File Coverage

blib/lib/WebService/SOP/Auth/V1_1/Util.pm

Criterion	Covered	Total	%
statement	33	34	97.0
branch	11	12	91.6
condition	6	8	75.0
subroutine	9	9	100.0
pod	3	3	100.0
total	62	66	93.9

line	stmt	bran	cond	sub	pod	time	code
1							package WebService::SOP::Auth::V1_1::Util;
2	6			6		39232	use strict;
	6					10
	6					215
3	6			6		29	use warnings;
	6					10
	6					173
4	6			6		25	use Carp ();
	6					7
	6					97
5	6			6		3266	use Digest::SHA qw(hmac_sha256_hex);
	6					18831
	6					545
6	6			6		44	use Exporter qw(import);
	6					7
	6					204
7	6			6		3663	use JSON::XS qw(decode_json);
	6					25380
	6					2013
8
9							our @EXPORT_OK = qw( create_signature is_signature_valid );
10
11							our $SIG_VALID_FOR_SEC = 10 * 60; # Valid for 10 min by default
12
13							sub create_signature {
14	24			24	1	2761	my ($params, $app_secret) = @_;
15							my $data_string
16							= ref($params) eq 'HASH' ? create_string_from_hashref($params)
17							: !ref($params) ? $params
18	24	50				79	: do { Carp::croak("create_signature does not handle type: ". ref($params)) };
	0	100				0
19	24					419	hmac_sha256_hex($data_string, $app_secret);
20							}
21
22							sub create_string_from_hashref {
23	22			22	1	272	my $params = shift;
24	57	100				125	join(
25							'&',
26							map {
27	43					69	Carp::croak("Structured data not allowed") if ref $params->{$_};
28	56		50			169	$_. '='. ($params->{$_} \|\| '');
29	22					53	} sort { $a cmp $b } grep { !m/^sop_/ } keys %$params
	59					133
30							);
31							}
32
33							sub is_signature_valid {
34	11			11	1	354	my ($sig, $params, $app_secret, $time) = @_;
35	11		66			32	$time \|\|= time;
36
37	11	100				84	my $req_time = ref($params) ? $params->{time}
38							: decode_json($params)->{time};
39
40	10	100				23	return if not $req_time;
41	9	100	100			56	return if $req_time < ($time - $SIG_VALID_FOR_SEC)
42							or $req_time > ($time + $SIG_VALID_FOR_SEC);
43
44	7					13	$sig eq create_signature($params, $app_secret);
45							}
46
47							1;
48
49							__END__
50
51							=encoding utf-8
52
53							=head1 NAME
54
55							WebService::SOP::Auth::V1_1::Util - SOP version 1.1 authentication handy utilities
56
57							=head1 SYNOPSIS
58
59							use WebService::SOP::Auth::V1_1 qw(create_signature is_signature_valid);
60
61							When creating a signature:
62
63							my $params = {
64							app_id => 12345,
65							app_mid => 'my-uniq-id-12345',
66							time => 123456,
67							};
68							$params->{sig} = create_signature($params, $app_secret);
69							#=> "$params" is signed with a valid HMAC SHA256 hash signature.
70
71							or when validating a signature:
72
73							my $sig = delete $params->{sig};
74							my $is_valid = is_signature_valid($sig, $params, $app_secret);
75							#=> "$is_valid" is 1 if "sig" value is acceptable.
76
77							=head1 METHODS
78
79							=head2 create_signature( $params, $app_secret )
80
81							Creates a HMAC SHA256 hash signature.
82							C<$params> can either be a SCALAR or a HASH-ref.
83
84							=head2 create_string_from_hashref( $params )
85
86							Creates a string from parameters in type hashref.
87
88							=head2 is_signature_valid( $sig, $params, $app_secret, $time )
89
90							Validates if a signature is valid for given parameters.
91							C<$time> is optional where C<time()> is used by default.
92
93							=head1 SEE ALSO
94
95							L<WebService::SOP::Auth::V1_1>
96
97							=head1 LICENSE
98
99							Copyright (C) Research Panel Asia, Inc.
100
101							This library is free software; you can redistribute it and/or modify
102							it under the same terms as Perl itself.
103
104							=head1 AUTHOR
105
106							yowcowvg E<lt>yoko_ohyama [ at ] voyagegroup.comE<gt>
107
108							=cut
109