Net::OAuth::All - a wrapper round the OAuth protocol of all versions(1.0, 1.0A, 2.0).
use Net::OAuth::All;
use HTTP::Request::Common;
my $ua = LWP::UserAgent->new;
my $res;
my $conf;
my $oauth;
# OAuth 1.0 and 1.0A
$conf = {
consumer_key => 'enter your own',
consumer_secret => 'enter your own',
signature_method => 'HMAC-SHA1',
request_token_url => 'https://provider.com/request_token', # enter your own
authorization_url => 'https://provider.com/authorize', # enter your own
access_token_url => 'https://provider.com/access_token', # enter your own
};
$oauth = Net::OAuth::All->new(%$conf);
# Consumer Get request token
$res = $ua->get($oauth->request('request_token')->to_url);
my $request_token;
my $request_token_secret;
if ($res->is_success) {
$oauth->response->from_post_body($res->content);
$request_token = $oauth->token;
$request_token_secret = $oauth->token_secret;
} else {
die "Something went wrong";
}
# Consumer Get authorization URL for redirect to provider
$oauth->request('authorization')->to_url;
# Consumer Get access token
my $oauth_verifier = 'from provider'; #from GET params after callback
$oauth = Net::OAuth::All->new(
%$conf,
(
'token' => $request_token,
'token_secret' => $request_token_secret,
'verifier' => $oauth_verifier, # for OAuth 1.0A
)
);
$res = $ua->post(
$oauth->via('POST')->request('access_token')->url,
'Content-Type' => 'application/x-www-form-urlencoded',
'Authorization' => $oauth->to_header,
);
my $access_token;
my $access_token_secret;
if ($res->is_success) {
$oauth->response->from_post_body($res->content);
$access_token = $oauth->token;
$access_token_secret = $oauth->token_secret;
} else {
die "Something went wrong";
}
# Make protected request to API
$oauth = Net::OAuth::All->new(
%$conf,
(
'token' => $access_token,
'token_secret' => $access_token_secret,
)
);
$oauth
->via('POST')
->protected_resource_url('http://provider-api.com/v2/feed/me')
->clean_extra
->put_extra(
'alt' => 'json'
)
->request('protected_resource');
$res = $ua->post(
$oauth->url,
'Content-Type' => 'application/x-www-form-urlencoded',
'Authorization' => $oauth->to_header,
'Content' => $oauth->to_post_body,
);
# if you need to post JSON, for example Google Buzz update activity
# at this moment we change request method to POST and put extra params
# but we need to change URL
# after change data we SHOULD signing
$oauth
->protected_resource_url('https://www.googleapis.com/buzz/v1/activities/@me/@self')
->sign;
$res = $ua->post(
$oauth->to_url(1),# put extra params to URL
'Content-Type' => 'application/json',
'Authorization' => $oauth->to_header,
'Content' => q({"data": {"object": {"type": "note", "content": "I`m in Google BUZZ"}}}),
);
At this moment module suppoted Consumer implementation of OAuth 1.0, 1.0A and 2.0 versions.
- module_version
Is optional param. Is OAuth version, may be '1.0','1.0A' or '2.0'. Module has auto detection of this param according to service provider params.
- signature_method
Is optional param, HMAC-SHA1 by default. Suppoted PLAINTEXT, HMAC-SHA1 and RSA-SHA1.
- signature_key_file
Is required param for RSA-SHA1 signatures. Is path to *.pem file
- extra_params
Is optional HASH reference param, but may be required by provider.
- request_token_url
Is required param. URL for get request token
- authorization_url
Is required param. URL for authorization on service provider
- access_token_url
Is required param. URL for get access token
- consumer_key
Is required param. Is issued by provider
- consumer_secret
Is required param. Is issued by provider
- callback
Is optional param.
- type
Is required param. Is issued by provider. At this moment module has implementation of 'web_server' type only.
- client_id
Is required param. Is issued by provider
- client_secret
Is optional param. Is issued by provider
- redirect_uri
Is optional param.
You receives this params from service provider after request or on callback.
- token
Is for OAUTH 1.0 and 1.0A
- token_secret
Is for OAUTH 1.0 and 1.0A
- verifier
Is param for OAUTH 1.0A. Needs for get access token
- code
Is param for OAUTH 2.0. Needs for get access token
The following signature methods are supported:
- PLAINTEXT
- HMAC-SHA1
- RSA-SHA1
To use RSA-SHA1 signatures, pass -signature_key_file param to configuration.
new(%config)
Creates Net::OAuth::All object with provider configuration.
version
Returns current oauth version.
version_autodetect
Detect OAuth version from config params.
request('request type', %params)
Configure current created object for 'request type' request and check required params for request. %params is provider config.
'request type' can be 'request_token', 'authorization', 'access_token' or 'protected_resource'.
response
Clean object after request (clean 'token' and 'token_secret').
from_hash(%HASH)
Set config params from HASH.
to_header('realm', 'sep')
Generate header OAuth according to OAuth version. 'sep' is a separator, ',' by default.
EXAMPLE
1.0 or 1.0A
'OAuth realm="$realm",oauth_token=...,...,...'
2.0
'OAuth access_token here'
to_url($extra)
Generate URL with query params. Includes only extra params if $extra is TRUE.
to_hash
Returns all saved params and config params as a HASH reference.
to_post_body
Generates a body for POST request. Returns '' if current METHOD is GET. Returns only extra params if OAuth version is not 2.0.
from_post_body('BODY')
Parse POST body
sign
Signing request.
signature
Returns current signature.
url
Returns current URL according to request_type.
via('METHOD')
Set HTTP METHOD.
request_type
Returns current type of request which was set by request method.
protected_resource_url('URL')
Set protected resource url.
extra
Returns current extra params as a HASH reference.
put_extra(%HASH)
Set extra params for request.
clean_extra
Clean extra params which was set before.
token
Returns 'oauth_token' or 'access_token' (for OAuth 2.0) param.
token_secret
Returns 'oauth_token_secret' param.
expires
Returns 'expires' param. It`s for OAuth 2.0
scope
Returns 'scope' param. It`s for OAuth 2.0
refresh_token
Returns 'refresh_token' param. It`s for OAuth 2.0
http://oauth.net
Mojolicious::Plugin::OAuth on http://github.com/likhatskiy/Mojolicious-Plugin-OAuth
Copyright (C) 2011-2012 Anatoly Sharifulin Copyright (C) 2010 Alexey Likhatskiy
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.