Catalyst-Plugin-OpenIDConnect
view release on metacpan or search on metacpan
QUICKSTART.md view on Meta::CPAN
```perl
sub protected : Local {
my ( $self, $c ) = @_;
unless ( $c->session->{user} ) {
return $c->response->redirect( $c->uri_for('/login') );
}
# User is authenticated
}
```
## 6. Run the Example App
```bash
# Generate keys
bash example/generate_keys.sh
# Run the app
perl example/app.pl
# Visit http://localhost:3000
```
## Endpoints
| Endpoint | Method | Purpose |
|----------|--------|---------|
| `/.well-known/openid-configuration` | GET | Discovery |
| `/openidconnect/authorize` | GET | Authorization |
| `/openidconnect/token` | POST | Token Exchange |
| `/openidconnect/userinfo` | GET | User Info |
| `/openidconnect/jwks` | GET | Public Keys |
| `/openidconnect/logout` | POST | Logout |
## Common Tasks
### Refresh an Access Token
```bash
curl -X POST http://localhost:5000/openidconnect/token \
-d "grant_type=refresh_token&
refresh_token=<your_refresh_token>&
client_id=my-client&
client_secret=my-secret"
```
### Get Provider Configuration
```bash
curl http://localhost:5000/.well-known/openid-configuration
```
### Use in Your Own Client
See the example app (`example/app.pl`) for a complete implementation.
## Next Steps
1. **Read** [IMPLEMENTATION_GUIDE.md](IMPLEMENTATION_GUIDE.md) for architecture details
2. **Review** [API_REFERENCE.md](API_REFERENCE.md) for complete endpoint documentation
3. **Check** [DEPLOYMENT.md](DEPLOYMENT.md) for production setup
4. **Explore** `example/app.pl` for a working implementation
## Troubleshooting
### Keys not loading
```
Error: "Cannot read private key file"
```
- Check file path is correct
- Verify file exists and is readable
- Ensure it's in PEM format
### Token verification fails
```
Error: "Token verification failed"
```
- Clock skew: sync NTP on all servers
- Wrong issuer: check config URL
- Token expired: check iat/exp claims
### Invalid client
```
Error: "Unknown client"
```
- Verify client_id is in configuration
- Check spelling exactly matches
### CORS errors
```
XMLHttpRequest: No 'Access-Control-Allow-Origin' header
```
- This endpoint doesn't support CORS yet
- For now, the server must redirect rather than XHR request
## Need Help?
- Review the included documentation
- Check the example app for reference implementation
- Look at test files for usage examples
- See DEPLOYMENT.md for production setup
---
**Ready to secure your app with OpenID Connect? You're all set!**
( run in 1.203 second using v1.01-cache-2.11-cpan-9581c071862 )