X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=cgi-auth-flexible.git;a=blobdiff_plain;f=cgi-auth-hybrid.pm;h=21a8fb523e875ef82339283e2de05542ca332edf;hp=c5530e071886f2f359f106f8cdc8bf09cba1f112;hb=3bd820f25e36c43f0596f20f04a9bc2267053feb;hpb=420e69289e89656d88b551ab7e7aebda12f497b9 diff --git a/cgi-auth-hybrid.pm b/cgi-auth-hybrid.pm index c5530e0..21a8fb5 100644 --- a/cgi-auth-hybrid.pm +++ b/cgi-auth-hybrid.pm @@ -17,6 +17,12 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +use strict; +use warnings; + +package CGI::Auth::Hybrid; +require Exporter; + BEGIN { use Exporter (); our ($VERSION, @ISA, @EXPORT, @EXPORT_OK, %EXPORT_TAGS); @@ -31,8 +37,11 @@ BEGIN { our @EXPORT_OK; use DBI; -use CGI; -use Locale::Gettext; +use CGI qw/escapeHTML/; +use Locale::gettext; +use URI; +use IO::File; +use Data::Dumper; #---------- public utilities ---------- @@ -50,16 +59,17 @@ sub flatten_params ($) { #---------- default callbacks ---------- sub has_a_param ($$) { - my ($c,$cn) = @_; + my ($r,$cn) = @_; foreach my $pn (@{ $r->{S}{$cn} }) { - return 1 if $r->_cm('get_param')($pn); + return 1 if $r->_ch('get_param',$pn); } return 0; } -sub get_params ($$) { - my ($c) = @_; +sub get_params ($) { + my ($r) = @_; my %p; + my $c = $r->{Cgi}; foreach my $name ($c->param()) { $p{$name} = [ $c->param($name) ]; } @@ -72,24 +82,20 @@ sub get_cookie_domain ($$$) { return $uri->host(); } -sub construct_cookie ($$$) { - my ($r, $cookv) = @_; - return $r->{Cgi}->cookie(-name => $r->{S}{cookie_name}, - -value => $cookv, - -path => $r->{S}{cookie_path}, - -domain => $r->_ch('get_cookie_domain'), - -expires => '+'.$r->{S}{login_timeout}.'s', - -secure => $r->{S}{encrypted_only}); +sub login_ok_password ($$) { + my ($c, $r) = @_; + my $username_params = $r->{S}{username_param_names}; + my $username = $r->_ch('get_param',$username_params->[0]); + my $password = $r->_rp('password_param_name'); + return $r->_ch('username_password_ok', $username, $password); } sub do_redirect_cgi ($$$$) { my ($c, $r, $new_url, $cookie) = @_; - my @ha = ('text/html', - -status => '303 See other', - -location => $new_url); - push @ha, (-cookie => $cookie) if defined $cookie; - $r->_print($c->header(@ha), - $r->_ch('gen_start_html')($r->_gt('Redirection')), + $r->_print($c->header($r->_cgi_header_args($cookie, + -status => '303 See other', + -location => $new_url)), + $r->_ch('gen_start_html',$r->_gt('Redirection')), '', $r->_gt("If you aren't redirected, click to continue."), "", @@ -100,20 +106,20 @@ sub gen_plain_login_form ($$) { my ($c,$r, $params) = @_; my @form; push @form, ('
'. ''); my $sz = 'size="'.$r->{S}{form_entry_size}.'"'; foreach my $up (@{ $r->{S}{username_param_names}}) { push @form, ('', - ''); + ''); } push @form, ('', ''); push @form, ('', '
',$r->_gt(ucfirst $up),'
'.$r->_gt('Password'),'
', '
'); foreach my $n (keys %$params) { @@ -137,9 +143,9 @@ sub gen_login_link ($$) { sub new_verifier { my $class = shift; - my $s = { + my $verifier = { S => { - assocdb_path => 'cah-assocs.db'; + assocdb_path => 'cah-assocs.db', assocdb_dsn => undef, assocdb_user => '', assocdb_password => '', @@ -148,6 +154,7 @@ sub new_verifier { associdlen => 128, # bits login_timeout => 86400, # seconds assoc_param_name => 'cah_associd', + cookie_name => "cah_associd", password_param_name => 'password', username_param_names => [qw(username)], form_entry_size => 60, @@ -157,11 +164,12 @@ sub new_verifier { promise_check_mutate => 0, get_param => sub { $_[0]->param($_[2]) }, get_params => sub { $_[1]->get_params() }, - get_cookie => sub { $_[0]->cookie($s->{S}{cookie_name}) }, + get_cookie => sub { $_[0]->cookie($_[1]->{S}{cookie_name}) }, get_method => sub { $_[0]->request_method() }, get_url => sub { $_[0]->url(); }, is_login => sub { defined $_[1]->_rp('password_param_name') }, - login_ok => sub { die }, + login_ok => \&login_ok_password, + username_password_ok => sub { die }, is_logout => sub { $_[1]->has_a_param('logout_param_names') }, is_loggedout => sub { $_[1]->has_a_param('loggedout_param_names') }, is_page => sub { return 1 }, @@ -169,53 +177,97 @@ sub new_verifier { do_redirect => \&do_redirect_cgi, # this hook is allowed to throw cookie_path => "/", get_cookie_domain => \&get_cookie_domain, - encrypted_only => 0, + encrypted_only => 1, gen_start_html => sub { $_[0]->start_html($_[2]); }, gen_end_html => sub { $_[0]->end_html(); }, gen_login_form => \&gen_plain_login_form, gen_login_link => \&gen_plain_login_link, gettext => sub { gettext($_[2]); }, - }; + print => sub { print $_[2] or die $!; }, }, Dbh => undef, }; my ($k,$v); while (($k,$v,@_) = @_) { - die "unknown setting $k" unless exists $s->{S}{$k}; - $s->{S}{$k} = $v; + die "unknown setting $k" unless exists $verifier->{S}{$k}; + $verifier->{S}{$k} = $v; } - bless $s, $class; - $s->_dbopen(); - return $s; + bless $verifier, $class; + $verifier->_dbopen(); + return $verifier; } sub _dbopen ($) { - my ($s) = @_; - my $dbh = $s->{Dbh}; + my ($v) = @_; + my $dbh = $v->{Dbh}; return $dbh if $dbh; - $s->{S}{assocdb_dsn} ||= "dbi:SQLite:dbname=$s->{S}{assocdb_path}"; + $v->{S}{assocdb_dsn} ||= "dbi:SQLite:dbname=$v->{S}{assocdb_path}"; + my $dsn = $v->{S}{assocdb_dsn}; my $u = umask 077; - $dbh = DBI->open($s->{S}{assocdb_dsn}, $s->{S}{assocdb_user}, - $s->{S}{assocdb_password}, { - AutoCommit => 0, RaiseError => 1, - }); - die "${assocdb_dsn} $! ?" unless $dbh; - $s->{Dbh} = $dbh; - - $dbh->do("BEGIN"); + $dbh = DBI->connect($dsn, $v->{S}{assocdb_user}, + $v->{S}{assocdb_password}, { + AutoCommit => 0, + RaiseError => 1, + ShowErrorStatement => 1, + }); + die "$dsn $! ?" unless $dbh; + $v->{Dbh} = $dbh; eval { - $dbh->do("CREATE TABLE $s->{S}{assocdb_table} (". - " associdh VARCHAR PRIMARY KEY,". - " username VARCHAR,". - " last INTEGER NOT NULL" - ")"); + $v->_db_transaction(sub { + local ($dbh->{PrintError}) = 0; + $dbh->do("CREATE TABLE $v->{S}{assocdb_table} (". + " associd VARCHAR PRIMARY KEY,". + " username VARCHAR,". + " last INTEGER NOT NULL". + ")"); + }); }; return $dbh; } +sub disconnect ($) { + my ($v) = @_; + my $dbh = $v->{Dbh}; + return unless $dbh; + $dbh->disconnect(); +} + +sub _db_transaction ($$) { + my ($v, $fn) = @_; + my $retries = 10; + my $rv; + my $dbh = $v->{Dbh}; +print STDERR "DT entry\n"; + for (;;) { +print STDERR "DT loop\n"; + if (!eval { + $rv = $fn->(); +print STDERR "DT fn ok\n"; + 1; + }) { +print STDERR "DT fn error\n"; + { local ($@); $dbh->rollback(); } +print STDERR "DT fn throwing\n"; + die $@; + } +print STDERR "DT fn eval ok\n"; + if (eval { + $dbh->commit(); +print STDERR "DT commit ok\n"; + 1; + }) { +print STDERR "DT commit eval ok $rv\n"; + return $rv; + } +print STDERR "DT commit throw?\n"; + die $@ if !--$retries; +print STDERR "DT loop again\n"; + } +} + #---------- request object methods ---------- sub new_request { @@ -237,6 +289,7 @@ sub new_request { sub _ch ($$@) { # calls an application hook my ($r,$methname, @args) = @_; my $methfunc = $r->{S}{$methname}; + die "$methname ?" unless $methfunc; return $methfunc->($r->{Cgi}, $r, @args); } @@ -246,8 +299,23 @@ sub _rp ($$@) { my $p = scalar $r->_ch('get_param',$pn) } -sub _gt ($$) { my ($r, $t) = @_; return $r->_ch('gettext')($t); } -sub _print ($$) { my ($r, @t) = @_; return $r->_ch('print')(join '', @t); } +sub _gt ($$) { my ($r, $t) = @_; return $r->_ch('gettext',$t); } +sub _print ($$) { my ($r, @t) = @_; return $r->_ch('print', join '', @t); } + +sub construct_cookie ($$$) { + my ($r, $cookv) = @_; + return undef unless $cookv; + my $c = $r->{Cgi}; +my @ca = (-name => $r->{S}{cookie_name}, + -value => $cookv, + -path => $r->{S}{cookie_path}, + -domain => $r->_ch('get_cookie_domain'), + -expires => '+'.$r->{S}{login_timeout}.'s', + -secure => $r->{S}{encrypted_only}); + my $cookie = $c->cookie(@ca); +print STDERR "CC $r $c $cookv $cookie (@ca).\n"; + return $cookie; +} # pages/param-sets are # n normal non-mutating page @@ -264,7 +332,7 @@ sub _print ($$) { my ($r, @t) = @_; return $r->_ch('print')(join '', @t); } # y, yN value corresponds to logged-in user # n, nN value not in our db # x, xN t or y -# - no value supplied +# - no value supplied (represented in code as $cookt='') # if N differs the case applies only when the two values differ # (eg, a1 y2 does not apply when the logged-in value is supplied twice) @@ -343,8 +411,9 @@ sub _print ($$) { my ($r, @t) = @_; return $r->_ch('print')(join '', @t); } # revoke y2 # treat as -/n n POST # - # -/n n GET n cross-site link but user not logged in + # -/n -/n GET n cross-site link but user not logged in # show login form with redirect to orig params + # generate fresh cookie # # -/n n GET rmu user not logged in # fail @@ -356,8 +425,6 @@ sub _print ($$) { my ($r, @t) = @_; return $r->_ch('print')(join '', @t); } # fail sub _check_divert_core ($) { -fixme needs wrapping with something to make and commit a transaction -wrapper should also store answers in the $r object for later retrieval my ($r) = @_; my $meth = $r->_ch('get_method'); @@ -367,6 +434,8 @@ wrapper should also store answers in the $r object for later retrieval my ($cookt,$cooku) = $r->_db_lookup($cookv); my $parmt = $r->_db_lookup($parmv); + print STDERR "_c_d_c cookt=$cookt parmt=$parmt\n"; + if ($r->_ch('is_logout')) { $r->_must_be_post(); die unless $parmt; @@ -427,16 +496,18 @@ wrapper should also store answers in the $r object for later retrieval if ($cookt ne 'y') { die unless !$cookt || $cookt eq 'n'; die unless !$parmt || $parmt eq 'n' || $parmt eq 'y'; + my $newv = $r->_fresh_cookie(); if ($meth eq 'GET') { return ({ Kind => 'LOGIN-INCOMINGLINK', Message => "You need to log in again.", - CookieVal => $parmv, + CookieVal => $newv, Params => $r->_chain_params() }); } else { - return ((Kind => 'LOGIN-FRESH', - Message => "You need to log in again.", - CookieVal => $parmv, - Params => { }); + $r->_db_revoke($parmv); + return ({ Kind => 'LOGIN-FRESH', + Message => "You need to log in again.", + CookieVal => $newv, + Params => { } }); } } @@ -457,6 +528,7 @@ wrapper should also store answers in the $r object for later retrieval die unless $cookv eq $parmv; $r->{Assoc} = $cookv; $r->{UserOK} = $cooku; + print STDERR "C-D-C OK\n"; return undef; } @@ -464,6 +536,7 @@ sub _chain_params ($) { my ($r) = @_; my %p = %{ $r->_ch('get_params') }; foreach my $pncn (keys %{ $r->{S} }) { + my $names; if ($pncn =~ m/_param_name$/) { my $name = $r->{S}{$pncn}; die "$pncn ?" if ref $name; @@ -473,7 +546,7 @@ sub _chain_params ($) { } else { next; } - foreach my $param (@$names) { + foreach my $name (@$names) { delete $p{$name}; } } @@ -481,17 +554,18 @@ sub _chain_params ($) { } sub _db_lookup ($$) { + my ($r,$v) = @_; # returns ($t,$username) # where $t is one of "t" "y" "n", or "" (for -) - my ($r,$v) = @_; my $dbh = $r->{Dbh}; - my ($nusername, $nlast) = - $dbh->selectrow_array("SELECT username, last". + my $row = $dbh->selectrow_arrayref("SELECT username, last". " FROM $r->{S}{assocdb_table}". - " WHERE associd = ?", {}, $nassoc); - return ('') unless defined $nusername; + " WHERE associd = ?", {}, $v); + return ('') unless defined $row; + + my ($nusername, $nlast) = @$row; my $timeout = $r->{S}{login_timeout}; return ('n') unless !defined $timeout || time <= $nlast + $timeout; @@ -515,6 +589,7 @@ sub _db_revoke ($$) { sub _db_record_login_ok ($$$) { my ($r,$v,$user) = @_; $r->_db_revoke($v); + my $dbh = $r->{Dbh}; $dbh->do("INSERT INTO $r->{S}{assocdb_table}". " (associd, username, last) VALUES (?,?,?)", {}, $v, $user, time); @@ -522,21 +597,14 @@ sub _db_record_login_ok ($$$) { sub check_divert ($) { my ($r) = @_; - my $divert; if (exists $r->{Divert}) { return $r->{Divert}; } - $dbh->do("BEGIN"); - if (!eval { - $divert = $r->_check_divert_core(); - 1; - }) { - $dbh->do("ABORT"); - die $@; - } - $r->{Divert} = $divert; - $dbh->do("COMMIT"); - return $divert; + my $dbh = $r->{Dbh}; + $r->{Divert} = $r->_db_transaction(sub { $r->_check_divert_core(); }); + $dbh->commit(); + print STDERR Dumper($r->{Divert}); + return $r->{Divert}; } sub get_divert ($) { @@ -559,33 +627,41 @@ sub url_with_query_params ($$) { return $uri->as_string(); } +sub _cgi_header_args ($$@) { + my ($r, $cookie, @ha) = @_; + unshift @ha, qw(-type text/html); + push @ha, (-cookie => $cookie) if defined $cookie; + print STDERR "_cgi_header_args ",join('|',@ha),".\n"; + return @ha; +} + sub check_ok ($) { my ($r) = @_; - my ($divert) = $authreq->check_divert(); - return 1 if $divert; + my ($divert) = $r->check_divert(); + return 1 if !$divert; - my $handled = $r->_ch('handle_divert')($divert); + my $handled = $r->_ch('handle_divert',$divert); return 0 if $handled; my $kind = $divert->{Kind}; my $cookieval = $divert->{CookieVal}; my $params = $divert->{Params}; + my $cookie = $r->construct_cookie($cookieval); if ($kind =~ m/^REDIRECT-/) { # for redirects, we honour stored NextParams and SetCookie, # as we would for non-divert - if ($divert_kind eq 'REDIRECT-LOGGEDOUT') { - $params{$r->{S}{loggedout_param_names}[0]} = 1; - } elsif ($divert_kind eq 'REDIRECT-LOGOUT') { - $params{$r->{S}{logout_param_names}[0]} = 1; - } elsif ($divert_kind eq 'REDIRECT-LOGGEDIN') { + if ($kind eq 'REDIRECT-LOGGEDOUT') { + $params->{$r->{S}{loggedout_param_names}[0]} = 1; + } elsif ($kind eq 'REDIRECT-LOGOUT') { + $params->{$r->{S}{logout_param_names}[0]} = 1; + } elsif ($kind eq 'REDIRECT-LOGGEDIN') { } else { die; } my $new_url = $r->url_with_query_params($params); - my $cookie = $r->construct_cookie($r, $cookieval); - $r->_ch('do_redirect')($new_url, $cookie); + $r->_ch('do_redirect',$new_url, $cookie); return 0; } @@ -602,36 +678,45 @@ sub check_ok ($) { die $kind; } - $r->_print($r->_ch('start_html')($title), - @body, - $r->_ch('end_html')); + $r->_print($r->{Cgi}->header($r->_cgi_header_args($cookie)), + $r->_ch('gen_start_html',$title), + (join "\n", @body), + $r->_ch('gen_end_html')); return 0; } sub _random ($$) { my ($r, $bytes) = @_; my $v = $r->{V}; - if (!$v->{RandomHandle}) { - my $rsp = $r->{S}{random_source}; - my $rsf = new IO::File $rsp, '<' or die "$rsp $!"; - $v->{RandomHandle} = $rsf; + my $rsf = $v->{RandomHandle}; + my $rsp = $r->{S}{random_source}; + if (!$rsf) { + $v->{RandomHandle} = $rsf = new IO::File $rsp, '<' or die "$rsp $!"; } my $bin; $!=0; read($rsf,$bin,$bytes) == $bytes or die "$rsp $!"; close $rsf; - return unpack "H*", $bin; + my $out = unpack "H*", $bin; + print STDERR "_random out $out\n"; + return $out; } sub _fresh_cookie ($) { my ($r) = @_; + print STDERR "_fresh_cookie\n"; my $bytes = ($r->{S}{associdlen} + 7) >> 3; return $r->_random($bytes); } -sub check_mutate ($) { +sub _assert_checked ($) { my ($r) = @_; die "unchecked" unless exists $r->{Divert}; +} + +sub check_mutate ($) { + my ($r) = @_; + $r->_assert_checked(); die if $r->{Divert}; my $meth = $r->_ch('get_method'); die "mutating non-POST" if $meth ne 'POST'; @@ -641,7 +726,7 @@ sub check_mutate ($) { sub secret_val ($) { my ($r) = @_; - $r->check(); + $r->_assert_checked(); return defined $r->{Assoc} ? $r->{Assoc} : ''; } @@ -653,7 +738,10 @@ sub secret_hidden_html ($) { sub secret_cookie ($) { my ($r) = @_; - return $r->construct_cookie($r->secret_val()); +#print STDERR "SC\n"; + my $cookv = $r->construct_cookie($r->secret_val()); +#print STDERR "SC=$cookv\n"; + return $cookv; } __END__