Azure-AD-Auth
3 results

 view release on metacpan or  search on metacpan

lib/Azure/AD/ClientCredentialsV2.pm  view on Meta::CPAN 

    }
  );

  has ad_url => (
    is => 'ro',
    isa => Str,
    default => sub {
      'https://login.microsoftonline.com'
    },
  );

  has token_endpoint => (
    is => 'ro',
    isa => Str,
    lazy => 1,
    default => sub {
      my $self = shift;
      sprintf "%s/%s/oauth2/v2.0/token", $self->ad_url, $self->tenant_id;
    }
  );

  sub access_token {
    my $self = shift;
    $self->_refresh;
    $self->current_creds->{ access_token };
  }

  has current_creds => (is => 'rw');

  has expiration => (
    is => 'rw',
    isa => Int,
    lazy => 1,
    default => sub { 0 }
  );

  sub _refresh_from_cache {
    my $self = shift;
    #TODO: implement caching strategy
    return undef;
  }

  sub _save_to_cache {
    my $self = shift;
    #TODO: implement caching strategy
  }

  sub _refresh {
    my $self = shift;

    if (not defined $self->current_creds) {
      $self->_refresh_from_cache;
      return $self->current_creds if (defined $self->current_creds);
    }

    return if $self->expiration >= time;

    my $auth_response = $self->ua->post_form(
      $self->token_endpoint,
      {
        grant_type    => 'client_credentials',
        client_id     => $self->client_id,
        client_secret => $self->secret_id,
        scope         => $self->scope,
      }
    );

    if (not $auth_response->{success}) {
      Azure::AD::RemoteError->throw(
        message => $auth_response->{content},
        code => 'GetClientCredentialsFailed',
        status => $auth_response->{status}
      );
    }

    my $auth = decode_json($auth_response->{content});
    $self->current_creds($auth);
    $self->expiration($auth->{expires_in} + time);
    $self->_save_to_cache;
  }

1;

=encoding UTF-8

=head1 NAME

Azure::AD::ClientCredentialsV2 - Azure AD Client Credentials authentication flow

=head1 SYNOPSIS

  use Azure::AD::ClientCredentialsV2;
  my $creds = Azure::AD::ClientCredentialsV2->new(
    resource_id => 'https://management.core.windows.net/',
    client_id => '',
    secret_id => '',
    tenant_id => '',
  );
  say $creds->access_token;

=head1 DESCRIPTION

Implements the Azure AD Client Credentials flow using the V2 Oauth endpoint. See L<Azure::AD::Auth> for more
information and alternative flows.

=head1 ATTRIBUTES

=head2 scope

Defines the set of permissions being requested by the application. Scopes can be either static (using .default) or dynamic. This set can include the OpenID Connect scopes (openid, profile, email). If you need application permissions, you must use .de...

=head2 tenant_id

The ID of the Azure Active Directory Tenant that you want to request permission from. It can be provided in a GUID or friendly name format.

=head2 client_id

The Client ID (also referred to as the Application ID) of an application

=head2 secret_id



( run in 1.364 second using v1.01-cache-2.11-cpan-39bf76dae61 )