[Bps-public-commit] storage-box branch, master, created. eecf8c1b68bf18b3c1b61109178f3fc669f4753f
Dave Goehrig
dave at bestpractical.com
Thu Aug 25 10:42:58 EDT 2016
The branch, master has been created
at eecf8c1b68bf18b3c1b61109178f3fc669f4753f (commit)
- Log -----------------------------------------------------------------
commit f6051d7802d3aaca21e913fb43cb76c2e0e646bd
Author: Dave Goehrig <dave at bestpractical.com>
Date: Wed Aug 24 14:41:51 2016 +0000
initial import
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..24e095b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,7 @@
+/Storage-Box-*
+/.build
+/_build*
+/Build
+MYMETA.*
+!META.json
+/.prove
diff --git a/Build.PL b/Build.PL
new file mode 100644
index 0000000..0cc48bb
--- /dev/null
+++ b/Build.PL
@@ -0,0 +1,7 @@
+# This Build.PL for Storage-Box was generated by Dist::Zilla::Plugin::ModuleBuildTiny 0.015.
+use strict;
+use warnings;
+
+use 5.008005;
+use Module::Build::Tiny 0.034;
+Build_PL();
diff --git a/Changes b/Changes
new file mode 100644
index 0000000..720cd3b
--- /dev/null
+++ b/Changes
@@ -0,0 +1,4 @@
+Revision history for Storage-Box
+
+{{$NEXT}}
+ - Initial release
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..02d21b7
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,379 @@
+This software is copyright (c) 2016- by Dave Goehrig <dave at dloh.org>.
+
+This is free software; you can redistribute it and/or modify it under
+the same terms as the Perl 5 programming language system itself.
+
+Terms of the Perl programming language system itself
+
+a) the GNU General Public License as published by the Free
+ Software Foundation; either version 1, or (at your option) any
+ later version, or
+b) the "Artistic License"
+
+--- The GNU General Public License, Version 1, February 1989 ---
+
+This software is Copyright (c) 2016- by Dave Goehrig <dave at dloh.org>.
+
+This is free software, licensed under:
+
+ The GNU General Public License, Version 1, February 1989
+
+ GNU GENERAL PUBLIC LICENSE
+ Version 1, February 1989
+
+ Copyright (C) 1989 Free Software Foundation, Inc.
+ 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The license agreements of most software companies try to keep users
+at the mercy of those companies. By contrast, our General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. The
+General Public License applies to the Free Software Foundation's
+software and to any other program whose authors commit to using it.
+You can use it for your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Specifically, the General Public License is designed to make
+sure that you have the freedom to give away or sell copies of free
+software, that you receive source code or can get it if you want it,
+that you can change the software or use pieces of it in new free
+programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of a such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must tell them their rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License Agreement applies to any program or other work which
+contains a notice placed by the copyright holder saying it may be
+distributed under the terms of this General Public License. The
+"Program", below, refers to any such program or work, and a "work based
+on the Program" means either the Program or any work containing the
+Program or a portion of it, either verbatim or with modifications. Each
+licensee is addressed as "you".
+
+ 1. You may copy and distribute verbatim copies of the Program's source
+code as you receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice and
+disclaimer of warranty; keep intact all the notices that refer to this
+General Public License and to the absence of any warranty; and give any
+other recipients of the Program a copy of this General Public License
+along with the Program. You may charge a fee for the physical act of
+transferring a copy.
+
+ 2. You may modify your copy or copies of the Program or any portion of
+it, and copy and distribute such modifications under the terms of Paragraph
+1 above, provided that you also do the following:
+
+ a) cause the modified files to carry prominent notices stating that
+ you changed the files and the date of any change; and
+
+ b) cause the whole of any work that you distribute or publish, that
+ in whole or in part contains the Program or any part thereof, either
+ with or without modifications, to be licensed at no charge to all
+ third parties under the terms of this General Public License (except
+ that you may choose to grant warranty protection to some or all
+ third parties, at your option).
+
+ c) If the modified program normally reads commands interactively when
+ run, you must cause it, when started running for such interactive use
+ in the simplest and most usual way, to print or display an
+ announcement including an appropriate copyright notice and a notice
+ that there is no warranty (or else, saying that you provide a
+ warranty) and that users may redistribute the program under these
+ conditions, and telling the user how to view a copy of this General
+ Public License.
+
+ d) You may charge a fee for the physical act of transferring a
+ copy, and you may at your option offer warranty protection in
+ exchange for a fee.
+
+Mere aggregation of another independent work with the Program (or its
+derivative) on a volume of a storage or distribution medium does not bring
+the other work under the scope of these terms.
+
+ 3. You may copy and distribute the Program (or a portion or derivative of
+it, under Paragraph 2) in object code or executable form under the terms of
+Paragraphs 1 and 2 above provided that you also do one of the following:
+
+ a) accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of
+ Paragraphs 1 and 2 above; or,
+
+ b) accompany it with a written offer, valid for at least three
+ years, to give any third party free (except for a nominal charge
+ for the cost of distribution) a complete machine-readable copy of the
+ corresponding source code, to be distributed under the terms of
+ Paragraphs 1 and 2 above; or,
+
+ c) accompany it with the information you received as to where the
+ corresponding source code may be obtained. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form alone.)
+
+Source code for a work means the preferred form of the work for making
+modifications to it. For an executable file, complete source code means
+all the source code for all modules it contains; but, as a special
+exception, it need not include source code for modules which are standard
+libraries that accompany the operating system on which the executable
+file runs, or for standard header files or definitions files that
+accompany that operating system.
+
+ 4. You may not copy, modify, sublicense, distribute or transfer the
+Program except as expressly provided under this General Public License.
+Any attempt otherwise to copy, modify, sublicense, distribute or transfer
+the Program is void, and will automatically terminate your rights to use
+the Program under this License. However, parties who have received
+copies, or rights to use copies, from you under this General Public
+License will not have their licenses terminated so long as such parties
+remain in full compliance.
+
+ 5. By copying, distributing or modifying the Program (or any work based
+on the Program) you indicate your acceptance of this license to do so,
+and all its terms and conditions.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the original
+licensor to copy, distribute or modify the Program subject to these
+terms and conditions. You may not impose any further restrictions on the
+recipients' exercise of the rights granted herein.
+
+ 7. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of the license which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+the license, you may choose any version ever published by the Free Software
+Foundation.
+
+ 8. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ Appendix: How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to humanity, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
+terms.
+
+ To do so, attach the following notices to the program. It is safest to
+attach them to the start of each source file to most effectively convey
+the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) 19yy <name of author>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 1, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+ Gnomovision version 69, Copyright (C) 19xx name of author
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the
+appropriate parts of the General Public License. Of course, the
+commands you use may be called something other than `show w' and `show
+c'; they could even be mouse-clicks or menu items--whatever suits your
+program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary. Here a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
+ program `Gnomovision' (a program to direct compilers to make passes
+ at assemblers) written by James Hacker.
+
+ <signature of Ty Coon>, 1 April 1989
+ Ty Coon, President of Vice
+
+That's all there is to it!
+
+
+--- The Artistic License 1.0 ---
+
+This software is Copyright (c) 2016- by Dave Goehrig <dave at dloh.org>.
+
+This is free software, licensed under:
+
+ The Artistic License 1.0
+
+The Artistic License
+
+Preamble
+
+The intent of this document is to state the conditions under which a Package
+may be copied, such that the Copyright Holder maintains some semblance of
+artistic control over the development of the package, while giving the users of
+the package the right to use and distribute the Package in a more-or-less
+customary fashion, plus the right to make reasonable modifications.
+
+Definitions:
+
+ - "Package" refers to the collection of files distributed by the Copyright
+ Holder, and derivatives of that collection of files created through
+ textual modification.
+ - "Standard Version" refers to such a Package if it has not been modified,
+ or has been modified in accordance with the wishes of the Copyright
+ Holder.
+ - "Copyright Holder" is whoever is named in the copyright or copyrights for
+ the package.
+ - "You" is you, if you're thinking about copying or distributing this Package.
+ - "Reasonable copying fee" is whatever you can justify on the basis of media
+ cost, duplication charges, time of people involved, and so on. (You will
+ not be required to justify it to the Copyright Holder, but only to the
+ computing community at large as a market that must bear the fee.)
+ - "Freely Available" means that no fee is charged for the item itself, though
+ there may be fees involved in handling the item. It also means that
+ recipients of the item may redistribute it under the same conditions they
+ received it.
+
+1. You may make and give away verbatim copies of the source form of the
+Standard Version of this Package without restriction, provided that you
+duplicate all of the original copyright notices and associated disclaimers.
+
+2. You may apply bug fixes, portability fixes and other modifications derived
+from the Public Domain or from the Copyright Holder. A Package modified in such
+a way shall still be considered the Standard Version.
+
+3. You may otherwise modify your copy of this Package in any way, provided that
+you insert a prominent notice in each changed file stating how and when you
+changed that file, and provided that you do at least ONE of the following:
+
+ a) place your modifications in the Public Domain or otherwise make them
+ Freely Available, such as by posting said modifications to Usenet or an
+ equivalent medium, or placing the modifications on a major archive site
+ such as ftp.uu.net, or by allowing the Copyright Holder to include your
+ modifications in the Standard Version of the Package.
+
+ b) use the modified Package only within your corporation or organization.
+
+ c) rename any non-standard executables so the names do not conflict with
+ standard executables, which must also be provided, and provide a separate
+ manual page for each non-standard executable that clearly documents how it
+ differs from the Standard Version.
+
+ d) make other distribution arrangements with the Copyright Holder.
+
+4. You may distribute the programs of this Package in object code or executable
+form, provided that you do at least ONE of the following:
+
+ a) distribute a Standard Version of the executables and library files,
+ together with instructions (in the manual page or equivalent) on where to
+ get the Standard Version.
+
+ b) accompany the distribution with the machine-readable source of the Package
+ with your modifications.
+
+ c) accompany any non-standard executables with their corresponding Standard
+ Version executables, giving the non-standard executables non-standard
+ names, and clearly documenting the differences in manual pages (or
+ equivalent), together with instructions on where to get the Standard
+ Version.
+
+ d) make other distribution arrangements with the Copyright Holder.
+
+5. You may charge a reasonable copying fee for any distribution of this
+Package. You may charge any fee you choose for support of this Package. You
+may not charge a fee for this Package itself. However, you may distribute this
+Package in aggregate with other (possibly commercial) programs as part of a
+larger (possibly commercial) software distribution provided that you do not
+advertise this Package as a product of your own.
+
+6. The scripts and library files supplied as input to or produced as output
+from the programs of this Package do not automatically fall under the copyright
+of this Package, but belong to whomever generated them, and may be sold
+commercially, and may be aggregated with this Package.
+
+7. C or perl subroutines supplied by you and linked into this Package shall not
+be considered part of this Package.
+
+8. The name of the Copyright Holder may not be used to endorse or promote
+products derived from this software without specific prior written permission.
+
+9. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+The End
+
diff --git a/META.json b/META.json
new file mode 100644
index 0000000..1bf1b91
--- /dev/null
+++ b/META.json
@@ -0,0 +1,56 @@
+{
+ "abstract" : "Blah blah blah",
+ "author" : [
+ "Dave Goehrig <dave at dloh.org>"
+ ],
+ "dynamic_config" : 0,
+ "generated_by" : "Dist::Milla version v1.0.16, Dist::Zilla version 6.007, CPAN::Meta::Converter version 2.150005",
+ "license" : [
+ "perl_5"
+ ],
+ "meta-spec" : {
+ "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec",
+ "version" : 2
+ },
+ "name" : "Storage-Box",
+ "no_index" : {
+ "directory" : [
+ "eg",
+ "examples",
+ "inc",
+ "share",
+ "t",
+ "xt"
+ ]
+ },
+ "prereqs" : {
+ "configure" : {
+ "requires" : {
+ "Module::Build::Tiny" : "0.034"
+ }
+ },
+ "develop" : {
+ "requires" : {
+ "Dist::Milla" : "v1.0.16",
+ "Test::Pod" : "1.41"
+ }
+ },
+ "runtime" : {
+ "requires" : {
+ "Crypt::JWT" : "0.017",
+ "Expect" : "1.15",
+ "Modern::Perl" : "1.20150127",
+ "perl" : "5.008005"
+ }
+ },
+ "test" : {
+ "requires" : {
+ "Test::More" : "0.96"
+ }
+ }
+ },
+ "release_status" : "stable",
+ "version" : "0.01",
+ "x_serialization_backend" : "Cpanel::JSON::XS version 3.0217"
+}
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..856bf39
--- /dev/null
+++ b/README.md
@@ -0,0 +1,26 @@
+# NAME
+
+Storage::Box - Blah blah blah
+
+# SYNOPSIS
+
+ use Storage::Box;
+
+# DESCRIPTION
+
+Storage::Box is
+
+# AUTHOR
+
+Dave Goehrig <dave at dloh.org>
+
+# COPYRIGHT
+
+Copyright 2016- Dave Goehrig
+
+# LICENSE
+
+This library is free software; you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+# SEE ALSO
diff --git a/cpanfile b/cpanfile
new file mode 100644
index 0000000..e2bc4eb
--- /dev/null
+++ b/cpanfile
@@ -0,0 +1,9 @@
+requires 'perl', '5.008005';
+
+requires 'Modern::Perl', '1.20150127';
+requires 'Crypt::JWT', '0.017';
+requires 'Expect', '1.15';
+
+on test => sub {
+ requires 'Test::More', '0.96';
+};
diff --git a/dist.ini b/dist.ini
new file mode 100644
index 0000000..a4dbffa
--- /dev/null
+++ b/dist.ini
@@ -0,0 +1 @@
+[@Milla]
diff --git a/lib/Storage/Box.pm b/lib/Storage/Box.pm
new file mode 100644
index 0000000..09e1803
--- /dev/null
+++ b/lib/Storage/Box.pm
@@ -0,0 +1,41 @@
+package Storage::Box;
+
+use Modern::Perl;
+our $VERSION = '0.01';
+
+
+
+
+1;
+__END__
+
+=encoding utf-8
+
+=head1 NAME
+
+Storage::Box - Blah blah blah
+
+=head1 SYNOPSIS
+
+ use Storage::Box;
+
+=head1 DESCRIPTION
+
+Storage::Box is
+
+=head1 AUTHOR
+
+Dave Goehrig E<lt>dave at dloh.orgE<gt>
+
+=head1 COPYRIGHT
+
+Copyright 2016- Dave Goehrig
+
+=head1 LICENSE
+
+This library is free software; you can redistribute it and/or modify
+it under the same terms as Perl itself.
+
+=head1 SEE ALSO
+
+=cut
diff --git a/lib/Storage/Box/Auth.pm b/lib/Storage/Box/Auth.pm
new file mode 100644
index 0000000..bc1eba8
--- /dev/null
+++ b/lib/Storage/Box/Auth.pm
@@ -0,0 +1,18 @@
+package Storage::Box::Auth;
+
+use Modern::Perl;
+use Crypt::JWT;
+use Expect;
+
+sub generate_keys {
+ my ($password) = @_;
+ my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048")
+ or die "Failed to generate private_key.pem";
+ $exp->expect(1000,
+ [ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ],
+ [ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ]
+ );
+}
+
+
+1;
diff --git a/t/basic.t b/t/basic.t
new file mode 100644
index 0000000..a9843a9
--- /dev/null
+++ b/t/basic.t
@@ -0,0 +1,9 @@
+use strict;
+use Test::More;
+
+require_ok 'Storage::Box';
+require_ok 'Storage::Box::Auth';
+
+ok Storage::Box::Auth::generate_keys('test');
+
+done_testing;
commit ab051a650f6f4eff14d7b02bd485493066509988
Author: Dave Goehrig <dave at bestpractical.com>
Date: Wed Aug 24 15:11:37 2016 +0000
Adding methods for generating key pair
diff --git a/META.json b/META.json
index 1bf1b91..c539095 100644
--- a/META.json
+++ b/META.json
@@ -51,6 +51,9 @@
},
"release_status" : "stable",
"version" : "0.01",
+ "x_contributors" : [
+ "Dave Goehrig <dave at bestpractical.com>"
+ ],
"x_serialization_backend" : "Cpanel::JSON::XS version 3.0217"
}
diff --git a/lib/Storage/Box/Auth.pm b/lib/Storage/Box/Auth.pm
index bc1eba8..b4e2974 100644
--- a/lib/Storage/Box/Auth.pm
+++ b/lib/Storage/Box/Auth.pm
@@ -4,15 +4,52 @@ use Modern::Perl;
use Crypt::JWT;
use Expect;
-sub generate_keys {
+sub generate_private_key {
my ($password) = @_;
my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048")
or die "Failed to generate private_key.pem";
- $exp->expect(1000,
- [ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ],
- [ /private_key\.pem\:/ => sub { $exp->send($password); exp_continue;} ]
+ $exp->raw_pty(1);
+ $exp->expect(1,
+ [ qr/private_key\.pem:/ => sub {
+ $exp->send("$password\r"); exp_continue;
+ } ]
);
+ $exp->soft_close();
}
+sub generate_public_key {
+ my ($password) = @_;
+ my $exp = Expect->spawn("openssl rsa -pubout -in private_key.pem -out public_key.pem")
+ or die "Failed to generate public_key.pem";
+ $exp->raw_pty(1);
+ $exp->expect(1,
+ [ qr/private_key\.pem:/ => sub {
+ $exp->send("$password\r"); exp_continue;
+ } ]
+ );
+ $exp->soft_close();
+}
+
+sub generate_keys {
+ my ($password) = @_;
+ generate_private_key $password;
+ generate_public_key $password;
+ print <<THERE;
+To install this key in box.com:
+
+1) Go to Edit Application and select your Box Platform application.
+
+2) Scroll down to the Public Key Management section.
+
+3) Select Add Public Key as shown below.
+
+THERE
+
+ do {
+ local $/ = undef;
+ open my $fh, "< public_key.pem";
+ print <$fh>;
+ }
+}
1;
diff --git a/t/basic.t b/t/basic.t
index a9843a9..0b54807 100644
--- a/t/basic.t
+++ b/t/basic.t
@@ -1,6 +1,8 @@
use strict;
use Test::More;
+use lib 'lib';
+
require_ok 'Storage::Box';
require_ok 'Storage::Box::Auth';
commit eecf8c1b68bf18b3c1b61109178f3fc669f4753f
Author: Dave Goehrig <dave at bestpractical.com>
Date: Wed Aug 24 16:50:27 2016 +0000
importing demo keys
diff --git a/cpanfile b/cpanfile
index e2bc4eb..909e1f0 100644
--- a/cpanfile
+++ b/cpanfile
@@ -3,6 +3,8 @@ requires 'perl', '5.008005';
requires 'Modern::Perl', '1.20150127';
requires 'Crypt::JWT', '0.017';
requires 'Expect', '1.15';
+requires 'Data::UUID', '1.221';
+requires 'HTTP::Request', '6.11';
on test => sub {
requires 'Test::More', '0.96';
diff --git a/keys/private_key.pem b/keys/private_key.pem
new file mode 100644
index 0000000..a2abeef
--- /dev/null
+++ b/keys/private_key.pem
@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-256-CBC,D1096EBC94E2E79784F4D95262DFB507
+
+7VLHd97zfgn/UqHyOEyWhBaBDOgjnai5dKwPmeus9fSlKaNss6O7ft7TRlrfFO0Z
+A4bLcAZZOExec7BJQb17XQpIsfNeMJ2FuzydxiBQLjaj7jG6BQuqkaQOOocI2mTt
+Cxo8wbSGxx2mrM9CfnkNtIHoctG+WoKFRa/d+vSeOXFBDSkzC6WTAMasVAuY+E9i
+ll41Q0NTNgduMIkQiTtFOWnGfNfk852Wvz2e9pb6u8Ql/P1qOwnjHTMouc4eRYd8
+tgTHsvxUbXXuGctusKvivapvdaLj5mZ1Y7ewGBlQmT0I4LbPCSWeDyz/DRRBy2CO
+nnigELKhEwjakWQ2o5prRkrdyn8zFVeqDUur2zw4d7XPXnIfs8XyQaA23p4XhpDX
+7yCHBfin72Mf1z8ZVhtFAYH16Ii9MXzmaBzCiwXc4RgWWqC5jByIDSs7et8oLtIn
++miJw1dFZUGWH7dV3wi8rKZpg9X76eq1OzOHYmydRWpX7DGFEsFBeKc7En8Yihxx
+V3mPAA5DSD/BzXpNLVPWxODIE2KJaHGplbFb9pLCLrwQniZ/uxN6cBHXCy26PibE
+4GJOed/Y1u5NizZScd991sB+jyiHlT7w/P2Q1yu8RbukwOLWuZW7n/6OW0SnI9ls
+YIhCElR7jMlntxpcb246IB47/Ka07Ad7FY5/K4HSQvU0cUR00aCjfbYbu3R80stJ
+n49rMHQWhY7QLkLvMIElNV+u1H6wsn32WWxu7kiBIAR8xF63xuC9AX4NNuX51z04
+4L3Ri0M3DPsRj9ZjBAEAe0h3CoI8oF94WPuN1YbQrZzgkWVcv+YV9Uc75twZ46Ll
+usLFQ6FT3ucouAAc/FdKK30nDcrXRz3xzv3D+eheqCdFD1KcNYWVEb5jEhWo9Z8E
+FDsgbaYSb/2mwqVltgbM1PDXjKlFfTTFizwt3MkaRgD3F/tYDZLMrqm4f8s+cU30
+XkMUEpiDAlvy+EZdrhpz5Bxa7vB8KhVlY2tJdttgzZPrWz0irQCA0aEjNT13TbD2
+ZvXdB3HZmx9zS2hcQ4XFJjwC7ph7qFqWq5/ya5wA4+G7oKXCx1RFPIvKgl2mmldP
+V+Svu5WigFWsaGVC1tEuIeZaSl09JN/S7AROm75CKhOMgredRE6ZuQANuDgcw8RF
+3ES+yLIWY1S4+S7kTGNijsznld6rZPUMsb9GMMMr4nYMCPzFX3IMHaepOCXryxxC
+wj3aUqT6Deo93EgP8ULzvp3waaXICfhMm/e+Ak/+ROtAlNfV9COh0ZT8s2RRywf5
+rDYiLa/81vq7KBrOxzB1SAv/g0yHPhAcfffdtquG1i4aLVV45gf1f3tPxvxM/pqD
+y5pklWYt0YAzB4Owq2G8OLF08yTQX1Wz4PPQ/Wu+foYtme4aeKcuswn4NX69LVwH
+Zt25sCj7PpsMqVCBH8U9ApCPD0pOt0hpv3d46yL3R24w4as4LDgBhuGPZeJtKhBC
+IbaoOuXdhaRZ9MU39yWqx6UrWDv5GcWeA+/n/klbbc5OVfEwjXrBVmjgJ0+LQJ1+
+kuTgUfQyCKvAYdxm6mQRJEmyQiyKaoa74gxEl4fTRR86kB9fBWjAVD4STs2TLOPc
+-----END RSA PRIVATE KEY-----
diff --git a/keys/public_key.pem b/keys/public_key.pem
new file mode 100644
index 0000000..e16f2dd
--- /dev/null
+++ b/keys/public_key.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/OdIFN3Q2rrltTU2kHQ
+FyAB+B6yaCy6fknTKgpRRCTRfcnezNLXu2bdwEllsF6+6Ctca9lrH7PSJfnQEkfU
+MhdZYuvulQKusNuSS5pfgAC38UhqqH3d4gCGBcReA8sRLmLJBWBf4jP0Y52Izxlp
+193213gKEaQiOZsXdXV1yVX6s8Vp5feV7YTz2puULSydyo0ETBlsnLDsk9GYMy8g
+Tz0IrmLpjarIqzLcMWYvBacbP3qox4nWvl1rY6C4w9/e3+mKHSE4phfBe0XVf220
+MN8Z9+wnFJ1btBkSdgc0RZCM8UV00hMafqL6IrzilIO67uuoUWHVlPDbKvfclhDm
+AwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/lib/Storage/Box.pm b/lib/Storage/Box.pm
index 09e1803..89fbaaa 100644
--- a/lib/Storage/Box.pm
+++ b/lib/Storage/Box.pm
@@ -1,13 +1,10 @@
+# vim: ai ts=4 sts=4 et sw=4 ft=perl
+
package Storage::Box;
use Modern::Perl;
our $VERSION = '0.01';
-
-
-
-
-1;
-__END__
+=pod
=encoding utf-8
@@ -23,6 +20,14 @@ Storage::Box - Blah blah blah
Storage::Box is
+=head1 METHODS
+
+=cut
+
+
+
+=pod
+
=head1 AUTHOR
Dave Goehrig E<lt>dave at dloh.orgE<gt>
@@ -39,3 +44,7 @@ it under the same terms as Perl itself.
=head1 SEE ALSO
=cut
+
+1;
+
+
diff --git a/lib/Storage/Box/Auth.pm b/lib/Storage/Box/Auth.pm
index b4e2974..70b9b99 100644
--- a/lib/Storage/Box/Auth.pm
+++ b/lib/Storage/Box/Auth.pm
@@ -1,40 +1,96 @@
+# vim: ai ts=4 sts=4 et sw=4 ft=perl
+
package Storage::Box::Auth;
+=pod
+
+=head1 NAME
+
+Storage::Box::Auth -- provides OAuth2 + JWT authentication and key management
+
+=head1 SYNOPSIS
+
+ Storage::Box::Auth::generate_keys("my-super-secret-password");
+ ...
+ Storate::Box::Auth::enterprise("keyid","enterpriseid")
+ or
+ Storate::Box::Auth::user("keyid","userid")
+
+=head1 DESCRIPTION
+
+This package manages the OAuth2 + JWT authentication scheme for applications used
+by box.com. It provides utility methods for generating a rsa aes256 2048bit
+public / private key pair. It also provides authentication for both user and
+enterprise account types.
+
+=cut
+
use Modern::Perl;
use Crypt::JWT;
use Expect;
+use Data::UUID;
+use HTTP::Request;
+use LWP::UserAgent;
+
+=pod
+
+=head1 METHODS
+
+B<generate_private_key($password)>
+
+ Using openssl, this generates a 2048 bit aes256 private key file
+
+=cut
sub generate_private_key {
- my ($password) = @_;
- my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048")
- or die "Failed to generate private_key.pem";
- $exp->raw_pty(1);
- $exp->expect(1,
- [ qr/private_key\.pem:/ => sub {
- $exp->send("$password\r"); exp_continue;
- } ]
- );
- $exp->soft_close();
+my ($password) = @_;
+ my $exp = Expect->spawn("openssl genrsa -aes256 -out private_key.pem 2048")
+ or die "Failed to generate private_key.pem";
+ $exp->raw_pty(1);
+ $exp->expect(1,
+ [ qr/private_key\.pem:/ => sub {
+ $exp->send("$password\r"); exp_continue;
+ } ]
+ );
+ $exp->soft_close();
}
+=pod
+
+B<generate_public_key($password)>
+
+ Using openssl, outputs the public key associated with the private_key.pem.
+ The password must be the password associated with the private key.
+
+=cut
+
sub generate_public_key {
- my ($password) = @_;
- my $exp = Expect->spawn("openssl rsa -pubout -in private_key.pem -out public_key.pem")
- or die "Failed to generate public_key.pem";
- $exp->raw_pty(1);
- $exp->expect(1,
- [ qr/private_key\.pem:/ => sub {
- $exp->send("$password\r"); exp_continue;
- } ]
- );
- $exp->soft_close();
+ my ($password) = @_;
+ my $exp = Expect->spawn("openssl rsa -pubout -in private_key.pem -out public_key.pem")
+ or die "Failed to generate public_key.pem";
+ $exp->raw_pty(1);
+ $exp->expect(1,
+ [ qr/private_key\.pem:/ => sub {
+ $exp->send("$password\r"); exp_continue;
+ } ]
+ );
+ $exp->soft_close();
}
+=pod
+
+B<generate_keys($password)>
+
+ Using openssl, this generate a public / private keypair with the given password.
+ This function also outputs basic instructions for installing the public key at box.com
+
+=cut
+
sub generate_keys {
- my ($password) = @_;
- generate_private_key $password;
- generate_public_key $password;
- print <<THERE;
+ my ($password) = @_;
+ generate_private_key $password;
+ generate_public_key $password;
+ print <<THERE;
To install this key in box.com:
@@ -46,10 +102,142 @@ To install this key in box.com:
THERE
- do {
- local $/ = undef;
- open my $fh, "< public_key.pem";
- print <$fh>;
- }
+ do {
+ local $/ = undef;
+ open my $fh, "< public_key.pem";
+ print <$fh>;
+ }
+}
+
+=pod
+
+B<private_key($keyfile)>
+
+ Loads a private keyfile
+=cut
+
+sub private_key {
+ my ($keyfile) = @_;
+ open my $fh, "< $keyfile" or die "Failed to open $keyfile\n";
+ local $/ = undef;
+ Crypt::OpenSSL::RSA->new_private_key(<$fh>);
+}
+
+=pod
+
+B<enterprise($password,$kid,$keyfile,$clientid,$entperpriseid)>
+
+ Creates a JWT assertion for an enterprise account.
+
+ * $password = password for the keyfile
+ * $kid = key id generated by Box.com
+ * $keyfile = path to the private keyfile
+ * $clientid = client id of the application creating the assertion
+ * $enterpriseid = token specific to an enterprise when creating and managing app users
+
+=cut
+
+sub enterprise {
+ my ($password,$kid,$keyfile,$clientid,$entperpriseid) = @_;
+ my $ug = Data::UUID->new;
+ my $jti = $ug->to_b64string($ug->create);
+ my %claims = (
+ iss => $clientid,
+ sub => $enterpriseid,
+ box_sub_type => "enterprise",
+ aud => "https://api.box.com/oauth2/token",
+ jti => $jti
+ );
+ Crypt::JWT::encode_jwt(
+ alg => "RS256",
+ payload => \%claims,
+ auto_iat => 1,
+ relative_exp =>1,
+ key => private_key($keyfile),
+ keypass => $password,
+ extra_headers => { kid => $kid },
+ );
+}
+
+=pod
+
+B<user($password,$kid,$keyfile,$clientid,$userid)>
+
+ Creates a JWT assertion for a user account.
+
+ * $password = password for the keyfile
+ * $kid = key id generated by Box.com
+ * $keyfile = path to the private keyfile
+ * $clientid = client id of the application creating the assertion
+ * $userid = app user_id for a token specific to an individual app user.
+
+=cut
+
+sub user {
+ my ($password,$kid,$keyfile,$clientid,$entperpriseid) = @_;
+ my $ug = Data::UUID->new;
+ my $jti = $ug->to_b64string($ug->create);
+ my %claims = (
+ iss => $clientid,
+ sub => $userid,
+ box_sub_type => "user",
+ aud => "https://api.box.com/oauth2/token",
+ jti => $jti
+ );
+ Crypt::JWT::encode_jwt(
+ alg => "RS256",
+ payload => \%claims,
+ auto_iat => 1,
+ relative_exp =>1,
+ key => private_key($keyfile),
+ keypass => $password,
+ extra_headers => { kid => $kid },
+ );
+}
+
+=pod
+
+B<request($client_id,$client_secret,$jwt)>
+
+ Requests an OAuth2 token for the given client, secret, and jwt
+
+=cut
+
+sub request {
+ my ($client_id,$secret,$jwt) = @_;
+ my $req = HTTP::Request->new(POST => "https://api.box.com/oauth2/token");
+ $req->header("Content-Type" => "application/x-www-form-urlencoded");
+ $req->content(
+ "grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&" .
+ "assertion=$jwt&" .
+ "client_id=$client_id&" .
+ "client_secret=$secret"
+ );
+ my $ua = LWP::UserAgent->new;
+ my $resp = $ua->request($req);
+
}
+
+
+
+=pod
+
+=head1 TO DO
+
+stuff
+
+=head1 BUGS
+
+lots
+
+=head1 COPYRIGHT
+
+Best Practical LLC.
+
+=head1 AUTHORS
+
+Dave Goehrig <dave at dloh.org>
+
+=cut
+
1;
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list