File Coverage

blib/lib/Lemonldap/NG/Common/Apache/Session/Generate/SHA256.pm

Criterion	Covered	Total	%
statement	13	18	72.2
branch	1	4	25.0
condition			n/a
subroutine	4	5	80.0
pod	0	2	0.0
total	18	29	62.0

line	stmt	bran	sub	pod	time	code
1						#############################################################################
2						#
3						# Lemonldap::NG::Common::Apache::Session::Generate::SHA256
4						# Generates session identifier tokens using SHA-256
5						# Distribute under the Perl License
6						#
7						############################################################################
8
9						package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
10
11	1		1		2409	use strict;
	1				2
	1				49
12	1		1		6	use vars qw($VERSION);
	1				1
	1				55
13	1		1		2171	use Digest::SHA qw(sha256 sha256_hex sha256_base64);
	1				8704
	1				397
14
15						$VERSION = '1.4.0';
16
17						sub generate {
18	1		1	0	1192	my $session = shift;
19	1				4	my $length = 64;
20
21	1	50			12	if ( exists $session->{args}->{IDLength} ) {
22	0				0	$length = $session->{args}->{IDLength};
23						}
24
25	1				70	$session->{data}->{_session_id} = substr(
26						Digest::SHA::sha256_hex(
27						Digest::SHA::sha256_hex( time() . {} . rand() . $$ )
28						),
29						0, $length
30						);
31
32						}
33
34						sub validate {
35
36						#This routine checks to ensure that the session ID is in the form
37						#we expect. This must be called before we start diddling around
38						#in the database or the disk.
39
40	0		0	0		my $session = shift;
41
42	0	0				if ( $session->{data}->{_session_id} =~ /^([a-fA-F0-9]+)$/ ) {
43	0					$session->{data}->{_session_id} = $1;
44						}
45						else {
46	0					die "Invalid session ID: " . $session->{data}->{_session_id};
47						}
48						}
49
50						1;