File Coverage

blib/lib/OpenID/Lite/Provider/Handler/CheckAuth.pm

Criterion	Covered	Total	%
statement	13	15	86.6
branch			n/a
condition			n/a
subroutine	5	5	100.0
pod			n/a
total	18	20	90.0

line	stmt	sub	time	code
1				package OpenID::Lite::Provider::Handler::CheckAuth;
2
3	1	1	7	use Any::Moose;
	1		2
	1		7
4	1	1	512	use OpenID::Lite::SignatureMethods;
	1		3
	1		8
5	1	1	32	use OpenID::Lite::Message;
	1		2
	1		6
6	1	1	20	use OpenID::Lite::Nonce;
	1		3
	1		7
7	1	1	873	use OpenID::Lite::Provider::Response;
	0
	0
8				use OpenID::Lite::Constants::ProviderResponseType qw(:all);
9				use OpenID::Lite::Constants::ModeType qw(ID_RES);
10				use OpenID::Lite::Constants::Namespace qw(:all);
11				with 'OpenID::Lite::Role::ErrorHandler';
12
13				has 'check_nonce' => (
14				is => 'ro',
15				isa => 'CodeRef',
16				default => sub {
17				sub { return 1; }
18				}
19				);
20
21				has 'assoc_builder' => (
22				is => 'ro',
23				isa => 'OpenID::Lite::Provider::AssociationBuilder',
24				);
25
26				sub handle_request {
27				my ( $self, $req_params ) = @_;
28
29				my $copied = $req_params->copy();
30				$copied->set( mode => ID_RES );
31
32				my $ns = $copied->get('ns');
33
34				my $assoc_handle = $copied->get('assoc_handle');
35				return $self->_build_error( $req_params,
36				q{Missing parameter, "assoc_handle".}, $ns )
37				unless $assoc_handle;
38
39				my $sig = $copied->get('sig');
40				return $self->_build_error( $req_params, q{Missing parameter, "sig".}, $ns)
41				unless $sig;
42
43				my $is_valid = q{false};
44				my $assoc = $self->assoc_builder->build_from_handle(
45				$assoc_handle => { dumb => 1, } );
46				if ( $assoc && !$assoc->is_expired ) {
47				my $signature_method
48				= OpenID::Lite::SignatureMethods->select_method( $assoc->type );
49				$is_valid = q{true}
50				if $signature_method->verify( $assoc->secret, $copied, $sig );
51				}
52
53				# XXX: what about openid1.X ?
54				# if ( $req_params->is_openid2 )
55				# my $nonce = $req_params->get('response_nonce');
56				# my ($nonce_timestamp, $nonce_str) = OpenID::Lite::Nonce->split_nonce($nonce);
57				# unless ($self->check_nonce->($nonce_str, $nonce_timestamp)) {
58				# return $self->ERROR(q{Invalid nonce.});
59				# }
60				# }
61
62				my $res_params = OpenID::Lite::Message->new;
63				$res_params->set( ns => $ns );
64				$res_params->set( is_valid => $is_valid );
65
66				my $invalidate_handle = $copied->get('invalidate_handle');
67				if ($invalidate_handle) {
68				my $assoc
69				= $self->assoc_builder->build_from_handle( $invalidate_handle, { dumb => 0 } );
70				unless ( $assoc && !$assoc->is_expired ) {
71				$res_params->set( invalidate_handle => $invalidate_handle );
72				}
73				}
74
75				return OpenID::Lite::Provider::Response->new(
76				type => DIRECT,
77				req_params => $req_params,
78				res_params => $res_params,
79				);
80				}
81
82				sub _build_error {
83				my ( $self, $req_params, $msg, $ns ) = @_;
84				$ns \|\|= SIGNON_2_0;
85				my $error = OpenID::Lite::Message->new();
86				$error->set( ns => $ns );
87				$error->set( error => $msg );
88				my $res = OpenID::Lite::Provider::Response->new(
89				type => DIRECT,
90				req_params => $req_params,
91				res_params => $error,
92				);
93				return $res;
94				}
95
96				no Any::Moose;
97				__PACKAGE__->meta->make_immutable;
98				1;
99