[catagits/Catalyst-Authentication-Credential-OAuth.git] / lib / Catalyst / Authentication / Credential / OAuth.pm

package Catalyst::Authentication::Credential::OAuth;
use Moose;
use MooseX::Types::Moose qw/ Bool HashRef /;
use MooseX::Types::Common::String qw/ NonEmptySimpleStr /;
use Net::OAuth;
#$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
use LWP::UserAgent;
use HTTP::Request::Common;
use String::Random qw/ random_string /;
use Catalyst::Exception ();
use namespace::autoclean;

our $VERSION = '0.02';

has debug => ( is => 'ro', isa => Bool );
has providers => ( is => 'ro', isa => HashRef, required => 1 );
has ua => ( is => 'ro', lazy_build => 1, init_arg => undef, isa => 'LWP::UserAgent' );

sub BUILDARGS {
    my ($self, $config, $c, $realm) = @_;

    return $config;
}

sub BUILD {
    my ($self) = @_;
    $self->ua; # Ensure lazy value is built.
}

sub _build_ua {
    my $self = shift;

    LWP::UserAgent->new;
}

sub authenticate {
	my ($self, $c, $realm, $auth_info) = @_;

    Catalyst::Exception->throw( "Provider is not defined." )
        unless defined $auth_info->{provider} || defined $self->providers->{ $auth_info->{provider} };

    my $provider = $self->providers->{ $auth_info->{provider} };

    for ( qw/ consumer_key consumer_secret request_token_endpoint access_token_endpoint user_auth_endpoint / ) {
        Catalyst::Exception->throw( $_ . " is not defined for provider ". $auth_info->{provider} )
            unless $provider->{$_};
    }

    my %defaults = (
	consumer_key => $provider->{consumer_key},
	consumer_secret => $provider->{consumer_secret},
        timestamp => time,
        nonce => random_string( 'ccccccccccccccccccc' ),
        request_method => 'GET',
        signature_method => 'HMAC-SHA1',
	oauth_version => '1.0a',
        callback => $c->uri_for( $c->action, $c->req->captures, @{ $c->req->args } )->as_string
    );

	$c->log_debug( "authenticate() called from " . $c->request->uri ) if $self->debug;

    my $oauth_token = $c->req->method eq 'GET'
        ? $c->req->query_params->{oauth_token}
        : $c->req->body_params->{oauth_token};

	if( $oauth_token ) {

		my $response = Net::OAuth->response( 'user auth' )->from_hash( $c->req->params );

		my $request = Net::OAuth->request( 'access token' )->new(
			%defaults,
			token => $response->token,
			token_secret => '',
			request_url => $provider->{access_token_endpoint},
		);
		$request->sign;

		my $ua_response = $self->ua->request( GET $request->to_url );
		Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
			unless $ua_response->is_success;

		$response = Net::OAuth->response( 'access token' )->from_post_body( $ua_response->content );

		my $user = +{
			token => $response->token,
			token_secret => $response->token_secret,
			extra_params => $response->extra_params
		};

		my $user_obj = $realm->find_user( $user, $c );

		return $user_obj if ref $user_obj;

		$c->log->debug( 'Verified OAuth identity failed' ) if $self->debug;

		return;
	}
	else {
		my $request = Net::OAuth->request( 'request token' )->new(
			%defaults,
			request_url => $provider->{request_token_endpoint}
		);
		$request->sign;

		my $ua_response = $self->ua->request( GET $request->to_url );

		Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
			unless $ua_response->is_success;

		my $response = Net::OAuth->response( 'request token' )->from_post_body( $ua_response->content );

		$request = Net::OAuth->request( 'user auth' )->new(
			%defaults,
			token => $response->token,
		);

		$c->res->redirect( $request->to_url( $provider->{user_auth_endpoint} ) );
	}

}


1;


__END__

=head1 NAME

Catalyst::Authentication::Credential::OAuth - OAuth credential for Catalyst::Plugin::Authentication framework.

=head1 VERSION

0.02

=head1 SYNOPSIS

In MyApp.pm

    use Catalyst qw/
        Authentication
        Session
        Session::Store::FastMmap
        Session::State::Cookie
    /;


In myapp.conf

    <Plugin::Authentication>
        default_realm	oauth
        <realms>
            <oauth>
                <credential>
                    class	OAuth
                    <providers>
                        <example.com>
                            consumer_key             my_app_key
                            consumer_secret          my_app_secret
                            request_token_endpoint   http://example.com/oauth/request_token
                            access_token_endpoint    http://example.com/oauth/access_token
                            user_auth_endpoint       http://example.com/oauth/authorize
                        </example.com>
                    </providers>
                </credential>
            </oauth>
        </realms>
    </Plugin::Authentication>


In controller code,

    sub oauth : Local {
        my ($self, $c) = @_;

        if( $c->authenticate( { provider => 'example.com' } ) ) {
            #do something with $c->user
        }
    }


=head1 USER METHODS

=over 4

=item $c->user->token

=item $c->user->token_secret

=item $c->user->extra_params - whatever other params the provider sends back

=back

=head1 AUTHOR

Cosmin Budrica E<lt>cosmin@sinapticode.comE<gt>

Bogdan Lucaciu E<lt>bogdan@sinapticode.comE<gt>

With contributions from:

  Tomas Doran E<lt>bobtfish@bobtfish.netE</gt>


=head1 BUGS

Only tested with twitter

=head1 COPYRIGHT

Copyright (c) 2009 Sinapticode. All rights reserved

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

=cut
Commit	Line	Data
fc19db6b	1	package Catalyst::Authentication::Credential::OAuth;
fc19db6b	2	use Moose;
05873c3d	3	use MooseX::Types::Moose qw/ Bool HashRef /;
05873c3d	4	use MooseX::Types::Common::String qw/ NonEmptySimpleStr /;
fc19db6b	5	use Net::OAuth;
fc19db6b	6	#$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
fc19db6b	7	use LWP::UserAgent;
05873c3d	8	use HTTP::Request::Common;
fc19db6b	9	use String::Random qw/ random_string /;
fc19db6b	10	use Catalyst::Exception ();
05873c3d	11	use namespace::autoclean;
fc19db6b	12
7d722318	13	our $VERSION = '0.02';
7d722318	14
05873c3d	15	has debug => ( is => 'ro', isa => Bool );
	16	has providers => ( is => 'ro', isa => HashRef, required => 1 );
	17	has ua => ( is => 'ro', lazy_build => 1, init_arg => undef, isa => 'LWP::UserAgent' );
fc19db6b	18
05873c3d	19	sub BUILDARGS {
05873c3d	20	my ($self, $config, $c, $realm) = @_;
fc19db6b	21
05873c3d	22	return $config;
05873c3d	23	}
fc19db6b	24
05873c3d	25	sub BUILD {
	26	my ($self) = @_;
	27	$self->ua; # Ensure lazy value is built.
fc19db6b	28	}
fc19db6b	29
05873c3d	30	sub _build_ua {
05873c3d	31	my $self = shift;
2cd406c8	32
2cd406c8	33	LWP::UserAgent->new;
05873c3d	34	}
fc19db6b	35
	36	sub authenticate {
	37	my ($self, $c, $realm, $auth_info) = @_;
fc19db6b	38
05873c3d	39	Catalyst::Exception->throw( "Provider is not defined." )
05873c3d	40	unless defined $auth_info->{provider} \|\| defined $self->providers->{ $auth_info->{provider} };
fc19db6b	41
05873c3d	42	my $provider = $self->providers->{ $auth_info->{provider} };
	43
	44	for ( qw/ consumer_key consumer_secret request_token_endpoint access_token_endpoint user_auth_endpoint / ) {
	45	Catalyst::Exception->throw( $_ . " is not defined for provider ". $auth_info->{provider} )
	46	unless $provider->{$_};
	47	}
	48
	49	my %defaults = (
	50	consumer_key => $provider->{consumer_key},
	51	consumer_secret => $provider->{consumer_secret},
	52	timestamp => time,
	53	nonce => random_string( 'ccccccccccccccccccc' ),
	54	request_method => 'GET',
	55	signature_method => 'HMAC-SHA1',
	56	oauth_version => '1.0a',
	57	callback => $c->uri_for( $c->action, $c->req->captures, @{ $c->req->args } )->as_string
	58	);
fc19db6b	59
	60	$c->log_debug( "authenticate() called from " . $c->request->uri ) if $self->debug;
	61
05873c3d	62	my $oauth_token = $c->req->method eq 'GET'
	63	? $c->req->query_params->{oauth_token}
	64	: $c->req->body_params->{oauth_token};
fc19db6b	65
05873c3d	66	if( $oauth_token ) {
fc19db6b	67
05873c3d	68	my $response = Net::OAuth->response( 'user auth' )->from_hash( $c->req->params );
fc19db6b	69
fc19db6b	70	my $request = Net::OAuth->request( 'access token' )->new(
05873c3d	71	%defaults,
fc19db6b	72	token => $response->token,
fc19db6b	73	token_secret => '',
05873c3d	74	request_url => $provider->{access_token_endpoint},
fc19db6b	75	);
fc19db6b	76	$request->sign;
fc19db6b	77
05873c3d	78	my $ua_response = $self->ua->request( GET $request->to_url );
fc19db6b	79	Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
fc19db6b	80	unless $ua_response->is_success;
05873c3d	81
fc19db6b	82	$response = Net::OAuth->response( 'access token' )->from_post_body( $ua_response->content );
fc19db6b	83
2cd406c8	84	my $user = +{
fc19db6b	85	token => $response->token,
	86	token_secret => $response->token_secret,
	87	extra_params => $response->extra_params
	88	};
	89
	90	my $user_obj = $realm->find_user( $user, $c );
	91
	92	return $user_obj if ref $user_obj;
	93
	94	$c->log->debug( 'Verified OAuth identity failed' ) if $self->debug;
	95
	96	return;
	97	}
	98	else {
fc19db6b	99	my $request = Net::OAuth->request( 'request token' )->new(
05873c3d	100	%defaults,
05873c3d	101	request_url => $provider->{request_token_endpoint}
fc19db6b	102	);
fc19db6b	103	$request->sign;
fc19db6b	104
05873c3d	105	my $ua_response = $self->ua->request( GET $request->to_url );
05873c3d	106
fc19db6b	107	Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
	108	unless $ua_response->is_success;
	109
	110	my $response = Net::OAuth->response( 'request token' )->from_post_body( $ua_response->content );
	111
fc19db6b	112	$request = Net::OAuth->request( 'user auth' )->new(
05873c3d	113	%defaults,
fc19db6b	114	token => $response->token,
	115	);
	116
05873c3d	117	$c->res->redirect( $request->to_url( $provider->{user_auth_endpoint} ) );
fc19db6b	118	}
	119
	120	}
	121
	122
	123
	124	1;
	125
	126
	127	__END__
	128
	129	=head1 NAME
	130
	131	Catalyst::Authentication::Credential::OAuth - OAuth credential for Catalyst::Plugin::Authentication framework.
	132
	133	=head1 VERSION
	134
7d722318	135	0.02
fc19db6b	136
	137	=head1 SYNOPSIS
	138
	139	In MyApp.pm
	140
05873c3d	141	use Catalyst qw/
	142	Authentication
	143	Session
	144	Session::Store::FastMmap
	145	Session::State::Cookie
	146	/;
fc19db6b	147
	148
	149	In myapp.conf
	150
05873c3d	151	<Plugin::Authentication>
	152	default_realm oauth
	153	<realms>
	154	<oauth>
fc19db6b	155	<credential>
05873c3d	156	class OAuth
	157	<providers>
	158	<example.com>
	159	consumer_key my_app_key
	160	consumer_secret my_app_secret
	161	request_token_endpoint http://example.com/oauth/request_token
	162	access_token_endpoint http://example.com/oauth/access_token
	163	user_auth_endpoint http://example.com/oauth/authorize
	164	</example.com>
	165	</providers>
	166	</credential>
	167	</oauth>
	168	</realms>
	169	</Plugin::Authentication>
fc19db6b	170
	171
	172	In controller code,
	173
05873c3d	174	sub oauth : Local {
05873c3d	175	my ($self, $c) = @_;
fc19db6b	176
05873c3d	177	if( $c->authenticate( { provider => 'example.com' } ) ) {
	178	#do something with $c->user
	179	}
	180	}
fc19db6b	181
	182
	183
	184	=head1 USER METHODS
	185
	186	=over 4
	187
	188	=item $c->user->token
	189
	190	=item $c->user->token_secret
	191
05873c3d	192	=item $c->user->extra_params - whatever other params the provider sends back
fc19db6b	193
	194	=back
	195
	196	=head1 AUTHOR
	197
	198	Cosmin Budrica E<lt>cosmin@sinapticode.comE<gt>
	199
	200	Bogdan Lucaciu E<lt>bogdan@sinapticode.comE<gt>
	201
a726a7ce	202	With contributions from:
	203
	204	Tomas Doran E<lt>bobtfish@bobtfish.netE</gt>
	205
	206
	207	=head1 BUGS
	208
	209	Only tested with twitter
	210
fc19db6b	211	=head1 COPYRIGHT
fc19db6b	212
2cd406c8	213	Copyright (c) 2009 Sinapticode. All rights reserved
fc19db6b	214
	215	This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
	216
	217	=cut