File Coverage

blib/lib/Authen/PAAS/BasicLoginModule.pm
Criterion Covered Total %
statement 35 35 100.0
branch 6 8 75.0
condition n/a
subroutine 8 8 100.0
pod 2 2 100.0
total 51 53 96.2


line stmt bran cond sub pod time code
1             # -*- perl -*-
2             #
3             # Authen::PAAS::LoginModule by Daniel Berrange
4             #
5             # Copyright (C) 2004-2006 Dan Berrange
6             #
7             # This program is free software; you can redistribute it and/or modify
8             # it under the terms of the GNU General Public License as published by
9             # the Free Software Foundation; either version 2 of the License, or
10             # (at your option) any later version.
11             #
12             # This program is distributed in the hope that it will be useful,
13             # but WITHOUT ANY WARRANTY; without even the implied warranty of
14             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15             # GNU General Public License for more details.
16             #
17             # You should have received a copy of the GNU General Public License
18             # along with this program; if not, write to the Free Software
19             # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20             #
21             # $Id: BasicLoginModule.pm,v 1.2 2005/08/21 10:57:06 dan Exp $
22              
23             =pod
24              
25             =head1 NAME
26              
27             Authen::PAAS::LoginModule - a pluggable authentication module
28              
29             =head1 SYNOPSIS
30              
31             use Authen::PAAS::LoginModule;
32              
33             my $result = $module->login($subject, \%callbacks);
34              
35             =head1 DESCRIPTION
36              
37             This module provides the API for authenticating a subject
38             for the purposes of session login. It will be subclassed
39             to provide the implementations of different authentication
40             schemes.
41              
42             =head1 CONFIGURATION
43              
44             This module expects one custom configuration option with
45             the key C to refer to the username, password
46             mapping file.
47              
48             =head1 METHODS
49              
50             =over 4
51              
52             =cut
53              
54             package Authen::PAAS::BasicLoginModule;
55              
56 1     1   25824 use warnings;
  1         3  
  1         37  
57 1     1   6 use strict;
  1         3  
  1         35  
58 1     1   2123 use Config::Record;
  1         18084  
  1         37  
59 1     1   650 use Authen::PAAS::BasicUser;
  1         2  
  1         26  
60 1     1   5 use base qw(Authen::PAAS::LoginModule);
  1         1  
  1         529  
61              
62             our $VERSION = '1.0.0';
63              
64             =item my $res = $module->login($subject, $callbacks);
65              
66             Attempt to authenticate the subject against the simple username
67             and password configuration file. This module expects two callbacks,
68             one with the key C, and the other with the key C.
69              
70             =cut
71              
72             sub login {
73 3     3 1 22 my $self = shift;
74 3         4 my $subject = shift;
75 3         5 my $callbacks = shift;
76              
77 3 50       11 return 0 unless exists $callbacks->{username};
78 3 50       10 return 0 unless exists $callbacks->{password};
79              
80 3         14 my $username = $callbacks->{username}->data;
81 3         13 my $password = $callbacks->{password}->data;
82              
83 3         15 my $expected = $self->_load_password($username);
84 3 100       195 return 0 unless defined $expected;
85              
86 2         772 my $actual = crypt($password, $expected);
87              
88 2 100       13 return 0 unless $expected eq $actual;
89              
90 1         13 $subject->add_principal(ref($self), Authen::PAAS::BasicUser->new($username));
91              
92 1         9 return 1;
93             }
94              
95             sub _load_password {
96 3     3   13 my $self = shift;
97 3         5 my $username = shift;
98              
99 3         17 my $config = Config::Record->new(file => $
100             self->option("passwd-file",
101             "/etc/authen-paas-basic.cfg"));
102 3         1611 return $config->get("$username/password", undef);
103             }
104              
105             =item $module->logout($subject);
106              
107             Attempt to logout a subject, by removing any principals
108             anc credentials added during the C method.
109             This method must be implemented by subclasses.
110              
111             =cut
112              
113              
114             sub logout {
115 1     1 1 1124 my $self = shift;
116 1         3 my $subject = shift;
117 1         6 $subject->remove_principal(ref($self), "Authen::PAAS::BasicUser");
118             }
119              
120              
121             1 # So that the require or use succeeds.
122              
123             __END__