line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package OpenID::Lite::SignatureMethod; |
2
|
|
|
|
|
|
|
|
3
|
3
|
|
|
3
|
|
1149
|
use Any::Moose; |
|
3
|
|
|
|
|
7
|
|
|
3
|
|
|
|
|
19
|
|
4
|
3
|
|
|
3
|
|
2220
|
use MIME::Base64 (); |
|
3
|
|
|
|
|
718
|
|
|
3
|
|
|
|
|
964
|
|
5
|
|
|
|
|
|
|
|
6
|
|
|
|
|
|
|
sub sign { |
7
|
3
|
|
|
3
|
0
|
14
|
my ( $self, $secret, $params ) = @_; |
8
|
3
|
|
|
|
|
10
|
my $signed = $params->get('signed'); |
9
|
3
|
50
|
|
|
|
9
|
return unless $signed; |
10
|
3
|
|
|
|
|
14
|
my @signed = split /,/, $signed; |
11
|
|
|
|
|
|
|
|
12
|
3
|
|
|
|
|
6
|
my $token = ''; |
13
|
3
|
|
|
|
|
5
|
for my $field (@signed) { |
14
|
12
|
|
|
|
|
30
|
my $v = $params->get($field); |
15
|
12
|
|
|
|
|
31
|
$token .= "$field:$v\n"; |
16
|
|
|
|
|
|
|
} |
17
|
3
|
|
|
|
|
14
|
my $hash = $self->hmac_hash($secret, $token); |
18
|
3
|
|
|
|
|
15
|
my $sig = MIME::Base64::encode_base64($hash); |
19
|
3
|
|
|
|
|
13
|
$sig =~ s/\s+//g; |
20
|
3
|
|
|
|
|
12
|
return $sig; |
21
|
|
|
|
|
|
|
} |
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
sub verify { |
24
|
2
|
|
|
2
|
0
|
5
|
my ( $self, $secret, $params ) = @_; |
25
|
2
|
|
|
|
|
7
|
my $sig = $params->get('sig'); |
26
|
2
|
50
|
|
|
|
7
|
return unless $sig; |
27
|
|
|
|
|
|
|
#$sig =~ s/ /+/g; |
28
|
2
|
|
|
|
|
6
|
my $signed = $self->sign($secret, $params); |
29
|
2
|
50
|
|
|
|
5
|
return unless $signed; |
30
|
2
|
|
|
|
|
10
|
return $sig eq $signed; |
31
|
|
|
|
|
|
|
} |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
sub hmac_hash { |
34
|
0
|
|
|
0
|
0
|
|
my ( $self, $secret, $key ) = @_; |
35
|
0
|
|
|
|
|
|
die "Abstract Method."; |
36
|
|
|
|
|
|
|
} |
37
|
|
|
|
|
|
|
|
38
|
|
|
|
|
|
|
sub hmac_hash_hex { |
39
|
0
|
|
|
0
|
0
|
|
my ( $self, $secret, $key ) = @_; |
40
|
0
|
|
|
|
|
|
die "Abstract Method."; |
41
|
|
|
|
|
|
|
} |
42
|
|
|
|
|
|
|
|
43
|
3
|
|
|
3
|
|
20
|
no Any::Moose; |
|
3
|
|
|
|
|
7
|
|
|
3
|
|
|
|
|
14
|
|
44
|
|
|
|
|
|
|
__PACKAGE__->meta->make_immutable; |
45
|
|
|
|
|
|
|
1; |
46
|
|
|
|
|
|
|
|