[Bps-public-commit] storage-box branch, master, created. eecf8c1b68bf18b3c1b61109178f3fc669f4753f

Dave Goehrig dave at bestpractical.com
Thu Aug 25 10:42:58 EDT 2016


The branch, master has been created
        at  eecf8c1b68bf18b3c1b61109178f3fc669f4753f (commit)

- Log -----------------------------------------------------------------
commit f6051d7802d3aaca21e913fb43cb76c2e0e646bd
Author: Dave Goehrig <dave at bestpractical.com>
Date:   Wed Aug 24 14:41:51 2016 +0000

    initial import

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..24e095b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,7 @@
+/Storage-Box-*
+/.build
+/_build*
+/Build
+MYMETA.*
+!META.json
+/.prove
diff --git a/Build.PL b/Build.PL
new file mode 100644
index 0000000..0cc48bb
--- /dev/null
+++ b/Build.PL
@@ -0,0 +1,7 @@
+# This Build.PL for Storage-Box was generated by Dist::Zilla::Plugin::ModuleBuildTiny 0.015.
+use strict;
+use warnings;
+
+use 5.008005;
+use Module::Build::Tiny 0.034;
+Build_PL();
diff --git a/Changes b/Changes
new file mode 100644
index 0000000..720cd3b
--- /dev/null
+++ b/Changes
@@ -0,0 +1,4 @@
+Revision history for Storage-Box
+
+{{$NEXT}}
+        - Initial release
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..02d21b7
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,379 @@
+This software is copyright (c) 2016- by Dave Goehrig <dave at dloh.org>.
+
+This is free software; you can redistribute it and/or modify it under
+the same terms as the Perl 5 programming language system itself.
+
+Terms of the Perl programming language system itself
+
+a) the GNU General Public License as published by the Free
+   Software Foundation; either version 1, or (at your option) any
+   later version, or
+b) the "Artistic License"
+
+--- The GNU General Public License, Version 1, February 1989 ---
+
+This software is Copyright (c) 2016- by Dave Goehrig <dave at dloh.org>.
+
+This is free software, licensed under:
+
+  The GNU General Public License, Version 1, February 1989
+
+                    GNU GENERAL PUBLIC LICENSE
+                     Version 1, February 1989
+
+ Copyright (C) 1989 Free Software Foundation, Inc.
+ 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The license agreements of most software companies try to keep users
+at the mercy of those companies.  By contrast, our General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  The
+General Public License applies to the Free Software Foundation's
+software and to any other program whose authors commit to using it.
+You can use it for your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Specifically, the General Public License is designed to make
+sure that you have the freedom to give away or sell copies of free
+software, that you receive source code or can get it if you want it,
+that you can change the software or use pieces of it in new free
+programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of a such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must tell them their rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License Agreement applies to any program or other work which
+contains a notice placed by the copyright holder saying it may be
+distributed under the terms of this General Public License.  The
+"Program", below, refers to any such program or work, and a "work based
+on the Program" means either the Program or any work containing the
+Program or a portion of it, either verbatim or with modifications.  Each
+licensee is addressed as "you".
+
+  1. You may copy and distribute verbatim copies of the Program's source
+code as you receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice and
+disclaimer of warranty; keep intact all the notices that refer to this
+General Public License and to the absence of any warranty; and give any
+other recipients of the Program a copy of this General Public License
+along with the Program.  You may charge a fee for the physical act of
+transferring a copy.
+
+  2. You may modify your copy or copies of the Program or any portion of
+it, and copy and distribute such modifications under the terms of Paragraph
+1 above, provided that you also do the following:
+
+    a) cause the modified files to carry prominent notices stating that
+    you changed the files and the date of any change; and
+
+    b) cause the whole of any work that you distribute or publish, that
+    in whole or in part contains the Program or any part thereof, either
+    with or without modifications, to be licensed at no charge to all
+    third parties under the terms of this General Public License (except
+    that you may choose to grant warranty protection to some or all
+    third parties, at your option).
+
+    c) If the modified program normally reads commands interactively when
+    run, you must cause it, when started running for such interactive use
+    in the simplest and most usual way, to print or display an
+    announcement including an appropriate copyright notice and a notice
+    that there is no warranty (or else, saying that you provide a
+    warranty) and that users may redistribute the program under these
+    conditions, and telling the user how to view a copy of this General
+    Public License.
+
+    d) You may charge a fee for the physical act of transferring a
+    copy, and you may at your option offer warranty protection in
+    exchange for a fee.
+
+Mere aggregation of another independent work with the Program (or its
+derivative) on a volume of a storage or distribution medium does not bring
+the other work under the scope of these terms.
+
+  3. You may copy and distribute the Program (or a portion or derivative of
+it, under Paragraph 2) in object code or executable form under the terms of
+Paragraphs 1 and 2 above provided that you also do one of the following:
+
+    a) accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of
+    Paragraphs 1 and 2 above; or,
+
+    b) accompany it with a written offer, valid for at least three
+    years, to give any third party free (except for a nominal charge
+    for the cost of distribution) a complete machine-readable copy of the
+    corresponding source code, to be distributed under the terms of
+    Paragraphs 1 and 2 above; or,
+
+    c) accompany it with the information you received as to where the
+    corresponding source code may be obtained.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form alone.)
+
+Source code for a work means the preferred form of the work for making
+modifications to it.  For an executable file, complete source code means
+all the source code for all modules it contains; but, as a special
+exception, it need not include source code for modules which are standard
+libraries that accompany the operating system on which the executable
+file runs, or for standard header files or definitions files that
+accompany that operating system.
+
+  4. You may not copy, modify, sublicense, distribute or transfer the
+Program except as expressly provided under this General Public License.
+Any attempt otherwise to copy, modify, sublicense, distribute or transfer
+the Program is void, and will automatically terminate your rights to use
+the Program under this License.  However, parties who have received
+copies, or rights to use copies, from you under this General Public
+License will not have their licenses terminated so long as such parties
+remain in full compliance.
+
+  5. By copying, distributing or modifying the Program (or any work based
+on the Program) you indicate your acceptance of this license to do so,
+and all its terms and conditions.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the original
+licensor to copy, distribute or modify the Program subject to these
+terms and conditions.  You may not impose any further restrictions on the
+recipients' exercise of the rights granted herein.
+
+  7. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of the license which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+the license, you may choose any version ever published by the Free Software
+Foundation.
+
+  8. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+                            NO WARRANTY
+
+  9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+                     END OF TERMS AND CONDITIONS
+
+        Appendix: How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to humanity, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
+terms.
+
+  To do so, attach the following notices to the program.  It is safest to
+attach them to the start of each source file to most effectively convey
+the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) 19yy  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 1, or (at your option)
+    any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA  02110-1301 USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) 19xx name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the
+appropriate parts of the General Public License.  Of course, the
+commands you use may be called something other than `show w' and `show
+c'; they could even be mouse-clicks or menu items--whatever suits your
+program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the
+  program `Gnomovision' (a program to direct compilers to make passes
+  at assemblers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+That's all there is to it!
+
+
+--- The Artistic License 1.0 ---
+
+This software is Copyright (c) 2016- by Dave Goehrig <dave at dloh.org>.
+
+This is free software, licensed under:
+
+  The Artistic License 1.0
+
+The Artistic License
+
+Preamble
+
+The intent of this document is to state the conditions under which a Package
+may be copied, such that the Copyright Holder maintains some semblance of
+artistic control over the development of the package, while giving the users of
+the package the right to use and distribute the Package in a more-or-less
+customary fashion, plus the right to make reasonable modifications.
+
+Definitions:
+
+  - "Package" refers to the collection of files distributed by the Copyright
+    Holder, and derivatives of that collection of files created through
+    textual modification. 
+  - "Standard Version" refers to such a Package if it has not been modified,
+    or has been modified in accordance with the wishes of the Copyright
+    Holder. 
+  - "Copyright Holder" is whoever is named in the copyright or copyrights for
+    the package. 
+  - "You" is you, if you're thinking about copying or distributing this Package.
+  - "Reasonable copying fee" is whatever you can justify on the basis of media
+    cost, duplication charges, time of people involved, and so on. (You will
+    not be required to justify it to the Copyright Holder, but only to the
+    computing community at large as a market that must bear the fee.) 
+  - "Freely Available" means that no fee is charged for the item itself, though
+    there may be fees involved in handling the item. It also means that
+    recipients of the item may redistribute it under the same conditions they
+    received it. 
+
+1. You may make and give away verbatim copies of the source form of the
+Standard Version of this Package without restriction, provided that you
+duplicate all of the original copyright notices and associated disclaimers.
+
+2. You may apply bug fixes, portability fixes and other modifications derived
+from the Public Domain or from the Copyright Holder. A Package modified in such
+a way shall still be considered the Standard Version.
+
+3. You may otherwise modify your copy of this Package in any way, provided that
+you insert a prominent notice in each changed file stating how and when you
+changed that file, and provided that you do at least ONE of the following:
+
+  a) place your modifications in the Public Domain or otherwise make them
+     Freely Available, such as by posting said modifications to Usenet or an
+     equivalent medium, or placing the modifications on a major archive site
+     such as ftp.uu.net, or by allowing the Copyright Holder to include your
+     modifications in the Standard Version of the Package.
+
+  b) use the modified Package only within your corporation or organization.
+
+  c) rename any non-standard executables so the names do not conflict with
+     standard executables, which must also be provided, and provide a separate
+     manual page for each non-standard executable that clearly documents how it
+     differs from the Standard Version.
+
+  d) make other distribution arrangements with the Copyright Holder.
+
+4. You may distribute the programs of this Package in object code or executable
+form, provided that you do at least ONE of the following:
+
+  a) distribute a Standard Version of the executables and library files,
+     together with instructions (in the manual page or equivalent) on where to
+     get the Standard Version.
+
+  b) accompany the distribution with the machine-readable source of the Package
+     with your modifications.
+
+  c) accompany any non-standard executables with their corresponding Standard
+     Version executables, giving the non-standard executables non-standard
+     names, and clearly documenting the differences in manual pages (or
+     equivalent), together with instructions on where to get the Standard
+     Version.
+
+  d) make other distribution arrangements with the Copyright Holder.
+
+5. You may charge a reasonable copying fee for any distribution of this
+Package.  You may charge any fee you choose for support of this Package. You
+may not charge a fee for this Package itself. However, you may distribute this
+Package in aggregate with other (possibly commercial) programs as part of a
+larger (possibly commercial) software distribution provided that you do not
+advertise this Package as a product of your own.
+
+6. The scripts and library files supplied as input to or produced as output
+from the programs of this Package do not automatically fall under the copyright
+of this Package, but belong to whomever generated them, and may be sold
+commercially, and may be aggregated with this Package.
+
+7. C or perl subroutines supplied by you and linked into this Package shall not
+be considered part of this Package.
+
+8. The name of the Copyright Holder may not be used to endorse or promote
+products derived from this software without specific prior written permission.
+
+9. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+The End
+
diff --git a/META.json b/META.json
new file mode 100644
index 0000000..1bf1b91
--- /dev/null
+++ b/META.json
@@ -0,0 +1,56 @@
+{
+   "abstract" : "Blah blah blah",
+   "author" : [
+      "Dave Goehrig <dave at dloh.org>"
+   ],
+   "dynamic_config" : 0,
+   "generated_by" : "Dist::Milla version v1.0.16, Dist::Zilla version 6.007, CPAN::Meta::Converter version 2.150005",
+   "license" : [
+      "perl_5"
+   ],
+   "meta-spec" : {
+      "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec",
+      "version" : 2
+   },
+   "name" : "Storage-Box",
+   "no_index" : {
+      "directory" : [
+         "eg",
+         "examples",
+         "inc",
+         "share",
+         "t",
+         "xt"
+      ]
+   },
+   "prereqs" : {
+      "configure" : {
+         "requires" : {
+            "Module::Build::Tiny" : "0.034"
+         }
+      },
+      "develop" : {
+         "requires" : {
+            "Dist::Milla" : "v1.0.16",
+            "Test::Pod" : "1.41"
+         }
+      },
+      "runtime" : {
+         "requires" : {
+            "Crypt::JWT" : "0.017",
+            "Expect" : "1.15",
+            "Modern::Perl" : "1.20150127",
+            "perl" : "5.008005"
+         }
+      },
+      "test" : {
+         "requires" : {
+            "Test::More" : "0.96"
+         }
+      }
+   },
+   "release_status" : "stable",
+   "version" : "0.01",
+   "x_serialization_backend" : "Cpanel::JSON::XS version 3.0217"
+}
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..856bf39
--- /dev/null
+++ b/README.md
@@ -0,0 +1,26 @@
+# NAME
+
+Storage::Box - Blah blah blah
+
+# SYNOPSIS
+
+    use Storage::Box;
+
+# DESCRIPTION
+
+Storage::Box is 
+
+# AUTHOR
+
+Dave Goehrig <dave at dloh.org>
+
+# COPYRIGHT
+
+Copyright 2016- Dave Goehrig
+
+# LICENSE
+
+This library is free software; you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+# SEE ALSO
diff --git a/cpanfile b/cpanfile
new file mode 100644
index 0000000..e2bc4eb
--- /dev/null
+++ b/cpanfile
@@ -0,0 +1,9 @@
+requires 'perl', '5.008005';
+
+requires 'Modern::Perl', '1.20150127';
+requires 'Crypt::JWT', '0.017';
+requires 'Expect', '1.15';
+
+on test => sub {
+    requires 'Test::More', '0.96';
+};
diff --git a/dist.ini b/dist.ini
new file mode 100644
index 0000000..a4dbffa
--- /dev/null
+++ b/dist.ini
@@ -0,0 +1 @@
+[@Milla]
diff --git a/lib/Storage/Box.pm b/lib/Storage/Box.pm
new file mode 100644
index 0000000..09e1803
--- /dev/null
+++ b/lib/Storage/Box.pm
@@ -0,0 +1,41 @@
+package Storage::Box;
+
+use Modern::Perl;
+our $VERSION = '0.01';
+
+
+
+
+1;
+__END__
+
+=encoding utf-8
+
+=head1 NAME
+
+Storage::Box - Blah blah blah
+
+=head1 SYNOPSIS
+
+  use Storage::Box;
+
+=head1 DESCRIPTION
+
+Storage::Box is 
+
+=head1 AUTHOR
+
+Dave Goehrig E<lt>dave at dloh.orgE<gt>
+
+=head1 COPYRIGHT
+
+Copyright 2016- Dave Goehrig
+
+=head1 LICENSE
+
+This library is free software; you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+=head1 SEE ALSO
+
+=cut
diff --git a/lib/Storage/Box/Auth.pm b/lib/Storage/Box/Auth.pm
new file mode 100644
index 0000000..bc1eba8
--- /dev/null
+++ b/lib/Storage/Box/Auth.pm
@@ -0,0 +1,18 @@
+package Storage::Box::Auth;
+
+use Modern::Perl;
+use Crypt::JWT;
+use Expect;
+
+sub generate_keys {
+	my ($password) = @_;
+	my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048") 
+		or die "Failed to generate private_key.pem";
+	$exp->expect(1000,
+		[ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ],
+		[ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ]
+	);
+}
+
+
+1;
diff --git a/t/basic.t b/t/basic.t
new file mode 100644
index 0000000..a9843a9
--- /dev/null
+++ b/t/basic.t
@@ -0,0 +1,9 @@
+use strict;
+use Test::More;
+
+require_ok 'Storage::Box';
+require_ok 'Storage::Box::Auth';
+
+ok Storage::Box::Auth::generate_keys('test');
+
+done_testing;

commit ab051a650f6f4eff14d7b02bd485493066509988
Author: Dave Goehrig <dave at bestpractical.com>
Date:   Wed Aug 24 15:11:37 2016 +0000

    Adding methods for generating key pair

diff --git a/META.json b/META.json
index 1bf1b91..c539095 100644
--- a/META.json
+++ b/META.json
@@ -51,6 +51,9 @@
    },
    "release_status" : "stable",
    "version" : "0.01",
+   "x_contributors" : [
+      "Dave Goehrig <dave at bestpractical.com>"
+   ],
    "x_serialization_backend" : "Cpanel::JSON::XS version 3.0217"
 }
 
diff --git a/lib/Storage/Box/Auth.pm b/lib/Storage/Box/Auth.pm
index bc1eba8..b4e2974 100644
--- a/lib/Storage/Box/Auth.pm
+++ b/lib/Storage/Box/Auth.pm
@@ -4,15 +4,52 @@ use Modern::Perl;
 use Crypt::JWT;
 use Expect;
 
-sub generate_keys {
+sub generate_private_key {
 	my ($password) = @_;
 	my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048") 
 		or die "Failed to generate private_key.pem";
-	$exp->expect(1000,
-		[ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ],
-		[ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ]
+	$exp->raw_pty(1);
+	$exp->expect(1,
+		[ qr/private_key\.pem:/ => sub { 
+			$exp->send("$password\r"); exp_continue;
+		} ]
 	);
+	$exp->soft_close();
 }
 
+sub generate_public_key {
+	my ($password) = @_;
+	my $exp = Expect->spawn("openssl rsa -pubout -in private_key.pem -out public_key.pem")
+		or die "Failed to generate public_key.pem";
+	$exp->raw_pty(1);
+	$exp->expect(1,
+		[ qr/private_key\.pem:/ => sub { 
+			$exp->send("$password\r"); exp_continue;
+		} ]
+	);
+	$exp->soft_close();
+}
+
+sub generate_keys {
+	my ($password) = @_;
+	generate_private_key $password;
+	generate_public_key $password;
+	print <<THERE;
 
+To install this key in box.com:
+
+1) Go to Edit Application and select your Box Platform application.
+
+2) Scroll down to the Public Key Management section.
+
+3) Select Add Public Key as shown below.
+
+THERE
+
+	do {
+		local $/ = undef; 
+		open my $fh, "< public_key.pem";
+		print <$fh>;
+	}	
+}
 1;
diff --git a/t/basic.t b/t/basic.t
index a9843a9..0b54807 100644
--- a/t/basic.t
+++ b/t/basic.t
@@ -1,6 +1,8 @@
 use strict;
 use Test::More;
 
+use lib 'lib';
+
 require_ok 'Storage::Box';
 require_ok 'Storage::Box::Auth';
 

commit eecf8c1b68bf18b3c1b61109178f3fc669f4753f
Author: Dave Goehrig <dave at bestpractical.com>
Date:   Wed Aug 24 16:50:27 2016 +0000

    importing demo keys

diff --git a/cpanfile b/cpanfile
index e2bc4eb..909e1f0 100644
--- a/cpanfile
+++ b/cpanfile
@@ -3,6 +3,8 @@ requires 'perl', '5.008005';
 requires 'Modern::Perl', '1.20150127';
 requires 'Crypt::JWT', '0.017';
 requires 'Expect', '1.15';
+requires 'Data::UUID', '1.221';
+requires 'HTTP::Request', '6.11';
 
 on test => sub {
     requires 'Test::More', '0.96';
diff --git a/keys/private_key.pem b/keys/private_key.pem
new file mode 100644
index 0000000..a2abeef
--- /dev/null
+++ b/keys/private_key.pem
@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-256-CBC,D1096EBC94E2E79784F4D95262DFB507
+
+7VLHd97zfgn/UqHyOEyWhBaBDOgjnai5dKwPmeus9fSlKaNss6O7ft7TRlrfFO0Z
+A4bLcAZZOExec7BJQb17XQpIsfNeMJ2FuzydxiBQLjaj7jG6BQuqkaQOOocI2mTt
+Cxo8wbSGxx2mrM9CfnkNtIHoctG+WoKFRa/d+vSeOXFBDSkzC6WTAMasVAuY+E9i
+ll41Q0NTNgduMIkQiTtFOWnGfNfk852Wvz2e9pb6u8Ql/P1qOwnjHTMouc4eRYd8
+tgTHsvxUbXXuGctusKvivapvdaLj5mZ1Y7ewGBlQmT0I4LbPCSWeDyz/DRRBy2CO
+nnigELKhEwjakWQ2o5prRkrdyn8zFVeqDUur2zw4d7XPXnIfs8XyQaA23p4XhpDX
+7yCHBfin72Mf1z8ZVhtFAYH16Ii9MXzmaBzCiwXc4RgWWqC5jByIDSs7et8oLtIn
++miJw1dFZUGWH7dV3wi8rKZpg9X76eq1OzOHYmydRWpX7DGFEsFBeKc7En8Yihxx
+V3mPAA5DSD/BzXpNLVPWxODIE2KJaHGplbFb9pLCLrwQniZ/uxN6cBHXCy26PibE
+4GJOed/Y1u5NizZScd991sB+jyiHlT7w/P2Q1yu8RbukwOLWuZW7n/6OW0SnI9ls
+YIhCElR7jMlntxpcb246IB47/Ka07Ad7FY5/K4HSQvU0cUR00aCjfbYbu3R80stJ
+n49rMHQWhY7QLkLvMIElNV+u1H6wsn32WWxu7kiBIAR8xF63xuC9AX4NNuX51z04
+4L3Ri0M3DPsRj9ZjBAEAe0h3CoI8oF94WPuN1YbQrZzgkWVcv+YV9Uc75twZ46Ll
+usLFQ6FT3ucouAAc/FdKK30nDcrXRz3xzv3D+eheqCdFD1KcNYWVEb5jEhWo9Z8E
+FDsgbaYSb/2mwqVltgbM1PDXjKlFfTTFizwt3MkaRgD3F/tYDZLMrqm4f8s+cU30
+XkMUEpiDAlvy+EZdrhpz5Bxa7vB8KhVlY2tJdttgzZPrWz0irQCA0aEjNT13TbD2
+ZvXdB3HZmx9zS2hcQ4XFJjwC7ph7qFqWq5/ya5wA4+G7oKXCx1RFPIvKgl2mmldP
+V+Svu5WigFWsaGVC1tEuIeZaSl09JN/S7AROm75CKhOMgredRE6ZuQANuDgcw8RF
+3ES+yLIWY1S4+S7kTGNijsznld6rZPUMsb9GMMMr4nYMCPzFX3IMHaepOCXryxxC
+wj3aUqT6Deo93EgP8ULzvp3waaXICfhMm/e+Ak/+ROtAlNfV9COh0ZT8s2RRywf5
+rDYiLa/81vq7KBrOxzB1SAv/g0yHPhAcfffdtquG1i4aLVV45gf1f3tPxvxM/pqD
+y5pklWYt0YAzB4Owq2G8OLF08yTQX1Wz4PPQ/Wu+foYtme4aeKcuswn4NX69LVwH
+Zt25sCj7PpsMqVCBH8U9ApCPD0pOt0hpv3d46yL3R24w4as4LDgBhuGPZeJtKhBC
+IbaoOuXdhaRZ9MU39yWqx6UrWDv5GcWeA+/n/klbbc5OVfEwjXrBVmjgJ0+LQJ1+
+kuTgUfQyCKvAYdxm6mQRJEmyQiyKaoa74gxEl4fTRR86kB9fBWjAVD4STs2TLOPc
+-----END RSA PRIVATE KEY-----
diff --git a/keys/public_key.pem b/keys/public_key.pem
new file mode 100644
index 0000000..e16f2dd
--- /dev/null
+++ b/keys/public_key.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/OdIFN3Q2rrltTU2kHQ
+FyAB+B6yaCy6fknTKgpRRCTRfcnezNLXu2bdwEllsF6+6Ctca9lrH7PSJfnQEkfU
+MhdZYuvulQKusNuSS5pfgAC38UhqqH3d4gCGBcReA8sRLmLJBWBf4jP0Y52Izxlp
+193213gKEaQiOZsXdXV1yVX6s8Vp5feV7YTz2puULSydyo0ETBlsnLDsk9GYMy8g
+Tz0IrmLpjarIqzLcMWYvBacbP3qox4nWvl1rY6C4w9/e3+mKHSE4phfBe0XVf220
+MN8Z9+wnFJ1btBkSdgc0RZCM8UV00hMafqL6IrzilIO67uuoUWHVlPDbKvfclhDm
+AwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/lib/Storage/Box.pm b/lib/Storage/Box.pm
index 09e1803..89fbaaa 100644
--- a/lib/Storage/Box.pm
+++ b/lib/Storage/Box.pm
@@ -1,13 +1,10 @@
+# vim: ai ts=4 sts=4 et sw=4 ft=perl
+
 package Storage::Box;
 
 use Modern::Perl;
 our $VERSION = '0.01';
-
-
-
-
-1;
-__END__
+=pod 
 
 =encoding utf-8
 
@@ -23,6 +20,14 @@ Storage::Box - Blah blah blah
 
 Storage::Box is 
 
+=head1 METHODS
+
+=cut
+
+
+
+=pod
+
 =head1 AUTHOR
 
 Dave Goehrig E<lt>dave at dloh.orgE<gt>
@@ -39,3 +44,7 @@ it under the same terms as Perl itself.
 =head1 SEE ALSO
 
 =cut
+
+1;
+
+
diff --git a/lib/Storage/Box/Auth.pm b/lib/Storage/Box/Auth.pm
index b4e2974..70b9b99 100644
--- a/lib/Storage/Box/Auth.pm
+++ b/lib/Storage/Box/Auth.pm
@@ -1,40 +1,96 @@
+# vim: ai ts=4 sts=4 et sw=4 ft=perl
+
 package Storage::Box::Auth;
 
+=pod
+
+=head1 NAME
+
+Storage::Box::Auth -- provides OAuth2 + JWT authentication and key management
+
+=head1 SYNOPSIS
+
+  Storage::Box::Auth::generate_keys("my-super-secret-password");
+  ...
+  Storate::Box::Auth::enterprise("keyid","enterpriseid")
+    or
+  Storate::Box::Auth::user("keyid","userid")
+
+=head1 DESCRIPTION
+
+This package manages the OAuth2 + JWT authentication scheme for applications used
+by box.com.  It provides utility methods for generating a rsa aes256 2048bit 
+public / private key pair.  It also provides authentication for both user and
+enterprise account types.
+
+=cut
+
 use Modern::Perl;
 use Crypt::JWT;
 use Expect;
+use Data::UUID;
+use HTTP::Request;
+use LWP::UserAgent;
+
+=pod
+
+=head1 METHODS
+
+B<generate_private_key($password)>
+
+  Using openssl, this generates a 2048 bit aes256 private key file
+
+=cut 
 
 sub generate_private_key {
-	my ($password) = @_;
-	my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048") 
-		or die "Failed to generate private_key.pem";
-	$exp->raw_pty(1);
-	$exp->expect(1,
-		[ qr/private_key\.pem:/ => sub { 
-			$exp->send("$password\r"); exp_continue;
-		} ]
-	);
-	$exp->soft_close();
+my ($password) = @_;
+    my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048") 
+        or die "Failed to generate private_key.pem";
+    $exp->raw_pty(1);
+    $exp->expect(1,
+        [ qr/private_key\.pem:/ => sub { 
+            $exp->send("$password\r"); exp_continue;
+        } ]
+    );
+    $exp->soft_close();
 }
 
+=pod
+
+B<generate_public_key($password)>
+
+  Using openssl, outputs the public key associated with the private_key.pem.
+  The password must be the password associated with the private key.
+
+=cut
+
 sub generate_public_key {
-	my ($password) = @_;
-	my $exp = Expect->spawn("openssl rsa -pubout -in private_key.pem -out public_key.pem")
-		or die "Failed to generate public_key.pem";
-	$exp->raw_pty(1);
-	$exp->expect(1,
-		[ qr/private_key\.pem:/ => sub { 
-			$exp->send("$password\r"); exp_continue;
-		} ]
-	);
-	$exp->soft_close();
+    my ($password) = @_;
+    my $exp = Expect->spawn("openssl rsa -pubout -in private_key.pem -out public_key.pem")
+        or die "Failed to generate public_key.pem";
+    $exp->raw_pty(1);
+    $exp->expect(1,
+        [ qr/private_key\.pem:/ => sub { 
+            $exp->send("$password\r"); exp_continue;
+        } ]
+    );
+    $exp->soft_close();
 }
 
+=pod
+
+B<generate_keys($password)>
+
+  Using openssl, this generate a public / private keypair with the given password.
+  This function also outputs basic instructions for installing the public key at box.com
+
+=cut
+
 sub generate_keys {
-	my ($password) = @_;
-	generate_private_key $password;
-	generate_public_key $password;
-	print <<THERE;
+    my ($password) = @_;
+    generate_private_key $password;
+    generate_public_key $password;
+    print <<THERE;
 
 To install this key in box.com:
 
@@ -46,10 +102,142 @@ To install this key in box.com:
 
 THERE
 
-	do {
-		local $/ = undef; 
-		open my $fh, "< public_key.pem";
-		print <$fh>;
-	}	
+    do {
+        local $/ = undef; 
+        open my $fh, "< public_key.pem";
+        print <$fh>;
+    }
+}
+
+=pod
+
+B<private_key($keyfile)>
+
+    Loads a private keyfile
+=cut
+
+sub private_key {
+    my ($keyfile) = @_;
+    open my $fh, "< $keyfile" or die "Failed to open $keyfile\n";
+    local $/ = undef;
+    Crypt::OpenSSL::RSA->new_private_key(<$fh>);
+}
+
+=pod
+
+B<enterprise($password,$kid,$keyfile,$clientid,$entperpriseid)>
+
+    Creates a JWT assertion for an enterprise account.
+
+    * $password = password for the keyfile
+    * $kid = key id generated by Box.com
+    * $keyfile = path to the private keyfile
+    * $clientid = client id of the application creating the assertion
+    * $enterpriseid = token specific to an enterprise when creating and managing app users
+
+=cut
+
+sub enterprise {
+    my ($password,$kid,$keyfile,$clientid,$entperpriseid) = @_;
+    my $ug = Data::UUID->new;
+    my $jti = $ug->to_b64string($ug->create);
+    my %claims = (
+        iss => $clientid,
+        sub => $enterpriseid,
+        box_sub_type => "enterprise",
+        aud => "https://api.box.com/oauth2/token",
+        jti => $jti
+    );
+    Crypt::JWT::encode_jwt( 
+        alg => "RS256",
+        payload => \%claims,
+        auto_iat => 1,
+        relative_exp =>1,
+        key => private_key($keyfile),
+        keypass => $password,
+        extra_headers =>  { kid => $kid },
+    );
+}
+
+=pod
+
+B<user($password,$kid,$keyfile,$clientid,$userid)>
+
+    Creates a JWT assertion for a user account.
+
+    * $password = password for the keyfile
+    * $kid = key id generated by Box.com
+    * $keyfile = path to the private keyfile
+    * $clientid = client id of the application creating the assertion
+    * $userid = app user_id for a token specific to an individual app user.
+
+=cut
+
+sub user {
+    my ($password,$kid,$keyfile,$clientid,$entperpriseid) = @_;
+    my $ug = Data::UUID->new;
+    my $jti = $ug->to_b64string($ug->create);
+    my %claims = (
+        iss => $clientid,
+        sub => $userid,
+        box_sub_type => "user",
+        aud => "https://api.box.com/oauth2/token",
+        jti => $jti
+    );
+    Crypt::JWT::encode_jwt( 
+        alg => "RS256",
+        payload => \%claims,
+        auto_iat => 1,
+        relative_exp =>1,
+        key => private_key($keyfile),
+        keypass => $password,
+        extra_headers =>  { kid => $kid },
+    );
+}
+
+=pod
+
+B<request($client_id,$client_secret,$jwt)>
+
+    Requests an OAuth2 token for the given client, secret, and jwt
+
+=cut
+
+sub request {
+    my ($client_id,$secret,$jwt) = @_;
+    my $req = HTTP::Request->new(POST => "https://api.box.com/oauth2/token");
+    $req->header("Content-Type" => "application/x-www-form-urlencoded");
+    $req->content(
+        "grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&" .
+        "assertion=$jwt&" .
+        "client_id=$client_id&" .
+        "client_secret=$secret"
+    );
+    my $ua = LWP::UserAgent->new;
+    my $resp = $ua->request($req);
+    
 }
+
+
+
+=pod
+
+=head1 TO DO
+
+stuff
+
+=head1 BUGS
+
+lots
+
+=head1 COPYRIGHT
+
+Best Practical LLC.
+
+=head1 AUTHORS
+
+Dave Goehrig <dave at dloh.org>
+
+=cut
+
 1;

-----------------------------------------------------------------------


More information about the Bps-public-commit mailing list