File Coverage

blib/lib/Clustericious/Plugin/SelfPlugAuth.pm

Criterion	Covered	Total	%
statement	45	45	100.0
branch	8	10	80.0
condition	2	3	66.6
subroutine	8	8	100.0
pod	1	3	33.3
total	64	69	92.7

line	stmt	bran	cond	sub	pod	time	code
1							package Clustericious::Plugin::SelfPlugAuth;
2
3	26			26		22832	use strict;
	26					89
	26					873
4	26			26		175	use warnings;
	26					469
	26					922
5	26			26		175	use Clustericious::Log;
	26					68
	26					251
6	26			26		26609	use Mojo::ByteStream qw( b );
	26					75
	26					1814
7	26			26		200	use Mojo::Base 'Mojolicious::Plugin';
	26					240
	26					248
8
9							# ABSTRACT: Self authentication for PlugAuth
10							our $VERSION = '0.38'; # VERSION
11
12
13							sub register {
14	25			25	1	1168	my ($self, $app, $conf) = @_;
15	25					238	PlugAuth::Role::Plugin->_self_auth_plugin($self);
16	25					166	$self;
17							}
18
19							sub authenticate
20							{
21	87			87	0	602783	my($self, $c, $realm) = @_;
22
23	87					799	TRACE ("Authenticating for realm $realm");
24							# Everyone needs to send an authorization header
25	87	100				70495	my $auth = $c->req->headers->authorization or do {
26	6					355	$c->res->headers->www_authenticate(qq[Basic realm="$realm"]);
27	6					267	$c->render(text => "auth required", layout => "", status => 401);
28	6					14325	return;
29							};
30
31	81					4899	my ($method,$str) = split / /,$auth;
32	81					639	my $userinfo = b($str)->b64_decode;
33	81					3592	my ($user,$pw) = split /:/, $userinfo;
34
35	81					1850	$c->refresh;
36	81	100	66			834	if($c->authz->host_has_tag($c->tx->remote_address, 'trusted')
37							\|\| $c->auth->check_credentials($user,$pw)) {
38	75					77047	$c->stash(user => $user);
39	75					3420	return 1;
40							}
41
42	6					54	INFO "Authentication denied for $user";
43	6					9507	$c->res->headers->www_authenticate(qq[Basic realm="$realm"]);
44	6					303	$c->render(text => "authentication failure", status => 401);
45	6					13558	return;
46							}
47
48							sub authorize
49							{
50	75			75	0	149519	my($self, $c, $action, $resource) = @_;
51	75	50				421	my $user = $c->stash("user") or LOGDIE "missing user in authorize()";
52	75	50				1513	LOGDIE "missing action or resource in authorize()" unless @_==4;
53	75					611	TRACE "Authorizing user $user, action $action, resource $resource";
54	75					63491	$resource =~ s[^/][/];
55	75					7266	my $found = $c->authz->can_user_action_resource($user, $action, $resource);
56	75	100				357	if($found)
57							{
58	73					756	return 1;
59							}
60							else
61							{
62	2					12	$c->render(text => "unauthorized", status => 403);
63	2					3592	return 0;
64							}
65							}
66
67							1;
68
69							__END__
70
71							=pod
72
73							=encoding UTF-8
74
75							=head1 NAME
76
77							Clustericious::Plugin::SelfPlugAuth - Self authentication for PlugAuth
78
79							=head1 VERSION
80
81							version 0.38
82
83							=head1 DESCRIPTION
84
85							This class helps provide the self authentication/authorization mechanism
86							for PlugAuth.
87
88							=head1 AUTHOR
89
90							Graham Ollis <gollis@sesda3.com>
91
92							=head1 COPYRIGHT AND LICENSE
93
94							This software is copyright (c) 2012 by NASA GSFC.
95
96							This is free software; you can redistribute it and/or modify it under
97							the same terms as the Perl 5 programming language system itself.
98
99							=cut