[Catalyst-commits] r8817 - in Catalyst-Authentication-Credential-HTTP/1.000/trunk: . lib/Catalyst/Authentication/Credential t

[t0m at dev.catalyst.perl.org]

Author: t0m
Date: 2008-12-10 23:54:19 +0000 (Wed, 10 Dec 2008)
New Revision: 8817

Modified:
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t
Log:
Checking in changes prior to tagging of version 1.008.  Changelog diff is:

=== Changes
==================================================================
--- Changes	(revision 8543)
+++ Changes	(local)
@@ -1,3 +1,10 @@
+1.008  2008-12-10
+  - Fix issue with the user not being authenticated into the correct 
+    realm, by not calling $c->set_authenticated ourselves, but instead
+    just returning the user object. Fix suggested by Bernhard Graf. (t0m)
+    - Add test for this (t0m)
+  - Change $user to $user_obj in authenticate_digest for consistency (t0m)
+
 1.007  2008-11-19
   - Add test for query strings in digest auth as digest header is built using
     the full URI (t0m)


Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes	2008-12-10 21:17:49 UTC (rev 8816)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes	2008-12-10 23:54:19 UTC (rev 8817)
@@ -1,3 +1,10 @@
+1.008  2008-12-10
+  - Fix issue with the user not being authenticated into the correct 
+    realm, by not calling $c->set_authenticated ourselves, but instead
+    just returning the user object. Fix suggested by Bernhard Graf. (t0m)
+    - Add test for this (t0m)
+  - Change $user to $user_obj in authenticate_digest for consistency (t0m)
+
 1.007  2008-11-19
   - Add test for query strings in digest auth as digest header is built using
     the full URI (t0m)

Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm	2008-12-10 21:17:49 UTC (rev 8816)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm	2008-12-10 23:54:19 UTC (rev 8817)
@@ -13,7 +13,7 @@
     __PACKAGE__->mk_accessors(qw/_config realm/);
 }
 
-our $VERSION = "1.007";
+our $VERSION = '1.008';
 
 sub new {
     my ($class, $config, $app, $realm) = @_;
@@ -65,7 +65,6 @@
             $opts->{$self->_config->{password_field}} = $password 
                 if $self->_config->{password_field};            
             if ($self->check_password($user_obj, $opts)) {
-                $c->set_authenticated($user_obj);
                 return $user_obj;
             }
         }
@@ -126,12 +125,12 @@
 
         my $username = $res{username};
 
-        my $user;
+        my $user_obj;
 
-        unless ( $user = $auth_info->{user} ) {
-            $user = $realm->find_user( { $self->_config->{username_field} => $username }, $c);
+        unless ( $user_obj = $auth_info->{user} ) {
+            $user_obj = $realm->find_user( { $self->_config->{username_field} => $username }, $c);
         }
-        unless ($user) {    # no user, no authentication
+        unless ($user_obj) {    # no user, no authentication
             $c->log->debug("Unable to locate user matching user info provided") if $c->debug;
             return;
         }
@@ -153,9 +152,9 @@
         my $password_field = $self->_config->{password_field};
         for my $r ( 0 .. 1 ) {
             # calculate H(A1) as per spec
-            my $A1_digest = $r ? $user->$password_field() : do {
+            my $A1_digest = $r ? $user_obj->$password_field() : do {
                 $ctx = Digest::MD5->new;
-                $ctx->add( join( ':', $username, $realm->name, $user->$password_field() ) );
+                $ctx->add( join( ':', $username, $realm->name, $user_obj->$password_field() ) );
                 $ctx->hexdigest;
             };
             if ( $nonce->algorithm eq 'MD5-sess' ) {
@@ -173,8 +172,7 @@
             $c->cache->set( __PACKAGE__ . '::opaque:' . $nonce->opaque,
                 $nonce );
             if ($rq_digest eq $res{response}) {
-                $c->set_authenticated($user);
-                return 1;
+                return $user_obj;
             }
         }
     }

Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t	2008-12-10 21:17:49 UTC (rev 8816)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t	2008-12-10 23:54:19 UTC (rev 8817)
@@ -1,7 +1,7 @@
 #!/usr/bin/perl
 use strict;
 use warnings;
-use Test::More tests => 34;
+use Test::More tests => 35;
 use Test::MockObject::Extends;
 use Test::MockObject;
 use Test::Exception;
@@ -25,6 +25,7 @@
 my $res_headers = HTTP::Headers->new;
 $res->set_always( headers => $res_headers );
 my $user = Test::MockObject->new;
+$user->set_isa('Catalyst::Authentication::User');
 $user->mock(get => sub { return shift->{$_[0]} });
 my $find_user_opts;
 my $realm = Test::MockObject->new;
@@ -70,8 +71,12 @@
 
 # Correct credentials
 $req_headers->authorization_basic( qw/foo bar/ );
-ok($self->authenticate($c, $realm), "auth successful with header");
-is($authenticated, 1, 'authenticated once');
+{
+    my $user = $self->authenticate($c, $realm);
+    ok($user, "auth successful with header");
+    isa_ok $user, 'Catalyst::Authentication::User';
+}
+is($authenticated, 0, 'Not called set_authenticated');
 is_deeply( $find_user_opts, { username => 'foo'}, "login delegated");
 
 # Test all the headers look good.