[Catalyst-commits] r7600 - in
Catalyst-Authentication-Credential-OpenID: . 0.02 0.02/lib
0.02/lib/Catalyst 0.02/lib/Catalyst/Authentication
0.02/lib/Catalyst/Authentication/Credential 0.02/t
0.02/t/TestApp 0.02/t/TestApp/lib 0.02/t/TestApp/lib/TestApp
0.02/t/TestApp/lib/TestApp/Controller 0.02/t/TestApp/script
apv at dev.catalyst.perl.org
apv at dev.catalyst.perl.org
Wed Apr 9 03:34:31 BST 2008
Author: apv
Date: 2008-04-09 03:34:30 +0100 (Wed, 09 Apr 2008)
New Revision: 7600
Added:
Catalyst-Authentication-Credential-OpenID/0.02/
Catalyst-Authentication-Credential-OpenID/0.02/Changes
Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST
Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST.skip
Catalyst-Authentication-Credential-OpenID/0.02/Makefile.PL
Catalyst-Authentication-Credential-OpenID/0.02/README
Catalyst-Authentication-Credential-OpenID/0.02/lib/
Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/
Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/Authentication/
Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/Authentication/Credential/
Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/Authentication/Credential/OpenID.pm
Catalyst-Authentication-Credential-OpenID/0.02/t/
Catalyst-Authentication-Credential-OpenID/0.02/t/00.load.t
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp.pm
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp/
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp/Controller/
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp/Controller/Root.pm
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/script/
Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/script/testapp_server.pl
Catalyst-Authentication-Credential-OpenID/0.02/t/live_app.t
Catalyst-Authentication-Credential-OpenID/0.02/t/pod-coverage.t
Catalyst-Authentication-Credential-OpenID/0.02/t/pod.t
Log:
Version 0.02. Various updates noted in Changes. First check in for this repository.
Added: Catalyst-Authentication-Credential-OpenID/0.02/Changes
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/Changes (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/Changes 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,12 @@
+Revision history for Catalyst::Authentication::Credential::OpenID
+
+0.02 Tue Apr 8 22:18:22 PDT 2008
+ - Changed "use base" to "use parent."
+ - Moved SVN to Catalyst dev box.
+ - Took out left over toss copy of earlier Credential module.
+ - Took out weird closure over secret; not just sets it plainly.
+ - Put config stuff in POD a bit differently and added info on consumer_secret.
+ - POD tweaks.
+
+0.01 Sat Apr 5 21:35:25 PDT 2008
+ - Initial release.
Added: Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,25 @@
+Changes
+inc/Module/AutoInstall.pm
+inc/Module/Install.pm
+inc/Module/Install/AutoInstall.pm
+inc/Module/Install/Base.pm
+inc/Module/Install/Can.pm
+inc/Module/Install/Fetch.pm
+inc/Module/Install/Include.pm
+inc/Module/Install/Makefile.pm
+inc/Module/Install/Metadata.pm
+inc/Module/Install/Win32.pm
+inc/Module/Install/WriteAll.pm
+lib/Catalyst/Authentication/Credential/OpenID.pm
+Makefile.PL
+MANIFEST This list of files
+MANIFEST.skip
+META.yml
+README
+t/00.load.t
+t/live_app.t
+t/pod-coverage.t
+t/pod.t
+t/TestApp/lib/TestApp.pm
+t/TestApp/lib/TestApp/Controller/Root.pm
+t/TestApp/script/testapp_server.pl
Added: Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST.skip
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST.skip (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/MANIFEST.skip 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,24 @@
+Catalyst/Authentication/Store
+\bRCS\b
+\bCVS\b
+,v$
+\B\.svn\b
+\B\.cvsignore\b
+
+\bMakefile$
+\bblib
+\bMakeMaker-\d
+\bpm_to_blib$
+\bblibdirs$
+\.tar
+\.gz
+\bBuild$
+\b_build
+
+~$
+\.tmp$
+\.old$
+\.bak$
+\#$
+\b\.#
+\.DS_Store
Added: Catalyst-Authentication-Credential-OpenID/0.02/Makefile.PL
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/Makefile.PL (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/Makefile.PL 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,33 @@
+use inc::Module::Install;
+
+# use lib 'inc';
+# use Devel::AssertOS qw( Linux Unix Cygwin );
+
+name "Catalyst-Authentication-Credential-OpenID";
+all_from "lib/Catalyst/Authentication/Credential/OpenID.pm";
+
+requires "parent" => "0.2";
+requires "Class::Accessor::Fast" => 0;
+requires "Catalyst::Runtime" => "5.7";
+requires "Crypt::DH" => "0.05"; # IIRC OpenID stuff forgets to prereq this
+requires "Net::OpenID::Consumer" => "0.14";
+requires "Catalyst::Exception" => 0;
+requires "UNIVERSAL::require" => 0;
+requires "Catalyst::Authentication::User::Hash" => 0;
+
+
+recommends "LWPx::ParanoidAgent" => "1.03";
+recommends "Math::BigInt" => 0;
+
+build_requires "LWP::UserAgent" => 0;
+build_requires "Test::More" => "0.42";
+build_requires "Net::OpenID::Server" => 0;
+build_requires "Test::WWW::Mechanize" => "1.20";
+build_requires "Catalyst::Plugin::Session::Store::FastMmap" => 0;
+build_requires "Net::DNS" => 0;
+build_requires "IO::Socket::INET" => 0;
+
+auto_install;
+WriteAll;
+
+__END__
Added: Catalyst-Authentication-Credential-OpenID/0.02/README
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/README (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/README 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,23 @@
+Catalyst::Authentication::Credential::OpenID
+
+Just say "no" to document drift. See the POD for any details,
+including copyright and licence, beyond installation.
+
+
+INSTALLATION
+
+To install this module, run the following commands:
+
+ perl Makefile.PL
+ make
+ make test
+ make install
+
+It is recommended that you try to install with TEST_HTTP set to a true
+value in your environment. If it is set, the tests will run a forking
+test server which acts as an OpenID provider and consumer to run tests
+within a test Catalyst application. Failure here doesn't guarantee the
+module won't work for you but success pretty much guarantees it will
+work.
+
+
Added: Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/Authentication/Credential/OpenID.pm
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/Authentication/Credential/OpenID.pm (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/lib/Catalyst/Authentication/Credential/OpenID.pm 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,436 @@
+package Catalyst::Authentication::Credential::OpenID;
+use parent "Class::Accessor::Fast";
+
+BEGIN {
+ __PACKAGE__->mk_accessors(qw/ _config realm debug secret /);
+}
+
+use strict;
+use warnings;
+no warnings "uninitialized";
+
+our $VERSION = "0.02";
+
+use Net::OpenID::Consumer;
+use UNIVERSAL::require;
+use Catalyst::Exception ();
+
+sub new : method {
+ my ( $class, $config, $c, $realm ) = @_;
+ my $self = { _config => { %{ $config },
+ %{ $realm->{config} }
+ }
+ };
+ bless $self, $class;
+
+ # 2.0 spec says "SHOULD" be named "openid_identifier."
+ $self->_config->{openid_field} ||= "openid_identifier";
+
+ $self->debug( $self->_config->{debug} );
+
+ my $secret = $self->_config->{consumer_secret} ||= join("+",
+ __PACKAGE__,
+ $VERSION,
+ sort keys %{ $c->config }
+ );
+
+ $secret = substr($secret,0,255) if length $secret > 255;
+ $self->secret( $secret );
+ $self->_config->{ua_class} ||= "LWPx::ParanoidAgent";
+
+ eval {
+ $self->_config->{ua_class}->require;
+ }
+ or Catalyst::Exception->throw("Could not 'require' user agent class " .
+ $self->_config->{ua_class});
+
+ $c->log->debug("Setting consumer secret: " . $secret) if $self->debug;
+
+ return $self;
+}
+
+sub authenticate : method {
+ my ( $self, $c, $realm, $authinfo ) = @_;
+
+ $c->log->debug("authenticate() called from " . $c->request->uri) if $self->debug;
+
+ my $field = $self->{_config}->{openid_field};
+
+ my $claimed_uri = $authinfo->{ $field };
+
+ # Its security related so we want to be explicit about GET/POST param retrieval.
+ $claimed_uri ||= $c->req->method eq 'GET' ?
+ $c->req->query_params->{ $field } : $c->req->body_params->{ $field };
+
+ my $csr = Net::OpenID::Consumer->new(
+ ua => $self->_config->{ua_class}->new(%{$self->_config->{ua_args} || {}}),
+ args => $c->req->params,
+ consumer_secret => $self->secret,
+ );
+
+ if ( $claimed_uri )
+ {
+ my $current = $c->uri_for($c->req->uri->path); # clear query/fragment...
+
+ my $identity = $csr->claimed_identity($claimed_uri)
+ or Catalyst::Exception->throw($csr->err);
+
+ my $check_url = $identity->check_url(
+ return_to => $current . '?openid-check=1',
+ trust_root => $current,
+ delayed_return => 1,
+ );
+ $c->res->redirect($check_url);
+ return;
+ }
+ elsif ( $c->req->params->{'openid-check'} )
+ {
+ if ( my $setup_url = $csr->user_setup_url )
+ {
+ $c->res->redirect($setup_url);
+ return;
+ }
+ elsif ( $csr->user_cancel )
+ {
+ return;
+ }
+ elsif ( my $identity = $csr->verified_identity )
+ {
+ # This is where we ought to build an OpenID user and verify against the spec.
+ my $user = +{ map { $_ => scalar $identity->$_ }
+ qw( url display rss atom foaf declared_rss declared_atom declared_foaf foafmaker ) };
+
+ my $user_obj = $realm->find_user($user, $c);
+
+ if ( ref $user_obj )
+ {
+ return $user_obj;
+ }
+ else
+ {
+ $c->log->debug("Verified OpenID identity failed to load with find_user; bad user_class? Try 'Null.'") if $c->debug;
+ return;
+ }
+ }
+ else
+ {
+ Catalyst::Exception->throw("Error validating identity: " .
+ $csr->err);
+ }
+ }
+ else
+ {
+ return;
+ }
+}
+
+1;
+
+__END__
+
+=pod
+
+=head1 NAME
+
+Catalyst::Authentication::Credential::OpenID - OpenID credential for L<Catalyst::Plugin::Authentication> framework.
+
+=head1 SYNOPSIS
+
+ # MyApp
+ use Catalyst qw/
+ Authentication
+ Session
+ Session::Store::FastMmap
+ Session::State::Cookie
+ /;
+
+ # MyApp.yaml --
+ Plugin::Authentication:
+ default_realm: openid
+ realms:
+ openid:
+ credential:
+ class: OpenID
+
+ # Root::openid().
+ sub openid : Local {
+ my($self, $c) = @_;
+
+ if ( $c->authenticate() )
+ {
+ $c->flash(message => "You signed in with OpenID!");
+ $c->res->redirect( $c->uri_for('/') );
+ }
+ else
+ {
+ # Present OpenID form.
+ }
+ }
+
+ # openid.tt
+ <form action="[% c.uri_for('/openid') %]" method="GET" name="openid">
+ <input type="text" name="openid_identifier" class="openid" />
+ <input type="submit" value="Sign in with OpenID" />
+ </form>
+
+
+=head1 DESCRIPTION
+
+This is the B<third> OpenID related authentication piece for
+L<Catalyst>. The first -- L<Catalyst::Plugin::Authentication::OpenID>
+by Benjamin Trott -- was deprecated by the second --
+L<Catalyst::Plugin::Authentication::Credential::OpenID> by Tatsuhiko
+Miyagawa -- and this is an attempt to deprecate both by conforming to
+the newish, at the time of this module's inception, realm-based
+authentication in L<Catalyst::Plugin::Authentication>.
+
+ * Catalyst::Plugin::Authentication::OpenID (first)
+ * Catalyst::Plugin::Authentication::Credential::OpenID (second)
+ * Catalyst::Authentication::Credential::OpenID (this, the third)
+
+The benefit of this version is that you can use an arbitrary number of
+authentication systems in your L<Catalyst> application and configure
+and call all of them in the same way.
+
+Note, both earlier versions of OpenID authentication use the method
+C<authenticate_openid()>. This module uses C<authenticate()> and
+relies on you to specify the realm. You can specify the realm as the
+default in the configuration or inline with each
+C<authenticate()> call; more below.
+
+This module functions quite differently internally from the others.
+See L<Catalyst::Plugin::Authentication::Internals> for more about this
+implementation.
+
+=head1 METHOD
+
+=over 4
+
+=item * $c->authenticate({},"your_openid_realm");
+
+Call to authenticate the user via OpenID. Returns false if
+authorization is unsuccessful. Sets the user into the session and
+returns the user object if authentication succeeds.
+
+You can see in the call above that the authentication hash is empty.
+The implicit OpenID parameter is, as the 2.0 specification says it
+SHOULD be, B<openid_identifier>. You can set it anything you like in
+your realm configuration, though, under the key C<openid_field>. If
+you call C<authenticate()> with the empty info hash and no configured
+C<openid_field> then only C<openid_identifier> is checked.
+
+It implicitly does this (sort of, it checks the request method too)-
+
+ my $claimed_uri = $c->req->params->{openid_identifier};
+ $c->authenticate({openid_identifier => $claimed_uri});
+
+=item * Catalyst::Authentication::Credential::OpenID->new()
+
+You will never call this. Catalyst does it for you. The only important
+thing you might like to know about it is that it merges its realm
+configuration with its configuration proper. If this doesn't mean
+anything to you, don't worry.
+
+=back
+
+=head2 USER METHODS
+
+Currently the only supported user class is L<Catalyst::Plugin::Authentication::User::Hash>.
+
+=over 4
+
+=item * $c->user->url
+
+=item * $c->user->display
+
+=item * $c->user->rss
+
+=item * $c->user->atom
+
+=item * $c->user->foaf
+
+=item * $c->user->declared_rss
+
+=item * $c->user->declared_atom
+
+=item * $c->user->declared_foaf
+
+=item * $c->user->foafmaker
+
+=back
+
+See L<Net::OpenID::VerifiedIdentity> for details.
+
+=head1 CONFIGURATION
+
+Catalyst authentication is now configured entirely from your
+application's configuration. Do not, for example, put
+C<Credential::OpenID> into your C<use Catalyst ...> statement.
+Instead, tell your application that in one of your authentication
+realms you will use the credential.
+
+In your application the following will give you two different
+authentication realms. One called "members" which authenticates with
+clear text passwords and one called "openid" which uses... uh, OpenID.
+
+ __PACKAGE__->config
+ ( name => "MyApp",
+ "Plugin::Authentication" => {
+ default_realm => "members",
+ realms => {
+ members => {
+ credential => {
+ class => "Password",
+ password_field => "password",
+ password_type => "clear"
+ },
+ store => {
+ class => "Minimal",
+ users => {
+ paco => {
+ password => "l4s4v3n7ur45",
+ },
+ }
+ }
+ },
+ openid => {
+ consumer_secret => "Don't bother setting",
+ ua_class => "LWPx::ParanoidAgent",
+ ua_args => {
+ whitelisted_hosts => [qw/ 127.0.0.1 localhost /],
+ },
+ credential => {
+ class => "OpenID",
+ store => {
+ class => "OpenID",
+ },
+ },
+ },
+ },
+ },
+ );
+
+And now, the same configuration in YAML.
+
+ name: MyApp
+ Plugin::Authentication:
+ default_realm: members
+ realms:
+ members:
+ credential:
+ class: Password
+ password_field: password
+ password_type: clear
+ store:
+ class: Minimal
+ users:
+ paco:
+ password: l4s4v3n7ur45
+ openid:
+ credential:
+ class: OpenID
+ store:
+ class: OpenID
+ consumer_secret: Don't bother setting
+ ua_class: LWPx::ParanoidAgent
+ ua_args:
+ whitelisted_hosts:
+ - 127.0.0.1
+ - localhost
+
+B<NB>: There is no OpenID store yet. Trying for next release.
+
+=head1 CONFIGURATION
+
+These are set in your realm. See above.
+
+=over 4
+
+=item * ua_args and ua_class
+
+L<LWPx::ParanoidAgent> is the default agent -- C<ua_class>. You don't
+have to set it. I recommend that you do B<not> override it. You can
+with any well behaved L<LWP::UserAgent>. You probably should not.
+L<LWPx::ParanoidAgent> buys you many defenses and extra security
+checks. When you allow your application users freedom to initiate
+external requests, you open a big avenue for DoS (denial of service)
+attacks. L<LWPx::ParanoidAgent> defends against this.
+L<LWP::UserAgent> and any regular subclass of it will not.
+
+=item * consumer_secret
+
+The underlying L<Net::OpenID::Consumer> object is seeded with a
+secret. If it's important to you to set your own, you can. The default
+uses this package name + its version + the sorted configuration keys
+of your Catalyst application (chopped at 255 characters if it's
+longer). This should generally be superior to any fixed string.
+
+=back
+
+
+=head1 TODO
+
+There are some interesting implications with this sort of setup. Does
+a user aggregate realms or can a user be signed in under more than one
+realm? The documents could contain a recipe of the self-answering
+OpenID end-point that is in the tests.
+
+Debug statements need to be both expanded and limited via realm
+configuration.
+
+Better diagnostics in errors. Debug info at all consumer calls.
+
+Roles from provider domains? Mapped? Direct? A generic "openid" auto_role?
+
+=head1 LICENSE AND COPYRIGHT
+
+Copyright (c) 2008, Ashley Pond V C<< <ashley at cpan.org> >>. Some of
+Tatsuhiko Miyagawa's work is reused here.
+
+This module is free software; you can redistribute it and modify it
+under the same terms as Perl itself. See L<perlartistic>.
+
+
+=head1 DISCLAIMER OF WARRANTY
+
+Because this software is licensed free of charge, there is no warranty
+for the software, to the extent permitted by applicable law. Except when
+otherwise stated in writing the copyright holders and other parties
+provide the software "as is" without warranty of any kind, either
+expressed or implied, including, but not limited to, the implied
+warranties of merchantability and fitness for a particular purpose. The
+entire risk as to the quality and performance of the software is with
+you. Should the software prove defective, you assume the cost of all
+necessary servicing, repair, or correction.
+
+In no event unless required by applicable law or agreed to in writing
+will any copyright holder, or any other party who may modify or
+redistribute the software as permitted by the above license, be
+liable to you for damages, including any general, special, incidental,
+or consequential damages arising out of the use or inability to use
+the software (including but not limited to loss of data or data being
+rendered inaccurate or losses sustained by you or third parties or a
+failure of the software to operate with any other software), even if
+such holder or other party has been advised of the possibility of
+such damages.
+
+
+=head1 THANKS
+
+To Benjamin Trott, Tatsuhiko Miyagawa, and Brad Fitzpatrick for the
+great OpenID stuff and to Jay Kuri and everyone else who has made
+Catalyst such a wonderful framework.
+
+=head1 SEE ALSO
+
+L<Catalyst>, L<Catalyst::Plugin::Authentication>,
+L<Net::OpenID::Consumer>, and L<LWPx::ParanoidAgent>.
+
+=head2 RELATED
+
+L<Net::OpenID::Server>, L<Net::OpenID::VerifiedIdentity>,
+L<http://openid.net/>, and L<http://openid.net/developers/specs/>.
+
+L<Catalyst::Plugin::Authentication::OpenID> (Benjamin Trott) and L<Catalyst::Plugin::Authentication::Credential::OpenID> (Tatsuhiko Miyagawa).
+
+=cut
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/00.load.t
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/00.load.t (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/00.load.t 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,8 @@
+use Test::More tests => 1;
+
+BEGIN {
+use_ok( 'Catalyst::Authentication::Credential::OpenID' );
+# use_ok( 'Catalyst::Authentication::Store::OpenID' );
+}
+
+diag( "Testing Catalyst::Authentication::Credential::OpenID $Catalyst::Authentication::Credential::OpenID::VERSION" );
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp/Controller/Root.pm
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp/Controller/Root.pm (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp/Controller/Root.pm 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,150 @@
+package TestApp::Controller::Root;
+
+use strict;
+use warnings;
+no warnings "uninitialized";
+use base 'Catalyst::Controller';
+use Net::OpenID::Server;
+
+__PACKAGE__->config->{namespace} = '';
+
+=head1 NAME
+
+TestApp::Controller::Root - Root Controller for TestApp
+
+=head1 DESCRIPTION
+
+D'er... testing.
+
+=cut
+
+
+sub provider : Local {
+ my ( $self, $c, $username ) = @_;
+
+ my $nos = Net::OpenID::Server
+ ->new(
+ get_args => $c->req->query_params,
+ post_args => $c->req->body_params,
+ get_user => sub { $c->user },
+ is_identity => sub {
+ my ( $user, $identity_url ) = @_;
+ return unless $user;
+ my ( $check ) = $identity_url =~ /(\w+)\z/;
+ return $check eq $user->id; # simple auth here
+ },
+ is_trusted => sub {
+ my ( $user, $trust_root, $is_identity ) = @_;
+ return $is_identity; # enough that they passed is_identity
+ },
+ setup_url => $c->uri_for($c->req->path, {moo => "setup"}),
+ server_secret => $c->config->{startup_time},
+ );
+
+ # From your OpenID server endpoint:
+
+ my ( $type, $data ) = $nos->handle_page;
+
+ if ($type eq "redirect")
+ {
+ $c->res->redirect($data);
+ }
+ elsif ($type eq "setup")
+ {
+ my %setup_opts = %{$data};
+ $c->res->body(<<"");
+You're not signed in so you can't be verified.
+<a href="/login">Sign in</a> | <a href="/signin_openid">OpenId</a>.
+
+ # it's then your job to redirect them at the end to "return_to"
+ # (or whatever you've named it in setup_map)
+ }
+ else
+ {
+ $c->res->content_type($type);
+ if ( $username )
+ {
+ my $server_uri = $c->uri_for($c->req->path);
+ $data =~ s,(?=</head>),<link rel="openid.server" href="$server_uri" />,;
+ }
+ $c->res->body($data);
+ }
+}
+
+sub logout : Local {
+ my($self, $c) = @_;
+ $c->logout if $c->user_exists;
+ $c->delete_session();
+ $c->res->redirect($c->uri_for("/"));
+}
+
+sub login : Local {
+ my($self, $c) = @_;
+
+ if ( $c->req->method eq 'POST'
+ and
+ $c->authenticate({ username => $c->req->body_params->{username},
+ password => $c->req->body_params->{password} }) )
+ {
+# $c->res->body("You are signed in!");
+ $c->res->redirect($c->uri_for("/"));
+ }
+ else
+ {
+ my $action = $c->req->uri->path;
+ $c->res->body(<<"");
+<html><head/><body><form name="login" action="$action" method="POST">
+ <input type="text" name="username" />
+ <input type="password" name="password" />
+ <input type="submit" value="Sign in" />
+</form>
+</body></html>
+
+ }
+}
+
+
+sub signin_openid : Local {
+ my($self, $c) = @_;
+
+ if ( $c->authenticate({}, "openid") )
+ {
+ $c->res->body("You did it with OpenID!");
+ }
+ else
+ {
+ my $action = $c->req->uri->path;
+ $c->res->body(<<"");
+ <form action="$action" method="GET" name="openid">
+ <input type="text" name="openid_identifier" class="openid" size="50" />
+ <input type="submit" value="Sign in with OpenID" />
+ </form>
+
+ }
+}
+
+sub default : Private {
+ my ( $self, $c ) = @_;
+ $c->response->body(
+ join(" ",
+ "You are",
+ $c->user ? "" : "not",
+ "signed in. <br/>",
+ $c->user ? ( $c->user->id || %{$c->user} ) : '<a href="/login">Sign in</a> | <a href="/signin_openid">OpenId</a>.'
+ )
+ );
+}
+
+sub end : Private {
+ my ( $self, $c ) = @_;
+ $c->response->content_type("text/html");
+}
+
+=head1 LICENSE
+
+This library is free software, you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+=cut
+
+1;
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp.pm
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp.pm (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/lib/TestApp.pm 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,123 @@
+package TestApp;
+
+use strict;
+use warnings;
+
+use Catalyst::Runtime '5.70';
+
+use Catalyst qw(
+ -Debug
+ ConfigLoader
+ Authentication
+ Session
+ Session::Store::FastMmap
+ Session::State::Cookie
+ );
+
+our $VERSION = '0.01';
+
+__PACKAGE__->config
+ ( name => "TestApp",
+ startup_time => time(),
+ "Plugin::Authentication" => {
+ default_realm => "members",
+ realms => {
+ members => {
+ credential => {
+ class => "Password",
+ password_field => "password",
+ password_type => "clear"
+ },
+ store => {
+ class => "Minimal",
+ users => {
+ paco => {
+ password => "l4s4v3n7ur45",
+ },
+ }
+ }
+ },
+ openid => {
+ ua_class => "LWPx::ParanoidAgent",
+# ua_class => "LWP::UserAgent",
+ ua_args => {
+ whitelisted_hosts => [qw/ 127.0.0.1 localhost /],
+ },
+ debug => 1,
+ credential => {
+ class => "OpenID",
+#DOES NOTHING use_session => 1
+ store => {
+ class => "OpenID",
+ },
+ },
+ },
+ },
+ },
+ );
+
+# Start the application
+__PACKAGE__->setup;
+
+1;
+
+__END__
+
+=pod
+
+package TestApp;
+
+use Catalyst qw/
+ Authentication
+ /;
+
+use Test::More;
+use Test::Exception;
+
+sub provider : Local {
+
+
+}
+
+sub user : Local {
+ my ( $self, $c ) = @_;
+
+ ok(!$c->user, "no user");
+
+ is( $c->user, $users->{foo}, "user object is in proper place");
+
+ ok( !$c->user->roles, "no roles for foo" );
+ my @new = qw/foo bar gorch/;
+ $c->user->roles( @new );
+ is_deeply( [ $c->user->roles ], \@new, "roles set as array");
+
+ $c->logout;
+ ok(!$c->user, "no more user, after logout");
+
+ $c->res->body( "ok" );
+}
+
+__PACKAGE__->config
+ (
+ "Plugin::Authentication" => {
+ default_realm => "OpenID",
+ realms => {
+ "OpenID" => {
+ credential => {
+ class => "OpenID",
+#DOES NOTHING YET use_session => 1
+ store => {
+ class => "OpenID",
+ },
+ },
+ },
+ },
+ },
+ );
+# class: Null
+#implied already user_class: Catalyst::Authentication::User::Hash
+ };
+
+__PACKAGE__->setup;
+
+=cut
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/script/testapp_server.pl
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/script/testapp_server.pl (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/script/testapp_server.pl 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,111 @@
+#!/usr/local/bin/perl -w
+
+BEGIN {
+ $ENV{CATALYST_ENGINE} ||= 'HTTP';
+ $ENV{CATALYST_SCRIPT_GEN} = 30;
+ require Catalyst::Engine::HTTP;
+}
+
+use strict;
+use warnings;
+use Getopt::Long;
+use Pod::Usage;
+use FindBin;
+use lib "$FindBin::Bin/../lib";
+
+my $debug = 0;
+my $fork = 0;
+my $help = 0;
+my $host = undef;
+my $port = $ENV{TESTAPP_PORT} || $ENV{CATALYST_PORT} || 3000;
+my $keepalive = 0;
+my $restart = $ENV{TESTAPP_RELOAD} || $ENV{CATALYST_RELOAD} || 0;
+my $restart_delay = 1;
+my $restart_regex = '\.yml$|\.yaml$|\.pm$';
+my $restart_directory = undef;
+
+my @argv = @ARGV;
+
+GetOptions(
+ 'debug|d' => \$debug,
+ 'fork' => \$fork,
+ 'help|?' => \$help,
+ 'host=s' => \$host,
+ 'port=s' => \$port,
+ 'keepalive|k' => \$keepalive,
+ 'restart|r' => \$restart,
+ 'restartdelay|rd=s' => \$restart_delay,
+ 'restartregex|rr=s' => \$restart_regex,
+ 'restartdirectory=s' => \$restart_directory,
+);
+
+pod2usage(1) if $help;
+
+if ( $restart && $ENV{CATALYST_ENGINE} eq 'HTTP' ) {
+ $ENV{CATALYST_ENGINE} = 'HTTP::Restarter';
+}
+if ( $debug ) {
+ $ENV{CATALYST_DEBUG} = 1;
+}
+
+# This is require instead of use so that the above environment
+# variables can be set at runtime.
+require TestApp;
+
+TestApp->run( $port, $host, {
+ argv => \@argv,
+ 'fork' => $fork,
+ keepalive => $keepalive,
+ restart => $restart,
+ restart_delay => $restart_delay,
+ restart_regex => qr/$restart_regex/,
+ restart_directory => $restart_directory,
+} );
+
+1;
+
+=head1 NAME
+
+testapp_server.pl - Catalyst Testserver
+
+=head1 SYNOPSIS
+
+testapp_server.pl [options]
+
+ Options:
+ -d -debug force debug mode
+ -f -fork handle each request in a new process
+ (defaults to false)
+ -? -help display this help and exits
+ -host host (defaults to all)
+ -p -port port (defaults to 3000)
+ -k -keepalive enable keep-alive connections
+ -r -restart restart when files get modified
+ (defaults to false)
+ -rd -restartdelay delay between file checks
+ -rr -restartregex regex match files that trigger
+ a restart when modified
+ (defaults to '\.yml$|\.yaml$|\.pm$')
+ -restartdirectory the directory to search for
+ modified files
+ (defaults to '../')
+
+ See also:
+ perldoc Catalyst::Manual
+ perldoc Catalyst::Manual::Intro
+
+=head1 DESCRIPTION
+
+Run a Catalyst Testserver for this application.
+
+=head1 AUTHOR
+
+Sebastian Riedel, C<sri at oook.de>
+Maintained by the Catalyst Core Team.
+
+=head1 COPYRIGHT
+
+This library is free software, you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+=cut
Property changes on: Catalyst-Authentication-Credential-OpenID/0.02/t/TestApp/script/testapp_server.pl
___________________________________________________________________
Name: svn:executable
+ *
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/live_app.t
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/live_app.t (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/live_app.t 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,140 @@
+#!perl
+
+use strict;
+use warnings;
+
+use FindBin;
+use IO::Socket;
+use Test::More;
+use Test::WWW::Mechanize;
+
+
+plan skip_all => 'set TEST_HTTP to enable this test' unless $ENV{TEST_HTTP};
+eval "use Catalyst::Devel 1.0";
+plan skip_all => 'Catalyst::Devel required' if $@;
+
+# plan "no_plan";
+plan tests => 17;
+
+# TEST FORK?
+
+# How long to wait for test server to start and timeout for UA.
+my $seconds = 30;
+
+# Spawn the standalone HTTP server.
+my $port = 30000 + int rand(1 + 10000);
+
+ my $pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/TestApp/lib $FindBin::Bin/TestApp/script/testapp_server.pl -f -port $port |";
+
+# my $pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/TestApp/lib $FindBin::Bin/TestApp/script/testapp_server.pl -f -port $port 2>&1 |";
+
+
+my $pid = open my $server, $pipe
+ or die "Unable to spawn standalone HTTP server: $!";
+
+diag("Waiting (up to $seconds seconds) for server to start...");
+
+eval {
+ local $SIG{ALRM} = sub { die "Server took too long to start\n" }; # NB: \n required
+ alarm($seconds);
+
+ while ( check_port( 'localhost', $port ) != 1 ) {
+ sleep 1;
+ }
+ alarm(0)
+};
+
+if ( $@ )
+{
+ kill 'INT', $pid;
+ close $server;
+ die "Could not run test: $@\n$pipe";
+}
+
+my $root = $ENV{CATALYST_SERVER} = "http://localhost:$port";
+
+# Tests start --------------------------------------------
+ok("Started");
+
+
+my $mech = Test::WWW::Mechanize->new(timeout => $seconds);
+
+$mech->get_ok($root, "GET $root");
+$mech->content_contains("not signed in", "Content looks right");
+
+$mech->get_ok("$root/login", "GET $root/login");
+
+# diag($mech->content);
+
+$mech->submit_form_ok({ form_name => "login",
+ fields => { username => "paco",
+ password => "l4s4v3n7ur45",
+ },
+ },
+ "Trying cleartext login, 'memebers' realm");
+
+$mech->content_contains("signed in", "Signed in successfully");
+
+$mech->get_ok("$root/signin_openid", "GET $root/signin_openid");
+
+$mech->content_contains("Sign in with OpenID", "Content looks right");
+
+my $claimed_uri = "$root/provider/paco";
+
+$mech->submit_form_ok({ form_name => "openid",
+ fields => { openid_identifier => $claimed_uri,
+ },
+ },
+ "Trying OpenID login, 'openid' realm");
+
+$mech->content_contains("You did it with OpenID!",
+ "Successfully signed in with OpenID");
+
+$mech->get_ok($root, "GET $root");
+
+$mech->content_contains("provider/paco", "OpenID info is in the user");
+
+# can't be verified
+
+$mech->get_ok("$root/logout", "GET $root/logout");
+
+$mech->get_ok("$root/signin_openid", "GET $root/signin_openid");
+
+$mech->content_contains("Sign in with OpenID", "Content looks right");
+
+$mech->submit_form_ok({ form_name => "openid",
+ fields => { openid_identifier => $claimed_uri,
+ },
+ },
+ "Trying OpenID login, 'openid' realm");
+
+$mech->content_contains("can't be verified",
+ "Proper failure for unauthenticated memember.");
+
+# Tests end ----------------------------------------------
+
+# shut it down
+kill 'INT', $pid;
+close $server;
+
+exit 0;
+
+sub check_port {
+ my ( $host, $port ) = @_;
+
+ my $remote = IO::Socket::INET->new(
+ Proto => "tcp",
+ PeerAddr => $host,
+ PeerPort => $port
+ );
+ if ($remote) {
+ close $remote;
+ return 1;
+ }
+ else {
+ return 0;
+ }
+}
+
+__END__
+
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/pod-coverage.t
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/pod-coverage.t (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/pod-coverage.t 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,6 @@
+#!perl -T
+
+use Test::More;
+eval "use Test::Pod::Coverage 1.04";
+plan skip_all => "Test::Pod::Coverage 1.04 required for testing POD coverage" if $@;
+all_pod_coverage_ok();
Added: Catalyst-Authentication-Credential-OpenID/0.02/t/pod.t
===================================================================
--- Catalyst-Authentication-Credential-OpenID/0.02/t/pod.t (rev 0)
+++ Catalyst-Authentication-Credential-OpenID/0.02/t/pod.t 2008-04-09 02:34:30 UTC (rev 7600)
@@ -0,0 +1,6 @@
+#!perl -T
+
+use Test::More;
+eval "use Test::Pod 1.14";
+plan skip_all => "Test::Pod 1.14 required for testing POD" if $@;
+all_pod_files_ok();
More information about the Catalyst-commits
mailing list