Mojolicious-Plugin-Web-Auth
view release on metacpan or search on metacpan
- supported Mojo::Loader::load_class (added Mojolicious 5.81)
0.11 2014-10-09T01:24:56Z
- added an authorize_header property in Mojolicious::Plugin::Web::Auth::OAuth2 to support a Authorization Header. thanks levonet@github.
0.10 2014-09-05T13:48:41Z
- fixed to change the scheme, when the request-header has x-forwarded-proto value of "https". thanks shohey1226@github
0.09 2014-08-01 23:34:27 JST
- fixed the error handling when user has canceled authentication. thanks sachinjsk@github
- added the validate_state option in Mojolicious::Plugin::Web::Auth::OAuth2. thanks mala@github
0.08 2014-03-24 13:24:58 JST
- fixed to support a content-type with charset. thanks uzulla@github.
0.07 2014-01-13 16:17:39 JST
- fixed deprecated method (Mojo::UserAgent#name). thanks fayland@github, battlemidget@github.
0.06 2013-11-10 12:01:22 JST
- fixed a bug where a module that is cached incompletely
plugin 'Web::Auth',
module => 'Facebook',
key => 'Facebook App ID',
secret => 'Facebook App Secret',
scope => 'email,user_birthday',
on_finished => sub {
my ( $c, $access_token, $user_info ) = @_;
...
};
## `validate_state`
Optional: OAuth 2.0 only. Default value is 1, see [http://tools.ietf.org/html/rfc6819#section-5.3.5](http://tools.ietf.org/html/rfc6819#section-5.3.5).
## `on_finished`
# Mojolicious::Lite
plugin 'Web::Auth',
module => 'Twitter',
key => 'Twitter consumer key',
secret => 'Twitter consumer secret',
lib/Mojolicious/Plugin/Web/Auth.pm view on Meta::CPAN
plugin 'Web::Auth',
module => 'Facebook',
key => 'Facebook App ID',
secret => 'Facebook App Secret',
scope => 'email,user_birthday',
on_finished => sub {
my ( $c, $access_token, $user_info ) = @_;
...
};
=head2 C<validate_state>
Optional: OAuth 2.0 only. Default value is 1, see L<http://tools.ietf.org/html/rfc6819#section-5.3.5>.
=head2 C<on_finished>
# Mojolicious::Lite
plugin 'Web::Auth',
module => 'Twitter',
key => 'Twitter consumer key',
lib/Mojolicious/Plugin/Web/Auth/OAuth2.pm view on Meta::CPAN
package Mojolicious::Plugin::Web::Auth::OAuth2;
use Mojo::Base 'Mojolicious::Plugin::Web::Auth::Base';
use Mojo::URL;
use Mojo::Parameters;
use Mojolicious::Types qw();
use Digest::SHA;
has 'scope';
has 'response_type';
has 'validate_state' => 1;
has 'state_generator';
has 'authorize_header';
sub auth_uri {
my ( $self, $c, $callback_uri ) = @_;
$callback_uri or die "Missing mandatory parameter: callback_uri";
my $url = Mojo::URL->new( $self->authorize_url );
$url->query->param( client_id => $self->key );
$url->query->param( redirect_uri => $callback_uri );
$url->query->param( scope => $self->scope ) if ( defined $self->scope );
$url->query->param( response_type => $self->response_type ) if ( defined $self->response_type );
if ( $self->validate_state ) {
my $state = $self->state_generator ? $self->state_generator->() : _state_generator();
$c->session->{oauth2_state} = $state;
$url->query->param( state => $state );
}
return $url->to_string;
}
sub callback {
my ($self, $c, $callback) = @_;
if ( my $error = $c->req->param('error') ) {
my $error_description = $c->req->param('error_description');
return $callback->{on_error}->( $error, $error_description );
}
my $code = $c->param('code') or die "Cannot get a 'code' parameter";
my $forwarded_proto = $c->req->headers->header('x-forwarded-proto');
$c->req->url->base->scheme('https') if (defined $forwarded_proto && $forwarded_proto eq 'https');
if ( $self->validate_state ) {
my $state = delete $c->session->{oauth2_state};
if ( $state ne $c->param('state') ) {
return $callback->{on_error}->('state validation failed.');
}
}
my $params = +{
code => $code,
client_id => $self->key,
client_secret => $self->secret,
( run in 1.124 second using v1.01-cache-2.11-cpan-39bf76dae61 )