From c721370bc2c7ee369b292ba768cb20a9864a805c Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 2 Sep 2018 05:48:19 +0200
Subject: Fripost::Session: OO interface.

---
 lib/Fripost/Session.pm | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'lib/Fripost')

diff --git a/lib/Fripost/Session.pm b/lib/Fripost/Session.pm
index 888385f..8cf6405 100644
--- a/lib/Fripost/Session.pm
+++ b/lib/Fripost/Session.pm
@@ -31,10 +31,10 @@ use Crypt::URandom "urandom";
 use Fripost ();
 
 
-# create(Fripost object)
+# new(Fripost object)
 #   Create a new ephemeral session from a Fripost object, and return
 #   suitable credentials for later SASL proxy authorization.
-sub create($$) {
+sub new($$) {
     my ($class, $fp) = @_;
 
     # don't base64-encode but hex-encode as the commonName is case-insensitive
@@ -68,23 +68,23 @@ sub create($$) {
     bless \%creds, $class;
 }
 
-# authenticate(CREDENTIALS, OPTION => VALUE, ..)
+# authenticate(OPTION => VALUE, ..)
 #   Create a new Fripost object and return it after authentication
 #   (using SASL proxy authorization with the ephemeral credentials).
 #   If the "refresh" is set (the default), then TTL value of the entry
 #   on the backup is refreshed.
 sub authenticate($%) {
-    my $creds = shift;
+    my $self = shift;
     my %conf = @_;
 
     my $refresh = delete $conf{refresh} // 1;
     my $authcid = sprintf($conf{ldap}->{"session-authcID"} // "%s",
-            $creds->{authcid});
+            $self->{authcid});
 
     my $sasl = Authen::SASL::->new( mechanism => "PLAIN", callback  => {
          user => $authcid
-       , pass => $creds->{password}
-       , authname => $creds->{authzid}
+       , pass => $self->{password}
+       , authname => $self->{authzid}
     }) or die "Creation of Authen::SASL object failed";
 
     my $fp = Fripost::->new(%conf);
@@ -94,7 +94,7 @@ sub authenticate($%) {
     
     if ($refresh) {
         my $dn = sprintf($conf{ldap}->{"session-authcDN"} // "%s",
-            escape_dn_value($creds->{authcid}));
+            escape_dn_value($self->{authcid}));
         my $ttl = $conf{www}->{"cache-expires"};
         $r = $fp->{_ldap}->refresh(entryName => $dn, requestTtl => $ttl);
         $fp->croak("LDAP error code %i: %s\n", $r->code, $r->error)
@@ -103,17 +103,17 @@ sub authenticate($%) {
     return $fp;
 }
 
-# authenticate(CREDENTIALS, OPTION => VALUE, ..)
+# authenticate(OPTION => VALUE, ..)
 #   Create a new Fripost object, authenticate (using SASL proxy
 #   authorization), and delete the entry on the LDAP backend.
 sub destroy($%) {
-    my $creds = shift;
+    my $self = shift;
     my %conf = @_;
 
     my $dn = sprintf($conf{ldap}->{"session-authcDN"} // "%s",
-        escape_dn_value($creds->{authcid}));
+        escape_dn_value($self->{authcid}));
 
-    my $fp = authenticate($creds, %conf, refresh => 0);
+    my $fp = authenticate($self, %conf, refresh => 0);
     my $r = $fp->{_ldap}->delete($dn);
     $fp->croak("LDAP error code %i: %s\n", $r->code, $r->error)
         unless $r->code == LDAP_SUCCESS;
-- 
cgit v1.2.3