Plack::Middleware::OAuth -
Plack::Middleware::OAuth supports OAuth1 and OAuth2, can have builtin configs for providers like Twitter, Github, Google, Facebook.
The only need to mount you OAuth service if to setup your consumer_key
, consumer_secret
(OAuth1) or client_id
, client_secret
, scope
(OAuth2).
Plack::Middleware::OAuth generates authorize url (mount_path/provider_id) and auththorize callback url (mount_path/privder_id/callback). If the authorize path matches, then user will be redirected to OAuth provider.
For example, if you mount Plack::Middleware::OAuth on oauth, then you can access http://youdomain.com/oauth/twitter , And then Plack::Middleware::OAuth will redirect you to Twitter, then Twitter will redirect you to http://youdomain.com/oauth/twitter/callback.
use Plack::Builder;
builder {
mount '/oauth' => builder {
enable 'OAuth',
providers => {
# capital case implies Plack::Middleware::OAuth::Twitter
# authorize path: /oauth/twitter
# authorize callback path: /oauth/twitter/callback
'Twitter' =>
{
consumer_key => ...
consumer_secret => ...
},
# captical case implies Plack::Middleware::OAuth::Facebook
# authorize path: /oauth/facebook
# authorize callback path: /oauth/facebook/callback
'Facebook' =>
{
client_id => ...
client_secret => ...
scope => 'email,read_stream',
},
'Github' =>
{
client_id => ...
client_secret => ...
scope => 'user,public_repo'
},
'Google' => {
client_id => '',
client_secret => '',
scope => 'https://www.google.com/m8/feeds/'
},
# authorize path: /oauth/custom_provider
# authorize callback path: /oauth/custom_provider/callback
'custom_provider' => {
version => 1,
....
}
};
};
$app;
};
The callback/redirect URL is set to {SCHEMA}://{HTTP_HOST}/{prefix}/{provider}/callback by default.
OAuth Workflow
http://hueniverse.com/oauth/guide/workflow/
OAuth 2.0 Protocal Draft
http://tools.ietf.org/html/draft-ietf-oauth-v2
Github OAuth
https://github.com/account/applications/2739
Github - Create A New Client
https://github.com/account/applications
Twitter OAuth
https://dev.twitter.com/apps/1225208/show
Twitter - Create A New App
Facebook OAuth
http://developers.facebook.com/docs/authentication/
Facebook - Create A New App
https://developers.facebook.com/apps
Google OAuth
http://code.google.com/apis/accounts/docs/OAuth2.html
Google OAuth Scope: