1 package OpenSRF::DOM::Element::userAuth;
3 use OpenSRF::Utils::Logger qw/:level/;
4 use OpenSRF::Utils::Config;
5 use Digest::MD5 qw/md5_hex/;
6 use OpenSRF::DomainObject::oilsMethod;
7 use OpenSRF::DomainObject::oilsResponse;
8 #use OpenSRF::App::Auth;
9 use OpenSRF::EX qw/:try/;
10 use OpenSRF::Utils::Cache;
12 use base 'OpenSRF::DOM::Element';
14 my $log = 'OpenSRF::Utils::Logger';
18 OpenSRF::DOM::Element::userAuth
22 User authentication data structure for use in oilsMessage objects.
28 use OpenSRF::DOM::Element::userAuth;
30 %auth_structure = ( userid => '0123456789', secret => 'junko' );
31 %auth_structure = ( username => 'miker', secret => 'junko' );
33 my $auth = OpenSRF::DOM::Element::userAuth->new( %auth_structure );
37 my %server_auth = ( sysname => 'OPACServer',
38 secret => 'deadbeefdeadbeef' );
40 my $auth = OpenSRF::DOM::Element::userAuth->new( %server_auth );
46 $class = ref($class) || $class;
50 $args{hashseed} ||= int( rand( $$ ) );
52 $args{secret} = md5_hex($args{secret});
53 $args{secret} = md5_hex($args{hashseed}. $args{secret});
55 return $class->SUPER::new( %args );
60 return $self->getAttribute('username');
65 return $self->getAttribute('userid');
70 return $self->getAttribute('sysname');
75 return $self->getAttribute('secret');
80 return $self->getAttribute('hashseed');
86 my $u = $self->username ||
89 $log->debug("Authenticating user [$u]",INFO);
92 # We need to make sure that we are not the auth server. If we are,
93 # we don't want to send a request to ourselves. Instead just call
94 # the local auth method.
95 my @params = ( $u, $self->secret, $self->hashseed );
98 # ------------------------------
99 # See if we can auth with the cache first
100 $log->debug( "Attempting cache auth...", INTERNAL );
101 my $cache = OpenSRF::Utils::Cache->current("user");
102 my $value = $cache->get( $u );
104 if( $value and $value eq $self->secret ) {
105 $log->debug( "User $u is cached and authenticated", INTERNAL );
108 # ------------------------------
110 if( $session->service eq "auth" ) {
111 $log->debug( "We are AUTH. calling local auth", DEBUG );
112 my $meth = OpenSRF::App::Auth->method_lookup('authenticate', 1);
113 $log->debug("Meth ref is $meth", INTERNAL);
114 $res = $meth->run( 1, @params );
117 $log->debug( "Calling AUTH server", DEBUG );
118 $res = _request_remote_auth( $session, @params );
122 if( $res and $res->class->isa('OpenSRF::DomainObject::oilsResult') and
123 $res->content and ($res->content->value eq "yes") ) {
125 $log->debug( "User $u is authenticated", DEBUG );
126 $log->debug( "Adding $u to cache", INTERNAL );
128 # Add to the cache ------------------------------
129 $cache->set( $u, $self->secret );
139 sub _request_remote_auth {
141 my $server_session = shift;
144 my $service = $server_session->service;
146 my @server_auth = (sysname => OpenSRF::Utils::Config->current->$service->sysname,
147 secret => OpenSRF::Utils::Config->current->$service->secret );
149 my $session = OpenSRF::AppSession->create( "auth", @server_auth );
151 $log->debug( "Sending request to auth server", INTERNAL );
157 if( ! $session->connect() ) {
158 throw OpenSRF::EX::CRITICAL ("Cannot communicate with auth server");
160 $req = $session->request( authenticate => @params );
161 $req->wait_complete( OpenSRF::Utils::Config->current->client->connect_timeout );
164 } catch OpenSRF::DomainObject::oilsAuthException with {
168 $req->finish() if $req;
169 $session->finish() if $session;