File Coverage

blib/lib/Catalyst/Authentication/Credential/Authen/Simple.pm

Criterion	Covered	Total	%
statement	10	12	83.3
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	14	16	87.5

line	stmt	sub	time	code
1				package Catalyst::Authentication::Credential::Authen::Simple;
2				{
3				$Catalyst::Authentication::Credential::Authen::Simple::VERSION = '0.09';
4				}
5
6	2	2	29265	use strict;
	2		4
	2		74
7	2	2	9	use warnings;
	2		4
	2		50
8
9	2	2	1560	use Authen::Simple;
	2		45239
	2		55
10	2	2	952	use Catalyst::Utils;
	0
	0
11
12				sub new {
13				my ($class, $config, $app, $realm) = @_;
14				my $self = {};
15				bless $self, $class;
16
17				unless (defined $config->{'authen'}){
18				die "No Authen::Simple classes specified for Credential::Authen::Simple in 'authen' key"
19				}
20
21				if (ref($config->{'authen'}) ne 'ARRAY') {
22				$config->{'authen'} = [ $config->{'authen'} ];
23				}
24				my $log = $app->log;
25
26				my @auth_arr;
27				foreach my $auth (@{ $config->{'authen'} }){
28				my $class = "Authen::Simple::$auth->{'class'}";
29				$log->debug("Loading class: $class") if $app->debug;
30				Catalyst::Utils::ensure_class_loaded($class);
31				push @auth_arr, $class->new(%{ $auth->{'args'} });
32				}
33
34				# Catalyst documentation only says that Logger objects SHOULD
35				# implement these methods. $log has to exist, and $log->debug too
36				# (they've been used a couple of lines earlier)
37				if ($log->can('warn') and
38				$log->can('error') and
39				$log->can('debug') and
40				$log->can('info')
41				){
42				foreach my $auth (@auth_arr){
43				$auth->log($log);
44				}
45				} else {
46				$log->debug('Authen::Simple classes cannot log with the configured Catalyst log object') if ($app->debug);
47				}
48
49				$self->{'_config'}->{'password_field'} \|\|= 'password';
50				$self->{'_auth'} = new Authen::Simple(@auth_arr);
51
52				return $self;
53
54				}
55
56				sub authenticate {
57				my ($self, $c, $realm, $authinfo) = @_;
58
59				my $user = $authinfo->{'username'};
60				my $password = $authinfo->{'password'};
61
62				## because passwords may be in a hashed format, we have to make sure that we remove the
63				## password_field before we pass it to the user routine, as some auth modules use
64				## all data passed to them to find a matching user...
65				my $userfindauthinfo = {%{$authinfo}};
66				delete($userfindauthinfo->{$self->{'_config'}->{'password_field'}});
67
68				my $user_obj = $realm->find_user($userfindauthinfo, $c);
69				if (not ref($user_obj)) {
70				$c->log->debug("Unable to locate user matching user info provided") if $c->debug;
71				return;
72				}
73
74				unless (defined $password) {
75				$c->log->debug("Can't login a user without a password") if $c->debug;
76				return 0;
77				}
78
79				if ($self->{'_auth'}->authenticate($user, $password)){
80				$c->log->debug("User $user Authenticated") if $c->debug;
81				return $user_obj;
82				} else {
83				$c->log->debug("None of the Authen::Simple classes authed $user") if $c->debug;;
84				return;
85				}
86				}
87
88				#################### main pod documentation begin ###################
89
90				=head1 NAME
91
92				Catalyst::Authentication::Credential::Authen::Simple - Verify credentials with the Authen::Simple framework
93
94				=head1 SYNOPSIS
95
96				use Catalyst qw(Authentication);
97				# later on ...
98				if ($c->authenticate({ username => 'myusername',
99				password => 'mypassword' })){
100				my $long_name = $c->user->get('LongName');
101				# Hello Mr $long_name
102				}
103
104				=head1 DESCRIPTION
105
106				This module helps your Cataylst Application authenticate against a lot of credential databases thanks to the Authen::Simple framework.
107
108				=head1 USAGE
109
110				Just configure your Catalyst App Authentication to use class 'Authen::Simple' as the credential verifier, and give it a set of Authen::Simple classes. You can pass arguments to the Authen::Simple:XXX class constructors with the 'args' key. Note that the authen key is an array. If more than one class is specified, when your app authenticates, the username and password is submitted to each class until one of the classes returns that the user/pass pair is valid. If no class validates the credentials, the user is not able to log in.
111
112				'Plugin::Authentication' => {
113				'realms' => {
114				'default' => {
115				'store' => { ... }
116				'credential' => {
117				'class' => 'Authen::Simple',
118				'authen' => [
119				{
120				'class' => 'Passwd',
121				'args' => {
122				'path' => '/etc/shadow'
123				}
124				},
125				{
126				'class' => 'SSH',
127				'args' => {
128				'host' => 'host.company.com'
129				}
130				}
131				]
132				}
133				}
134				}
135				}
136
137				If the Catalyst log object is compatible with the Authen::Simple log object, Authen::Simple classes will log through Catalyst.
138
139				=head2 new
140
141				Called by Catalyst::Authentication. Instances the Authen::Simple classes read from the configuration.
142
143				=cut
144
145				=head2 authenticate
146
147				Usage : Call $c->authenticate({ username => ..., password => ...});
148				Returns : User object if the credentials are verified successfully. undef if user not authenticated.
149
150				=cut
151
152				=head1 AUTHOR
153
154				Jose Luis Martinez
155				CPAN ID: JLMARTIN
156				CAPSiDE
157				jlmartinez@capside.com
158				http://www.pplusdomain.net
159
160				=head1 THANKS
161
162				Tobjorn Lindahl, Dylan Martin, Tomas Doran and Inigo Tejedor Arrondo for patches and recommedations
163
164				=head1 COPYRIGHT
165
166				Copyright (c) 2008 by Jose Luis Martinez Torres
167
168				This program is free software; you can redistribute
169				it and/or modify it under the same terms as Perl itself.
170
171				The full text of the license can be found in the
172				LICENSE file included with this module.
173
174
175				=head1 SEE ALSO
176
177				Authen::Simple and all of the Authen::Simple::XXX classes
178
179				=cut
180
181				#################### main pod documentation end ###################
182
183
184				1;
185