From 1f03bd52e91dc1744068778d0d9656577753ef0e Mon Sep 17 00:00:00 2001
From: Thomas Klausner <domm@cpan.org>
Date: Mon, 1 Dec 2008 23:27:49 +0100
Subject: store pauseid in session after successfull login

---
 lib/PAUSE/OpenID/Controller/Root.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/PAUSE/OpenID/Controller/Root.pm b/lib/PAUSE/OpenID/Controller/Root.pm
index 566a0a1..12bcac6 100644
--- a/lib/PAUSE/OpenID/Controller/Root.pm
+++ b/lib/PAUSE/OpenID/Controller/Root.pm
@@ -76,6 +76,7 @@ sub login :Local {
     
     if ($res->code == 200) {
         $c->log->info('login pass');
+        $c->session->{pauseid} = $username;
         $c->res->redirect($c->uri_for('/login_pass'));
     }
     else {
@@ -86,7 +87,7 @@ sub login :Local {
 
 sub login_pass :Local {
     my ( $self, $c ) = @_;
-    
+
     $c->res->content_type('text/plain');
     $c->res->body('login pass');
 }
-- 
cgit v1.2.3


From df3923706db0a920e652f8f16b00372a225e7f35 Mon Sep 17 00:00:00 2001
From: Jozef Kutej <jozef@kutej.net>
Date: Mon, 1 Dec 2008 23:38:13 +0100
Subject: server certificate validation

---
 lib/PAUSE/OpenID/Controller/Root.pm | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/PAUSE/OpenID/Controller/Root.pm b/lib/PAUSE/OpenID/Controller/Root.pm
index 566a0a1..275bff8 100644
--- a/lib/PAUSE/OpenID/Controller/Root.pm
+++ b/lib/PAUSE/OpenID/Controller/Root.pm
@@ -71,8 +71,14 @@ sub login :Local {
     $c->log->debug('username "'.$username.'" login attempt');
     
     my $ua = LWP::UserAgent->new;
+    my $req = HTTP::Request->new(GET => 'https://pause.perl.org/pause/authenquery');
+    $req->header('If-SSL-Cert-Subject' => '/CN=pause.perl.org');
+    local $ENV{HTTPS_CA_DIR} = $c->config->{'ssl'}->{'ca_dir'};
     $ua->credentials('pause.perl.org:443', 'PAUSE', $username, $password);
-    my $res = $ua->get('https://pause.perl.org/pause/authenquery');
+    my $res = $ua->request($req);
+    
+    die 'pause server certificate validation failed'
+        if exists $res->headers->{'client-ssl-warning'};
     
     if ($res->code == 200) {
         $c->log->info('login pass');
@@ -80,6 +86,9 @@ sub login :Local {
     }
     else {
         $c->log->warn('login failed');
+        use Data::Dumper;
+        die Dumper($res);
+        
         $c->res->redirect($c->uri_for('/login_failed'));
     }
 }
-- 
cgit v1.2.3