/
README
311 lines (208 loc) · 7.17 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
NAME
Net::OAuth::All - a wrapper round the OAuth protocol of all versions(1.0, 1.0A, 2.0).
SYNOPSIS
use Net::OAuth::All;
use HTTP::Request::Common;
my $ua = LWP::UserAgent->new;
my $res;
my $conf;
my $oauth;
# OAuth 1.0 and 1.0A
$conf = {
consumer_key => 'enter your own',
consumer_secret => 'enter your own',
signature_method => 'HMAC-SHA1',
request_token_url => 'https://provider.com/request_token', # enter your own
authorization_url => 'https://provider.com/authorize', # enter your own
access_token_url => 'https://provider.com/access_token', # enter your own
};
$oauth = Net::OAuth::All->new(%$conf);
# Consumer Get request token
$res = $ua->get($oauth->request('request_token')->to_url);
my $request_token;
my $request_token_secret;
if ($res->is_success) {
$oauth->response->from_post_body($res->content);
$request_token = $oauth->token;
$request_token_secret = $oauth->token_secret;
} else {
die "Something went wrong";
}
# Consumer Get authorization URL for redirect to provider
$oauth->request('authorization')->to_url;
# Consumer Get access token
my $oauth_verifier = 'from provider'; #from GET params after callback
$oauth = Net::OAuth::All->new(
%$conf,
(
'token' => $request_token,
'token_secret' => $request_token_secret,
'verifier' => $oauth_verifier, # for OAuth 1.0A
)
);
$res = $ua->post(
$oauth->via('POST')->request('access_token')->url,
'Content-Type' => 'application/x-www-form-urlencoded',
'Authorization' => $oauth->to_header,
);
my $access_token;
my $access_token_secret;
if ($res->is_success) {
$oauth->response->from_post_body($res->content);
$access_token = $oauth->token;
$access_token_secret = $oauth->token_secret;
} else {
die "Something went wrong";
}
# Make protected request to API
$oauth = Net::OAuth::All->new(
%$conf,
(
'token' => $access_token,
'token_secret' => $access_token_secret,
)
);
$oauth
->via('POST')
->protected_resource_url('http://provider-api.com/v2/feed/me')
->clean_extra
->put_extra(
'alt' => 'json'
)
->request('protected_resource');
$res = $ua->post(
$oauth->url,
'Content-Type' => 'application/x-www-form-urlencoded',
'Authorization' => $oauth->to_header,
'Content' => $oauth->to_post_body,
);
# if you need to post JSON, for example Google Buzz update activity
# at this moment we change request method to POST and put extra params
# but we need to change URL
# after change data we SHOULD signing
$oauth
->protected_resource_url('https://www.googleapis.com/buzz/v1/activities/@me/@self')
->sign;
$res = $ua->post(
$oauth->to_url(1),# put extra params to URL
'Content-Type' => 'application/json',
'Authorization' => $oauth->to_header,
'Content' => q({"data": {"object": {"type": "note", "content": "I`m in Google BUZZ"}}}),
);
DESCRIPTION
At this moment module suppoted Consumer implementation of OAuth 1.0, 1.0A and 2.0 versions.
CONFIGURATION
FOR ALL OAUTH VERSIONS
- module_version
Is optional param. Is OAuth version, may be '1.0','1.0A' or '2.0'. Module has auto detection of this param according to service provider params.
- signature_method
Is optional param, HMAC-SHA1 by default. Suppoted PLAINTEXT, HMAC-SHA1 and RSA-SHA1.
- signature_key_file
Is required param for RSA-SHA1 signatures. Is path to *.pem file
- extra_params
Is optional HASH reference param, but may be required by provider.
- request_token_url
Is required param. URL for get request token
- authorization_url
Is required param. URL for authorization on service provider
- access_token_url
Is required param. URL for get access token
FOR OAUTH 1.0 and 1.0A
- consumer_key
Is required param. Is issued by provider
- consumer_secret
Is required param. Is issued by provider
- callback
Is optional param.
FOR OAUTH 2.0
- type
Is required param. Is issued by provider. At this moment module has implementation of 'web_server' type only.
- client_id
Is required param. Is issued by provider
- client_secret
Is optional param. Is issued by provider
- redirect_uri
Is optional param.
PARAMS FROM PROVIDER
You receives this params from service provider after request or on callback.
- token
Is for OAUTH 1.0 and 1.0A
- token_secret
Is for OAUTH 1.0 and 1.0A
- verifier
Is param for OAUTH 1.0A. Needs for get access token
- code
Is param for OAUTH 2.0. Needs for get access token
SIGNATURE METHODS
The following signature methods are supported:
- PLAINTEXT
- HMAC-SHA1
- RSA-SHA1
RSA-SHA1 SIGNATURES
To use RSA-SHA1 signatures, pass -signature_key_file param to configuration.
METHODS
new(%config)
Creates Net::OAuth::All object with provider configuration.
version
Returns current oauth version.
version_autodetect
Detect OAuth version from config params.
request('request type', %params)
Configure current created object for 'request type' request and check required params for request. %params is provider config.
'request type' can be 'request_token', 'authorization', 'access_token' or 'protected_resource'.
response
Clean object after request (clean 'token' and 'token_secret').
from_hash(%HASH)
Set config params from HASH.
to_header('realm', 'sep')
Generate header OAuth according to OAuth version. 'sep' is a separator, ',' by default.
EXAMPLE
1.0 or 1.0A
'OAuth realm="$realm",oauth_token=...,...,...'
2.0
'OAuth access_token here'
to_url($extra)
Generate URL with query params. Includes only extra params if $extra is TRUE.
to_hash
Returns all saved params and config params as a HASH reference.
to_post_body
Generates a body for POST request. Returns '' if current METHOD is GET. Returns only extra params if OAuth version is not 2.0.
from_post_body('BODY')
Parse POST body
sign
Signing request.
signature
Returns current signature.
url
Returns current URL according to request_type.
via('METHOD')
Set HTTP METHOD.
request_type
Returns current type of request which was set by request method.
protected_resource_url('URL')
Set protected resource url.
extra
Returns current extra params as a HASH reference.
put_extra(%HASH)
Set extra params for request.
clean_extra
Clean extra params which was set before.
token
Returns 'oauth_token' or 'access_token' (for OAuth 2.0) param.
token_secret
Returns 'oauth_token_secret' param.
expires
Returns 'expires' param. It`s for OAuth 2.0
scope
Returns 'scope' param. It`s for OAuth 2.0
refresh_token
Returns 'refresh_token' param. It`s for OAuth 2.0
SEE ALSO
http://oauth.net
Mojolicious::Plugin::OAuth on http://github.com/likhatskiy/Mojolicious-Plugin-OAuth
LICENSE AND COPYRIGHT
Copyright (C) 2010 Alexey Likhatskiy
This program is free software; you can redistribute it and/or modify it
under the terms of either: the GNU General Public License as published
by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.