CatalystX-OAuth2
view release on metacpan or search on metacpan
lib/Catalyst/ActionRole/OAuth2/AuthToken/ViaAuthGrant.pm view on Meta::CPAN
useMoose::Role;useTry::Tiny;# ABSTRACT: Authorization token provider endpoint for OAuth2 authentication flowswith'https://metacpan.org/pod/CatalystX::OAuth2::ActionRole::Token">CatalystX::OAuth2::ActionRole::Token';subbuild_oauth2_request {my($self,$controller,$c) =@_;my$store=$controller->store;my$req;
lib/Catalyst/ActionRole/OAuth2/AuthToken/ViaAuthGrant.pm view on Meta::CPAN
}1;__END__=pod=head1 NAMECatalyst::ActionRole::OAuth2::AuthToken::ViaAuthGrant - Authorization token provider endpoint for OAuth2 authentication flows=head1 VERSIONversion 0.001009=head1 SYNOPSISpackage AuthServer::Controller::OAuth2::Provider;use Moose;
lib/Catalyst/ActionRole/OAuth2/AuthToken/ViaAuthGrant.pm view on Meta::CPAN
client_model=>'DB::Client'});subtoken : Chained('/') Args(0) Does('OAuth2::AuthToken::ViaAuthGrant') {}1;=head1 DESCRIPTIONThis action role implements an endpoint that exchanges an authorization codefor an access token.=head1 AUTHOREden Cardim <edencardim@gmail.com>=head1 COPYRIGHT AND LICENSEThis software is copyright (c) 2017 by Suretec Systems Ltd.
lib/Catalyst/ActionRole/OAuth2/AuthToken/ViaRefreshToken.pm view on Meta::CPAN
useMoose::Role;useTry::Tiny;# ABSTRACT: Authorization token refresh provider endpoint for OAuth2 authentication flowswith'https://metacpan.org/pod/CatalystX::OAuth2::ActionRole::Token">CatalystX::OAuth2::ActionRole::Token';subbuild_oauth2_request {my($self,$controller,$c) =@_;my$store=$controller->store;my$req;
lib/Catalyst/ActionRole/OAuth2/AuthToken/ViaRefreshToken.pm view on Meta::CPAN
}1;__END__=pod=head1 NAMECatalyst::ActionRole::OAuth2::AuthToken::ViaRefreshToken - Authorization token refresh provider endpoint for OAuth2 authentication flows=head1 VERSIONversion 0.001009=head1 SYNOPSISpackage AuthServer::Controller::OAuth2::Provider;use Moose;
lib/Catalyst/ActionRole/OAuth2/AuthToken/ViaRefreshToken.pm view on Meta::CPAN
client_model=>'DB::Client'});subrefresh : Chained('/') Args(0) Does('OAuth2::AuthToken::ViaRefreshToken') {}1;=head1 DESCRIPTIONThis action role implements an endpoint that exchanges a refresh token for anaccess token.=head1 AUTHOREden Cardim <edencardim@gmail.com>=head1 COPYRIGHT AND LICENSEThis software is copyright (c) 2017 by Suretec Systems Ltd.
lib/Catalyst/ActionRole/OAuth2/GrantAuth.pm view on Meta::CPAN
useMoose::Role;useTry::Tiny;# ABSTRACT: Authorization grant endpoint for OAuth2 authentication flowswith'https://metacpan.org/pod/CatalystX::OAuth2::ActionRole::Grant">CatalystX::OAuth2::ActionRole::Grant';subbuild_oauth2_request {my($self,$controller,$c) =@_;my$store=$controller->store;my$req;try{
lib/Catalyst/ActionRole/OAuth2/GrantAuth.pm view on Meta::CPAN
}1;__END__=pod=head1 NAMECatalyst::ActionRole::OAuth2::GrantAuth - Authorization grant endpoint for OAuth2 authentication flows=head1 VERSIONversion 0.001009=head1 SYNOPSISpackage AuthServer::Controller::OAuth2::Provider;use Moose;BEGIN { extends 'Catalyst::Controller::ActionRole' }
lib/Catalyst/ActionRole/OAuth2/GrantAuth.pm view on Meta::CPAN
my($self,$c) =@_;my$oauth2=$c->req->oauth2;$c->user_exists and$oauth2->user_is_valid(1)or$c->detach('/passthrulogin');}=head1 DESCRIPTIONThis action role implements the authorization confirmation endpoint that asksthe user if he wishes to grant resource access to the client. This isgenerally done by presenting a form to the user. Regardless of the mechanismused for this confirmation, the C<$c->req->oauth2> object must be informed ofthe user's decision via the C<user_is_valid> attribute, which must be true bythe end of the request, in order for the authorization flow to be continued.=head1 AUTHOREden Cardim <edencardim@gmail.com>
lib/Catalyst/ActionRole/OAuth2/ProtectedResource.pm view on Meta::CPAN
useMoose::Role;# ABSTRACT: Resource endpoint for OAuth2 authentication flowswith'https://metacpan.org/pod/CatalystX::OAuth2::ActionRole::RequestInjector">CatalystX::OAuth2::ActionRole::RequestInjector';subbuild_oauth2_request {my($self,$controller,$c) =@_;my$auth=$c->req->header('Authorization')or$c->res->status(401),$c->detach;my($type,$token) =split' ',$auth;
lib/Catalyst/ActionRole/OAuth2/ProtectedResource.pm view on Meta::CPAN
}1;__END__=pod=head1 NAMECatalyst::ActionRole::OAuth2::ProtectedResource - Resource endpoint for OAuth2 authentication flows=head1 VERSIONversion 0.001009=head1 SYNOPSISpackage AuthServer::Controller::OAuth2::Resource;use Moose;
lib/Catalyst/ActionRole/OAuth2/ProtectedResource.pm view on Meta::CPAN
});subresource : Chained('/') Args(0) Does('OAuth2::ProtectedResource') {my($self,$c) =@_;$c->res->body('my protected resource');}=head1 DESCRIPTIONThis action role implements an arbitrary resource endpoint to be protected bythe authorization flow. Clients will only be able to access this resource ifthey provide a valid access token. The action body should be customized like aregular action.=head1 AUTHOREden Cardim <edencardim@gmail.com>=head1 COPYRIGHT AND LICENSE
lib/Catalyst/ActionRole/OAuth2/RequestAuth.pm view on Meta::CPAN
useMoose::Role;useTry::Tiny;useURI;# ABSTRACT: Authorization grant endpoint for OAuth2 authentication flowswith'https://metacpan.org/pod/CatalystX::OAuth2::ActionRole::Grant">CatalystX::OAuth2::ActionRole::Grant';hasenable_client_secret=> (isa=>'Bool',is=>'ro',default=> 0 );subbuild_oauth2_request {my($self,$controller,$c) =@_;my$store=$controller->store;
lib/Catalyst/ActionRole/OAuth2/RequestAuth.pm view on Meta::CPAN
}1;__END__=pod=head1 NAMECatalyst::ActionRole::OAuth2::RequestAuth - Authorization grant endpoint for OAuth2 authentication flows=head1 VERSIONversion 0.001009=head1 SYNOPSISpackage AuthServer::Controller::OAuth2::Provider;use Moose;BEGIN { extends 'Catalyst::Controller::ActionRole' }
lib/Catalyst/ActionRole/OAuth2/RequestAuth.pm view on Meta::CPAN
store=> {class=>'DBIC',client_model=>'DB::Client'});subrequest : Chained('/') Args(0) Does('OAuth2::RequestAuth') {}=head1 DESCRIPTIONThis action role implements the initial endpoint that triggers theauthorization grant flow. It generates an inactive authorization coderedirects to the next action in the workflow if all parameters are valid. Theauthorization code is used to verify the validity of the arguments in thesubsequent request of the flow and prevent users of this library from creatingpotentially unsafe front-end forms for user confirmation of the authorization.=head1 AUTHOREden Cardim <edencardim@gmail.com>
lib/CatalystX/OAuth2.pm view on Meta::CPAN
packageCatalystX::OAuth2;useMoose::Role;# ABSTRACT: OAuth2 services for Catalystrequires'_build_query_parameters';# spec isn't clear re missing endpoint urishasredirect_uri=> (is=>'ro',required=> 0 );hasstore=> (is=>'rw',does=>'CatalystX::OAuth2::Store',init_arg=>undef,predicate=>'has_store');hasquery_parameters=> (is=>'rw',init_arg=>undef,lazy_build=> 1 );
lib/CatalystX/OAuth2.pm view on Meta::CPAN
subtoken : Chained('/') Args(0) Does('OAuth2::AuthToken::ViaAuthGrant') {}subrefresh : Chained('/') Args(0) Does('OAuth2::AuthToken::ViaRefreshToken') {}1;=head1 DESCRIPTIONThis module implements the authorization grant subset of the L<oauth 2 ietfspec draft|http://tools.ietf.org/html/draft-ietf-oauth-v2-23>. Action rolescontaining an implementation of each required endpoint in the specificationare provided and should be applied to a L<Catalyst::Controller::ActionRole>.The authorization grant flow is defined by the specification as follows:+--------+ +---------------+| |--(A)------- Authorization Grant --------->| || | | || |<-(B)----------- Access Token -------------| || | & Refresh Token | || | | || | +----------+ | |
lib/CatalystX/OAuth2.pm view on Meta::CPAN
request parametersifa valid authorization code is presented.=item B - L<Catalyst::ActionRole::OAuth2::GrantAuth>RequiredThis action checks the request parameters for a valid authorization code,which should have been generated by a previous request to a RequestAuthaction. This action should be customized to somehow confirm with the end-userif he wishes to effectively grant the authorization to the requestingclient/app. The user-agent is redirected automatically to the correct endpointif the authorization is granted.=item C and D - L<Catalyst::ActionRole::OAuth2::AuthToken::ViaAuthGrant>RequiredThis action exchanges a valid authorization grant code and responds with anauthorization token.=item G and H - L<Catalyst::ActionRole::OAuth2::AuthToken::ViaRefreshToken>
lib/CatalystX/OAuth2/Request/RequestAuth.pm view on Meta::CPAN
orreturn{error=>'unauthorized_client',error_description=>'the client identified by '.$self->client_id.' is not authorized to access this resource'}if$self->enable_client_secret;$q{client_id} =$self->client_id;$client->endpoint eq$self->redirect_uriorreturn{error=>'invalid_request',error_description=>'redirection_uri does not match the registered client endpoint'};$q{redirect_uri} =$self->redirect_uri;my$code=$store->create_client_code($self->client_id );$q{code} =$code->as_string;return\%q;}
lib/CatalystX/OAuth2/Schema/Result/Client.pm view on Meta::CPAN
# ABSTRACT: A table for registering clients__PACKAGE__->load_components(qw(Core));__PACKAGE__->table('client');__PACKAGE__->add_columns(id=> {data_type=>'int',is_auto_increment=> 1 },endpoint=> {data_type=>'text',is_nullable=> 0 },client_secret=> {data_type=>'text',is_nullable=> 1 });__PACKAGE__->set_primary_key('id');__PACKAGE__->has_many(codes=>'CatalystX::OAuth2::Schema::Result::Code'=>{'foreign.client_id'=>'self.id'} );subfind_refresh {shift->codes->search( {is_active=> 1 } )->related_resultset('refresh_tokens')->find(@_);}
lib/CatalystX/OAuth2/Store.pm view on Meta::CPAN
packageCatalystX::OAuth2::Store;useMoose::Role;# ABSTRACT: The API for oauth2 storesrequiresqw(find_clientclient_endpointcreate_client_codeclient_code_is_activeactivate_client_codedeactivate_client_codecreate_access_tokenfind_client_codeverify_client_secretverify_client_token);
lib/CatalystX/OAuth2/Store/DBIC.pm view on Meta::CPAN
hasclient_model=> (isa=>'Str',is=>'ro',required=> 1);has_client_model=> (isa=>'DBIx::Class::ResultSet',is=>'ro',lazy_build=> 1);hasendpoint_field=> (isa=>'Str',is=>'ro',default=>'endpoint');hasrefresh_relation=>(isa=>'Str',is=>'ro',default=>'refresh_tokens');hastoken_relation=> (isa=>'Str',is=>'ro',default=>'tokens');hascode_relation=> (isa=>'Str',is=>'ro',default=>'codes');hascode_activation_field=>(isa=>'Str',is=>'ro',default=>'is_active');sub_build__client_model {my($self) =@_;return$self->app->model($self->client_model );}subfind_client {my($self,$id) =@_;$self->_client_model->find($id);}subclient_endpoint {my($self,$id) =@_;my$client=$self->find_client($id)orreturn;return$client->get_column($self->endpoint_field );}sub_code_rs {my($self,$id) =@_;return$self->_client_model->related_resultset($self->code_relation )unlessdefined($id);my$client=$self->find_client($id)orreturn;return$client->related_resultset($self->code_relation );}
t/lib/AuthServer/Model/DB.pm view on Meta::CPAN
packageAuthServer::Model::DB;useMoose;BEGIN {extends'https://metacpan.org/pod/Catalyst::Model::DBIC::Schema">Catalyst::Model::DBIC::Schema'}hasuser_endpoint=>__PACKAGE__->config(schema_class=>'CatalystX::OAuth2::Schema',connect_info=> ['dbi:SQLite:dbname=:memory:','','']);aroundCOMPONENT=>sub{my$orig=shift;my$class=shift;my$self=$class->$orig(@_);$self->schema->deploy;$self->schema->resultset('Client')->create({endpoint=>$self->user_endpoint,client_secret=>'foosecret'} );return$self;};1;
t/unit/300-actionrole-grant-auth.t view on Meta::CPAN
usestrictures 1;useTest::More;my$code=AuthServer->model('DB::Code')->create( {client=> {endpoint=>'/client/foo'} } );# try grant with invalid code and no approval param# should display form{my$uri= URI->new('/grant');$uri->query_form({response_type=>'code',client_id=> 1,state=>'bar',code=> 999999,
t/unit/400-actionrole-auth-token-via-auth-grant.t view on Meta::CPAN
useTest::More;useJSON::Any;my$json= JSON::Any->new;my$code= AuthServer->model('DB::Code')->create( {client=> {endpoint=>'/client/foo'} } );{my$uri= URI->new('/token');$uri->query_form({grant_type=>'authorization_code',redirect_uri=>'/client/foo',code=>$code->as_string});my($res2,$c) = ctx_request($uri);
t/unit/500-actionrole-auth-token-via-refresh-token.t view on Meta::CPAN
useTest::More;useJSON::Any;my$json= JSON::Any->new;my$code= AuthServer->model('DB::Code')->create({client=> {endpoint=>'/client/foo'},is_active=> 1});my$refresh;{my$uri= URI->new('/withrefresh/token');$uri->query_form({grant_type=>'authorization_code',
( run in 0.712 second using v1.01-cache-2.11-cpan-a9ef4e587e4 )