From 4f23ee8c52061b067c53eb0eb02080057dc79c0c Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Wed, 21 Dec 2011 15:48:55 +0100
Subject: [PATCH] Add sample perl code to decrypt authentication tokens

Code from Claes Jakobsson
---
 .../communityauth/sample/perl/generic_perl.pl | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 tools/communityauth/sample/perl/generic_perl.pl

diff --git a/tools/communityauth/sample/perl/generic_perl.pl b/tools/communityauth/sample/perl/generic_perl.pl
new file mode 100644
index 00000000..0fab1330
--- /dev/null
+++ b/tools/communityauth/sample/perl/generic_perl.pl
@@ -0,0 +1,30 @@
+#!/usr/bin/perl
+#
+# This is just a generic function that handles the decryption and parsing steps as
+# an example, it's not a complete authentication plugin (since that will be framework
+# dependent)
+#
+
+use strict;
+use warnings;
+
+use 5.10.0;
+
+use Crypt::CBC;
+use MIME::Base64 qw(decode_base64url);
+use URI::Escape qw(uri_unescape);
+use Data::Dumper qw(Dumper);
+
+sub encrypted_b64_to_hash {
+    my ($iv, $key, $data) = map { decode_base64url($_) } @_;
+                
+    my $cipher = Crypt::CBC->new(
+        -literal_key    => 1,
+        -key            => $key,
+        -iv             => $iv,
+        -cipher         => 'Crypt::OpenSSL::AES',
+        -header         => 'none',
+    );
+        
+    return map { /^(.*?)=(.*)/ ? ( $1 => uri_unescape($2) ) : () } split /&/, $cipher->decrypt($data);
+}
-- 
2.39.5