File Coverage

blib/lib/Authen/SASL/Perl/NTLM.pm
Criterion Covered Total %
statement 40 40 100.0
branch 16 16 100.0
condition n/a
subroutine 9 9 100.0
pod 0 3 0.0
total 65 68 95.5


line stmt bran cond sub pod time code
1             package Authen::SASL::Perl::NTLM;
2             # ABSTRACT: NTLM authentication plugin for Authen::SASL
3             $Authen::SASL::Perl::NTLM::VERSION = '0.003';
4 1     1   715 use 5.006;
  1         2  
5 1     1   4 use strict;
  1         1  
  1         19  
6 1     1   3 use warnings;
  1         1  
  1         25  
7              
8 1     1   3 use Authen::NTLM ();
  1         1  
  1         10  
9 1     1   2 use MIME::Base64 ();
  1         1  
  1         13  
10              
11 1     1   490 use parent qw(Authen::SASL::Perl);
  1         256  
  1         5  
12              
13             # do we need these?
14             # sub _order { 1 }
15             # sub _secflags { 0 };
16              
17 1     1 0 53009 sub mechanism { 'NTLM' } ## no critic (RequireFinalReturn)
18              
19             #
20             # Initialises the NTLM object and sets the domain, host, user, and password.
21             #
22             sub client_start {
23 4     4 0 53005 my ($self) = @_;
24              
25 4         6 $self->{need_step} = 1;
26 4         4 $self->{error} = undef;
27 4         4 $self->{stage} = 0;
28              
29 4         13 my $user = $self->_call('user');
30              
31             # Check for the domain in the username
32 4         42 my $domain;
33 4 100       17 ( $domain, $user ) = split m{ \\ }xms, $user
34             if index( $user, q{\\} ) > -1;
35              
36 4         10 $self->{ntlm} = Authen::NTLM->new(
37             host => $self->host,
38             domain => $domain,
39             user => $user,
40             password => $self->_call('pass'),
41             );
42              
43 4         104 return q{};
44             }
45              
46             #
47             # If C<$challenge> is undefined, it will return a NTLM type 1 request
48             # message.
49             # Otherwise, C<$challenge> is assumed to be a NTLM type 2 challenge from
50             # which the NTLM type 3 response will be generated and returned.
51             #
52             sub client_step {
53 8     8 0 1228 my ( $self, $challenge ) = @_;
54              
55 8 100       18 if ( defined $challenge ) {
56             # The challenge has been decoded but Authen::NTLM expects it encoded
57 7         16 $challenge = MIME::Base64::encode_base64($challenge);
58              
59             # Empty challenge string needs to be undef if we want
60             # Authen::NTLM::challenge() to generate a type 1 message
61 7 100       16 $challenge = undef if $challenge eq q{};
62             }
63              
64 8         9 my $stage = ++$self->{stage};
65 8 100       19 if ( $stage == 1 ) {
    100          
66 4 100       16 $self->set_error('Challenge must not be given for type 1 request')
67             if $challenge;
68             }
69             elsif ( $stage == 2 ) {
70 3         9 $self->set_success; # no more steps
71 3 100       12 $self->set_error('No challenge was given for type 2 request')
72             if !$challenge;
73             }
74             else {
75 1         4 $self->set_error('Invalid step');
76             }
77 8 100       22 return q{} if $self->error;
78              
79 5         24 my $response = $self->{ntlm}->challenge($challenge);
80              
81             # The caller expects the response to be unencoded but
82             # Authen::NTLM::challenge() has already encoded it
83 5         103489 return MIME::Base64::decode_base64($response);
84             }
85              
86             1;
87              
88             __END__