[Catalyst-commits] r10331 - in
branches/Catalyst-Plugin-Authentication/credential_remote:
lib/Catalyst/Authentication/Credential t t/lib
kmx at dev.catalyst.perl.org
kmx at dev.catalyst.perl.org
Thu May 28 06:18:29 GMT 2009
Author: kmx
Date: 2009-05-28 06:18:28 +0000 (Thu, 28 May 2009)
New Revision: 10331
Added:
branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp1.pm
branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp2.pm
branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote1.t
branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote2.t
Removed:
branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp.pm
branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote.t
Modified:
branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm
branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestEngine.pm
Log:
branch Credential::Remote - tests improved + some decorations (now more or less finished)
Modified: branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm 2009-05-28 03:45:33 UTC (rev 10330)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/lib/Catalyst/Authentication/Credential/Remote.pm 2009-05-28 06:18:28 UTC (rev 10331)
@@ -53,22 +53,30 @@
$remuser = $c->req->remote_user;
}
elsif ($c->req->can('user')) {
- # maybe show warning that we are gonna use DEPRECATED $req->user
- $remuser = $c->req->user;
+ # maybe show warning that we are gonna use DEPRECATED $req->user
+ if (ref($c->req->user)) {
+ # I do not know exactly when this happens but it happens
+ Catalyst::Exception->throw( "Cannot get remote user from ".
+ "\$c->req->user as it seems to be a reference not a string" );
+ }
+ else {
+ $remuser = $c->req->user;
+ }
}
}
elsif ($self->source =~ /^(SSL_CLIENT_.*|CERT_*|AUTH_USER)$/) {
# if you are using 'exotic' webserver or if the user is
- # authenticated e.g via SSL certificate his name could be avaliable
+ # authenticated e.g via SSL certificate his name could be avaliable
# in different variables
# BEWARE: $c->engine->env was broken prior 5.80005
my $nam=$self->source;
- if (defined($c->engine->env)) {
+ if ($c->engine->can('env')) {
$remuser = $c->engine->env->{$nam};
}
else {
# this happens on Catalyst 5.80004 and before (when using FastCGI)
- Catalyst::Exception->throw( "Cannot handle parameter 'source=$nam'");
+ Catalyst::Exception->throw( "Cannot handle parameter 'source=$nam'".
+ " as runnig Catalyst engine has broken \$c->engine->env" );
}
}
else {
@@ -147,7 +155,7 @@
# password is not needed
unless ($c->authenticate( {} )) {
# return 403 forbidden or kick out the user in other way
- };
+ };
}
}
@@ -180,9 +188,6 @@
other credential; it simply believes the webserver that user was properly
authenticated.
-B<BEWARE:> Support for using different variables than REMOTE_USER does not work
-with Catalyst 5.8004 and before (if you want details see source code).
-
=head1 CONFIG
=head2 class
@@ -206,6 +211,9 @@
Supported values: REMOTE_USER, SSL_CLIENT_*, CERT_*, AUTH_USER
+B<BEWARE:> Support for using different variables than REMOTE_USER does not work
+properly with Catalyst 5.8004 and before (if you want details see source code).
+
Note1: Apache + mod_ssl uses SSL_CLIENT_S_DN, SSL_CLIENT_S_DN_* etc. (has to be
enabled by 'SSLOption +StdEnvVars') or you can also let Apache make a copy of
this value into REMOTE_USER (Apache option 'SSLUserName SSL_CLIENT_S_DN').
@@ -272,3 +280,14 @@
a Catalyst username.
=cut
+
+=head1 COMPATIBILITY
+
+It is B<strongly recommended> to use this module with Catalyst 5.80005 and above
+as previous versions have some bugs related to $c->engine->env and do not
+support $c->req->remote_user.
+
+This module tries some workarounds when it detects an older version and should
+work as well.
+
+=cut
Deleted: branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp.pm
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp.pm 2009-05-28 03:45:33 UTC (rev 10330)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp.pm 2009-05-28 06:18:28 UTC (rev 10331)
@@ -1,40 +0,0 @@
-package RemoteTestApp;
-
-use Catalyst qw/
- Authentication
-/;
-
-use base qw/Catalyst/;
-__PACKAGE__->engine_class('RemoteTestEngine');
-__PACKAGE__->config(
- 'Plugin::Authentication' => {
- default_realm => 'remote',
- realms => {
- remote => {
- credential => {
- class => 'Remote',
- allow_regexp => '^(bob|john|CN=.*)$',
- deny_regexp=> 'denied',
- cutname_regexp=> 'CN=(.*),',
- },
- store => {
- class => 'Null',
- },
- },
- },
- },
-);
-
-sub default : Local {
- my ( $self, $c ) = @_;
- if ($c->authenticate()) {
- $c->res->body('OK');
- }
- else {
- $c->res->body('FAIL');
- $c->res->status(403);
- }
-}
-
-__PACKAGE__->setup;
-
Copied: branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp1.pm (from rev 10330, branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp.pm)
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp1.pm (rev 0)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp1.pm 2009-05-28 06:18:28 UTC (rev 10331)
@@ -0,0 +1,45 @@
+package RemoteTestApp1;
+
+use Catalyst qw/
+ Authentication
+/;
+
+use base qw/Catalyst/;
+__PACKAGE__->engine_class('RemoteTestEngine');
+__PACKAGE__->config(
+ 'Plugin::Authentication' => {
+ default_realm => 'remote',
+ realms => {
+ remote => {
+ credential => {
+ class => 'Remote',
+ allow_regexp => '^(bob|john|CN=.*)$',
+ deny_regexp=> 'denied',
+ cutname_regexp=> 'CN=(.*)/OU=Test',
+ },
+ store => {
+ class => 'Null',
+ },
+ },
+ },
+ },
+);
+
+sub default : Local {
+ my ( $self, $c ) = @_;
+ if ($c->authenticate()) {
+ $c->res->body('User:' . $c->user->{id});
+ }
+ else {
+ $c->res->body('FAIL');
+ $c->res->status(403);
+ }
+}
+
+sub public : Local {
+ my ( $self, $c ) = @_;
+ $c->res->body('OK');
+}
+
+__PACKAGE__->setup;
+
Property changes on: branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp1.pm
___________________________________________________________________
Name: svn:mergeinfo
+
Added: branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp2.pm
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp2.pm (rev 0)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestApp2.pm 2009-05-28 06:18:28 UTC (rev 10331)
@@ -0,0 +1,46 @@
+package RemoteTestApp2;
+
+use Catalyst qw/
+ Authentication
+/;
+
+use base qw/Catalyst/;
+__PACKAGE__->engine_class('RemoteTestEngine');
+__PACKAGE__->config(
+ 'Plugin::Authentication' => {
+ default_realm => 'remote',
+ realms => {
+ remote => {
+ credential => {
+ class => 'Remote',
+ allow_regexp => '^(bob|john|CN=.*)$',
+ deny_regexp=> 'denied',
+ cutname_regexp=> 'CN=(.*)/OU=Test',
+ source => 'SSL_CLIENT_S_DN',
+ },
+ store => {
+ class => 'Null',
+ },
+ },
+ },
+ },
+);
+
+sub default : Local {
+ my ( $self, $c ) = @_;
+ if ($c->authenticate()) {
+ $c->res->body('User:' . $c->user->{id});
+ }
+ else {
+ $c->res->body('FAIL');
+ $c->res->status(403);
+ }
+}
+
+sub public : Local {
+ my ( $self, $c ) = @_;
+ $c->res->body('OK');
+}
+
+__PACKAGE__->setup;
+
Modified: branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestEngine.pm
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestEngine.pm 2009-05-28 03:45:33 UTC (rev 10330)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/lib/RemoteTestEngine.pm 2009-05-28 06:18:28 UTC (rev 10331)
@@ -2,12 +2,14 @@
use base 'Catalyst::Engine::CGI';
our $REMOTE_USER;
+our $SSL_CLIENT_S_DN;
sub env {
my $self = shift;
- return {
- REMOTE_USER => $REMOTE_USER,
- };
+ my %e = %ENV;
+ $e{REMOTE_USER} = $REMOTE_USER;
+ $e{SSL_CLIENT_S_DN} = $SSL_CLIENT_S_DN;
+ return \%e;
};
1;
Deleted: branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote.t
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote.t 2009-05-28 03:45:33 UTC (rev 10330)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote.t 2009-05-28 06:18:28 UTC (rev 10331)
@@ -1,23 +0,0 @@
-use strict;
-use warnings;
-use Test::More tests => 5;
-
-use lib 't/lib';
-use Catalyst::Test qw/RemoteTestApp/;
-
-$RemoteTestEngine::REMOTE_USER = 'john';
-ok( request('/')->is_success );
-
-$RemoteTestEngine::REMOTE_USER = 'nonexisting';
-ok( !request('/')->is_success );
-
-$RemoteTestEngine::REMOTE_USER = 'denieduser';
-ok( !request('/')->is_success );
-
-$RemoteTestEngine::REMOTE_USER = undef;
-ok( !request('/')->is_success );
-
-$RemoteTestEngine::SSL_CLIENT_DN = 'CN=user, OU=any';
-# will probably fail on 5.80004 and before
-ok( !request('/')->is_success );
-
Copied: branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote1.t (from rev 10330, branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote.t)
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote1.t (rev 0)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote1.t 2009-05-28 06:18:28 UTC (rev 10331)
@@ -0,0 +1,30 @@
+use strict;
+use warnings;
+use Test::More tests => 10;
+
+use lib 't/lib';
+use Catalyst::Test qw/RemoteTestApp1/;
+
+$RemoteTestEngine::REMOTE_USER = undef;
+ok( request('/public')->is_success, 'anonymous user (undef) - /public' );
+ok( request('/')->is_error, 'anonymous user (undef) - /' );
+
+$RemoteTestEngine::REMOTE_USER = '';
+ok( request('/public')->is_success, 'anonymous user (empty) - /public' );
+ok( request('/')->is_error, 'anonymous user (empty) - /' );
+
+$RemoteTestEngine::REMOTE_USER = 'john';
+ok( request('/')->is_success, 'valid user' );
+
+$RemoteTestEngine::REMOTE_USER = 'nonexisting';
+ok( request('/')->is_error, 'non-existing user' );
+
+$RemoteTestEngine::REMOTE_USER = 'denieduser';
+ok( request('/')->is_error, 'explicitly denied user' );
+
+$RemoteTestEngine::REMOTE_USER = 'CN=namexyz/OU=Test/C=Company';
+ok( request('/')->is_success, 'testing "cutname" option 1' );
+is( request('/')->content, 'User:namexyz', 'testing "cutname" option 2' );
+
+$RemoteTestEngine::REMOTE_USER = 'CN=/OU=Test/C=Company';
+is( request('/')->content, 'User:CN=/OU=Test/C=Company', 'testing "cutname" option - empty $1 match' );
Property changes on: branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote1.t
___________________________________________________________________
Name: svn:mergeinfo
+
Name: svn:eol-style
+ native
Added: branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote2.t
===================================================================
--- branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote2.t (rev 0)
+++ branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote2.t 2009-05-28 06:18:28 UTC (rev 10331)
@@ -0,0 +1,19 @@
+use strict;
+use warnings;
+use Test::More tests => 3;
+
+use lib 't/lib';
+use Catalyst::Test qw/RemoteTestApp2/;
+
+$RemoteTestEngine::REMOTE_USER = undef;
+
+# WARNING: this requires $c->engine->env to work properly
+# $c->engine->env was slightly broken in 5.8004 but this test should pass
+# as it uses Engine::CGI that works fine even in 5.80004
+
+$RemoteTestEngine::SSL_CLIENT_S_DN = 'CN=anyuser/OU=Test/C=Company';
+ok( request('/')->is_success, 'testing "source" option' );
+
+$RemoteTestEngine::SSL_CLIENT_S_DN = 'CN=namexyz/OU=Test/C=Company';
+ok( request('/')->is_success, 'testing "source" + "cutname" 1' );
+is( request('/')->content, 'User:namexyz', 'testing "source" + "cutname" 2' );
Property changes on: branches/Catalyst-Plugin-Authentication/credential_remote/t/live_app_remote2.t
___________________________________________________________________
Name: svn:eol-style
+ native
More information about the Catalyst-commits
mailing list