File Coverage

blib/lib/Firebase/Auth.pm

Criterion	Covered	Total	%
statement	43	43	100.0
branch	4	8	50.0
condition	1	3	33.3
subroutine	12	12	100.0
pod	5	5	100.0
total	65	71	91.5

line	stmt	bran	cond	sub	pod	time	code
1							package Firebase::Auth;
2							$Firebase::Auth::VERSION = '0.0400';
3	1			1		45796	use strict;
	1					3
	1					45
4	1			1		5	use warnings;
	1					3
	1					51
5	1			1		1088	use Digest::SHA qw(hmac_sha256);
	1					5224
	1					112
6	1			1		12	use JSON::XS;
	1					2
	1					76
7	1			1		1041	use POSIX;
	1					12413
	1					10
8	1			1		4348	use MIME::Base64;
	1					2
	1					62
9	1			1		1231	use Moo;
	1					26670
	1					8
10
11
12							has token_version => (
13							is => 'rw',
14							default => sub { 0 },
15							);
16
17							has secret => (
18							is => 'rw',
19							required=> 1,
20							);
21
22							has data => (
23							is => 'rw',
24							predicate => 'has_data',
25							);
26
27							has token_seperator => (
28							is => 'rw',
29							default => sub { '.' },
30							);
31
32							has expires => (
33							is => 'rw',
34							predicate => 'has_expires',
35							);
36
37							has not_before => (
38							is => 'rw',
39							predicate => 'has_not_before',
40							);
41
42							has admin => (
43							is => 'rw',
44							predicate => 'has_admin',
45							);
46
47							has debug => (
48							is => 'rw',
49							predicate => 'has_debug',
50							);
51
52							sub create_token {
53	1			1	1	1276	my ($self, $data) = @_;
54	1		33			9	return $self->encode_token($self->create_claims($data \|\| $self->data));
55							}
56
57							sub create_claims {
58	1			1	1	2	my ($self, $data) = @_;
59	1					285	my %claims = (
60							v => $self->token_version,
61							iat => mktime(localtime(time)),
62							d => $data,
63							);
64	1	50				13	$claims{admin} = $self->admin if $self->has_admin;
65	1	50				6	$claims{exp} = $self->expires if $self->has_expires;
66	1	50				5	$claims{nbf} = $self->not_before if $self->has_not_before;
67	1	50				4	$claims{debug} = $self->debug if $self->has_debug;
68	1					6	return \%claims;
69							}
70
71							sub encode_token {
72	1			1	1	2	my ($self, $claims) = @_;
73	1					29	my $ejsn = JSON::XS->new->utf8->space_after->encode ({'typ'=> 'JWT', 'alg'=> 'HS256'}) ;
74	1					10	my $encoded_header = $self->urlbase64_encode( $ejsn);
75	1					26	my $eclm = JSON::XS->new->utf8->space_after->encode ($claims);
76	1					6	my $encoded_claims = $self->urlbase64_encode( $eclm );
77	1					7	my $secure_bits = $encoded_header . $self->token_seperator . $encoded_claims;
78	1					6	return $secure_bits . $self->token_seperator . $self->urlbase64_encode($self->sign($secure_bits));
79							}
80
81							sub urlbase64_encode {
82	3			3	1	5	my ($self, $data) = @_;
83	3					14	$data = encode_base64($data, '');
84	3					8	$data =~ tr\|+/=\|\-_\|d;
85	3					8	return $data;
86							}
87
88							sub sign {
89	1			1	1	2	my ($self, $bits) = @_;
90	1					37	return hmac_sha256($bits, $self->secret);
91							}
92
93
94
95							=head1 NAME
96
97							Firebase::Auth - Auth token generation for firebase.com.
98
99							=head1 VERSION
100
101							version 0.0400
102
103							=head1 SYNOPSIS
104
105							use Firebase::Auth;
106
107							my $token = Firebase::Auth->new(token => 'xxxxxxxxx', admin => 'true', data => \%user_data )->create_token();
108
109
110							=head1 DESCRIPTION
111
112							This module provides a Perl class to generate auth tokens for L. See L for details on the spec.
113
114
115							=head1 METHODS
116
117
118							=head2 new
119
120							Constructor.
121
122							=over
123
124							=item data
125
126							Optional. If you don't specify this, then you need to specify it when you call create_token(). This should be a hash reference of all the data you want to pass for user data. This data will be available as the C object in Firebase's security rules.
127
128							=item secret
129
130							Required. The api secret token provided by firebase.com.
131
132							=item admin
133
134							Defaults to C<\0>. If set to C<\1> (a reference to zero or one) then full access will be granted for this token.
135
136							=item debug
137
138							Defaults to C<\0>. If set to C<\1> (a reference to zero or one) then verbose error messages will be returned from service calls.
139
140							B To access debug info, call C on the L object after making a request.
141
142							=item expires
143
144							An epoch date. Defaults to expiring 24 hours from the issued date.
145
146							=item not_before
147
148							An epoch date. The opposite of C. Defaults to now. The token will not be valid until after this date.
149
150							=item token_version
151
152							Defaults to C<0>.
153
154							=item token_separator
155
156							Defaults to C<.>
157
158							=back
159
160
161							=head2 urlbase64_encode
162
163							URL base-64 encodes a string, and then does some minor translation on it to make it compatible with Firebase.
164
165							=over
166
167							=item string
168
169							The string to encode.
170
171							=back
172
173
174
175
176							=head2 create_token
177
178							Generates a signed token. This is probably the only method you'll ever need to call besides the constructor.
179
180							=over
181
182							=item data
183
184							Required if not specified in constructor. Defaults to the C element in the constructor. A hash reference of parameters you wish to pass to the service.
185
186							=back
187
188
189
190							=head2 create_claims
191
192							Generates a list of claims based upon the options provided to the constructor.
193
194							=over
195
196							=item data
197
198							Required. A hash reference of user data you wish to pass to the service.
199
200							=back
201
202
203
204							=head2 encode_token
205
206							Encodes, signs, and formats the data into a token.
207
208							=over
209
210							=item claims
211
212							Required. A list of claims as created by C
213
214							=back
215
216
217							=head2 sign
218
219							Generates a signature based upon a string of data.
220
221							=over
222
223							=item string
224
225							A string to sign.
226
227							=back
228
229
230
231
232							=head1 AUTHOR
233
234							=over
235
236							=item *
237
238							Kiran Kumar, C<< >>
239
240							=item *
241
242							JT Smith, C<< >>
243
244							=back
245
246
247
248							=head1 SUPPORT
249
250							=over
251
252							=item Source Code Repository
253
254							L
255
256							=item Issue Tracker
257
258							L
259
260							=back
261
262
263
264
265							=head1 LICENSE AND COPYRIGHT
266
267							Copyright 2013 Kiran Kumar.
268
269							This program is free software; you can redistribute it and/or modify it
270							under the terms of the the Artistic License (2.0). You may obtain a
271							copy of the full license at:
272
273							L
274
275							Any use, modification, and distribution of the Standard or Modified
276							Versions is governed by this Artistic License. By using, modifying or
277							distributing the Package, you accept this license. Do not use, modify,
278							or distribute the Package, if you do not accept this license.
279
280							If your Modified Version has been derived from a Modified Version made
281							by someone other than you, you are nevertheless required to ensure that
282							your Modified Version complies with the requirements of this license.
283
284							This license does not grant you the right to use any trademark, service
285							mark, tradename, or logo of the Copyright Holder.
286
287							This license includes the non-exclusive, worldwide, free-of-charge
288							patent license to make, have made, use, offer to sell, sell, import and
289							otherwise transfer the Package with respect to any patent claims
290							licensable by the Copyright Holder that are necessarily infringed by the
291							Package. If you institute patent litigation (including a cross-claim or
292							counterclaim) against any party alleging that the Package constitutes
293							direct or contributory patent infringement, then this Artistic License
294							to you shall terminate on the date that such litigation is filed.
295
296							Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER
297							AND CONTRIBUTORS "AS IS' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.
298							THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
299							PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY
300							YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR
301							CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR
302							CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE,
303							EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
304
305
306							=cut
307
308							1; # End of WWW::Firebase