From: Brian Cassidy Date: Thu, 26 Apr 2007 19:56:25 +0000 (+0000) Subject: switch to Module::Install. add pod/podcoverage tests. fix coverage. add README. fix... X-Git-Tag: v0.11~4 X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Authentication-Credential-HTTP.git;a=commitdiff_plain;h=826670f99c7d83b218b7067d4a3d3ce3e32e49a9 switch to Module::Install. add pod/podcoverage tests. fix coverage. add README. fix Changes. --- diff --git a/Changes b/Changes index 750a150..c669fc7 100644 --- a/Changes +++ b/Changes @@ -1,9 +1,17 @@ -0.08 +0.10 2007-04-26 + - switch to Module::Install + +0.09 2006-12-31 + - clean up tests + - clean up docs + - add body to 401 status + +0.08 2006-10-12 - Fix basic test when using Test::MockObject 1.07 (die if using undefined interfaces) -0.07 +0.07 2006-09-12 - Applied Ton Voon's patch that fixed option propagation for basic auth. -0.06 +0.06 2006-09-07 - Refactored internals into smaller methods diff --git a/Makefile.PL b/Makefile.PL index 58e61fd..c1501a6 100644 --- a/Makefile.PL +++ b/Makefile.PL @@ -1,18 +1,16 @@ -use ExtUtils::MakeMaker; -WriteMakefile( - 'NAME' => 'Catalyst::Plugin::Authentication::Credential::HTTP', - 'VERSION_FROM' => 'lib/Catalyst/Plugin/Authentication/Credential/HTTP.pm', - 'PREREQ_PM' => { - 'Catalyst' => '5.49', - 'Catalyst::Plugin::Authentication' => 0, - 'Data::UUID' => '0.11', - 'String::Escape' => 0, - 'Test::Exception' => 0, - 'Test::MockObject' => '1.01', - 'URI::Escape' => 0, - }, - 'INSTALLDIRS' => 'site', - 'EXE_FILES' => [], - 'PL_FILES' => {}, - 'SIGN' => 1, -); +use inc::Module::Install 0.65; + +name 'Catalyst-Plugin-Authentication-Credential-HTTP'; +all_from 'lib/Catalyst/Plugin/Authentication/Credential/HTTP.pm'; + +requires 'Catalyst::Runtime'; +requires 'Catalyst::Plugin::Authentication'; +requires 'Data::UUID' => '0.11'; +requires 'String::Escape'; +requires 'Test::Exception'; +requires 'Test::MockObject'; +requires 'URI::Escape'; + +auto_install; +WriteAll; + diff --git a/README b/README new file mode 100644 index 0000000..2f7d7db --- /dev/null +++ b/README @@ -0,0 +1,142 @@ +NAME + Catalyst::Plugin::Authentication::Credential::HTTP - HTTP Basic and + Digest authentication for Catalyst. + +SYNOPSIS + use Catalyst qw/ + Authentication + Authentication::Store::Minimal + Authentication::Credential::HTTP + /; + + __PACKAGE__->config->{authentication}{http}{type} = 'any'; # or 'digest' or 'basic' + __PACKAGE__->config->{authentication}{users} = { + Mufasa => { password => "Circle Of Life", }, + }; + + sub foo : Local { + my ( $self, $c ) = @_; + + $c->authorization_required( realm => "foo" ); # named after the status code ;-) + + # either user gets authenticated or 401 is sent + + do_stuff(); + } + + # with ACL plugin + __PACKAGE__->deny_access_unless("/path", sub { $_[0]->authenticate_http }); + + sub end : Private { + my ( $self, $c ) = @_; + + $c->authorization_required_response( realm => "foo" ); + $c->error(0); + } + +DESCRIPTION + This moduule lets you use HTTP authentication with + Catalyst::Plugin::Authentication. Both basic and digest authentication + are currently supported. + + When authentication is required, this module sets a status of 401, and + the body of the response to 'Authorization required.'. To override this + and set your own content, check for the "$c->res->status == 401" in your + "end" action, and change the body accordingly. + + TERMS + Nonce + A nonce is a one-time value sent with each digest authentication + request header. The value must always be unique, so per default the + last value of the nonce is kept using Catalyst::Plugin::Cache. To + change this behaviour, override the + "store_digest_authorization_nonce" and + "get_digest_authorization_nonce" methods as shown below. + +METHODS + authorization_required %opts + Tries to "authenticate_http", and if that fails calls + "authorization_required_response" and detaches the current action + call stack. + + This method just passes the options through untouched. + + authenticate_http %opts + Looks inside "$c->request->headers" and processes the digest and + basic (badly named) authorization header. + + This will only try the methods set in the configuration. First + digest, then basic. + + See the next two methods for what %opts can contain. + + authenticate_basic %opts + authenticate_digest %opts + Try to authenticate one of the methods without checking if the + method is allowed in the configuration. + + %opts can contain "store" (either an object or a name), "user" (to + disregard %the username from the header altogether, overriding it + with a username or user %object). + + authorization_required_response %opts + Sets "$c->response" to the correct status code, and adds the correct + header to demand authentication data from the user agent. + + Typically used by "authorization_required", but may be invoked + manually. + + %opts can contain "realm", "domain" and "algorithm", which are used + to build %the digest header. + + store_digest_authorization_nonce $key, $nonce + get_digest_authorization_nonce $key + Set or get the $nonce object used by the digest auth mode. + + You may override these methods. By default they will call "get" and + "set" on "$c->cache". + +CONFIGURATION + All configuration is stored in + "YourApp->config->{authentication}{http}". + + This should be a hash, and it can contain the following entries: + + store + Either a name or an object -- the default store to use for HTTP + authentication. + + type + Can be either "any" (the default), "basic" or "digest". + + This controls "authorization_required_response" and + "authenticate_http", but not the "manual" methods. + + authorization_required_message + Set this to a string to override the default body content + "Authorization required." + +RESTRICTIONS + When using digest authentication, this module will only work together + with authentication stores whose User objects have a "password" method + that returns the plain-text password. It will not work together with + Catalyst::Authentication::Store::Htpasswd, or + Catalyst::Plugin::Authentication::Store::DBIC stores whose "password" + methods return a hashed or salted version of the password. + +AUTHORS + Yuval Kogman, "nothingmuch@woobling.org" + + Jess Robinson + + Sascha Kiefer "esskar@cpan.org" + +SEE ALSO + RFC 2617 (or its successors), Catalyst::Plugin::Cache, + Catalyst::Plugin::Authentication + +COPYRIGHT & LICENSE + Copyright (c) 2005-2006 the aforementioned authors. All rights + reserved. This program is free software; you can redistribute + it and/or modify it under the same terms as Perl itself. + diff --git a/lib/Catalyst/Plugin/Authentication/Credential/HTTP.pm b/lib/Catalyst/Plugin/Authentication/Credential/HTTP.pm index ba69bdc..bbd322a 100644 --- a/lib/Catalyst/Plugin/Authentication/Credential/HTTP.pm +++ b/lib/Catalyst/Plugin/Authentication/Credential/HTTP.pm @@ -11,7 +11,7 @@ use URI::Escape (); use Catalyst (); use Digest::MD5 (); -our $VERSION = "0.09"; +our $VERSION = "0.10"; sub authenticate_http { my ( $c, @args ) = @_; @@ -481,6 +481,8 @@ Set or get the C<$nonce> object used by the digest auth mode. You may override these methods. By default they will call C and C on C<< $c->cache >>. +=item get_http_auth_store %opts + =back =head1 CONFIGURATION diff --git a/t/02pod.t b/t/02pod.t new file mode 100644 index 0000000..1647794 --- /dev/null +++ b/t/02pod.t @@ -0,0 +1,7 @@ +use Test::More; + +eval "use Test::Pod 1.14"; +plan skip_all => 'Test::Pod 1.14 required' if $@; +plan skip_all => 'set TEST_POD to enable this test' unless $ENV{TEST_POD}; + +all_pod_files_ok(); diff --git a/t/03podcoverage.t b/t/03podcoverage.t new file mode 100644 index 0000000..d91be5e --- /dev/null +++ b/t/03podcoverage.t @@ -0,0 +1,7 @@ +use Test::More; + +eval "use Test::Pod::Coverage 1.04"; +plan skip_all => 'Test::Pod::Coverage 1.04 required' if $@; +plan skip_all => 'set TEST_POD to enable this test' unless $ENV{TEST_POD}; + +all_pod_coverage_ok();