[catagits/Catalyst-Authentication-Credential-HTTP-Proxy.git] / lib / Catalyst / Authentication / Credential / HTTP / Proxy.pm

package Catalyst::Authentication::Credential::HTTP::Proxy;
use base qw/Catalyst::Authentication::Credential::HTTP/;

use strict;
use warnings;

use String::Escape ();
use URI::Escape    ();
use Catalyst::Authentication::Credential::HTTP::Proxy::User;

our $VERSION = "0.06";

__PACKAGE__->mk_accessors(qw/ 
    url
/);

sub init {
    my ($self) = @_;
    
    my $type = $self->type || 'basic';
    
    if (!$self->_config->{url}) {
        Catalyst::Exception->throw(__PACKAGE__ . " configuration does not include a 'url' key, cannot proceed");
    }
    
    if (!grep /^$type$/, ('basic')) {
        Catalyst::Exception->throw(__PACKAGE__ . " used with unsupported authentication type: " . $type);
    }
    $self->type($type);
}

sub authenticate_basic {
    my ( $self, $c, $realm, $auth_info ) = @_;

    $c->log->debug('Checking http basic authentication.') if $c->debug;

    my $headers = $c->req->headers;

    if ( my ( $user, $password ) = $headers->authorization_basic ) {
        my $ua = Catalyst::Authentication::Credential::HTTP::Proxy::User->new;
        $ua->credentials($user, $password);
        my $resp = $ua->get($self->url);
        if ( $resp->is_success ) {
            # Config username_field TODO
	        my $user_obj = $realm->find_user( { username => $user }, $c);
	        unless ($user_obj) {
                $c->log->debug("User '$user' doesn't exist in the default store")
                    if $c->debug;
                return;
            }
            $c->set_authenticated($user_obj);
            return 1;
        }
        else {
            $c->log->info('Remote authentication failed:'.$resp->message);
            return 0;
        }
    } 
    elsif ( $c->debug ) {
        $c->log->info('No credentials provided for basic auth');
        return 0;
    }
}

1;

__END__

=pod

=head1 NAME

Catalyst::Authentication::Credential::HTTP::Proxy - HTTP Proxy authentication
for Catalyst.

=head1 SYNOPSIS

    use Catalyst qw/
        Authentication
    /;

    $c->config( authentication => {
        realms => {
            example => {
                credential => {
                    class => 'HTTP::Proxy',
                    type => 'basic', # Only basic supported
                    url => 'http://elkland.no/auth',
                },
            },
            store => {
                class => 'Minimal',
                users => {
                    Mufasa => { },
                },
            },
        },
    });
    
    sub foo : Local { 
        my ( $self, $c ) = @_;

        $c->authenticate(); 
        
        # either user gets authenticated or 401 is sent

        do_stuff();
    }

=head1 DESCRIPTION

This module lets you use HTTP Proxy authentication with
L<Catalyst::Plugin::Authentication>.

Currently this module only supports the Basic scheme, but upon request Digest
will also be added. Patches welcome!

=head1 CONFIG

All configuration is stored in C<< YourApp->config(authentication => { yourrealm => { credential => { class => 'HTTP::Proxy', %config } } } >>.

This should be a hash, and it can contain the following entries:

=over 4

=item url

Required. A url protected with basic authentication to authenticate against.

=item type

Must be either C<basic> or not present (then it defaults to C<basic>).

This will be used to support digest authentication in future.

=back

=head1 METHODS

=over

=item init

Initializes the configuration.

=item authenticate_basic

Looks inside C<< $c->request->headers >> and processes the basic (badly named)
authorization header. Then authenticates this against the provided url.

=back

=head1 AUTHORS

Marcus Ramberg <mramberg@cpan.org>

Tomas Doran <bobtfish@bobtfish.net>

=head1 COPYRIGHT & LICENSE

        Copyright (c) 2005-2008 the aforementioned authors. All rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.

=cut
Commit	Line	Data
b2cd5ce7	1	package Catalyst::Authentication::Credential::HTTP::Proxy;
	2	use base qw/Catalyst::Authentication::Credential::HTTP/;
	3
	4	use strict;
	5	use warnings;
	6
	7	use String::Escape ();
	8	use URI::Escape ();
	9	use Catalyst::Authentication::Credential::HTTP::Proxy::User;
	10
bcd7b9c8	11	our $VERSION = "0.06";
bbec9b61	12
	13	__PACKAGE__->mk_accessors(qw/
	14	url
	15	/);
b2cd5ce7	16
	17	sub init {
	18	my ($self) = @_;
	19
bbec9b61	20	my $type = $self->type \|\| 'basic';
b2cd5ce7	21
	22	if (!$self->_config->{url}) {
	23	Catalyst::Exception->throw(__PACKAGE__ . " configuration does not include a 'url' key, cannot proceed");
	24	}
	25
	26	if (!grep /^$type$/, ('basic')) {
	27	Catalyst::Exception->throw(__PACKAGE__ . " used with unsupported authentication type: " . $type);
	28	}
bbec9b61	29	$self->type($type);
b2cd5ce7	30	}
	31
	32	sub authenticate_basic {
	33	my ( $self, $c, $realm, $auth_info ) = @_;
	34
	35	$c->log->debug('Checking http basic authentication.') if $c->debug;
	36
	37	my $headers = $c->req->headers;
	38
	39	if ( my ( $user, $password ) = $headers->authorization_basic ) {
	40	my $ua = Catalyst::Authentication::Credential::HTTP::Proxy::User->new;
	41	$ua->credentials($user, $password);
bbec9b61	42	my $resp = $ua->get($self->url);
b2cd5ce7	43	if ( $resp->is_success ) {
	44	# Config username_field TODO
	45	my $user_obj = $realm->find_user( { username => $user }, $c);
	46	unless ($user_obj) {
	47	$c->log->debug("User '$user' doesn't exist in the default store")
	48	if $c->debug;
	49	return;
	50	}
	51	$c->set_authenticated($user_obj);
	52	return 1;
	53	}
	54	else {
	55	$c->log->info('Remote authentication failed:'.$resp->message);
	56	return 0;
	57	}
	58	}
	59	elsif ( $c->debug ) {
	60	$c->log->info('No credentials provided for basic auth');
	61	return 0;
	62	}
	63	}
	64
bbec9b61	65	1;
bbec9b61	66
b2cd5ce7	67	__END__
	68
	69	=pod
	70
	71	=head1 NAME
	72
	73	Catalyst::Authentication::Credential::HTTP::Proxy - HTTP Proxy authentication
810e6799	74	for Catalyst.
b2cd5ce7	75
	76	=head1 SYNOPSIS
	77
	78	use Catalyst qw/
	79	Authentication
	80	/;
	81
	82	$c->config( authentication => {
	83	realms => {
	84	example => {
	85	credential => {
	86	class => 'HTTP::Proxy',
	87	type => 'basic', # Only basic supported
	88	url => 'http://elkland.no/auth',
	89	},
	90	},
	91	store => {
	92	class => 'Minimal',
	93	users => {
12aaae34	94	Mufasa => { },
b2cd5ce7	95	},
	96	},
	97	},
	98	});
	99
	100	sub foo : Local {
	101	my ( $self, $c ) = @_;
	102
	103	$c->authenticate();
	104
	105	# either user gets authenticated or 401 is sent
	106
	107	do_stuff();
	108	}
	109
	110	=head1 DESCRIPTION
	111
bbec9b61	112	This module lets you use HTTP Proxy authentication with
b2cd5ce7	113	L<Catalyst::Plugin::Authentication>.
	114
	115	Currently this module only supports the Basic scheme, but upon request Digest
	116	will also be added. Patches welcome!
	117
	118	=head1 CONFIG
	119
	120	All configuration is stored in C<< YourApp->config(authentication => { yourrealm => { credential => { class => 'HTTP::Proxy', %config } } } >>.
	121
	122	This should be a hash, and it can contain the following entries:
	123
	124	=over 4
	125
	126	=item url
	127
	128	Required. A url protected with basic authentication to authenticate against.
	129
	130	=item type
	131
	132	Must be either C<basic> or not present (then it defaults to C<basic>).
	133
	134	This will be used to support digest authentication in future.
	135
	136	=back
	137
	138	=head1 METHODS
	139
	140	=over
	141
	142	=item init
	143
	144	Initializes the configuration.
	145
	146	=item authenticate_basic
	147
	148	Looks inside C<< $c->request->headers >> and processes the basic (badly named)
	149	authorization header. Then authenticates this against the provided url.
	150
	151	=back
	152
	153	=head1 AUTHORS
	154
	155	Marcus Ramberg <mramberg@cpan.org>
	156
	157	Tomas Doran <bobtfish@bobtfish.net>
	158
	159	=head1 COPYRIGHT & LICENSE
	160
	161	Copyright (c) 2005-2008 the aforementioned authors. All rights
	162	reserved. This program is free software; you can redistribute
	163	it and/or modify it under the same terms as Perl itself.
	164
	165	=cut
	166