Annotation of /branches/rel-2-4-patches/webwork-modperl/lib/Apache/AuthenWeBWorK.pm

Revision 5734 - (view) (download) (as text)

1 :	sh002i	4135	################################################################################
2 :			# WeBWorK Online Homework Delivery System
3 :	sh002i	5318	# Copyright © 2000-2007 The WeBWorK Project, http://openwebwork.sf.net/
4 :			# $CVSHeader: webwork2/lib/Apache/AuthenWeBWorK.pm,v 1.2 2006/06/28 16:19:57 sh002i Exp $
5 :	sh002i	4135	#
6 :			# This program is free software; you can redistribute it and/or modify it under
7 :			# the terms of either: (a) the GNU General Public License as published by the
8 :			# Free Software Foundation; either version 2, or (at your option) any later
9 :			# version, or (b) the "Artistic License" which comes with this package.
10 :			#
11 :			# This program is distributed in the hope that it will be useful, but WITHOUT
12 :			# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13 :			# FOR A PARTICULAR PURPOSE. See either the GNU General Public License or the
14 :			# Artistic License for more details.
15 :			################################################################################
16 :
17 :			package Apache::AuthenWeBWorK;
18 :
19 :			=head1 NAME
20 :
21 :			Apache::AuthenWeBWorK - Authenticate against WeBWorK::Authen framework.
22 :
23 :			=head1 CONFIGURATION
24 :
25 :			PerlSetVar authen_webwork_root /path/to/webwork2
26 :			PerlSetVar authen_webwork_course "some-course-id"
27 :			PerlSetVar authen_webwork_module "WeBWorK::Authen::something"
28 :
29 :			=cut
30 :
31 :			use strict;
32 :			use warnings;
33 :			use Apache::Constants qw(:common);
34 :
35 :			use WeBWorK::Debug;
36 :			use WeBWorK::Request;
37 :			use WeBWorK::ContentGenerator;
38 :			use WeBWorK::DB;
39 :			use WeBWorK::Authz;
40 :			use WeBWorK::Utils qw/runtime_use/;
41 :
42 :			################################################################################
43 :
44 :			=head1 APACHE AUTHEN HANDLER
45 :
46 :			=over
47 :
48 :			=item handler($r)
49 :
50 :			=cut
51 :
52 :			sub handler($) {
53 :			my ($apache) = @_;
54 :			my $r = new WeBWorK::Request($apache);
55 :
56 :			my ($res, $sent_pw) = $r->get_basic_auth_pw;
57 :			return $res unless $res == OK;
58 :
59 :			my $webwork_root = $r->dir_config('authen_webwork_root');
60 :			my $webwork_course = $r->dir_config('authen_webwork_course');
61 :
62 :			return fail($r, "authen_webwork_root not set")
63 :			unless defined $webwork_root and $webwork_root ne "";
64 :			return fail($r, "authen_webwork_course not set")
65 :			unless defined $webwork_course and $webwork_course ne "";
66 :
67 :			# FIXME most of this build-up code is yoinked from lib/WeBWorK.pm
68 :			# needs to be factored out somehow
69 :			# (for example, the authen module selection code probably belongs in a factory)
70 :
71 :			my $ce = eval { new WeBWorK::CourseEnvironment({
72 :			webwork_dir => $webwork_root,
73 :			courseName => $webwork_course,
74 :			}) };
75 :			$@ and return fail($r, "failed to initialize the course environment: $@");
76 :			$r->ce($ce);
77 :
78 :			my $authz = new WeBWorK::Authz($r);
79 :			$r->authz($authz);
80 :
81 :			# figure out which authentication module to use
82 :			my $user_authen_module;
83 :			my $proctor_authen_module;
84 :			if (ref $ce->{authen}{user_module} eq "HASH") {
85 :			if (exists $ce->{authen}{user_module}{$ce->{dbLayoutName}}) {
86 :			$user_authen_module = $ce->{authen}{user_module}{$ce->{dbLayoutName}};
87 :			} else {
88 :			$user_authen_module = $ce->{authen}{user_module}{"*"};
89 :			}
90 :			} else {
91 :			$user_authen_module = $ce->{authen}{user_module};
92 :			}
93 :
94 :			runtime_use $user_authen_module;
95 :			my $authen = $user_authen_module->new($r);
96 :			$r->authen($authen);
97 :
98 :			my $db = new WeBWorK::DB($ce->{dbLayout});
99 :			$r->db($db);
100 :
101 :			# now, here's the problem... WeBWorK::Authen looks at $r->params directly, whereas we
102 :			# need to look at $user and $sent_pw. this is a perfect opportunity for a mixin, i think.
103 :	sh002i	4178	my $authenOK;
104 :			{
105 :			no warnings 'redefine';
106 :			local *WeBWorK::Authen::get_credentials = \&Authen::WeBWorK::HTTPBasic::get_credentials;
107 :			local *WeBWorK::Authen::maybe_send_cookie = \&Authen::WeBWorK::HTTPBasic::noop;
108 :			local *WeBWorK::Authen::maybe_kill_cookie = \&Authen::WeBWorK::HTTPBasic::noop;
109 :			local *WeBWorK::Authen::set_params = \&Authen::WeBWorK::HTTPBasic::noop;
110 :
111 :			$authenOK = $authen->verify;
112 :			}
113 :	sh002i	4135
114 :
115 :			debug("verify said: '$authenOK'");
116 :
117 :			if ($authenOK) {
118 :			debug("this will work!!!");
119 :			return OK;
120 :			} else {
121 :			return AUTH_REQUIRED;
122 :			}
123 :			}
124 :
125 :			sub fail {
126 :			my ($r, $msg) = @_;
127 :			$r->note_basic_auth_failure;
128 :			$r->log_reason($msg, $r->filename);
129 :			return AUTH_REQUIRED;
130 :			}
131 :
132 :			=back
133 :
134 :			=cut
135 :
136 :			package Authen::WeBWorK::HTTPBasic;
137 :
138 :			use strict;
139 :			use warnings;
140 :			use Apache::Constants qw(:common);
141 :			use WeBWorK::Debug;
142 :
143 :			sub get_credentials {
144 :			my ($self) = @_;
145 :			my $r = $self->{r};
146 :
147 :			my ($res, $sent_pw) = $r->get_basic_auth_pw;
148 :			return unless $res == OK;
149 :			my $user_id = $r->connection->user;
150 :
151 :			if (defined $r->connection->user) {
152 :			$self->{user_id} = $r->connection->user;
153 :			$self->{password} = $sent_pw;
154 :			$self->{credential_source} = "http_basic";
155 :			return 1;
156 :			}
157 :			}
158 :
159 :			sub noop {}
160 :
161 :			1;

aubreyja at gmail dot com	ViewVC Help
Powered by ViewVC 1.0.9