[Catalyst-commits] r10302 - branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential

Tue May 26 22:34:21 GMT 2009

Author: kmx
Date: 2009-05-26 22:34:21 +0000 (Tue, 26 May 2009)
New Revision: 10302

Modified:
   branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm
Log:
branch Credential::Remote - compatibility hack for 5.80004- (as $c->req->remote_user does not exist and $c->engine->env is broken in 5.80004) + some whitespaces fixed

Modified: branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm
===================================================================

--- branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm	2009-05-26 21:36:24 UTC (rev 10301)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm	2009-05-26 22:34:21 UTC (rev 10302)
@@ -23,7 +23,7 @@
         "'allow_regexp' configuration parameter") if $@;
     }
     if (defined($config->{deny_regexp}) && ($config->{deny_regexp} ne "")) { 
-    eval { $self->deny_re( qr/$config->{deny_regexp}/ ) };     
+        eval { $self->deny_re( qr/$config->{deny_regexp}/ ) };     
         Catalyst::Exception->throw( "Invalid regular expression in ".
              "'deny_regexp' configuration parameter") if $@;
     }
@@ -41,16 +41,33 @@
     my ( $self, $c, $realm, $authinfo ) = @_;
 
     my $remuser;
-    if ($self->source eq "REMOTE_USER") {
-	# BEWARE: $c->engine->env was broken prior 5.80005
-	$remuser = $c->engine->env->{REMOTE_USER};
-        # the original idea was to use $c->req->remote_user but ...
-    }
+    if ($self->source eq "REMOTE_USER") {    
+        # compatibility hack:
+        if (defined($c->engine->env)) {
+            # BEWARE: $c->engine->env was broken prior 5.80005
+            $remuser = $c->engine->env->{REMOTE_USER};
+        }
+        elsif ($c->req->can('remote_user')) {
+            # $c->req->remote_users was introduced in 5.80005; if not evailable we are
+            # gonna use $c->req->user that is deprecated but more or less works as well 
+            $remuser = $c->req->remote_user;
+        }
+        elsif ($c->req->can('user')) {
+            # maybe show warning that we are gonna use DEPRECATED $req->user
+            $remuser = $c->req->user;
+        }
+    }    
     elsif ($self->source eq "SSL_CLIENT_DN") {
         # if user is authenticated via SSL certificate his distinguished name
         # is available in SSL_CLIENT_DN variable
-	# BEWARE: $c->engine->env was broken prior 5.80005    
-        $remuser = $c->engine->env->{SSL_CLIENT_DN};    
+        # BEWARE: $c->engine->env was broken prior 5.80005
+        if (defined($c->engine->env)) {
+            $remuser = $c->engine->env->{SSL_CLIENT_DN};
+        }
+        else {
+            # this happens on Catalyst 5.80004 and before (when using FastCGI)
+            Catalyst::Exception->throw( "Cannot handle parameter 'source=SSL_CLIENT_DN'");
+        }
     }
     else {
         Catalyst::Exception->throw( "Invalid value of 'source' parameter");
@@ -73,8 +90,8 @@
     if (defined($self->cutname_re)) {
         if (($remuser =~ $self->cutname_re) && ($1 ne "")) {
             $usr = $1;
+        }
     }
-    }
     
     $authinfo->{id} = $authinfo->{username} = $usr; 
     $authinfo->{remote_user} = $remuser; # just to keep the original value
@@ -110,8 +127,8 @@
                     store => {
                         class => 'Null',
                         # if you want to have some additional user attributes
-			# like user roles, user full name etc. you can specify
-			# here the store where you keep this data
+                        # like user roles, user full name etc. you can specify
+                        # here the store where you keep this data
                     }
                 },
             },
@@ -125,9 +142,9 @@
         if(defined($c->req->remote_user) and !$c->user_exists) {
             # authenticate() for this module does not need any user info
             # as the username is taken from $c->req->remote_user and
-	    # password is not needed	     
-	    $c->authenticate( {} );
-	}   
+            # password is not needed     
+            $c->authenticate( {} );
+        }   
     }
 
     # or you can implement in any controller an ordinary login action like this
@@ -149,6 +166,9 @@
 Active Directory enviroment) or even the SSL authentication when users 
 authenticate themself using their client SSL certificates.   
 
+B<BEWARE:> Support for SSL authentication does not work with Catalyst 5.8004 
+and before (if you want details see source code). 
+
 The main idea of this module is based on a fact that webserver passes the name
 of authenticated user into Catalyst application as REMOTE_USER variable (or in 
 case of SSL client authentication SSL_CLIENT_DN) - from this point referenced as 


