package Mojolicious::Plugin::SslAuth;
use strict;
use warnings;
use Mojo::IOLoop;
our $VERSION = '0.07';
use base 'Mojolicious::Plugin';
sub register {
my ($plugin, $app) = @_;
$app->helper(
ssl_auth => sub {
my $self = shift;
my $callback = shift;
my $id = $self->tx->connection;
my $handle = Mojo::IOLoop->stream($id)->handle;
# Not SSL connection
return if ref $handle ne 'IO::Socket::SSL';
return $callback->($handle);
}
);
}
1;
__END__
=head1 NAME
Mojolicious::Plugin::SslAuth - SSL client certificate auth helper
=head1 DESCRIPTION
L<Mojolicous::Plugin::SslAuth> is a helper for authenticating client ssl certificates against CA's (certificate authorities)
=head1 USAGE
use Mojolicious::Lite;
plugin 'ssl_auth';
get '/' => sub {
my $self = shift;
return $self->render_text('ok')
if $self->ssl_auth(
{return 1 if shift->peer_certificate('commonName') eq 'client'}
);
$self->render_text('commonName not matched');
};
app->start;
L<IO::Socket::SSL> connection passed as parameter.
See L<IO::Socket::SSL> for available methods. (You're most likely looking for ->peer_certificate and/or ->get_cipher)
=over
=item Older versions of Mojolicious
For Mojolicious versions < 2.81, use Mojolicious::Plugin::SslAuth 0.05
For Mojolicious versions < 1.13, use Mojolicious::Plugin::SslAuth 0.02
=back
=head1 METHODS
L<Mojolicious::Plugin::SslAuth> inherits all methods from
L<Mojolicious::Plugin> and implements the following new ones.
=head2 C<register>
$plugin->register;
Register condition in L<Mojolicious> application.
=head1 SEE ALSO
L<Mojolicious>
=head1 DEVELOPMENT
L<http://github.com/tempire/mojolicious-plugin-sslauth>
=head1 VERSION
0.07
=head1 AUTHOR
Glen Hinkle tempire@cpan.org
=cut