1 package Catalyst::Authentication::Credential::OAuth;
3 use MooseX::Types::Moose qw/ Bool HashRef /;
4 use MooseX::Types::Common::String qw/ NonEmptySimpleStr /;
6 #$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
8 use HTTP::Request::Common;
9 use String::Random qw/ random_string /;
10 use Catalyst::Exception ();
11 use namespace::autoclean;
13 our $VERSION = '0.03';
15 has debug => ( is => 'ro', isa => Bool );
16 has providers => ( is => 'ro', isa => HashRef, required => 1 );
17 has ua => ( is => 'ro', lazy_build => 1, init_arg => undef, isa => 'LWP::UserAgent' );
20 my ($self, $config, $c, $realm) = @_;
27 $self->ua; # Ensure lazy value is built.
37 my ($self, $c, $realm, $auth_info) = @_;
39 Catalyst::Exception->throw( "Provider is not defined." )
40 unless defined $auth_info->{provider} || defined $self->providers->{ $auth_info->{provider} };
42 my $provider = $self->providers->{ $auth_info->{provider} };
44 for ( qw/ consumer_key consumer_secret request_token_endpoint access_token_endpoint user_auth_endpoint / ) {
45 Catalyst::Exception->throw( $_ . " is not defined for provider ". $auth_info->{provider} )
46 unless $provider->{$_};
50 consumer_key => $provider->{consumer_key},
51 consumer_secret => $provider->{consumer_secret},
53 nonce => random_string( 'ccccccccccccccccccc' ),
54 request_method => 'GET',
55 signature_method => 'HMAC-SHA1',
56 oauth_version => '1.0a',
57 callback => $c->uri_for( $c->action, $c->req->captures, @{ $c->req->args } )->as_string
60 $c->log_debug( "authenticate() called from " . $c->request->uri ) if $self->debug;
62 my $oauth_token = $c->req->method eq 'GET'
63 ? $c->req->query_params->{oauth_token}
64 : $c->req->body_params->{oauth_token};
68 my $response = Net::OAuth->response( 'user auth' )->from_hash( $c->req->params );
70 my $request = Net::OAuth->request( 'access token' )->new(
72 token => $response->token,
74 request_url => $provider->{access_token_endpoint},
75 verifier => $c->req->params->{oauth_verifier},
79 my $ua_response = $self->ua->request( GET $request->to_url );
80 Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
81 unless $ua_response->is_success;
83 $response = Net::OAuth->response( 'access token' )->from_post_body( $ua_response->content );
86 token => $response->token,
87 token_secret => $response->token_secret,
88 extra_params => $response->extra_params
91 my $user_obj = $realm->find_user( $user, $c );
93 return $user_obj if ref $user_obj;
95 $c->log->debug( 'Verified OAuth identity failed' ) if $self->debug;
100 my $request = Net::OAuth->request( 'request token' )->new(
102 request_url => $provider->{request_token_endpoint}
106 my $ua_response = $self->ua->request( GET $request->to_url );
108 Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
109 unless $ua_response->is_success;
111 my $response = Net::OAuth->response( 'request token' )->from_post_body( $ua_response->content );
113 $request = Net::OAuth->request( 'user auth' )->new(
115 token => $response->token,
118 $c->res->redirect( $request->to_url( $provider->{user_auth_endpoint} ) );
132 Catalyst::Authentication::Credential::OAuth - OAuth credential for Catalyst::Plugin::Authentication framework.
145 Session::Store::FastMmap
146 Session::State::Cookie
152 <Plugin::Authentication>
160 consumer_key my_app_key
161 consumer_secret my_app_secret
162 request_token_endpoint http://example.com/oauth/request_token
163 access_token_endpoint http://example.com/oauth/access_token
164 user_auth_endpoint http://example.com/oauth/authorize
170 </Plugin::Authentication>
178 if( $c->authenticate( { provider => 'example.com' } ) ) {
179 #do something with $c->user
189 =item $c->user->token
191 =item $c->user->token_secret
193 =item $c->user->extra_params - whatever other params the provider sends back
199 Cosmin Budrica E<lt>cosmin@sinapticode.comE<gt>
201 Bogdan Lucaciu E<lt>bogdan@sinapticode.comE<gt>
203 With contributions from:
205 Tomas Doran E<lt>bobtfish@bobtfish.netE</gt>
210 Only tested with twitter
214 Copyright (c) 2009 Sinapticode. All rights reserved
216 This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.