1 package Catalyst::Authentication::Credential::OAuth;
3 use MooseX::Types::Moose qw/ Bool HashRef /;
4 use MooseX::Types::Common::String qw/ NonEmptySimpleStr /;
6 #$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
8 use HTTP::Request::Common;
9 use String::Random qw/ random_string /;
10 use Catalyst::Exception ();
11 use namespace::autoclean;
13 has debug => ( is => 'ro', isa => Bool );
14 has providers => ( is => 'ro', isa => HashRef, required => 1 );
15 has ua => ( is => 'ro', lazy_build => 1, init_arg => undef, isa => 'LWP::UserAgent' );
18 my ($self, $config, $c, $realm) = @_;
25 $self->ua; # Ensure lazy value is built.
35 my ($self, $c, $realm, $auth_info) = @_;
37 Catalyst::Exception->throw( "Provider is not defined." )
38 unless defined $auth_info->{provider} || defined $self->providers->{ $auth_info->{provider} };
40 my $provider = $self->providers->{ $auth_info->{provider} };
42 for ( qw/ consumer_key consumer_secret request_token_endpoint access_token_endpoint user_auth_endpoint / ) {
43 Catalyst::Exception->throw( $_ . " is not defined for provider ". $auth_info->{provider} )
44 unless $provider->{$_};
48 consumer_key => $provider->{consumer_key},
49 consumer_secret => $provider->{consumer_secret},
51 nonce => random_string( 'ccccccccccccccccccc' ),
52 request_method => 'GET',
53 signature_method => 'HMAC-SHA1',
54 oauth_version => '1.0a',
55 callback => $c->uri_for( $c->action, $c->req->captures, @{ $c->req->args } )->as_string
58 $c->log_debug( "authenticate() called from " . $c->request->uri ) if $self->debug;
60 my $oauth_token = $c->req->method eq 'GET'
61 ? $c->req->query_params->{oauth_token}
62 : $c->req->body_params->{oauth_token};
66 my $response = Net::OAuth->response( 'user auth' )->from_hash( $c->req->params );
68 my $request = Net::OAuth->request( 'access token' )->new(
70 token => $response->token,
72 request_url => $provider->{access_token_endpoint},
76 my $ua_response = $self->ua->request( GET $request->to_url );
77 Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
78 unless $ua_response->is_success;
80 $response = Net::OAuth->response( 'access token' )->from_post_body( $ua_response->content );
83 token => $response->token,
84 token_secret => $response->token_secret,
85 extra_params => $response->extra_params
88 my $user_obj = $realm->find_user( $user, $c );
90 return $user_obj if ref $user_obj;
92 $c->log->debug( 'Verified OAuth identity failed' ) if $self->debug;
97 my $request = Net::OAuth->request( 'request token' )->new(
99 request_url => $provider->{request_token_endpoint}
103 my $ua_response = $self->ua->request( GET $request->to_url );
105 Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
106 unless $ua_response->is_success;
108 my $response = Net::OAuth->response( 'request token' )->from_post_body( $ua_response->content );
110 $request = Net::OAuth->request( 'user auth' )->new(
112 token => $response->token,
115 $c->res->redirect( $request->to_url( $provider->{user_auth_endpoint} ) );
129 Catalyst::Authentication::Credential::OAuth - OAuth credential for Catalyst::Plugin::Authentication framework.
142 Session::Store::FastMmap
143 Session::State::Cookie
149 <Plugin::Authentication>
157 consumer_key my_app_key
158 consumer_secret my_app_secret
159 request_token_endpoint http://example.com/oauth/request_token
160 access_token_endpoint http://example.com/oauth/access_token
161 user_auth_endpoint http://example.com/oauth/authorize
167 </Plugin::Authentication>
175 if( $c->authenticate( { provider => 'example.com' } ) ) {
176 #do something with $c->user
186 =item $c->user->token
188 =item $c->user->token_secret
190 =item $c->user->extra_params - whatever other params the provider sends back
196 Cosmin Budrica E<lt>cosmin@sinapticode.comE<gt>
198 Bogdan Lucaciu E<lt>bogdan@sinapticode.comE<gt>
200 With contributions from:
202 Tomas Doran E<lt>bobtfish@bobtfish.netE</gt>
207 Only tested with twitter
211 Copyright (c) 2009 Sinapticode. All rights reserved
213 This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.