[catagits/Catalyst-Authentication-Credential-HTTP-Proxy.git] / lib / Catalyst / Authentication / Credential / HTTP / Proxy.pm

package Catalyst::Authentication::Credential::HTTP::Proxy;
use base qw/Catalyst::Authentication::Credential::HTTP/;

use strict;
use warnings;

use String::Escape ();
use URI::Escape    ();
use Catalyst::Authentication::Credential::HTTP::Proxy::User;

our $VERSION = "0.04";

sub init {
    my ($self) = @_;
    
    my $type = $self->_config->{'type'} ||= 'basic';
    
    if (!$self->_config->{url}) {
        Catalyst::Exception->throw(__PACKAGE__ . " configuration does not include a 'url' key, cannot proceed");
    }
    
    if (!grep /^$type$/, ('basic')) {
        Catalyst::Exception->throw(__PACKAGE__ . " used with unsupported authentication type: " . $type);
    }
}

sub authenticate_basic {
    my ( $self, $c, $realm, $auth_info ) = @_;

    $c->log->debug('Checking http basic authentication.') if $c->debug;

    my $headers = $c->req->headers;

    if ( my ( $user, $password ) = $headers->authorization_basic ) {
        my $ua = Catalyst::Authentication::Credential::HTTP::Proxy::User->new;
        $ua->credentials($user, $password);
        my $resp = $ua->get($self->_config->{url});
        if ( $resp->is_success ) {
            # Config username_field TODO
	        my $user_obj = $realm->find_user( { username => $user }, $c);
	        unless ($user_obj) {
                $c->log->debug("User '$user' doesn't exist in the default store")
                    if $c->debug;
                return;
            }
            $c->set_authenticated($user_obj);
            return 1;
        }
        else {
            $c->log->info('Remote authentication failed:'.$resp->message);
            return 0;
        }
    } 
    elsif ( $c->debug ) {
        $c->log->info('No credentials provided for basic auth');
        return 0;
    }
}

__END__

=pod

=head1 NAME

Catalyst::Authentication::Credential::HTTP::Proxy - HTTP Proxy authentication
for Catlayst.

=head1 SYNOPSIS

    use Catalyst qw/
        Authentication
    /;

    $c->config( authentication => {
        realms => {
            example => {
                credential => {
                    class => 'HTTP::Proxy',
                    type => 'basic', # Only basic supported
                    url => 'http://elkland.no/auth',
                },
            },
            store => {
                class => 'Minimal',
                users => {
                    Mufasa => { password => "Circle Of Life", },
                },
            },
        },
    });
    
    sub foo : Local { 
        my ( $self, $c ) = @_;

        $c->authenticate(); 
        
        # either user gets authenticated or 401 is sent

        do_stuff();
    }

=head1 DESCRIPTION

This moduule lets you use HTTP Proxy authentication with
L<Catalyst::Plugin::Authentication>.

Currently this module only supports the Basic scheme, but upon request Digest
will also be added. Patches welcome!

=head1 CONFIG

All configuration is stored in C<< YourApp->config(authentication => { yourrealm => { credential => { class => 'HTTP::Proxy', %config } } } >>.

This should be a hash, and it can contain the following entries:

=over 4

=item url

Required. A url protected with basic authentication to authenticate against.

=item type

Must be either C<basic> or not present (then it defaults to C<basic>).

This will be used to support digest authentication in future.

=back

=head1 METHODS

=over

=item init

Initializes the configuration.

=item authenticate_basic

Looks inside C<< $c->request->headers >> and processes the basic (badly named)
authorization header. Then authenticates this against the provided url.

=back

=head1 AUTHORS

Marcus Ramberg <mramberg@cpan.org>

Tomas Doran <bobtfish@bobtfish.net>

=head1 COPYRIGHT & LICENSE

        Copyright (c) 2005-2008 the aforementioned authors. All rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.

=cut
Commit	Line	Data
b2cd5ce7	1	package Catalyst::Authentication::Credential::HTTP::Proxy;
	2	use base qw/Catalyst::Authentication::Credential::HTTP/;
	3
	4	use strict;
	5	use warnings;
	6
	7	use String::Escape ();
	8	use URI::Escape ();
	9	use Catalyst::Authentication::Credential::HTTP::Proxy::User;
	10
	11	our $VERSION = "0.04";
	12
	13	sub init {
	14	my ($self) = @_;
	15
	16	my $type = $self->_config->{'type'} \|\|= 'basic';
	17
	18	if (!$self->_config->{url}) {
	19	Catalyst::Exception->throw(__PACKAGE__ . " configuration does not include a 'url' key, cannot proceed");
	20	}
	21
	22	if (!grep /^$type$/, ('basic')) {
	23	Catalyst::Exception->throw(__PACKAGE__ . " used with unsupported authentication type: " . $type);
	24	}
	25	}
	26
	27	sub authenticate_basic {
	28	my ( $self, $c, $realm, $auth_info ) = @_;
	29
	30	$c->log->debug('Checking http basic authentication.') if $c->debug;
	31
	32	my $headers = $c->req->headers;
	33
	34	if ( my ( $user, $password ) = $headers->authorization_basic ) {
	35	my $ua = Catalyst::Authentication::Credential::HTTP::Proxy::User->new;
	36	$ua->credentials($user, $password);
	37	my $resp = $ua->get($self->_config->{url});
	38	if ( $resp->is_success ) {
	39	# Config username_field TODO
	40	my $user_obj = $realm->find_user( { username => $user }, $c);
	41	unless ($user_obj) {
	42	$c->log->debug("User '$user' doesn't exist in the default store")
	43	if $c->debug;
	44	return;
	45	}
	46	$c->set_authenticated($user_obj);
	47	return 1;
	48	}
	49	else {
	50	$c->log->info('Remote authentication failed:'.$resp->message);
	51	return 0;
	52	}
	53	}
	54	elsif ( $c->debug ) {
	55	$c->log->info('No credentials provided for basic auth');
	56	return 0;
	57	}
	58	}
	59
	60	__END__
	61
	62	=pod
	63
	64	=head1 NAME
65
66	Catalyst::Authentication::Credential::HTTP::Proxy - HTTP Proxy authentication
67	for Catlayst.
68
69	=head1 SYNOPSIS
70
71	use Catalyst qw/
72	Authentication
73	/;
74
75	$c->config( authentication => {
76	realms => {
77	example => {
78	credential => {
79	class => 'HTTP::Proxy',
80	type => 'basic', # Only basic supported
81	url => 'http://elkland.no/auth',
82	},
83	},
84	store => {
85	class => 'Minimal',
86	users => {
87	Mufasa => { password => "Circle Of Life", },
88	},
89	},
90	},
91	});
92
93	sub foo : Local {
94	my ( $self, $c ) = @_;
95
96	$c->authenticate();
97
98	# either user gets authenticated or 401 is sent
99
100	do_stuff();
101	}
102
103	=head1 DESCRIPTION
104
105	This moduule lets you use HTTP Proxy authentication with
106	L<Catalyst::Plugin::Authentication>.
107
108	Currently this module only supports the Basic scheme, but upon request Digest
109	will also be added. Patches welcome!
110
111	=head1 CONFIG
112
113	All configuration is stored in C<< YourApp->config(authentication => { yourrealm => { credential => { class => 'HTTP::Proxy', %config } } } >>.
114
115	This should be a hash, and it can contain the following entries:
116
117	=over 4
118
119	=item url
120
121	Required. A url protected with basic authentication to authenticate against.
122
123	=item type
124
125	Must be either C<basic> or not present (then it defaults to C<basic>).
126
127	This will be used to support digest authentication in future.
128
129	=back
130
131	=head1 METHODS
132
133	=over
134
135	=item init
136
137	Initializes the configuration.
138
139	=item authenticate_basic
140
141	Looks inside C<< $c->request->headers >> and processes the basic (badly named)
142	authorization header. Then authenticates this against the provided url.
143
144	=back
145
146	=head1 AUTHORS
147
148	Marcus Ramberg <mramberg@cpan.org>
149
150	Tomas Doran <bobtfish@bobtfish.net>
151
152	=head1 COPYRIGHT & LICENSE
153
154	Copyright (c) 2005-2008 the aforementioned authors. All rights
155	reserved. This program is free software; you can redistribute
156	it and/or modify it under the same terms as Perl itself.
157
158	=cut
159