initial checkin

ap · ap · commit c013d5b810b3 · 2020-10-28T00:00:06.000+01:00
diff --git a/Changes b/Changes
@@ -0,0 +1,4 @@
+Release history for URI-Signature-Tiny
+
+1.000 Wed 28 Oct 2020
+	- Initial release
diff --git a/Makefile.PL b/Makefile.PL
@@ -0,0 +1,85 @@
+use 5.006; use strict; use warnings;
+
+my $u = 'github.com/ap/URI-Signature-Tiny';
+
+my %META = (
+	name        => 'URI-Signature-Tiny',
+	author      => 'Aristotle Pagaltzis <pagaltzis@gmx.de>',
+	license     => 'perl_5',
+	x_copyright => { holder => 'Aristotle Pagaltzis', year => 2020 },
+	prereqs     => {
+		runtime => { requires => {qw(
+			perl                5.006
+			Digest::SHA             0
+			Scalar::Util            0
+			Carp                    0
+		)} },
+		test => { requires => {qw(
+			Test::More              0
+			URI                     0
+			URI::WithBase           0
+		)} },
+	},
+	dynamic_config => 0,
+	resources      => {
+		repository => { type => 'git', url => "git://$u.git", web => "https://$u" },
+		bugtracker => { web => "https://$u/issues" },
+	},
+);
+
+sub MY::postamble { -f 'META.yml' ? return : <<'' }
+create_distdir : MANIFEST
+MANIFEST :
+	( git ls-files ':!README.pod' . ; echo MANIFEST ) > MANIFEST
+distdir : boilerplate
+.PHONY  : boilerplate
+boilerplate : distmeta
+	$(PERL) -Ilib boilerplate.pl $(DISTVNAME)
+
+## BOILERPLATE ###############################################################
+require ExtUtils::MakeMaker;
+
+my %MM_ARGS;
+
+# have to do this since old EUMM dev releases miss the eval $VERSION line
+my $eumm_version  = eval $ExtUtils::MakeMaker::VERSION;
+my $mymeta        = $eumm_version >= 6.57_02;
+my $mymeta_broken = $mymeta && $eumm_version < 6.57_07;
+
+($MM_ARGS{NAME} = $META{name}) =~ s/-/::/g;
+($MM_ARGS{VERSION_FROM} = "lib/$MM_ARGS{NAME}.pm") =~ s{::}{/}g;
+($MM_ARGS{ABSTRACT_FROM} = $MM_ARGS{VERSION_FROM}) =~ s{\.pm\z}{.pod};
+$META{license} = [ $META{license} ]
+	if $META{license} && !ref $META{license};
+$MM_ARGS{LICENSE} = $META{license}[0]
+	if $META{license} && $eumm_version >= 6.30;
+$MM_ARGS{NO_MYMETA} = 1
+	if $mymeta_broken;
+$MM_ARGS{META_ADD} = { 'meta-spec' => { version => 2 }, %META }
+	unless -f 'META.yml';
+$MM_ARGS{PL_FILES} ||= {};
+$MM_ARGS{NORECURS} = 1
+	if not exists $MM_ARGS{NORECURS};
+
+for (qw(configure build test runtime)) {
+	my $key = $_ eq 'runtime' ? 'PREREQ_PM' : uc $_.'_REQUIRES';
+	my $r = $MM_ARGS{$key} = {
+		%{$META{prereqs}{$_}{requires} || {}},
+		%{delete $MM_ARGS{$key} || {}},
+	};
+	defined $r->{$_} or delete $r->{$_} for keys %$r;
+}
+
+$MM_ARGS{MIN_PERL_VERSION} = delete $MM_ARGS{PREREQ_PM}{perl} || 0;
+
+delete $MM_ARGS{MIN_PERL_VERSION}
+	if $eumm_version < 6.47_01;
+$MM_ARGS{BUILD_REQUIRES} = {%{$MM_ARGS{BUILD_REQUIRES}}, %{delete $MM_ARGS{TEST_REQUIRES}}}
+	if $eumm_version < 6.63_03;
+$MM_ARGS{PREREQ_PM} = {%{$MM_ARGS{PREREQ_PM}}, %{delete $MM_ARGS{BUILD_REQUIRES}}}
+	if $eumm_version < 6.55_01;
+delete $MM_ARGS{CONFIGURE_REQUIRES}
+	if $eumm_version < 6.51_03;
+
+ExtUtils::MakeMaker::WriteMakefile(%MM_ARGS);
+## END BOILERPLATE ###########################################################
diff --git a/README.pod b/README.pod
@@ -0,0 +1 @@
+lib/URI/Signature/Tiny.pod
diff --git a/boilerplate.pl b/boilerplate.pl
@@ -0,0 +1,41 @@
+use strict; use warnings;
+
+use CPAN::Meta;
+use Software::LicenseUtils;
+use Pod::Readme::Brief;
+
+sub slurp { open my $fh, '<', $_[0] or die "Couldn't open $_[0] to read: $!\n"; readline $fh }
+
+chdir $ARGV[0] or die "Cannot chdir to $ARGV[0]: $!\n";
+
+my %file;
+
+my $meta = CPAN::Meta->load_file( 'META.json' );
+
+my $license = do {
+	my @key = ( $meta->license, $meta->meta_spec_version );
+	my ( $class, @ambiguous ) = Software::LicenseUtils->guess_license_from_meta_key( @key );
+	die if @ambiguous;
+	$class->new( $meta->custom( 'x_copyright' ) );
+};
+
+$file{'LICENSE'} = $license->fulltext;
+
+my @source = slurp 'lib/URI/Signature/Tiny.pod';
+splice @source, -2, 0, map "$_\n", '', '=head1 AUTHOR', '', $meta->authors;
+splice @source, -2, 0, split /(?<=\n)/, "\n=head1 COPYRIGHT AND LICENSE\n\n" . $license->notice;
+$file{'lib/URI/Signature/Tiny.pod'} = join '', @source;
+
+die unless -e 'Makefile.PL';
+$file{'README'} = Pod::Readme::Brief->new( @source )->render( installer => 'eumm' );
+
+my @manifest = slurp 'MANIFEST';
+my %manifest = map /\A([^\s#]+)()/, @manifest;
+$file{'MANIFEST'} = join '', sort @manifest, map "$_\n", grep !exists $manifest{ $_ }, keys %file;
+
+for my $fn ( sort keys %file ) {
+	unlink $fn if -e $fn;
+	open my $fh, '>', $fn or die "Couldn't open $fn to write: $!\n";
+	print $fh $file{ $fn };
+	close $fh or die "Couldn't close $fn after writing: $!\n";
+}
diff --git a/lib/URI/Signature/Tiny.pm b/lib/URI/Signature/Tiny.pm
@@ -0,0 +1,57 @@
+use strict; use warnings;
+
+package URI::Signature::Tiny;
+
+our $VERSION = '1.000';
+
+use Digest::SHA ();
+use Carp ();
+use Scalar::Util ();
+
+my @defaults = (
+	sort_params   => 1,
+	recode_base64 => 1,
+	after_sign    => sub { Carp::croak( 'No after_sign callback specified' ) },
+	before_verify => sub { Carp::croak( 'No before_verify callback specified' ) },
+	function      => \&Digest::SHA::hmac_sha256_base64,
+);
+
+sub new {
+	my $class = shift;
+	my $self = bless { @defaults, @_ }, $class;
+	Carp::croak( "Missing secret for $class" ) unless defined $self->{'secret'};
+	$self;
+}
+
+sub signature {
+	my ( $self, $uri ) = ( shift, @_ );
+
+	Carp::croak( 'Cannot compute the signature of an undefined value' ) unless defined $uri;
+
+	$uri = $uri->isa( 'URI::WithBase' ) ? $uri->abs->as_string : $uri->as_string
+		if Scalar::Util::blessed( $uri );
+
+	$uri =~ m[ \A [^?#]* \? ]xgc and $uri =~ s[ \G ([^#]+) ]{
+		my @qp = split /[&;]/, "$1";
+		join ';', $self->{'sort_params'} ? sort @qp : @qp;
+	}xe;
+
+	my $sig = $self->{'function'}->( $uri, $self->{'secret'} );
+
+	$sig =~ s/=+\z//, $sig =~ y{+/}{-_} if $self->{'recode_base64'};
+
+	$sig;
+}
+
+sub sign {
+	my ( $self, $uri ) = ( shift, @_ );
+	$self->{'after_sign'}->( $uri, $self->signature( $uri ) );
+}
+
+sub verify {
+	my $self = shift;
+	my ( $uri, $sig ) = $self->{'before_verify'}->( @_ );
+	$sig eq $self->signature( $uri );
+}
+
+1;
diff --git a/lib/URI/Signature/Tiny.pod b/lib/URI/Signature/Tiny.pod
@@ -0,0 +1,145 @@
+=pod
+
+=encoding UTF-8
+
+=head1 NAME
+
+URI::Signature::Tiny - Mint and verify server-signed URIs
+
+=head1 SYNOPSIS
+
+ use URI;
+ use URI::Signature::Tiny;
+ 
+ my $notary = URI::Signature::Tiny->new(
+   secret     => $secret,
+   after_sign => sub {
+     my ( $uri, $sig ) = @_;
+     $uri->query_form({ $uri->query_form, s => $sig });
+     $uri;
+   },
+   before_verify => sub {
+     my ( $uri ) = @_;
+     my %f = $uri->query_form;
+     my $sig = delete $f{'s'};
+     $uri = $uri->clone; # important
+     $uri->query_form( \%f );
+     ( $uri, ref $sig ? '' : $sig );
+   },
+ );
+ 
+ my $signed_uri = $notary->sign( URI->new( 'http://example.com/foo?bar=baz#pagetop' ) );
+ 
+ my $ok = $notary->verify( $signed_uri );
+
+=head1 DESCRIPTION
+
+This is a minimal helper to generate URLs that you can later verify to not have
+been modified, so that you can trust security-relevant values such as user IDs.
+This is useful e.g. for a passwort reset link that the user should not be able
+to edit to log in as someone else.
+
+=head1 METHODS
+
+=over 2
+
+=item C<new>
+
+Construct and return an instance of this class.
+Takes a list of key/value pairs specifying configuration options:
+
+=over 2
+
+=item C<secret>
+
+A message authentication code (MAC) value,
+which needs to have cryptographically sufficient entropy.
+
+B<Required>.
+
+=item C<after_sign>
+
+A callback that defines how to incorporate the signature into a fresh URI.
+See L</C<sign>> for details.
+
+Defaults to a placeholder that croaks.
+
+=item C<before_verify>
+
+A callback that defines how to remove the signature from a signed URI.
+See L</C<verify>> for details.
+
+Defaults to a placeholder that croaks.
+
+=item C<sort_params>
+
+Whether to sort query parameters (if any) before computing the signature.
+
+Defaults to true.
+
+=item C<function>
+
+The function that will be called to compute the signature,
+which should have the same signature as the HMAC functions from L<Digest::SHA>:
+the (normalised) URI and the secret will be its first and second arguments.
+
+Defaults to
+L<C<\&Digest::SHA::hmac_sha256_base64>|Digest::SHA/hmac_sha256_base64>.
+
+You might also use this just to post-process the HMAC value, any way you wish:
+
+ sub { substr &Digest::SHA::hmac_sha512224_base64, 0, 10 }
+
+=item C<recode_base64>
+
+Whether to apply substitutions to turn the return value of the L</C<function>>
+from regular C<base64> encoding into C<base64url>.
+
+Defaults to true.
+
+=back
+
+=item C<signature>
+
+Compute and return the signature for the URI
+which is passed as the only argument.
+
+The only way that the URI value might be modified here is
+to sort the query parameters if requested by L</C<sort_params>>.
+
+=item C<sign>
+
+Takes a fresh URI and returns the same URI with the signature added to it.
+Specifically it returns whatever the L</C<after_sign>> callback returns,
+which gets called with the fresh URI and its signature as arguments.
+
+=item C<verify>
+
+Takes a signed URI and checks whether it matches its signature.
+It passes its arguments to the L</C<after_sign>> callback,
+which must return two values:
+the bare URI with the signature stripped off, and the signature.
+
+=back
+
+=head1 SEE ALSO
+
+=over 2
+
+=item *
+
+L<URL::Signature>
+
+=item *
+
+L<RFCE<nbsp>2104, I<HMAC: Keyed-Hashing for Message Authentication>|https://tools.ietf.org/html/rfc2104>
+
+=item *
+
+L<RFCE<nbsp>4648, I<The Base16, Base32, and Base64 Data Encodings>, section 5., I<Base 64 Encoding with URL and Filename Safe Alphabet>|https://tools.ietf.org/html/rfc4648#section-5>
+
+=back
+
+=cut
+
+vim: et sw=2 ts=2 sts=2
diff --git a/t/basic.t b/t/basic.t
diff --git a/t/synopsis.t b/t/synopsis.t
