File Coverage

blib/lib/Net/DRI/Protocol/EPP/Extensions/VeriSign/TwoFactorAuth.pm

Criterion	Covered	Total	%
statement	12	132	9.0
branch	0	80	0.0
condition	0	13	0.0
subroutine	4	14	28.5
pod	0	5	0.0
total	16	244	6.5

line	stmt	bran	cond	sub	pod	time	code
1							## Domain Registry Interface, VeriSign Two Factor Auth EPP extension
2							##
3							## Copyright (c) 2012 Patrick Mevzek . All rights reserved.
4							##
5							## This file is part of Net::DRI
6							##
7							## Net::DRI is free software; you can redistribute it and/or modify
8							## it under the terms of the GNU General Public License as published by
9							## the Free Software Foundation; either version 2 of the License, or
10							## (at your option) any later version.
11							##
12							## See the LICENSE file that comes with this distribution for more details.
13							####################################################################################################
14
15							package Net::DRI::Protocol::EPP::Extensions::VeriSign::TwoFactorAuth;
16
17	1			1		829	use strict;
	1					2
	1					32
18	1			1		4	use warnings;
	1					1
	1					18
19
20	1			1		3	use Net::DRI::Util;
	1					1
	1					18
21	1			1		4	use Net::DRI::Exception;
	1					2
	1					1384
22
23							####################################################################################################
24
25							sub register_commands
26							{
27	0			0	0		my ($class,$version)=@_;
28	0						return { 'authsession' => { create => [ \&auth_create_generate, \&auth_create_parse ] },
29							'domain' => { update => [ \&domain_update_generate, undef ] }, ## other domain operations ?
30							};
31							}
32
33							sub setup
34							{
35	0			0	0		my ($class,$po,$version)=@_;
36	0						$po->ns({ 'authExt' => [ 'http://www.verisign.com/epp/authExt-1.0','authExt-1.0.xsd' ],
37							'authSession' => [ 'http://www.verisign.com/epp/authSession-1.0','authSession-1.0.xsd' ],
38							});
39	0						return;
40							}
41
42							####################################################################################################
43
44							sub _check_credentials
45							{
46	0			0			my ($ra)=@_;
47
48	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "credentials" must be an array reference') unless ref $ra eq 'ARRAY';
49	0						foreach my $c (@$ra)
50							{
51	0	0					Net::DRI::Exception::usererr_invalid_parameters('Credentials must each be an XML token from 1 to 255 characters long, not '.$c) unless Net::DRI::Util::xml_is_token($c,1,255);
52							}
53	0						return;
54							}
55
56							sub _generate_svcotpcreds
57							{
58	0			0			my ($rp)=@_;
59
60	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "service_provider" is mandatory') unless Net::DRI::Util::has_key($rp,'service_provider');
61	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "otp" is mandatory') unless Net::DRI::Util::has_key($rp,'otp');
62	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "credentials" is mandatory') unless Net::DRI::Util::has_key($rp,'credentials');
63	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "service_provider" must be an XML token from 3 to 10 characters long') unless Net::DRI::Util::xml_is_token($rp->{service_provider},3,10);
64	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "otp" must be an XML token from 5 to 20 characters long') unless Net::DRI::Util::xml_is_token($rp->{otp},5,20);
65	0						_check_credentials($rp->{credentials});
66
67	0						my @n;
68	0						push @n,['authSession:serviceProvider',$rp->{service_provider}];
69	0						push @n,['authSession:otp',$rp->{otp}];
70	0						push @n,['authSession:credentialList',map { ['authSession:credentialId',$_] } @{$rp->{credentials}}];
	0
	0
71	0						return @n;
72							}
73
74							sub _generate_token
75							{
76	0			0			my ($rp)=@_;
77
78	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "service_provider" is mandatory') unless Net::DRI::Util::has_key($rp,'service_provider');
79	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "credential" is mandatory') unless Net::DRI::Util::has_key($rp,'credential');
80	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "crDate" is mandatory') unless Net::DRI::Util::has_key($rp,'crDate');
81	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "exDate" is mandatory') unless Net::DRI::Util::has_key($rp,'exDate');
82	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "service_provider" must be an XML token from 3 to 10 characters long') unless Net::DRI::Util::xml_is_token($rp->{service_provider},3,10);
83	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "credential" must be an XML token from 1 to 255 characters long') unless Net::DRI::Util::xml_is_token($rp->{credential},1,255);
84	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "crDate" must be a DateTime object') unless Net::DRI::Util::check_isa($rp->{crDate},'DateTime');
85	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "exDate" must be a DateTime object') unless Net::DRI::Util::check_isa($rp->{exDate},'DateTime');
86
87	0						my @n;
88	0						push @n,['authSession:serviceProvider',$rp->{service_provider}];
89	0						push @n,['authSession:credentialId',$rp->{credential}];
90	0						push @n,['authSession:crDate',Net::DRI::Util::dto2zstring($rp->{crDate})];
91	0						push @n,['authSession:exDate',Net::DRI::Util::dto2zstring($rp->{exDate})];
92	0						return @n;
93							}
94
95							sub auth_create_generate
96							{
97	0			0	0		my ($epp,$rp)=@_;
98	0						my $mes=$epp->message();
99
100	0						my @n;
101	0						push @n,_generate_svcotpcreds($rp);
102
103	0						$mes->command('create','authSession:create',sprintf('xmlns:authSession="%s" xsi:schemaLocation="%s %s"',$mes->nsattrs('authSession')));
104	0						$mes->command_body(\@n);
105	0						return;
106							}
107
108							sub auth_create_parse
109							{
110	0			0	0		my ($po,$otype,$oaction,$oname,$rinfo)=@_;
111	0						my $mes=$po->message();
112	0	0					return unless $mes->is_success();
113
114	0						my $data=$mes->get_response('authSession','creData');
115	0	0					return unless defined $data;
116
117	0						my %d;
118	0						foreach my $el (Net::DRI::Util::xml_list_children($data))
119							{
120	0						my ($name,$c)=@$el;
121	0	0					if ($name eq 'token')
		0
122							{
123	0						foreach my $subel (Net::DRI::Util::xml_list_children($c))
124							{
125	0						my ($subname,$subc)=@$subel;
126	0	0					if ($subname=~m/^(serviceProvider\|credentialId)$/)
		0
127							{
128	0						$d{Net::DRI::Util::remcam($1)}=$subc->textContent();
129							} elsif ($subname=~m/^(crDate\|exDate)$/)
130							{
131	0						$d{$1}=$po->parse_iso8601($subc->textContent());
132							}
133							}
134							} elsif ($name eq 'signature')
135							{
136	0						$d{signature}=$c->textContent();
137							}
138							}
139
140	0						$rinfo->{auth}->{$d{credential_id}}=\%d;
141	0						return;
142							}
143
144							sub _generate_tokendata
145							{
146	0			0			my ($rp)=@_;
147
148	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "token_provider" is mandatory') unless Net::DRI::Util::has_key($rp,'token_provider');
149	0	0	0				Net::DRI::Exception::usererr_insufficient_parameters('Either key "token" or "generic_token" is mandatory') unless Net::DRI::Util::has_key($rp,'token') xor Net::DRI::Util::has_key($rp,'generic_token');
150	0	0					Net::DRI::Exception::usererr_insufficient_parameters('Key "signature" is mandatory') unless Net::DRI::Util::has_key($rp,'signature');
151	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "token_provider" must be an XML token from 3 to 10 characters long') unless Net::DRI::Util::xml_is_token($rp->{token_provider},3,10);
152
153	0						my @n;
154	0						push @n,['authExt:tokenProvider',$rp->{token_provider}];
155	0	0					if (Net::DRI::Util::has_key($rp,'generic_token'))
156							{
157	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "generic_token" must be an XML string') unless Net::DRI::Util::is_string($rp->{generic_token});
158	0						push @n,['authExt:genericToken',$rp->{generic_token}];
159							}
160	0	0					if (Net::DRI::Util::has_key($rp,'token'))
161							{
162	0						push @n,['authExt:token',_generate_token($rp->{token})];
163							}
164
165	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "signature" must be an XML base64binary content') unless Net::DRI::Util::verify_base64($rp->{signature});
166	0						push @n,['authExt:signature',$rp->{signature}];
167
168	0						return ['authExt:tokenData',@n];
169							}
170
171							sub _generate_otpdata
172							{
173	0			0			my ($rp)=@_;
174	0						return ['authSession:otpData',_generate_svcotpcreds($rp)];
175							}
176
177							sub domain_update_generate
178							{
179	0			0	0		my ($epp,$dom,$toc,$rp)=@_;
180
181	0	0	0				return unless Net::DRI::Util::has_key($rp,'auth') && ref $rp->{auth} eq 'HASH' && grep { Net::DRI::Util::has_key($rp->{auth},$_); } qw/validate bind unbind/;
	0		0
182
183	0						my $mes=$epp->message();
184	0						my @n;
185
186	0	0					if (Net::DRI::Util::has_key($rp->{auth},'validate'))
187							{
188	0						my @d;
189
190	0	0					if (Net::DRI::Util::has_key($rp->{auth}->{validate},'token_provider'))
		0
191							{
192	0						push @d,_generate_tokendata($rp->{auth}->{validate});
193							} elsif (Net::DRI::Util::has_key($rp->{auth}->{validate},'service_provider'))
194							{
195	0						push @d,_generate_otpdata($rp->{auth}->{validate});
196							} else
197							{
198	0						Net::DRI::Exception::usererr_insufficient_parameters('Key "validate" needs either a "service_provider" or a "token_provider" key');
199							}
200	0						push @n,['authExt:validate',@d];
201							}
202
203	0	0					if (Net::DRI::Util::has_key($rp->{auth},'bind'))
204							{
205	0	0					my @data=ref $rp->{auth}->{bind} eq 'ARRAY' ? @{$rp->{auth}->{bind}} : ($rp->{auth}->{bind});
	0
206	0	0					Net::DRI::Exception::usererr_invalid_parameters('Value for key "bind" must be a refhash or a refarray of refhashes') if grep { ref $_ ne 'HASH' } @data;
	0
207	0						my $istoken=scalar grep { exists $_->{token_provider} } @data;
	0
208	0						my $isotp=scalar grep { exists $_->{service_provider} } @data;
	0
209	0	0	0				Net::DRI::Exception::usererr_invalid_parameters('For key "bind" values must be refarray of refhashes with key "token_provider" or "service_provider", not both') if ($istoken && $isotp);
210
211	0						my @d;
212	0	0					if ($istoken)
		0
213							{
214	0						push @d,['authExt:tokenDataList',map { _generate_tokendata($_) } @data ];
	0
215							} elsif ($isotp)
216							{
217	0						push @d,['authExt:otpDataList',map { _generate_otpdata($_) } @data ];
	0
218							} else
219							{
220	0						Net::DRI::Exception::usererr_insufficient_parameters('For key "bind" values must be refarray of refhashes with either key "token_provider" or "service_provider"');
221							}
222	0						push @n,['authExt:bind',@d];
223							}
224
225	0	0					if (Net::DRI::Util::has_key($rp->{auth},'unbind'))
226							{
227	0						my @d;
228	0						_check_credentials($rp->{auth}->{unbind});
229	0						push @d,map { ['authSession:credentialId',$_] } @{$rp->{auth}->{unbind}};
	0
	0
230	0						push @n,['authExt:unbind',@d];
231							}
232
233	0						my $eid=$mes->command_extension_register(['authExt','authSession'],'authActions');
234	0						$mes->command_extension($eid,\@n);
235	0						return;
236							}
237
238							####################################################################################################
239							1;
240
241							__END__