[Catalyst-commits] r8387 - in Catalyst-Authentication-Credential-HTTP/1.000/trunk: . lib/Catalyst/Authentication/Credential t

t0m at dev.catalyst.perl.org t0m at dev.catalyst.perl.org
Wed Sep 10 01:00:37 BST 2008


Author: t0m
Date: 2008-09-10 01:00:36 +0100 (Wed, 10 Sep 2008)
New Revision: 8387

Modified:
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/Todo
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t
Log:
Fix a load of the documentation up. Fix overriding HTTP auth relam in the ->authenticate call + tests and docs


Property changes on: Catalyst-Authentication-Credential-HTTP/1.000/trunk
___________________________________________________________________
Name: svn:ignore
   - META.yml
pm_to_blib
MANIFEST
blib
inc
Makefile
.*.swp

   + pod2htmi.tmp
pod2htmd.tmp
META.yml
pm_to_blib
MANIFEST
blib
inc
Makefile
.*.swp


Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes	2008-09-09 23:39:41 UTC (rev 8386)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes	2008-09-10 00:00:36 UTC (rev 8387)
@@ -1,3 +1,9 @@
+1.003  2008-09-??
+   - Add ability to override the realm name presented for authentication
+     when calling $c->authenticate. Docs and tests for this.
+   - Clean up documentation of options inherited from 
+     Catalyst::Authentication::Credential::Password
+
 1.002  2008-09-03
    - Fix the assumptions that the password field is named password when doing 
      digest auth.

Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/Todo
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/Todo	2008-09-09 23:39:41 UTC (rev 8386)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/Todo	2008-09-10 00:00:36 UTC (rev 8387)
@@ -1,10 +1,8 @@
-* Document the C::A::C::Password stuff properly
-* Work out what options inherited from C::A::C::Password make sense, and
-  test / document them + make apply to digest as appropriate.
+. Document md5'd passwords for digest stuff
 . Port work's apps.
 . Document how to find the credential module, so that you can call authorization_required_response if you want to.
-. Document, and test overriding the realm's realm->name method.
 . Add deprecation notice to old module.
+. document & test authorization_required_message
 . Test $self->_config->{authorization_required_message} + authorization_required_message = undef does not stamp on body.
 . Split auth headers / do auth methods again, and make authenticate call each in turn.
 . Document / test 'algorithm' config.

Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm	2008-09-09 23:39:41 UTC (rev 8386)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm	2008-09-10 00:00:36 UTC (rev 8387)
@@ -248,10 +248,8 @@
 }
 
 sub _build_auth_header_realm {
-    my ( $self ) = @_;    
-
-    if ( my $realm = $self->realm ) {
-        my $realm_name = String::Escape::qprintable($realm->name);
+    my ( $self, $c, $opts ) = @_;    
+    if ( my $realm_name = String::Escape::qprintable($opts->{realm} ? $opts->{realm} : $self->realm->name) ) {
         $realm_name = qq{"$realm_name"} unless $realm_name =~ /^"/;
         return 'realm=' . $realm_name;
     } 
@@ -279,7 +277,7 @@
     my ( $self, $c, $opts ) = @_;
 
     return (
-        $self->_build_auth_header_realm(),
+        $self->_build_auth_header_realm($c, $opts),
         $self->_build_auth_header_domain($c, $opts),
     );
 }
@@ -406,6 +404,9 @@
 
         $c->authenticate({ realm => "example" }); 
         # either user gets authenticated or 401 is sent
+        # Note that the authentication realm sent to the client is overridden
+        # here, but this does not affect the Catalyst::Authentication::Realm
+        # used for authentication.
 
         do_stuff();
     }
@@ -457,15 +458,35 @@
 
 This will only try the methods set in the configuration. First digest, then basic.
 
-This method just passes the options through untouched. See the next two methods for what \%auth_info can contain.
+The %auth_info hash can contain a number of keys which control the authentication behaviour:
 
+=over
+
+=item realm
+
+Sets the HTTP authentication realm presented to the client. Note this does not alter the
+Catalyst::Authentication::Realm object used for the authentication.
+
+=item password_type
+
+The type of password returned by the user object. Same useage as in 
+L<Catalyst::Authentication::Credential::Password|Catalyst::Authentication::Credential::Password/passwprd_type>
+
+=item password_field
+
+The name of accessor used to retrieve the value of the password field from the user object. Same useage as in 
+L<Catalyst::Authentication::Credential::Password|Catalyst::Authentication::Credential::Password/password_field>
+
+=back
+
 =item authenticate_basic $c, $realm, \%auth_info
 
-Acts like L<Catalyst::Authentication::Credential::Password>, and will lookup the user's password as detailed in that module.
+Performs HTTP basic authentication.
 
 =item authenticate_digest $c, $realm, \%auth_info
 
-Assumes that your user object has a hard coded method which returns a clear text password.
+Performs HTTP digest authentication. Note that the password_type B<must> by I<clear> for
+digest authentication to succeed.
 
 =item authorization_required_response $c, $realm, \%auth_info
 

Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t	2008-09-09 23:39:41 UTC (rev 8386)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/t/basic.t	2008-09-10 00:00:36 UTC (rev 8387)
@@ -74,6 +74,7 @@
 
 # Test all the headers look good.
 $req_headers->clear;
+$res_headers->clear;
 $c->clear;
 throws_ok {
     $self->authenticate( $c, $realm );
@@ -86,6 +87,7 @@
 like( ($res_headers->header('WWW-Authenticate'))[1], qr/^Basic/, "WWW-Authenticate header set: basic");
 like( ($res_headers->header('WWW-Authenticate'))[1], qr/realm="foo"/, "WWW-Authenticate header set: basic realm");
 
+$res_headers->clear;
 # Check password_field works
 {
     my $self = new_self( type => 'any', password_type => 'clear', password_field => 'the_other_password' );
@@ -101,14 +103,13 @@
 }
 
 $req_headers->clear;
+$res_headers->clear;
 throws_ok {
     $self->authenticate( $c, $realm, { realm => 'myrealm' }); # Override realm object's name method by doing this.
 } qr/^ $Catalyst::DETACH $/x, "detached on no authorization supplied, overridden realm value";
 is( $status, 401, "401 status code" );
 is( $content_type, 'text/plain' );
 is( $body, 'Authorization required.' );
-TODO: {
-    local $TODO = 'This should work, it (or something very like it) used to work';
-    like( ($res_headers->header('WWW-Authenticate'))[0], qr/realm="myrealm"/, "WWW-Authenticate header set: digest realm overridden");
-    like( ($res_headers->header('WWW-Authenticate'))[1], qr/realm="myrealm"/, "WWW-Authenticate header set: basic realm overridden");
-}
+like( ($res_headers->header('WWW-Authenticate'))[0], qr/realm="myrealm"/, "WWW-Authenticate header set: digest realm overridden");
+like( ($res_headers->header('WWW-Authenticate'))[1], qr/realm="myrealm"/, "WWW-Authenticate header set: basic realm overridden");
+




More information about the Catalyst-commits mailing list