Skip to content

Latest commit

 

History

History
121 lines (76 loc) · 4.04 KB

README.mkdn

File metadata and controls

121 lines (76 loc) · 4.04 KB
Raw

NAME

Plack::Middleware::OAuth -

DESCRIPTION

Plack::Middleware::OAuth supports OAuth1 and OAuth2, can have builtin configs for providers like Twitter, Github, Google, Facebook. The only need to mount you OAuth service if to setup your consumer_key, consumer_secret (OAuth1) or client_id, client_secret, scope (OAuth2).

Plack::Middleware::OAuth generates authorize url (mount_path/provider_id) and auththorize callback url (mount_path/privder_id/callback). If the authorize path matches, then user will be redirected to OAuth provider.

For example, if you mount Plack::Middleware::OAuth on oauth, then you can access http://youdomain.com/oauth/twitter , And then Plack::Middleware::OAuth will redirect you to Twitter, then Twitter will redirect you to http://youdomain.com/oauth/twitter/callback.

SYNOPSIS

use Plack::Builder;

builder {

    mount '/oauth' => builder {
        enable 'OAuth', 
            providers => {

                # capital case implies Plack::Middleware::OAuth::Twitter
                # authorize path: /oauth/twitter
                # authorize callback path: /oauth/twitter/callback

                'Twitter' =>
                {
                    consumer_key      => ...
                    consumer_secret   => ...
                },

                # captical case implies Plack::Middleware::OAuth::Facebook
                # authorize path: /oauth/facebook
                # authorize callback path: /oauth/facebook/callback

                'Facebook' =>
                {
                    client_id        => ...
                    client_secret           => ...
                    scope            => 'email,read_stream',
                },

                'Github' => 
                {
                    client_id => ...
                    client_secret => ...
                    scope => 'user,public_repo'
                },

                'Google' =>  { 
                    client_id     => '',
                    client_secret => '',
                    scope         => 'https://www.google.com/m8/feeds/'
                },

                # authorize path: /oauth/custom_provider
                # authorize callback path: /oauth/custom_provider/callback
                'custom_provider' => { 
                    version => 1,
                    ....
                }
		};
    };
	$app;
};

The callback/redirect URL is set to {SCHEMA}://{HTTP_HOST}/{prefix}/{provider}/callback by default.

Reference

OAuth Workflow

http://hueniverse.com/oauth/guide/workflow/

OAuth 2.0 Protocal Draft

http://tools.ietf.org/html/draft-ietf-oauth-v2

Github OAuth

https://github.com/account/applications/2739

Github - Create A New Client

https://github.com/account/applications

Twitter OAuth

https://dev.twitter.com/apps/1225208/show

Twitter - Create A New App

https://dev.twitter.com/apps

Facebook OAuth

http://developers.facebook.com/docs/authentication/

Facebook - Create A New App

https://developers.facebook.com/apps

Google OAuth

http://code.google.com/apis/accounts/docs/OAuth2.html

Google OAuth Scope:

http://code.google.com/apis/gdata/faq.html#AuthScopes