improved error-handling #27

wants to merge 2 commits into from

3 participants


Before, if an error occurred during the authorization stage, the user would just keep on visiting the oauth2 provider in an endless loop. With this patch, at least in blocking mode, get_token will return ($token, $err, $state) and the user won't enter an endless loop. The programmer can now easily check $err.

If it didn't break backwards compatibility, I would have implemented something similar for the non-blocking mode.


I made $err to be a hashref, so that it can be expanded in the future with extra fields if needed without breaking backwards compatibility.


This fix can turn this complex-looking blocking route handler:

my $token = eval { $self->get_token('facebook', on_refuse => sub { die \'refused'; }); };
if (my $e = $@) {
    if (ref $e eq 'SCALAR' and $$e eq 'refused') {
        return $self->render(text => 'refused');
    } else {
        die $e;
if ($token) {
    # ...

...into this:

my ($token, $err) = $self->get_token('facebook');
if ($err and $err->{error} eq 'access_denied') {
    return $self->render(text => 'refused');
if ($token) {
    # ...

Of course needs documentation and tests. Will do these if you tell me you want this pull request.


Pinging for attention from Marcus.


Ok, been going a bit back and forth on this one, but I think it's an improvement, so I'll accept it if you provide tests and documentation.


Will do the tests & documentation for this pull request, in a few days.


This is fixed in master.

See these commits:

@jhthorsen jhthorsen closed this Mar 1, 2015
@jhthorsen jhthorsen added a commit that referenced this pull request Mar 1, 2015
@jhthorsen jhthorsen Released version 1.4
    - Fix handling of error in param, #27
    - Add new helper oauth2->auth_url
    - Add new helper oauth2->get_token
    - Add new helper oauth2->providers
    - Add eventbrite and github as providers
    - Deprecate on_xxx handlers
    - Started deprecation process for get_authorize_url() and get_token();
@akarelas akarelas deleted the unknown repository branch Jan 15, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment