line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Plack::Middleware::Auth::OAuth; |
2
|
3
|
|
|
3
|
|
6676
|
use strict; |
|
3
|
|
|
|
|
7
|
|
|
3
|
|
|
|
|
114
|
|
3
|
3
|
|
|
3
|
|
20
|
use warnings; |
|
3
|
|
|
|
|
7
|
|
|
3
|
|
|
|
|
146
|
|
4
|
|
|
|
|
|
|
our $VERSION = '0.06'; |
5
|
|
|
|
|
|
|
|
6
|
3
|
|
|
3
|
|
1335
|
use parent qw(Plack::Middleware); |
|
3
|
|
|
|
|
578
|
|
|
3
|
|
|
|
|
18
|
|
7
|
|
|
|
|
|
|
|
8
|
3
|
|
|
3
|
|
58339
|
use Plack::Request; |
|
3
|
|
|
|
|
216115
|
|
|
3
|
|
|
|
|
119
|
|
9
|
3
|
|
|
|
|
36
|
use Plack::Util::Accessor qw( |
10
|
|
|
|
|
|
|
consumer_key |
11
|
|
|
|
|
|
|
consumer_secret |
12
|
|
|
|
|
|
|
validate_post |
13
|
|
|
|
|
|
|
check_timestamp_cb |
14
|
|
|
|
|
|
|
check_nonce_cb |
15
|
|
|
|
|
|
|
unauthorized_cb |
16
|
|
|
|
|
|
|
validate_only |
17
|
|
|
|
|
|
|
secret_resolver_cb |
18
|
|
|
|
|
|
|
strict |
19
|
3
|
|
|
3
|
|
29
|
); |
|
3
|
|
|
|
|
6
|
|
20
|
|
|
|
|
|
|
|
21
|
3
|
|
|
3
|
|
13168
|
use OAuth::Lite::Util qw(parse_auth_header); |
|
3
|
|
|
|
|
26867
|
|
|
3
|
|
|
|
|
320
|
|
22
|
3
|
|
|
3
|
|
3630
|
use OAuth::Lite::ServerUtil; |
|
3
|
|
|
|
|
32060
|
|
|
3
|
|
|
|
|
39
|
|
23
|
|
|
|
|
|
|
|
24
|
|
|
|
|
|
|
sub prepare_app { |
25
|
8
|
|
|
8
|
1
|
5811
|
my $self = shift; |
26
|
|
|
|
|
|
|
|
27
|
8
|
100
|
|
|
|
37
|
if (!$self->secret_resolver_cb) { |
28
|
7
|
50
|
|
|
|
310
|
die 'requires consumer_key' unless $self->consumer_key; |
29
|
7
|
50
|
|
|
|
68
|
die 'requires consumer_secret' unless $self->consumer_secret; |
30
|
|
|
|
|
|
|
} |
31
|
|
|
|
|
|
|
|
32
|
8
|
|
|
|
|
53
|
for my $cb_method (qw/check_nonce_cb check_timestamp_cb unauthorized_cb secret_resolver_cb/) { |
33
|
32
|
50
|
66
|
|
|
240
|
if ($self->$cb_method && ref $self->$cb_method ne 'CODE') { |
34
|
0
|
|
|
|
|
0
|
die "$cb_method should be a code reference"; |
35
|
|
|
|
|
|
|
} |
36
|
|
|
|
|
|
|
} |
37
|
|
|
|
|
|
|
|
38
|
|
|
|
|
|
|
} |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
sub call { |
41
|
14
|
|
|
14
|
1
|
60214
|
my ($self, $env) = @_; |
42
|
|
|
|
|
|
|
|
43
|
14
|
100
|
100
|
|
|
41
|
return ($self->validate($env) || $self->validate_only) ? $self->app->($env) : $self->unauthorized($env); |
44
|
|
|
|
|
|
|
} |
45
|
|
|
|
|
|
|
|
46
|
|
|
|
|
|
|
sub validate { |
47
|
14
|
|
|
14
|
0
|
22
|
my ($self, $env) = @_; |
48
|
|
|
|
|
|
|
|
49
|
14
|
100
|
|
|
|
82
|
my $auth = $env->{HTTP_AUTHORIZATION} or return; |
50
|
|
|
|
|
|
|
|
51
|
8
|
|
|
|
|
33
|
my ($realm, $params) = parse_auth_header($auth); |
52
|
8
|
|
|
|
|
1096
|
$env->{'psgix.oauth_realm'} = $realm; |
53
|
8
|
|
|
|
|
21
|
$env->{'psgix.oauth_params'} = $params; |
54
|
|
|
|
|
|
|
|
55
|
8
|
|
|
|
|
37
|
my $consumer_secret = $self->consumer_secret; |
56
|
8
|
100
|
|
|
|
63
|
if ($self->secret_resolver_cb) { |
57
|
2
|
|
|
|
|
17
|
$consumer_secret = $self->secret_resolver_cb->($params->{oauth_consumer_key}, $env); |
58
|
|
|
|
|
|
|
} |
59
|
|
|
|
|
|
|
else { |
60
|
6
|
50
|
|
|
|
53
|
return unless $params->{oauth_consumer_key} eq $self->consumer_key; |
61
|
|
|
|
|
|
|
} |
62
|
|
|
|
|
|
|
|
63
|
8
|
50
|
33
|
|
|
78
|
return if $self->check_timestamp_cb && !$self->check_timestamp_cb->($params); |
64
|
8
|
100
|
100
|
|
|
178
|
return if $self->check_nonce_cb && !$self->check_nonce_cb->($params); |
65
|
|
|
|
|
|
|
|
66
|
7
|
|
|
|
|
115
|
my $req = Plack::Request->new($env); |
67
|
7
|
50
|
|
|
|
83
|
my $req_params |
68
|
|
|
|
|
|
|
= $self->validate_post ? $req->parameters : $req->query_parameters; |
69
|
7
|
|
|
|
|
487
|
for my $k ($req_params->keys) { |
70
|
0
|
|
|
|
|
0
|
$params->{$k} = [$req_params->get_all($k)]; |
71
|
|
|
|
|
|
|
} |
72
|
|
|
|
|
|
|
|
73
|
7
|
|
50
|
|
|
69
|
my $util = OAuth::Lite::ServerUtil->new(strict => $self->strict || 0); |
74
|
7
|
|
|
|
|
227
|
$util->support_signature_method($params->{oauth_signature_method}); |
75
|
7
|
50
|
|
|
|
426
|
return unless $util->validate_params($params); |
76
|
|
|
|
|
|
|
|
77
|
7
|
|
|
|
|
192
|
$env->{'psgix.oauth_authorized'} = $util->verify_signature( |
78
|
|
|
|
|
|
|
method => $req->method, |
79
|
|
|
|
|
|
|
url => $req->uri, |
80
|
|
|
|
|
|
|
params => $params, |
81
|
|
|
|
|
|
|
consumer_secret => $consumer_secret, |
82
|
|
|
|
|
|
|
token_secret => $params->{oauth_token_secret}, |
83
|
|
|
|
|
|
|
); |
84
|
|
|
|
|
|
|
} |
85
|
|
|
|
|
|
|
|
86
|
|
|
|
|
|
|
sub unauthorized { |
87
|
8
|
|
|
8
|
0
|
2060
|
my ($self, $env) = @_; |
88
|
|
|
|
|
|
|
|
89
|
8
|
100
|
|
|
|
23
|
if ($self->unauthorized_cb) { |
90
|
1
|
|
|
|
|
7
|
$self->unauthorized_cb->($env); |
91
|
|
|
|
|
|
|
} |
92
|
|
|
|
|
|
|
else { |
93
|
7
|
|
|
|
|
44
|
my $body = 'Authorization required'; |
94
|
|
|
|
|
|
|
return [ |
95
|
7
|
|
|
|
|
69
|
401, |
96
|
|
|
|
|
|
|
[ |
97
|
|
|
|
|
|
|
'Content-Type' => 'text/plain', |
98
|
|
|
|
|
|
|
'Content-Lentgth' => length $body, |
99
|
|
|
|
|
|
|
], |
100
|
|
|
|
|
|
|
[$body], |
101
|
|
|
|
|
|
|
]; |
102
|
|
|
|
|
|
|
} |
103
|
|
|
|
|
|
|
} |
104
|
|
|
|
|
|
|
1; |
105
|
|
|
|
|
|
|
__END__ |