my ($class, $config, $app, $realm) = @_;
$class = ref $class || $class;
- warn "MEEP\n\n";
-
my $self = {
_config => $config,
_app => $app,
$id_token ||= $c->req->method eq 'GET' ?
$c->req->query_params->{id_token} : $c->req->body_params->{id_token};
- use Data::Dumper;
- $c->log->debug(Dumper $authinfo);
-
if (!$id_token) {
Catalyst::Exception->throw("id_token not specified.");
}
- my $userinfo = $self->decode($id_token);
+ my $email = $authinfo->{email};
+ $email ||= $c->req->method eq 'GET' ? $c->req->query_params->{email} :
+ $c->req->body_params->{email};
- use Data::Dumper;
- $c->log->debug(Dumper $userinfo);
+ my $userinfo = $self->decode($id_token);
+ $userinfo->{email} = $authinfo->{email};
my $sub = $userinfo->{sub};
my $openid = $userinfo->{openid_id};
- $c->log->debug($sub);
- $c->log->debug($openid);
+ $userinfo->{email} = $email if $email;
if (!$sub || !$openid) {
Catalyst::Exception->throw(
);
}
- # Do we have a user with the google id already?
- my $user = $realm->find_user({
- id => $sub
- });
-
- if ($user) {
- return $user;
- }
-
- # Do we have a user with the openid?
-
- $user = $realm->find_user({
- url => $openid
- });
-
- if (!$user) {
- throw ("Could not find a user with that openid or sub!");
- }
-
- my $new_user = $realm->add_user({
- username => $sub,
- password => $user->password,
- role => $user->role,
- active => $user->active,
- });
-
- foreach my $t (@{ $user->traditions }) {
- $new_user->add_tradition($t);
- }
-
- warn ($new_user->id);
-
- warn (scalar @{$user->traditions});
- warn (scalar @{$new_user->traditions});
-
- use Data::Dumper;
- warn (Dumper($user->id));
-
- $realm->delete_user({ username => $user->id });
-
-
- return $new_user;
+ return $realm->find_user($userinfo, $c);
}
=head1 METHODS
sub retrieve_certs {
my ($self, $url) = @_;
- $url ||= 'https://www.googleapis.com/oauth2/v1/certs';
- return decode_json(get($url));
+ my $c = $self->{_app};
+ my $cached = 0;
+ my $certs;
+ my $cache;
+
+ $url ||= ( $c->config->{'Authentication::Credential::Google'}->{public_cert_url} || 'https://www.googleapis.com/oauth2/v1/certs' );
+
+ if ( ($c->registered_plugins('Catalyst::Plugin::Cache')) && ($cache = $c->cache) ) {
+ if ($certs = $cache->get('certs')) {
+ $certs = decode_json($certs);
+
+ foreach my $key (keys %$certs) {
+ my $cert = $certs->{$key};
+ my $x509 = Crypt::OpenSSL::X509->new_from_string($cert);
+
+ if ($self->is_cert_expired($x509)) {
+ $cached = 0;
+ last;
+ } else {
+ $cached = 1;
+ }
+ }
+ }
+ }
+
+ if (!$cached) {
+ my $certs_encoded = get($url);
+
+ if ($cache) {
+ $cache->set('certs', $certs_encoded);
+ }
+
+ $certs = decode_json($certs_encoded);
+ }
+
+ return $certs;
}
=head2 get_key_from_cert