File Coverage

blib/lib/Web/ID.pm

Criterion	Covered	Total	%
statement	9	11	81.8
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	13	15	86.6

line	stmt	sub	time	code
1				package Web::ID;
2
3	2	2	139912	use 5.010;
	2		8
	2		80
4	2	2	2534	use utf8;
	2		249
	2		11
5
6				BEGIN {
7	2	2	85	$Web::ID::AUTHORITY = 'cpan:TOBYINK';
8	2		44	$Web::ID::VERSION = '1.927';
9				}
10
11	2	2	1591	use Web::ID::Types -types;
	0
	0
12				use Web::ID::Certificate;
13				use Web::ID::Util qw(:default uniq);
14
15				use Moose;
16				use namespace::sweep;
17
18				has certificate => (
19				is => read_only,
20				isa => Certificate,
21				required => true,
22				coerce => true,
23				);
24
25				has uri => (
26				is => read_only,
27				isa => Uri,
28				lazy_build => true,
29				coerce => true,
30				);
31
32				has profile => (
33				is => read_only,
34				isa => Model,
35				lazy_build => true,
36				);
37
38				has valid => (
39				is => read_only,
40				isa => Bool,
41				lazy_build => true,
42				);
43
44				has first_valid_san => (
45				is => read_only,
46				isa => San \| Undef,
47				lazy_build => true,
48				);
49
50				sub _build_valid
51				{
52				my ($self) = @_;
53				return false unless $self->certificate->timely;
54				return true if defined $self->first_valid_san;
55				return false;
56				}
57
58				sub _build_uri
59				{
60				my ($self) = @_;
61				$self->first_valid_san->uri_object;
62				}
63
64				sub _build_profile
65				{
66				my ($self) = @_;
67				$self->first_valid_san->model;
68				}
69
70				sub _build_first_valid_san
71				{
72				my ($self) = @_;
73				my $cert = $self->certificate;
74				my @sans = @{ $cert->subject_alt_names };
75
76				foreach my $san (@sans)
77				{
78				foreach my $key ( $san->associated_keys )
79				{
80				return $san if $key->rsa_equal($cert);
81				}
82				}
83
84				return undef;
85				}
86
87				sub node
88				{
89				my ($self) = @_;
90				"RDF::Trine::Node::Resource"->new($self->uri.'');
91				}
92
93				sub get
94				{
95				my $self = shift;
96				my @pred = map {
97				if (blessed $_ and $_->isa("RDF::Trine::Node")) { $_ }
98				else { u $_ }
99				} @_;
100
101				my @results = uniq
102				map { $_->is_resource ? $_->uri : $_->literal_value }
103				grep { $_->is_literal or $_->is_resource }
104				$self->profile->objects_for_predicate_list($self->node, @pred);
105
106				wantarray ? @results : $results[0];
107				}
108
109				__PACKAGE__
110				__END__
111
112				=head1 NAME
113
114				Web::ID - implementation of WebID (a.k.a. FOAF+SSL)
115
116				=head1 SYNOPSIS
117
118				my $webid = Web::ID->new(certificate => $pem_encoded_x509);
119				if ($webid->valid)
120				{
121				say "Authenticated as: ", $webid->uri;
122				}
123
124				=head1 DESCRIPTION
125
126				WebID is a simple authentication protocol based on TLS (Transaction
127				Layer Security, better known as Secure Socket Layer, SSL) and the
128				Semantic Web. This module provides a Perl implementation for
129				authenticating clients using WebID.
130
131				For more information see the L<Web::ID::FAQ> document.
132
133				Bundled with this module are L<Plack::Middleware::Auth::WebID>, a
134				plugin for L<Plack> to perform WebID authentication on HTTPS
135				connections; and L<Web::ID::Certificate::Generator>, a module that
136				allows you to generate WebID-enabled certificates that can be
137				installed into web browsers.
138
139				=head2 Constructor
140
141				=over
142
143				=item C<< new >>
144
145				Standard Moose-style constructor.
146
147				=back
148
149				=head2 Attributes
150
151				=over
152
153				=item C<< certificate >>
154
155				A L<Web::ID::Certificate> object representing and x509 certificate,
156				though a PEM-encoded string will be coerced.
157
158				This is usually the only attribute you want to pass to the constructor.
159				Allow the others to be built automatically.
160
161				=item C<< first_valid_san >>
162
163				Probably fairly uninteresting. This is the first subjectAltName value
164				found in the certificate that could be successfully authenticated
165				using Web::ID. An L<Web::ID::SAN> object.
166
167				=item C<< uri >>
168
169				The URI associated with the first valid SAN. A L<URI> object.
170
171				This is a URI you can use to identify the person, organisation or
172				robotic poodle holding the certificate.
173
174				=item C<< profile >>
175
176				Data about the certificate holder. An L<RDF::Trine::Model> object.
177				Their FOAF file (probably).
178
179				=item C<< valid >>
180
181				Boolean.
182
183				=back
184
185				=head2 Methods
186
187				=over
188
189				=item C<< node >>
190
191				Returns the same as C<uri>, but as an L<RDF::Trine::Node> object.
192
193				=item C<< get(@predicates) >>
194
195				Queries the C<profile> for triples of the form:
196
197				$self->node $predicate $x .
198
199				And returns literal and URI values for $x, as strings.
200
201				C<< $predicate >> should be an L<RDF::Trine::Node>, or a string. If a
202				string, it will be expanded using L<RDF::Trine::NamespaceMap>, so you
203				can do stuff like:
204
205				my $name = $webid->get('foaf:name', 'rdfs:label');
206				my @mboxes = $webid->get('foaf:mbox');
207
208				=back
209
210				=head1 BUGS
211
212				Please report any bugs to
213				L<http://rt.cpan.org/Dist/Display.html?Queue=Web-ID>.
214
215				=head1 SEE ALSO
216
217				L<Web::ID::FAQ>.
218
219				L<Web::ID::Certificate>,
220				L<Plack::Middleware::Auth::WebID>.
221
222				L<RDF::ACL> provides an access control system that complements WebID.
223
224				L<CGI::Auth::FOAF_SSL> is the spiritual ancestor of this module though
225				they share very little code, and have quite different APIs.
226
227				General WebID information:
228				L<http://webid.info/>,
229				L<http://www.w3.org/wiki/WebID>,
230				L<http://www.w3.org/2005/Incubator/webid/spec/>,
231				L<http://lists.foaf-project.org/mailman/listinfo/foaf-protocols>.
232
233				Mailing list for general Perl RDF/SemWeb discussion and support:
234				L<http://www.perlrdf.org/>.
235
236				=head1 AUTHOR
237
238				Toby Inkster E<lt>tobyink@cpan.orgE<gt>.
239
240				=head1 THANKS
241
242				Thanks to Kjetil Kjernsmo (cpan:KJETILK) for persuading me to port my old
243				CGI-specific implementaton of this to Plack.
244
245				Thanks Kjetil Kjernsmo (again), Florian Ragwitz (cpan:FLORA), and
246				Jonas Smedegaard for help with testing and advice on dependencies.
247
248				Thanks to Henry Story, Melvin Carvalho, Simon Reinhardt, Bruno Harbulot,
249				Ian Jacobi and many others for developing WebID from a poorly thought
250				out idea to a clever, yet simple and practical authentication protocol.
251
252				Thanks to Gregory Williams (cpan:GWILLIAMS), Tatsuhiko Miyagawa
253				(cpan:MIYAGAWA) and the Moose Cabal for providing really good platforms
254				(RDF::Trine, Plack and Moose respectively) to build this on.
255
256				=head1 COPYRIGHT AND LICENCE
257
258				This software is copyright (c) 2012 by Toby Inkster.
259
260				This is free software; you can redistribute it and/or modify it under
261				the same terms as the Perl 5 programming language system itself.
262
263				=head1 DISCLAIMER OF WARRANTIES
264
265				THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
266				WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
267				MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
268