line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package WebService::SOP::Auth::V1_1::Util; |
2
|
6
|
|
|
6
|
|
39232
|
use strict; |
|
6
|
|
|
|
|
10
|
|
|
6
|
|
|
|
|
215
|
|
3
|
6
|
|
|
6
|
|
29
|
use warnings; |
|
6
|
|
|
|
|
10
|
|
|
6
|
|
|
|
|
173
|
|
4
|
6
|
|
|
6
|
|
25
|
use Carp (); |
|
6
|
|
|
|
|
7
|
|
|
6
|
|
|
|
|
97
|
|
5
|
6
|
|
|
6
|
|
3266
|
use Digest::SHA qw(hmac_sha256_hex); |
|
6
|
|
|
|
|
18831
|
|
|
6
|
|
|
|
|
545
|
|
6
|
6
|
|
|
6
|
|
44
|
use Exporter qw(import); |
|
6
|
|
|
|
|
7
|
|
|
6
|
|
|
|
|
204
|
|
7
|
6
|
|
|
6
|
|
3663
|
use JSON::XS qw(decode_json); |
|
6
|
|
|
|
|
25380
|
|
|
6
|
|
|
|
|
2013
|
|
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
our @EXPORT_OK = qw( create_signature is_signature_valid ); |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
our $SIG_VALID_FOR_SEC = 10 * 60; # Valid for 10 min by default |
12
|
|
|
|
|
|
|
|
13
|
|
|
|
|
|
|
sub create_signature { |
14
|
24
|
|
|
24
|
1
|
2761
|
my ($params, $app_secret) = @_; |
15
|
|
|
|
|
|
|
my $data_string |
16
|
|
|
|
|
|
|
= ref($params) eq 'HASH' ? create_string_from_hashref($params) |
17
|
|
|
|
|
|
|
: !ref($params) ? $params |
18
|
24
|
50
|
|
|
|
79
|
: do { Carp::croak("create_signature does not handle type: ". ref($params)) }; |
|
0
|
100
|
|
|
|
0
|
|
19
|
24
|
|
|
|
|
419
|
hmac_sha256_hex($data_string, $app_secret); |
20
|
|
|
|
|
|
|
} |
21
|
|
|
|
|
|
|
|
22
|
|
|
|
|
|
|
sub create_string_from_hashref { |
23
|
22
|
|
|
22
|
1
|
272
|
my $params = shift; |
24
|
57
|
100
|
|
|
|
125
|
join( |
25
|
|
|
|
|
|
|
'&', |
26
|
|
|
|
|
|
|
map { |
27
|
43
|
|
|
|
|
69
|
Carp::croak("Structured data not allowed") if ref $params->{$_}; |
28
|
56
|
|
50
|
|
|
169
|
$_. '='. ($params->{$_} || ''); |
29
|
22
|
|
|
|
|
53
|
} sort { $a cmp $b } grep { !m/^sop_/ } keys %$params |
|
59
|
|
|
|
|
133
|
|
30
|
|
|
|
|
|
|
); |
31
|
|
|
|
|
|
|
} |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
sub is_signature_valid { |
34
|
11
|
|
|
11
|
1
|
354
|
my ($sig, $params, $app_secret, $time) = @_; |
35
|
11
|
|
66
|
|
|
32
|
$time ||= time; |
36
|
|
|
|
|
|
|
|
37
|
11
|
100
|
|
|
|
84
|
my $req_time = ref($params) ? $params->{time} |
38
|
|
|
|
|
|
|
: decode_json($params)->{time}; |
39
|
|
|
|
|
|
|
|
40
|
10
|
100
|
|
|
|
23
|
return if not $req_time; |
41
|
9
|
100
|
100
|
|
|
56
|
return if $req_time < ($time - $SIG_VALID_FOR_SEC) |
42
|
|
|
|
|
|
|
or $req_time > ($time + $SIG_VALID_FOR_SEC); |
43
|
|
|
|
|
|
|
|
44
|
7
|
|
|
|
|
13
|
$sig eq create_signature($params, $app_secret); |
45
|
|
|
|
|
|
|
} |
46
|
|
|
|
|
|
|
|
47
|
|
|
|
|
|
|
1; |
48
|
|
|
|
|
|
|
|
49
|
|
|
|
|
|
|
__END__ |
50
|
|
|
|
|
|
|
|
51
|
|
|
|
|
|
|
=encoding utf-8 |
52
|
|
|
|
|
|
|
|
53
|
|
|
|
|
|
|
=head1 NAME |
54
|
|
|
|
|
|
|
|
55
|
|
|
|
|
|
|
WebService::SOP::Auth::V1_1::Util - SOP version 1.1 authentication handy utilities |
56
|
|
|
|
|
|
|
|
57
|
|
|
|
|
|
|
=head1 SYNOPSIS |
58
|
|
|
|
|
|
|
|
59
|
|
|
|
|
|
|
use WebService::SOP::Auth::V1_1 qw(create_signature is_signature_valid); |
60
|
|
|
|
|
|
|
|
61
|
|
|
|
|
|
|
When creating a signature: |
62
|
|
|
|
|
|
|
|
63
|
|
|
|
|
|
|
my $params = { |
64
|
|
|
|
|
|
|
app_id => 12345, |
65
|
|
|
|
|
|
|
app_mid => 'my-uniq-id-12345', |
66
|
|
|
|
|
|
|
time => 123456, |
67
|
|
|
|
|
|
|
}; |
68
|
|
|
|
|
|
|
$params->{sig} = create_signature($params, $app_secret); |
69
|
|
|
|
|
|
|
#=> "$params" is signed with a valid HMAC SHA256 hash signature. |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
or when validating a signature: |
72
|
|
|
|
|
|
|
|
73
|
|
|
|
|
|
|
my $sig = delete $params->{sig}; |
74
|
|
|
|
|
|
|
my $is_valid = is_signature_valid($sig, $params, $app_secret); |
75
|
|
|
|
|
|
|
#=> "$is_valid" is 1 if "sig" value is acceptable. |
76
|
|
|
|
|
|
|
|
77
|
|
|
|
|
|
|
=head1 METHODS |
78
|
|
|
|
|
|
|
|
79
|
|
|
|
|
|
|
=head2 create_signature( $params, $app_secret ) |
80
|
|
|
|
|
|
|
|
81
|
|
|
|
|
|
|
Creates a HMAC SHA256 hash signature. |
82
|
|
|
|
|
|
|
C<$params> can either be a SCALAR or a HASH-ref. |
83
|
|
|
|
|
|
|
|
84
|
|
|
|
|
|
|
=head2 create_string_from_hashref( $params ) |
85
|
|
|
|
|
|
|
|
86
|
|
|
|
|
|
|
Creates a string from parameters in type hashref. |
87
|
|
|
|
|
|
|
|
88
|
|
|
|
|
|
|
=head2 is_signature_valid( $sig, $params, $app_secret, $time ) |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
Validates if a signature is valid for given parameters. |
91
|
|
|
|
|
|
|
C<$time> is optional where C<time()> is used by default. |
92
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
=head1 SEE ALSO |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
L<WebService::SOP::Auth::V1_1> |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
=head1 LICENSE |
98
|
|
|
|
|
|
|
|
99
|
|
|
|
|
|
|
Copyright (C) Research Panel Asia, Inc. |
100
|
|
|
|
|
|
|
|
101
|
|
|
|
|
|
|
This library is free software; you can redistribute it and/or modify |
102
|
|
|
|
|
|
|
it under the same terms as Perl itself. |
103
|
|
|
|
|
|
|
|
104
|
|
|
|
|
|
|
=head1 AUTHOR |
105
|
|
|
|
|
|
|
|
106
|
|
|
|
|
|
|
yowcowvg E<lt>yoko_ohyama [ at ] voyagegroup.comE<gt> |
107
|
|
|
|
|
|
|
|
108
|
|
|
|
|
|
|
=cut |
109
|
|
|
|
|
|
|
|