnect' => sub {});
my $search_res = Test::MockObject->new();
- $search_res->mock(is_error => sub {}); # Never an error
+ my $search_is_error = 0;
+ $search_res->mock(is_error => sub { $search_is_error });
$search_res->mock(entries => sub {
return map
{ my $id = $_;
is_deeply( [sort $user->roles],
[sort qw/quuxone quuxtwo/],
"User has the expected set of roles" );
+
+ $search_is_error = 1;
+ lives_ok {
+ ok !$back->find_user( { username => 'doesnotexist' } ),
+ 'Nonexistent user returns undef';
+ } 'No exception thrown for nonexistent user';
+
}
is_deeply(\@searches, [
['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=somebody))', 'scope', 'one'],
['base', 'ou=roles', 'filter', '(&(objectClass=posixGroup)(memberUid=test))', 'scope', 'one', 'attrs', [ 'userinrole' ]],
+ ['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=doesnotexist))', 'scope', 'one'],
['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=somebody))', 'scope', 'one'],
['base', 'ou=roles', 'filter', '(&(objectClass=posixGroup)(memberUid=test))', 'scope', 'one', 'attrs', [ 'userinrole' ]],
+ ['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=doesnotexist))', 'scope', 'one'],
], 'User searches as expected');
is_deeply(\@binds, [
[ undef ], # First user search
[
undef
], # Rebind with initial credentials to find roles
+ [ undef ], # Second user search
# 2nd pass round main loop
[ undef ], # First user search
[
'ou=foobar',
'password',
'password'
- ] # Rebind to confirm user _and_ lookup roles;
+ ], # Rebind to confirm user _and_ lookup roles;
+ [ undef ], # Second user search
], 'Binds as expected');
}
projects / catagits/Catalyst-Authentication-Store-LDAP.git / commitdiff