1. Toby Inkster
  2. p5-cgi-auth-foaf-ssl

Commits

Toby Inkster  committed ff7166d

another dev release, removes OpenSSL dep, big cleanups.

  • Participants
  • Parent commits 2319574
  • Branches CGI-Auth-FOAF_SSL

Comments (0)

Files changed (12)

File CGI-Auth-FOAF_SSL-1.001_02.tar.gz

  • Ignore whitespace
Binary file added.

File Changes

View file
  • Ignore whitespace
 Bug tracker:  <http://rt.cpan.org/Dist/Display.html?Queue=CGI-Auth-FOAF_SSL>
 Maintainer:   Toby Inkster <mailto:tobyink@cpan.org>
 
+1.001_02 [2011-01-18]
+ - Clean up code; add accessors to peek at much of the module's internal
+   data.
+ - Move some obscure documentation to a separate file.
+ - No longer use Crypt::OpenSSL::X509 and DateTime::Format::Strptime.
+ - use Crypt::X509 '0.50'.
+
 1.001_01 [2010-09-19]
  - Make WWW::Finger optional.
  - Remove dependencies on IPC::Open2, Encode and Carp.

File Changes.ttl

View file
  • Ignore whitespace
 			[ rdfs:label "Make WWW::Finger optional."@en ]
 		] .
 
+my:v_1-001_02
+	a               :Version ;
+	dc:issued       "2011-01-18"^^xsd:date ;
+	:revision       "1.001_02"^^xsd:string ;
+	:file-release   <http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.001_02.tar.gz> ;
+	dcs:changeset [
+		dcs:versus my:v_1-001_01 ;
+		dcs:item
+			[ rdfs:label "No longer use Crypt::OpenSSL::X509 and DateTime::Format::Strptime."@en ] ,
+			[ rdfs:label "use Crypt::X509 '0.50'."@en ] ,
+			[ rdfs:label "Clean up code; add accessors to peek at much of the module's internal data."@en ] ,
+			[ rdfs:label "Move some obscure documentation to a separate file."@en ]
+		] .
+
 #############################################################
 
 my:project
 	:release        my:v_0-01 , my:v_0-02 , my:v_0-03 , my:v_0-04 , my:v_0-05 ,
 	                my:v_0-50 , my:v_0-51 , my:v_0-52 ,
 	                my:v_1-00_00 , my:v_1-00_01 , my:v_1-00_02 , my:v_1-00_03 , my:v_1-00_04 ,
-	                my:v_1-000 , my:v_1-001_01 .
+	                my:v_1-000 , my:v_1-001_01 , my:v_1-001_02 .
 
 #############################################################
 

File Changes.xml

View file
  • Ignore whitespace
 <?xml version="1.0" encoding="utf-8"?>
 <rdf:RDF xmlns:dbug="http://ontologi.es/doap-bugs#" xmlns:dc="http://purl.org/dc/terms/" xmlns:dcs="http://ontologi.es/doap-changeset#" xmlns:doap="http://usefulinc.com/ns/doap#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#">
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r0">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r0">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-01"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r1"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r2"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r1"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r2"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r1">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r1">
 	<rdfs:label xml:lang="en">Changed API.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r10">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r10">
 	<rdfs:label xml:lang="en">No longer require certs to include Netscape extensions.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r11">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r11">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Addition"/>
 	<rdfs:label xml:lang="en">Support for consuming RDFa.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r12">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r12">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-05"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r13"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r14"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r15"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r16"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r17"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r13"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r14"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r15"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r16"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r17"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r13">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r13">
 	<rdfs:label xml:lang="en">Switch from RDF::Redland to RDF::Trine.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r14">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r14">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Addition"/>
 	<rdfs:label xml:lang="en">Support Fingerpoint as fallback for URIless certificates.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r15">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r15">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Addition"/>
 	<rdfs:label xml:lang="en">Support multiple URIs in subjectAltName.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r16">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r16">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Addition"/>
 	<rdfs:label xml:lang="en">Session caching with cookies for speedup.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r17">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r17">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Update"/>
 	<rdfs:label xml:lang="en">New build system using Module::Install.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r18">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r18">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-50"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r19"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r20"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r19"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r20"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r19">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r19">
 	<rdfs:label xml:lang="en">Use WWW::Finger instead of its subclass WWW::Finger::Fingerpoint.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r2">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r2">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Addition"/>
 	<rdfs:label xml:lang="en">Allow subjectAltName to point to a foaf:OnlineAccount.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r20">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r20">
 	<rdfs:label xml:lang="en">Fix package signature.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r21">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r21">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-51"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r22"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r23"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r22"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r23"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r22">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r22">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Update"/>
 	<rdfs:label xml:lang="en">Support new foaf:account property.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r23">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r23">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Bugfix"/>
 	<rdfs:label xml:lang="en">Correct for mismatched hex string lengths by adding leading zeros to shorter string.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r24">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r24">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-52"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r25"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r26"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r27"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r28"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r29"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r25"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r26"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r27"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r28"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r29"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r25">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r25">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Update"/>
 	<rdfs:label xml:lang="en">use RDF::TrineShortcuts</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r26">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r26">
 	<rdfs:label xml:lang="en">Much better documentation.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r27">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r27">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Update"/>
 	<rdfs:label xml:lang="en">Use my swanky DOAP-powered build system.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r28">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r28">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Addition"/>
 	<rdfs:label>service_homepage method for CGI::Auth::FOAF_SSL::OnlineAccount objects.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r29">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r29">
 	<rdfs:label xml:lang="en">Allow new_from_cgi to be called with no arguments.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r3">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r3">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-02"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r4"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r5"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r4"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r5"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r30">
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r31"/>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r30">
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r31"/>
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_00"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r31">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r31">
 	<rdfs:label xml:lang="en">Documentation improvements</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r32">
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r33"/>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r32">
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r33"/>
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_01"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r33">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r33">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Update"/>
 	<rdfs:label xml:lang="en">The rsa and cert vocabularies have been changed recently.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r34">
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r35"/>
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r36"/>
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r37"/>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r34">
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r35"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r36"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r37"/>
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_02"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r35">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r35">
 	<rdfs:label xml:lang="en">Rename new_smiple to new_unauthenticated and document its usage.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r36">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r36">
 	<rdfs:label xml:lang="en">Rename verify_certificate_by_XXX functions to authenticate_by_XXX, make them share common code, document their usage.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r37">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r37">
 	<rdfs:label xml:lang="en">Use Math::BigInt instead of string comparison for comparing big hexadecimal numbers.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r38">
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r39"/>
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r40"/>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r38">
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r39"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r40"/>
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_03"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r39">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r39">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Removal"/>
 	<rdfs:label xml:lang="en">No longer supports subjectAltName pointing at a foaf:OnlineAccount. subjectAltName is always assumed to point to a foaf:Agent.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r4">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r4">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Bugfix"/>
 	<rdfs:label xml:lang="en">Fixed some bugs with new_from_cgi.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r40">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r40">
 	<rdfs:label xml:lang="en">Constructor returns an object where "->is_secure" is false rather than undef in the case of a certificate with no useful subjectAltName.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r41">
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r42"/>
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r43"/>
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r44"/>
-	<dcs:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r45"/>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r41">
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r42"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r43"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r44"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r45"/>
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-000"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r42">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r42">
 	<rdfs:label xml:lang="en">Use Crypt::X509, Crypt::OpenSSL::X509, DateTime and DateTime::Format::Strptime to parse PEM-encoded certificates rather than relying on the OpenSSL command-line client.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r43">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r43">
 	<rdfs:label xml:lang="en">Remove dependencies on IPC::Open2, Encode and Carp.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r44">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r44">
 	<rdfs:label xml:lang="en">use common::sense.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r45">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r45">
 	<rdfs:label xml:lang="en">Make WWW::Finger optional.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r46">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r46">
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r47"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r48"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r49"/>
+	<dcs:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r50"/>
+	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-001_01"/>
+</rdf:Description>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r47">
+	<rdfs:label xml:lang="en">No longer use Crypt::OpenSSL::X509 and DateTime::Format::Strptime.</rdfs:label>
+</rdf:Description>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r48">
+	<rdfs:label xml:lang="en">use Crypt::X509 '0.50'.</rdfs:label>
+</rdf:Description>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r49">
+	<rdfs:label xml:lang="en">Clean up code; add accessors to peek at much of the module's internal data.</rdfs:label>
+</rdf:Description>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r5">
+	<rdfs:label xml:lang="en">Documentation improvements.</rdfs:label>
+</rdf:Description>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r50">
+	<rdfs:label xml:lang="en">Move some obscure documentation to a separate file.</rdfs:label>
+</rdf:Description>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r51">
 	<doap:browse rdf:resource="http://goddamn.co.uk/viewvc/perlmods/CGI-Auth-FOAF_SSL/"/>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#SVNRepository"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r5">
-	<rdfs:label xml:lang="en">Documentation improvements.</rdfs:label>
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r6">
+	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-03"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r7"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r8"/>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r6">
-	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-03"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r7"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r8"/>
-</rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r7">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r7">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Bugfix"/>
 	<rdfs:label xml:lang="en">foaf:Agent-related fix.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r8">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r8">
 	<rdf:type rdf:resource="http://ontologi.es/doap-changeset#Bugfix"/>
 	<rdfs:label xml:lang="en">foaf:OnlineAccount-related security fix.</rdfs:label>
 </rdf:Description>
-<rdf:Description rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r9">
+<rdf:Description rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r9">
 	<dcs:versus rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-05"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r10"/>
-	<dc:item rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r11"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r10"/>
+	<dc:item rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r11"/>
 </rdf:Description>
 <rdf:Description rdf:about="file:///home/tai/src/perlmods/CGI-Auth-FOAF_SSL/Changes.ttl">
 	<dc:creator rdf:resource="http://tobyinkster.co.uk/#i"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-52"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-000"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-001_01"/>
+	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-001_02"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_00"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_01"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_02"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_03"/>
 	<doap:release rdf:resource="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_04"/>
-	<doap:repository rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r46"/>
+	<doap:repository rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r51"/>
 	<doap:shortdesc xml:lang="en">authentication using FOAF+SSL (WebID)</doap:shortdesc>
 	<doap:tester rdf:resource="http://tobyinkster.co.uk/#i"/>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Project"/>
 	<rdfs:label xml:lang="en">First release</rdfs:label>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-02">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r0"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r0"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-02-19</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.02.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.02</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-03">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r3"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r3"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-03-01</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.03.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.03</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-04">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r6"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r6"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-03-01</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.04.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.04</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-05">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r9"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r9"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-03-26</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.05.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.05</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-50">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r12"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r12"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-12-14</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.50.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.50</doap:revision>
 	<rdfs:label xml:lang="en">Trine Edition</rdfs:label>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-51">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r18"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r18"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-12-15</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.51.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.51</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_0-52">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r21"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r21"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2009-12-16</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-0.52.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">0.52</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-000">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r38"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r38"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2010-07-25</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.000.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.000</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-001_01">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r41"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r41"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2010-09-19</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.001_01.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.001_01</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
+<rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-001_02">
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r46"/>
+	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2011-01-18</dc:issued>
+	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.001_02.tar.gz"/>
+	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.001_02</doap:revision>
+	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
+</rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_00">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r24"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r24"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2010-02-05</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.00_00.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.00_00</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_01">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r30"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r30"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2010-02-10</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.00_01.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.00_01</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_02">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r32"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r32"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2010-03-21</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.00_02.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.00_02</doap:revision>
 	<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Version"/>
 </rdf:Description>
 <rdf:Description rdf:about="http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/#v_1-00_03">
-	<dcs:changeset rdf:nodeID="r3BC7BCBAC3B811DF82B0946BC434A083r34"/>
+	<dcs:changeset rdf:nodeID="r3CE73128229C11E08C708CD24E861FF1r34"/>
 	<dc:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2010-03-26</dc:issued>
 	<doap:file-release rdf:resource="http://backpan.cpan.org/authors/id/T/TO/TOBYINK/CGI-Auth-FOAF_SSL-1.00_03.tar.gz"/>
 	<doap:revision rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1.00_03</doap:revision>

File MANIFEST

View file
  • Ignore whitespace
 
 lib/CGI/Auth/FOAF_SSL.pm
 lib/CGI/Auth/FOAF_SSL/Agent.pm
+lib/CGI/Auth/FOAF_SSL/Advanced.pod
 
 inc/Module/AutoInstall.pm
 inc/Module/Install/AutoInstall.pm

File META.yml

View file
  • Ignore whitespace
   - 'Toby Inkster <tobyink@cpan.org>'
 build_requires:
   ExtUtils::MakeMaker: 6.42
+  Module::Pluggable: 0.66
   Test::More: 0.61
 configure_requires:
   ExtUtils::MakeMaker: 6.42
 distribution_type: module
-generated_by: 'Module::Install version 0.95'
+generated_by: 'Module::Install version 1.00'
 keywords:
   - WebID
   - FOAF
   - Authentication
   - Security
   - HTTPS
+  - 'Web ID'
+  - TLS
+  - x509
+  - X.509
 license: perl
 meta-spec:
   url: http://module-build.sourceforge.net/META-spec-v1.4.html
 requires:
   CGI: 0
   CGI::Session: 0
-  Crypt::OpenSSL::X509: 0
-  Crypt::X509: 0
+  Crypt::X509: 0.50
   DateTime: 0
-  DateTime::Format::Strptime: 0
   LWP::UserAgent: 0
   MIME::Base64: 0
   Math::BigInt: 0
   RDF::TrineShortcuts: 0.100
+  Scalar::Util: 0
   common::sense: 0
   perl: 5.8.0
 resources:
   homepage: http://search.cpan.org/dist/CGI-Auth-FOAF_SSL/
   license: http://dev.perl.org/licenses/
   repository: http://goddamn.co.uk/viewvc/perlmods/CGI-Auth-FOAF_SSL/
-version: 1.001_01
+version: 1.001_02

File Makefile.PL

View file
  • Ignore whitespace
 requires            'CGI'                => 0;
 requires            'CGI::Session'       => 0;
 requires            'common::sense'      => 0;
-requires            'Crypt::OpenSSL::X509' => 0;
-requires            'Crypt::X509'        => 0;
+requires            'Crypt::X509'        => '0.50';
 requires            'DateTime'           => 0;
-requires            'DateTime::Format::Strptime' => 0;
 requires            'LWP::UserAgent'     => 0;
 requires            'Math::BigInt'       => 0;
 requires            'MIME::Base64'       => 0;
+test_requires       'Module::Pluggable'  => '0.66';
 requires            'RDF::TrineShortcuts'=> '0.100';
+requires            'Scalar::Util'       => 0;
 test_requires       'Test::More'         => '0.61';
 recommends          'WWW::Finger'        => '0.100';
 
 	'bugtracker' => "http://rt.cpan.org/Dist/Display.html?Queue=$dist",
 	);
 
-keywords 'WebID', 'FOAF', 'SSL', 'FOAF+SSL', 'Authentication', 'Security', 'HTTPS';
+keywords 'WebID', 'FOAF', 'SSL', 'FOAF+SSL', 'Authentication', 'Security', 'HTTPS', 'Web ID', 'TLS', 'x509', 'X.509';
 
 write_doap_changes;
 write_doap_changes_xml;

File README

View file
  • Ignore whitespace
       use CGI qw(:all);
       use CGI::Auth::FOAF_SSL;
   
-      my $auth = CGI::Auth::FOAF_SSL->new_from_cgi( CGI->new );
+      my $auth = CGI::Auth::FOAF_SSL->new_from_cgi;
   
-      print header('-type' => 'text/html', '-cookie' => $auth->cookie);
+      print header(-type=>'text/html', -cookie=>$auth->cookie);
   
       if (defined $auth && $auth->is_secure)
       {
-        if (defined $auth->agent)
+        if (defined $auth->subject)
         {
           printf("<p>Hello <a href='%s'>%s</a>!</p>\n",
-                 escapeHTML($auth->agent->homepage),
-                 escapeHTML($auth->agent->name));
+                 escapeHTML($auth->subject->homepage),
+                 escapeHTML($auth->subject->name));
         }
         else
         {
       }
 
 VERSION
-    1.001
+    1.001 (developer preview)
 
 DESCRIPTION
     FOAF+SSL (a.k.a. WebID) is a simple authentication scheme described at
-    <http://esw.w3.org/topic/foaf+ssl>. This module provides FOAF+SSL
-    authentication for CGI scripts written in Perl.
+    <http://esw.w3.org/topic/foaf+ssl>. This module implements the server
+    end of FOAF+SSL in Perl.
 
-    This requires the web server to be using HTTPS and to be configured to
-    request client certificates and to pass the certificate details on as
-    environment variables for scripts. If you are using Apache, this means
-    that you want to set the following directives in your SSL virtual host
-    setup:
+    It is suitable for handling authentication using FOAF+SSL over HTTPS.
+    Your web server needs to be using HTTPS, configured to request client
+    certificates, and make the certificate PEM available to your script. If
+    you are using Apache, this means that you want to set the following
+    directives in your SSL virtual host setup:
 
      SSLEngine on
-     # SSLCipherSuite (see Apache documentation)
-     # SSLProtocol (see Apache documentation)
-     # SSLCertificateFile (see Apache documentation)
-     # SSLCertificateKeyFile (see Apache documentation)
      SSLVerifyClient optional_no_ca
      SSLVerifyDepth  1
      SSLOptions +StdEnvVars +ExportCertData
 
   Configuration
-    "$CGI::Auth::FOAF_SSL::ua_string = 'MyTool/1.0'"
+    *   "$CGI::Auth::FOAF_SSL::ua_string = 'MyTool/1.0'"
+
         Set the User-Agent string for any HTTP requests.
 
   Constructors
-    "$auth = CGI::Auth::FOAF_SSL->new($pem_encoded)"
+    *   "new($pem_encoded)"
+
         Performs FOAF+SSL authentication on a PEM-encoded key. If
         authentication is completely unsuccessful, returns undef. Otherwise,
         returns a CGI::Auth::FOAF_SSL object. Use "is_secure" to check if
 
         You probably want to use "new_from_cgi" instead.
 
-    "$auth = CGI::Auth::FOAF_SSL->new_from_cgi($cgi_object)"
+        (DER encoded certificates should work too.)
+
+    *   "new_from_cgi($cgi_object)"
+
         Performs FOAF+SSL authentication on a CGI object. This is a wrapper
         around "new" which extracts the PEM-encoded client certificate from
         the CGI request. It has the same return values as "new".
 
         If $cgi_object is omitted, uses "CGI->new" instead.
 
-    "$auth = CGI::Auth::FOAF_SSL->new_unauthenticated($pem_encoded)"
-        Creates a CGI::Auth::FOAF_SSL object without doing any
-        authentication.
+  Public Methods
+    *   "is_secure"
 
-        It's very unlikely you want to do this. If you do create an
-        unauthenticated object, then you'll probably want to do some
-        authentication using the authenticate_by_XXX methods.
-
-  Public Methods
-    "$bool = $auth->is_secure"
-        Returns true iff the authentication process was completely
+        Returns true iff the FOAF+SSL authentication process was completely
         successful.
 
-    "$agent = $auth->agent"
+    *   "subject"
+
         Returns a CGI::Auth::FOAF_SSL::Agent object which represents the
-        agent making the request.
+        subject of the certificate.
 
-    "$cookie = $auth->cookie"
+        This method has aliases "agent" and "certified_thing" for
+        back-compat reasons.
+
+    *   "cookie"
+
         HTTP cookie related to the authentication process. Sending this to
         the client isn't strictly necessary, but it allows for a session to
         be established, greatly speeding up subsequent accesses. See also
         the COOKIES section of this documentation.
 
-    "$ok = $auth->authenticate_by_uri($uri)"
-        Checks if $uri claims that $auth's key identifies it.
-
-        This is only relevent if you constructed $auth using
-        "new_unauthenticated".
-
-    "$ok = $auth->authenticate_by_email($email_address)"
-        Checks if $email_address claims that $auth's key identifies it (via
-        WebFinger/Fingerpoint).
-
-        This is only relevent if you constructed $auth using
-        "new_unauthenticated".
-
-    "$ok = $auth->authenticate_by_sparql($uri, $endpoint)"
-        Checks if $endpoint claims that $auth's key identifies $uri.
-        $endpoint may be a SPARQL endpoint URI or an RDF::Trine::Model.
-
-        This is only relevent if you constructed $auth using
-        "new_unauthenticated".
-
-  Utility Methods
-    "$model = $auth->get_trine_model($uri)"
-        Get an RDF::Trine::Model corresponding to a URI.
-
-    "$bi = $auth->make_bigint_from_node($trine_node)"
-        Turns an RDF::Trine::Node::Literal object into a Math::BigInt
-        representing the same number.
-
-        There are optional named parameters for providing a fallback in the
-        case where $trine_node has an unrecognised datatype or is not a
-        literal.
-
-         $bi = $auth->make_bigint_from_node(
-            $trine_node, fallback=>$other_node, fallback_type=>'hex');
-
-        The authenticate_by_XXX methods use this.
-
-    "$results = $auth->execute_query($sparql)"
-        Returns the results of a SPARQL query. Uses the certificate
-        subject's RDF file as a data source, or the certificate subject's
-        SPARQL endpoint.
-
-        See RDF::TrineShortcuts function rdf_query for an explanation of the
-        return format.
-
 COOKIES
     FOAF+SSL is entirely RESTful: there is no state kept between requests.
     This really simplifies authentication for both parties (client and
     Please report any bugs to <http://rt.cpan.org/>.
 
 SEE ALSO
-    Helper module: CGI::Auth::FOAF_SSL::Agent
+    Helper module: CGI::Auth::FOAF_SSL::Agent.
+
+    Advanced developer documentation: CGI::Auth::FOAF_SSL::Advanced.
 
     Related modules: CGI, RDF::Trine, RDF::ACL.
 
     Toby Inkster, <tobyink@cpan.org>
 
 COPYRIGHT AND LICENSE
-    Copyright (C) 2009-2010 by Toby Inkster
+    Copyright (C) 2009-2011 by Toby Inkster
 
     This library is free software; you can redistribute it and/or modify it
-    under the same terms as Perl itself, either Perl version 5.8 or, at your
-    option, any later version of Perl 5 you may have available.
+    under the same terms as Perl itself.
 

File TestScript.pl

View file
  • Ignore whitespace
 DLmcf0RI0RtEUaXDLwTf7jtnlDWs41so0Bu8FEAuDvCTvTdOTBGqEhAvVA==
 -----END CERTIFICATE-----';
 
-my $auth = CGI::Auth::FOAF_SSL->new($bblfish);
-#print Dumper($auth);
+my $auth = CGI::Auth::FOAF_SSL->new($cert);
+print Dumper($auth);
 
 #print $auth->account->identity . "\n";
 #print $auth->account->name . "\n";

File lib/CGI/Auth/FOAF_SSL.pm

View file
  • Ignore whitespace
   use CGI qw(:all);
   use CGI::Auth::FOAF_SSL;
   
-  my $auth = CGI::Auth::FOAF_SSL->new_from_cgi( CGI->new );
+  my $auth = CGI::Auth::FOAF_SSL->new_from_cgi;
   
-  print header('-type' => 'text/html', '-cookie' => $auth->cookie);
+  print header(-type=>'text/html', -cookie=>$auth->cookie);
   
   if (defined $auth && $auth->is_secure)
   {
-    if (defined $auth->agent)
+    if (defined $auth->subject)
     {
       printf("<p>Hello <a href='%s'>%s</a>!</p>\n",
-             escapeHTML($auth->agent->homepage),
-             escapeHTML($auth->agent->name));
+             escapeHTML($auth->subject->homepage),
+             escapeHTML($auth->subject->name));
     }
     else
     {
 
 =head1 VERSION
 
-1.001
-
-=cut
-
-our $VERSION = '1.001_01';
+1.001 (developer preview)
 
 =head1 DESCRIPTION
 
 FOAF+SSL (a.k.a. WebID) is a simple authentication scheme described
-at L<http://esw.w3.org/topic/foaf+ssl>. This module provides FOAF+SSL
-authentication for CGI scripts written in Perl.
+at L<http://esw.w3.org/topic/foaf+ssl>. This module implements the server
+end of FOAF+SSL in Perl.
 
-This requires the web server to be using HTTPS and to be configured to
-request client certificates and to pass the certificate details on as
-environment variables for scripts. If you are using Apache, this means
-that you want to set the following directives in your SSL virtual host
-setup:
+It is suitable for handling authentication using FOAF+SSL over HTTPS.
+Your web server needs to be using HTTPS, configured to request client
+certificates, and make the certificate PEM available to your script. If you
+are using Apache, this means that you want to set the following
+directives in your SSL virtual host setup:
 
  SSLEngine on
- # SSLCipherSuite (see Apache documentation)
- # SSLProtocol (see Apache documentation)
- # SSLCertificateFile (see Apache documentation)
- # SSLCertificateKeyFile (see Apache documentation)
  SSLVerifyClient optional_no_ca
  SSLVerifyDepth  1
  SSLOptions +StdEnvVars +ExportCertData
 =cut
 
 use CGI::Auth::FOAF_SSL::Agent;
-
 use CGI;
 use CGI::Session;
-use Crypt::OpenSSL::X509;
-use Crypt::X509;
+use Crypt::X509 '0.50';
 use DateTime;
-use DateTime::Format::Strptime;
 use File::Spec;
 use LWP::UserAgent;
-use Math::BigInt try=>'GMP';
+use Math::BigInt try => 'GMP';
 use MIME::Base64 qw[];
 use RDF::TrineShortcuts '0.100';
+use Scalar::Util qw[blessed refaddr];
+
+use constant {
+	VALIDATION_PEM     => 1,
+	VALIDATION_DATES   => 2,
+	VALIDATION_WEBID   => 3,
+	};
+	
+our $VERSION;
+our $ua_string;
 
 my $WWW_Finger;
+my ($AGENT, $MODEL, $SESSION); # inside-out objects
+
 BEGIN
 {
-	local $@ = undef;
+	$VERSION = '1.001_02';
+	$ua_string = sprintf('%s/%s ', __PACKAGE__, $VERSION);	
+
 	$WWW_Finger = 0;
-	eval
 	{
-		require WWW::Finger;
-		die "too old" if $WWW::Finger::VERSION lt '0.100';
-	};
-	$WWW_Finger++ unless defined $@;
+		local $@ = undef;
+		eval
+		{
+			require WWW::Finger;
+			die "too old"
+				if $WWW::Finger::VERSION lt '0.100';
+		};
+		$WWW_Finger++
+			unless defined $@;
+	}
+	$AGENT   = {};
+	$MODEL   = {};
+	$SESSION = {};
 }
 
 =head2 Configuration
 
 =over 4
 
-=item C<< $CGI::Auth::FOAF_SSL::ua_string = 'MyTool/1.0' >>
+=item * C<< $CGI::Auth::FOAF_SSL::ua_string = 'MyTool/1.0' >>
 
 Set the User-Agent string for any HTTP requests.
 
-=cut
-
-our $ua_string = "CGI::Auth::FOAF_SSL/" . $CGI::Auth::FOAF_SSL::VERSION . " ";
-
 =back
 
 =head2 Constructors
 
 =over 4
 
-=item C<< $auth = CGI::Auth::FOAF_SSL->new($pem_encoded) >>
+=item * C<< new($pem_encoded) >>
 
 Performs FOAF+SSL authentication on a PEM-encoded key. If authentication is
 completely unsuccessful, returns undef. Otherwise, returns a CGI::Auth::FOAF_SSL
 
 You probably want to use C<new_from_cgi> instead.
 
+(DER encoded certificates should work too.)
+
 =cut
 
 sub new
 {
-	my $class = shift;
-	my $self  = $class->new_unauthenticated(@_);
+	my ($class, $pem, @params) = @_;
+	my $self = $class->new_unauthenticated($pem, @params);
 	
-	return unless $self;
+	return unless defined $self;
+	return unless $self->validation(VALIDATION_PEM);
 	
 	my $now = DateTime->now;
-	return if defined $self->{notBefore} && $now < $self->{notBefore};
-	return if defined $self->{notAfter}  && $now > $self->{notAfter};
+	return if defined $self->cert_not_before && $now < $self->cert_not_before;
+	return if defined $self->cert_not_after  && $now > $self->cert_not_after;
+
+	$self->validation(VALIDATION_DATES);
 	
 	my $verified;
 	
-	if (defined $self->{'subject_alt_names'}{'uniformResourceIdentifier'})
+	if (defined $self->{subject_alt_names}{uniformResourceIdentifier})
 	{
-		foreach my $uri (@{ $self->{'subject_alt_names'}{'uniformResourceIdentifier'} })
+		foreach my $uri (@{ $self->{subject_alt_names}{uniformResourceIdentifier} })
 		{
 			$verified = $self->authenticate_by_uri($uri);
 			last if $verified;
 		}
 	}
 	
-	if (defined $self->{'subject_alt_names'}{'rfc822Name'} and !$verified)
+	if (defined $self->{subject_alt_names}{rfc822Name} and !$verified)
 	{
-		foreach my $e (@{ $self->{'subject_alt_names'}{'rfc822Name'} })
+		foreach my $e (@{ $self->{subject_alt_names}{rfc822Name} })
 		{
 			$verified = $self->authenticate_by_email($e);
 			last if $verified;
 		}
 	}
 	
-	$self->load_personal_info
-		if $verified;
-	
 	return $self;
 }
 
-=item C<< $auth = CGI::Auth::FOAF_SSL->new_from_cgi($cgi_object) >>
+=item * C<< new_from_cgi($cgi_object) >>
 
 Performs FOAF+SSL authentication on a CGI object. This is a wrapper around
 C<new> which extracts the PEM-encoded client certificate from the CGI
 
 sub new_from_cgi
 {
-	my $class = shift;
-	my $cgi   = shift || CGI->new;
+	my ($class, $cgi, @params) = @_;
+	$cgi ||= CGI->new;
 	
-	return undef unless $cgi->https;
+	return unless $cgi->https;
 	
 	# This should work, but doesn't!!
 	# my $cert = $cgi->https('SSL_CLIENT_CERT');
 	
 	# This does work, but is less elegant.
-	my $cert = $ENV{'SSL_CLIENT_CERT'};
+	my $cert = $ENV{SSL_CLIENT_CERT};
 	
-	return $class->new($cert);
+	return $class->new($cert, @params);
 }
 
-=item C<< $auth = CGI::Auth::FOAF_SSL->new_unauthenticated($pem_encoded) >>
-
-Creates a CGI::Auth::FOAF_SSL object without doing any authentication.
-
-It's very unlikely you want to do this. If you do create an unauthenticated
-object, then you'll probably want to do some authentication using the
-authenticate_by_XXX methods.
-
-=cut
-
+# Documentation in Advanced.pod
 sub new_unauthenticated
 {
-	my $class = shift;
-	my $pem   = shift;
+	my ($class, $pem) = @_;	
+	my $self  = bless { pem => $pem }, $class;
 	
-	my $self  = bless {}, $class;
-	
-	# Only client certificate secured connections allowed.
+	# Need a PEM-encoded cert.
 	return unless $pem; 
 
-	# Let other Perl modules take care of parsing cert.
-	my $COX  = Crypt::OpenSSL::X509->new_from_string($pem);
-	my $der  = MIME::Base64::decode_base64(join "\n", grep { !/^-----(BEGIN|END) CERTIFICATE-----$/ } split /\n/, $pem);
-	my $CX   = Crypt::X509->new(cert => $der);
+	# Convert PEM to DER - easy!
+	my $der = MIME::Base64::decode_base64(join "\n", grep { !/^-----(BEGIN|END) CERTIFICATE-----$/ } split /\n/, $pem);
+	
+	# Use Crypt::X509 to look inside the DER/ASN.1.
+	my $CX = Crypt::X509->new(cert => $der);
 
 	# Cert Expiry - check these in authentication process.
-	my $dt_parser = DateTime::Format::Strptime->new(
-		pattern  => '%b %d %T %Y %Z',
-		);
-	$self->{notBefore} = $dt_parser->parse_datetime( $COX->notBefore );
-	$self->{notAfter}  = $dt_parser->parse_datetime( $COX->notAfter );
+	$self->cert_not_before( $CX->not_before );
+	$self->cert_not_after( $CX->not_after );
 
 	# SubjectAltName
 	foreach my $san ( @{$CX->SubjectAltName} )
 	}
 
 	# RSA key
-	$self->{'cert_modulus_hex'}  = $COX->modulus;
-	$self->{'cert_exponent_hex'} = $COX->exponent;
-	$self->_calculate_modulus_and_exponent_bigints;
+	my $rsa = $CX->pubkey_components;
+	$self->cert_modulus($rsa->{modulus});
+	$self->cert_exponent($rsa->{exponent});
+	
+	$self->validation(VALIDATION_PEM);
 	
 	return $self;
 }
 
-sub _calculate_modulus_and_exponent_bigints
-{
-	my $self = shift;
-	
-	foreach my $part (qw(exponent modulus))
-	{
-		if ($self->{"cert_${part}_dec"})
-		{
-			my $dec = $self->{"cert_${part}_dec"};
-			$dec =~ s/[^0-9]//g;
-			$self->{"cert_${part}"} = Math::BigInt->new($dec);
-		}
-		elsif ($self->{"cert_${part}_hex"})
-		{
-			my $hex = $self->{"cert_${part}_hex"};
-			$hex =~ s/[^0-9A-F]//ig;
-			$self->{"cert_${part}"} = Math::BigInt->from_hex("0x$hex");
-		}
-	}
-}
-
 =back
 
 =head2 Public Methods
 
 =over 4
 
-=item C<< $bool = $auth->is_secure >>
+=item * C<< is_secure >>
 
-Returns true iff the authentication process was completely successful.
+Returns true iff the FOAF+SSL authentication process was completely successful.
 
 =cut
 
 sub is_secure
 {
-	my $this = shift;
-	return $this->{'validation'} eq 'agent';
+	my ($self) = @_;
+	return ($self->validation == VALIDATION_WEBID) ? 1 : 0;
 }
 
-=item C<< $agent = $auth->agent >>
+=item * C<< subject >>
 
-Returns a L<CGI::Auth::FOAF_SSL::Agent> object which represents the agent
-making the request. 
+Returns a L<CGI::Auth::FOAF_SSL::Agent> object which represents the subject
+of the certificate. 
+
+This method has aliases C<agent> and C<certified_thing> for back-compat
+reasons.
 
 =cut
 
-sub agent
+sub subject
 {
-	my $this = shift;
-	return $this->{'agent'};
+	my ($self) = @_;
+
+	$AGENT->{ refaddr($self) } ||= CGI::Auth::FOAF_SSL::Agent->new(
+		$self->subject_uri,
+		$self->subject_model,
+		$self->subject_endpoint,
+		);
+
+	return $AGENT->{ refaddr($self) };
 }
 
-sub account
-{
-	my $this = shift;
-	return undef;
-}
+*certified_thing = \&subject;
+*agent           = \&subject;
+*account         = sub { return; };
 
-sub certified_thing
-{
-	my $this = shift;
-	return $this->{'thing'};
-}
-
-=item C<< $cookie = $auth->cookie >>
+=item * C<< cookie >>
 
 HTTP cookie related to the authentication process. Sending this to the
 client isn't strictly necessary, but it allows for a session to be
 
 sub cookie
 {
-	my $this = shift;
-	return $this->{'session'}->cookie;
+	my ($self) = @_;
+	return $self->session->cookie;
 }
 
-=item C<< $ok = $auth->authenticate_by_uri($uri) >>
-
-Checks if $uri claims that $auth's key identifies it.
-
-This is only relevent if you constructed $auth using C<new_unauthenticated>.
-
-=cut
-
+# Documentation in Advanced.pod
 sub authenticate_by_uri
 {
-	my $self  = shift;
-	my $uri   = shift;
-	my $model = $self->get_trine_model($uri);
-	
+	my ($self, $uri) = @_;
+	my $model = $self->get_trine_model($uri);	
 	return $self->authenticate_by_sparql($uri, $model);
 }
 
-=item C<< $ok = $auth->authenticate_by_email($email_address) >>
-
-Checks if $email_address claims that $auth's key identifies it
-(via WebFinger/Fingerpoint).
-
-This is only relevent if you constructed $auth using C<new_unauthenticated>.
-
-=cut
-
+# Documentation in Advanced.pod
 sub authenticate_by_email
 {
-	return unless $WWW_Finger;
+	return unless $WWW_Finger;	
 	
-	my $self  = shift;
-	my $email = shift;
-	my $fp    = WWW::Finger->new($email);
+	my ($self, $email) = @_;	
+	my $fp = WWW::Finger->new($email);
 	
-	return 0 unless defined $fp->endpoint and defined $fp->webid;
+	return unless defined $fp;
+	return unless defined $fp->endpoint;
+	return unless defined $fp->webid;
 	
 	return $self->authenticate_by_sparql($fp->webid, $fp->endpoint, $fp);
 }
 
-=item C<< $ok = $auth->authenticate_by_sparql($uri, $endpoint) >>
-
-Checks if $endpoint claims that $auth's key identifies $uri. $endpoint may be
-a SPARQL endpoint URI or an RDF::Trine::Model.
-
-This is only relevent if you constructed $auth using C<new_unauthenticated>.
-
-=cut
-
+# Documentation in Advanced.pod
 sub authenticate_by_sparql
 {
 	my ($self, $uri, $model, $fp) = @_;
 	
-	my $query_string = sprintf("PREFIX cert: <http://www.w3.org/ns/auth/cert#>\n"
-	                          ."PREFIX rsa: <http://www.w3.org/ns/auth/rsa#>\n"
-	                          ."SELECT ?modulus ?exponent ?decExponent ?hexModulus\n"
-	                          ."WHERE\n"
-	                          ."{\n"
-	                          ."    ?key\n"
-	                          ."        cert:identity <%s> ;\n"
-	                          ."        rsa:modulus ?modulus ;\n"
-	                          ."        rsa:public_exponent ?exponent .\n"
-	                          ."    OPTIONAL { ?modulus cert:hex ?hexModulus . }\n"
-	                          ."    OPTIONAL { ?exponent cert:decimal ?decExponent . }\n"
-	                          ."}\n",
-	                          $uri);
+	my $query_string = sprintf(<<'SPARQL', $uri);
+PREFIX cert: <http://www.w3.org/ns/auth/cert#>
+PREFIX rsa: <http://www.w3.org/ns/auth/rsa#>
+SELECT
+	?modulus
+	?exponent
+	?decExponent
+	?hexModulus
+WHERE
+{
+	?key
+		cert:identity <%s> ;
+		rsa:modulus ?modulus ;
+		rsa:public_exponent ?exponent .
+
+	OPTIONAL { ?modulus cert:hex ?hexModulus . }
+	OPTIONAL { ?exponent cert:decimal ?decExponent . }
+}
+SPARQL
+
 	my $results = rdf_query($query_string, $model);
 	
 	RESULT: while (my $result = $results->next)
 	{
 		my $correct_modulus  = $self->make_bigint_from_node(
-			$result->{'modulus'},  fallback => $result->{'hexModulus'},  fallback_type=>'hex');
+			$result->{modulus},
+			fallback      => $result->{hexModulus},
+			fallback_type =>'hex',
+			);
+		next RESULT
+			unless $correct_modulus == $self->cert_modulus;
 			
 		my $correct_exponent = $self->make_bigint_from_node(
-			$result->{'exponent'}, fallback => $result->{'decExponent'}, fallback_type=>'dec');
+			$result->{exponent},
+			fallback      => $result->{decExponent},
+			fallback_type =>'dec',
+			);
+		next RESULT
+			unless $correct_exponent == $self->cert_exponent;
 
-		next RESULT unless $correct_modulus  == $self->{'cert_modulus'};
-		next RESULT unless $correct_exponent == $self->{'cert_exponent'};
-
-		$self->{'validation'}       = 'cert';
-		$self->{'cert_subject_uri'} = $uri;
+		$self->validation(VALIDATION_WEBID);
+		$self->subject_uri($uri);
 		
-		if (ref $model && $model->isa('RDF::Trine::Model'))
+		if (blessed($model) and $model->isa('RDF::Trine::Model'))
 		{
-			$self->{'cert_subject_model'} = $model;
+			$self->subject_model($model);
 		}
 		else
 		{
-			$self->{'cert_subject_uri'}         = $uri;
-			$self->{'cert_subject_endpoint'}    = $model;
-			$self->{'cert_subject_fingerpoint'} = $fp
-				if defined $fp;
+			$self->subject_uri($uri);
+			$self->subject_endpoint($model);
 		}
 		
 		return 1;
 	return 0;
 }
 
-sub load_personal_info
+# Documentation in Advanced.pod
+sub validation
 {
-	my $self = shift;
-	
-	return 0
-		unless defined $self and $self->{'validation'} eq 'cert';
-	
-	$self->{'cert_subject_type'} = 'Agent';
-	$self->{'agent'} = CGI::Auth::FOAF_SSL::Agent->new(
-		$self->{'cert_subject_uri'},
-		$self->{'cert_subject_model'},
-		$self->{'cert_subject_endpoint'});
-	$self->{'thing'} = $self->{'agent'};
-	$self->{'validation'} = 'agent';
-	
-	return 1;
+	my ($self) = shift;
+	if (@_)
+	{
+		$self->{validation} = shift;
+	}
+	return $self->{validation};
 }
 
+# Documentation in Advanced.pod
+sub cert_modulus
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		my $new = shift;
+		$new = Math::BigInt->new($new)
+			unless blessed($new) && $new->isa('Math::BigInt');
+		$self->{cert_modulus} = $new;
+	}
+	return $self->{cert_modulus};
+}
 
-=back
+# Documentation in Advanced.pod
+sub cert_exponent
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		my $new = shift;
+		$new = Math::BigInt->new($new)
+			unless blessed($new) && $new->isa('Math::BigInt');
+		$self->{cert_exponent} = $new;
+	}
+	return $self->{cert_exponent};
+}
 
-=head2 Utility Methods
+# Documentation in Advanced.pod
+sub cert_not_before
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		my $new = shift;
+		$new = DateTime->from_epoch(epoch => $new)
+			unless blessed($new) && $new->isa('DateTime');
+		$self->{cert_not_before} = $new;
+	}
+	return $self->{cert_not_before};
+}
 
-=over 4
+# Documentation in Advanced.pod
+sub cert_not_after
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		my $new = shift;
+		$new = DateTime->from_epoch(epoch => $new)
+			unless blessed($new) && $new->isa('DateTime');
+		$self->{cert_not_after} = $new;
+	}
+	return $self->{cert_not_after};
+}
 
-=item C<< $model = $auth->get_trine_model($uri) >>
+# Documentation in Advanced.pod
+sub subject_uri
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		$self->{subject_uri} = shift;
+	}
+	return $self->{subject_uri};
+}
 
-Get an RDF::Trine::Model corresponding to a URI.
+# Documentation in Advanced.pod
+sub subject_model
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		$MODEL->{ refaddr($self) } = shift;
+	}
+	return $MODEL->{ refaddr($self) };
+}
 
-=cut
+# Documentation in Advanced.pod
+sub subject_endpoint
+{
+	my ($self) = shift;
+	if (@_)
+	{
+		$self->{subject_endpoint} = shift;
+	}
+	return $self->{subject_endpoint};
+}
 
+# Documentation in Advanced.pod
+sub session
+{
+	my ($self) = shift;
+	
+	if (@_)
+	{
+		$SESSION->{ refaddr($self) } = shift;
+	}
+
+	unless (defined $SESSION->{ refaddr($self) })
+	{
+		my $s = CGI::Session->new('driver:file', undef, {Directory => File::Spec->tmpdir});
+		$s->expire('+1h');
+		$SESSION->{ refaddr($self) } = $s;
+	}
+	
+	return $SESSION->{ refaddr($self) };
+}
+
+# Documentation in Advanced.pod
 sub get_trine_model
 {
-	my $this = shift;
-	my $uri  = shift;
+	my ($self, $uri) = @_;
 	
-	# Session for caching data into.
-	unless (defined $this->{'session'})
+	# Check to see if this URI has already been retrieved
+	# in our session.
+	if (defined $self->session->param($uri)
+	and length $self->session->param($uri))
 	{
-		$this->{'session'} = CGI::Session->new('driver:file', undef, {Directory => File::Spec->tmpdir});
-		$this->{'session'}->expire('+1h');
-	}
-	
-	# Check to see if this URI has already been retrieved.
-	if (defined $this->{'session'}->param($uri)
-	and length $this->{'session'}->param($uri))
-	{
-		return rdf_parse($this->{'session'}->param($uri),
+		return rdf_parse($self->session->param($uri),
 			base=>$uri , type=>'ntriples');
 	}
 	
-	my $ua = LWP::UserAgent->new(agent=>$CGI::Auth::FOAF_SSL::ua_string); 
+	my $ua = LWP::UserAgent->new(agent => $ua_string); 
 	$ua->default_headers->push_header('Accept' => "application/rdf+xml, text/turtle, application/x-turtle, application/xhtml+xml;q=0.9, text/html;q=0.9, */*;q=0.1");
 	my $response = $ua->get($uri);
-	return unless length $response->content;
-	my $model    = rdf_parse($response);
+	return unless $response->is_success && length $response->content;
+	my $model = rdf_parse($response);
 	
-	$this->{'session'}->param($uri, rdf_string($model, 'ntriples'));
-	$this->{'session'}->flush;
+	$self->session->param($uri, rdf_string($model, 'ntriples'));
+	$self->session->flush;
 	
 	return $model;
 }
 
-=item C<< $bi = $auth->make_bigint_from_node($trine_node) >>
-
-Turns an RDF::Trine::Node::Literal object into a Math::BigInt
-representing the same number.
-
-There are optional named parameters for providing a fallback
-in the case where $trine_node has an unrecognised datatype or
-is not a literal.
-
- $bi = $auth->make_bigint_from_node(
-    $trine_node, fallback=>$other_node, fallback_type=>'hex');
-
-The authenticate_by_XXX methods use this.
-
-=cut
-
+# Documentation in Advanced.pod
 sub make_bigint_from_node
 {
-	my $self = shift;
-	my $node = shift;
-	my %opts = @_;
+	my ($self, $node, %opts) = @_;
 	
 	if ($node->is_literal)
 	{
 	}
 }
 
-=item C<< $results = $auth->execute_query($sparql) >>
-
-Returns the results of a SPARQL query. Uses the certificate subject's
-RDF file as a data source, or the certificate subject's SPARQL endpoint.
-
-See L<RDF::TrineShortcuts> function rdf_query for an explanation of the
-return format.
-
-=cut
-
+# Documentation in Advanced.pod
 sub execute_query 
 {
-	my $rv = shift;
-	my $q  = shift;
+	my ($self, $q) = @_;
 	
-	if (defined $rv->{'cert_subject_model'})
-	{
-		return rdf_query($q, $rv->{'cert_subject_model'});
-	}
-	
-	if (defined $rv->{'cert_subject_endpoint'})
-	{
-		return rdf_query($q, $rv->{'cert_subject_endpoint'});
-	}
-	
-	return undef;
+	my $target = $self->subject_model || $self->subject_endpoint;
+	return rdf_query($q, $target) if defined $target;
+	return;
 }
 
 1;
 =head1 SEE ALSO
 
 Helper module:
-L<CGI::Auth::FOAF_SSL::Agent>
+L<CGI::Auth::FOAF_SSL::Agent>.
+
+Advanced developer documentation:
+L<CGI::Auth::FOAF_SSL::Advanced>.
 
 Related modules:
 L<CGI>, L<RDF::Trine>, L<RDF::ACL>.
 
 =head1 COPYRIGHT AND LICENSE
 
-Copyright (C) 2009-2010 by Toby Inkster
+Copyright (C) 2009-2011 by Toby Inkster
 
 This library is free software; you can redistribute it and/or modify
-it under the same terms as Perl itself, either Perl version 5.8 or,
-at your option, any later version of Perl 5 you may have available.
+it under the same terms as Perl itself.
 
 =cut

File lib/CGI/Auth/FOAF_SSL/Advanced.pod

View file
  • Ignore whitespace
+=head1 NAME
+
+CGI::Auth::FOAF_SSL::Advanced - advanced methods
+
+=head1 DESCRIPTION
+
+The following methods are provided by CGI::Auth::FOAF_SSL but are unlikely
+to be useful for end-users. They are documented here for people wishing to
+develop extensions to CGI::Auth::FOAF_SSL.
+
+=head2 Constructor
+
+=over 4
+
+=item * C<< new_unauthenticated($pem_encoded) >>
+
+Creates a CGI::Auth::FOAF_SSL object without performing WebID authentication.
+
+=back
+
+=head2 Accessors
+
+The following can be used to get/set values associated with the session, certificate or
+certificate subject (client).
+
+=over 4
+
+=item * C<< validation >>
+
+Returns a constant indicating how far along the validation sequence this session is.
+
+C<CGI::Auth::FOAF_SSL::VALIDATION_PEM> indicates that the PEM certificate
+has been parsed and seemed syntactically valid. C<CGI::Auth::FOAF_SSL::VALIDATION_DATES>
+indicates that the notBefore and notAfter dates on the certificate have been checked
+and found to be OK. C<CGI::Auth::FOAF_SSL::VALIDATION_WEBID> indicates that
+full WebID authenticaion has been successful.
+
+=item * C<< cert_modulus >>
+
+The certificate's RSA key modulus, as a L<Math::BigInt>.
+
+=item * C<< cert_exponent >>
+
+The certificate's RSA key public exponent, as a L<Math::BigInt>.
+
+=item * C<< cert_not_before >>
+
+A date the certificate should not be used before, as a L<DateTime>.
+
+=item * C<< cert_not_after >>
+
+A date the certificate should not be used after, as a L<DateTime>.
+
+=item * C<< subject_uri >>
+
+The WebID URI for the subject of the certificate, after authentication is successful.
+
+=item * C<< subject_model >>
+
+An L<RDF::Trine::Model> for the WebID profile document for the subject of the
+certificate, after authentication is successful.
+
+=item * C<< subject_endpoint >>
+
+A SPARQL Protocol endpoint for the subject of the certificate, after authentication
+is successful.
+
+=item * C<< session >>
+
+A L<CGI::Session> object for this session.
+
+=back
+
+=head2 Methods
+
+=over 4
+
+=item * C<< authenticate_by_uri($uri) >>
+
+Checks if $uri claims that $auth's key identifies it.
+
+Returns true if authentication sucessful and positive.
+
+=item * C<< authenticate_by_email($email_address) >>
+
+Checks if $email_address claims that $auth's key identifies it
+(via WebFinger/Fingerpoint).
+
+Returns true if authentication sucessful and positive.
+
+=item * C<< authenticate_by_sparql($uri, $endpoint) >>
+
+Checks if $endpoint claims that $auth's key identifies $uri. $endpoint may be
+a SPARQL endpoint URI or an RDF::Trine::Model.
+
+Returns true if authentication sucessful and positive.
+
+=back
+
+=head2 Utility Methods
+
+=over 4
+
+=item * C<< get_trine_model($uri) >>
+
+Get an RDF::Trine::Model corresponding to a URI.
+
+=item * C<< make_bigint_from_node($node) >>
+
+Turns an RDF::Trine::Node::Literal object into a Math::BigInt
+representing the same number.
+
+There are optional named parameters for providing a fallback
+in the case where $trine_node has an unrecognised datatype or
+is not a literal.
+
+ $bi = $auth->make_bigint_from_node(
+    $trine_node, fallback=>$other_node, fallback_type=>'hex');
+
+The authenticate_by_XXX methods use this.
+
+=item * C<< execute_query($sparql) >>
+
+Returns the results of a SPARQL query. Uses the certificate subject's
+RDF file as a data source, or the certificate subject's SPARQL endpoint.
+
+See L<RDF::TrineShortcuts> function rdf_query for an explanation of the
+return format.
+
+=back
+
+=head1 SEE ALSO
+
+L<CGI::Auth::FOAF_SSL>.
+
+=head1 AUTHOR
+
+Toby Inkster, E<lt>tobyink@cpan.orgE<gt>
+
+=head1 COPYRIGHT AND LICENSE
+
+Copyright (C) 2009-2011 by Toby Inkster
+
+This library is free software; you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+=cut

File lib/CGI/Auth/FOAF_SSL/Agent.pm

View file
  • Ignore whitespace
 use RDF::Query::Client;
 use RDF::Trine;
 
-our $VERSION = '1.001_01';
+our $VERSION = '1.001_02';
 
 sub new
 {
 
 =over 4
 
-=item C<< $agent = CGI::Auth::FOAF_SSL::Agent->new($id, $model, $ep) >>
+=item C<< new($webid, $model, $endpoint) >>
 
-Create a new object representing an agent. $id is an identfying URI, and is
+Create a new object representing an agent. $webid is an identfying URI, and is
 required. $model is an RDF::Trine::Model containing data about the agent, or
-may be undef. $ep is a SPARQL endpoint URL, or may be undef.
+may be undef. $endpoint is a SPARQL endpoint URL, or may be undef.
 
 =back
 
 
 =over 4
 
-=item C<< $agent->identity >>
+=item C<< identity >>
 
 Returns the URI identifying the agent.
 
-=item C<< $agent->model >>
+=item C<< model >>
 
 Returns an RDF::Trine::Model which may contain data about the agent.
 
-=item C<< $agent->endpoint >>
+=item C<< endpoint >>
 
 Returns a URL for a SPARQL Protocol endpoint that may be able to provide data
 about the agent.
 
-=item C<< $user->name >>
+=item C<< name >>
 
 The name of an agent (e.g. a person's name).
 
-=item C<< $user->homepage >>
+=item C<< homepage >>
 
 Gets the URL of the agent's homepage.
 
-=item C<< $user->img >>
+=item C<< img >>
 
 Gets the URL of an image or depiction of the agent.
 
-=item C<< $user->mbox >>
+=item C<< mbox >>
 
 Gets an e-mail address (including "mailto:") to communicate with
 the agent.
 
 =head1 COPYRIGHT AND LICENSE
 
-Copyright (C) 2009-2010 by Toby Inkster
+Copyright (C) 2009-2011 by Toby Inkster
 
 This library is free software; you can redistribute it and/or modify
-it under the same terms as Perl itself, either Perl version 5.8 or,
-at your option, any later version of Perl 5 you may have available.
+it under the same terms as Perl itself.
 
 =cut