Catalyst-Plugin-OpenIDConnect
4 results

 view release on metacpan or  search on metacpan

example/app.pl  view on Meta::CPAN 

        Static::Simple
    /
);

# Required by OpenIDConnect role
sub user {
    my ($self) = @_;
    return $self->{session}->{user} if ref $self && ref $self->{session};
    return;
}

=head1 NAME

OIDCExample - Example OpenID Connect Provider

=head1 DESCRIPTION

Simple example Catalyst application demonstrating the OpenIDConnect plugin.

Run with:

    perl example/app.pl

Then visit: http://localhost:3000

=cut

package OIDCExample::Controller::Root;

use Moose;
use namespace::autoclean;

BEGIN { extends 'Catalyst::Controller'; }

__PACKAGE__->config(namespace => '');

=head2 index

Home page

=cut

sub index : Path : Args(0) {
    my ( $self, $c ) = @_;

    $c->stash->{template} = 'index.html';
}

=head2 login

Login page/action. In a real app, this would authenticate users.

=cut

sub login : Local {
    my ( $self, $c ) = @_;

    if ( $c->request->method eq 'POST' ) {
        my $username = $c->request->params->{username};

        # In a real application, validate credentials here
        if ( $username && length($username) > 0 ) {
            # Create a mock user object
            my $user = _create_mock_user($username);
            
            $c->session->{user_id} = $user->{id};
            $c->session->{user} = $user;

            # IMPORTANT: The 'back' parameter is used by the OpenID Connect plugin
            # to resume the authorization flow after successful authentication.
            # Always redirect to it if provided to properly complete the OIDC flow.
            #
            # Security: restrict 'back' to relative paths on this server only.
            # Reject absolute URLs and protocol-relative URLs (e.g. //evil.example.com/)
            # to prevent open-redirect attacks (HIGH-1).
            my $back = $c->request->params->{back} || '/';
            $back = '/' unless $back =~ m{^/[^/]};
            return $c->response->redirect( $c->uri_for($back) );
        }

        $c->stash->{error} = 'Invalid username';
    }

    $c->stash->{template} = 'login.html';
}

=head2 protected

An example protected route that requires OpenID Connect authentication.

=cut

sub protected : Local {
    my ( $self, $c ) = @_;

    unless ( $c->session->{user} ) {
        return $c->response->redirect( $c->uri_for('/login') );
    }

    $c->stash->{user} = $c->session->{user};
    $c->stash->{template} = 'protected.html';
}

=head2 logout

Logout handler

=cut

sub logout : Local {
    my ( $self, $c ) = @_;

    delete $c->session->{user_id};
    delete $c->session->{user};

    $c->response->redirect( $c->uri_for('/') );
}

my $_uuid_gen = Data::UUID->new();

sub _create_mock_user {



( run in 1.107 second using v1.01-cache-2.11-cpan-cdf2f3d4e48 )