lib/Catalyst/Authentication/Credential/OAuth.pm

   1 package Catalyst::Authentication::Credential::OAuth;
   2 use Moose;
   3 use MooseX::Types::Moose qw/ Bool HashRef /;
   4 use MooseX::Types::Common::String qw/ NonEmptySimpleStr /;
   5 use Net::OAuth;
   6 #$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
   7 use LWP::UserAgent;
   8 use HTTP::Request::Common;
   9 use String::Random qw/ random_string /;
  10 use Catalyst::Exception ();
  11 use namespace::autoclean;
  12
  13 our $VERSION = '0.02';
  14
  15 has debug => ( is => 'ro', isa => Bool );
  16 has providers => ( is => 'ro', isa => HashRef, required => 1 );
  17 has ua => ( is => 'ro', lazy_build => 1, init_arg => undef, isa => 'LWP::UserAgent' );
  18
  19 sub BUILDARGS {
  20     my ($self, $config, $c, $realm) = @_;
  21
  22     return $config;
  23 }
  24
  25 sub BUILD {
  26     my ($self) = @_;
  27     $self->ua; # Ensure lazy value is built.
  28 }
  29
  30 sub _build_ua {
  31     my $self = shift;
  32
  33     LWP::UserAgent->new;
  34 }
  35
  36 sub authenticate {
  37         my ($self, $c, $realm, $auth_info) = @_;
  38
  39     Catalyst::Exception->throw( "Provider is not defined." )
  40         unless defined $auth_info->{provider} || defined $self->providers->{ $auth_info->{provider} };
  41
  42     my $provider = $self->providers->{ $auth_info->{provider} };
  43
  44     for ( qw/ consumer_key consumer_secret request_token_endpoint access_token_endpoint user_auth_endpoint / ) {
  45         Catalyst::Exception->throw( $_ . " is not defined for provider ". $auth_info->{provider} )
  46             unless $provider->{$_};
  47     }
  48
  49     my %defaults = (
  50         consumer_key => $provider->{consumer_key},
  51         consumer_secret => $provider->{consumer_secret},
  52         timestamp => time,
  53         nonce => random_string( 'ccccccccccccccccccc' ),
  54         request_method => 'GET',
  55         signature_method => 'HMAC-SHA1',
  56         oauth_version => '1.0a',
  57         callback => $c->uri_for( $c->action, $c->req->captures, @{ $c->req->args } )->as_string
  58     );
  59
  60         $c->log_debug( "authenticate() called from " . $c->request->uri ) if $self->debug;
  61
  62     my $oauth_token = $c->req->method eq 'GET'
  63         ? $c->req->query_params->{oauth_token}
  64         : $c->req->body_params->{oauth_token};
  65
  66         if( $oauth_token ) {
  67
  68                 my $response = Net::OAuth->response( 'user auth' )->from_hash( $c->req->params );
  69
  70                 my $request = Net::OAuth->request( 'access token' )->new(
  71                         %defaults,
  72                         token => $response->token,
  73                         token_secret => '',
  74                         request_url => $provider->{access_token_endpoint},
  75                 );
  76                 $request->sign;
  77
  78                 my $ua_response = $self->ua->request( GET $request->to_url );
  79                 Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
  80                         unless $ua_response->is_success;
  81
  82                 $response = Net::OAuth->response( 'access token' )->from_post_body( $ua_response->content );
  83
  84                 my $user = +{
  85                         token => $response->token,
  86                         token_secret => $response->token_secret,
  87                         extra_params => $response->extra_params
  88                 };
  89
  90                 my $user_obj = $realm->find_user( $user, $c );
  91
  92                 return $user_obj if ref $user_obj;
  93
  94                 $c->log->debug( 'Verified OAuth identity failed' ) if $self->debug;
  95
  96                 return;
  97         }
  98         else {
  99                 my $request = Net::OAuth->request( 'request token' )->new(
 100                         %defaults,
 101                         request_url => $provider->{request_token_endpoint}
 102                 );
 103                 $request->sign;
 104
 105                 my $ua_response = $self->ua->request( GET $request->to_url );
 106
 107                 Catalyst::Exception->throw( $ua_response->status_line.' '.$ua_response->content )
 108                         unless $ua_response->is_success;
 109
 110                 my $response = Net::OAuth->response( 'request token' )->from_post_body( $ua_response->content );
 111
 112                 $request = Net::OAuth->request( 'user auth' )->new(
 113                         %defaults,
 114                         token => $response->token,
 115                 );
 116
 117                 $c->res->redirect( $request->to_url( $provider->{user_auth_endpoint} ) );
 118         }
 119
 120 }
 121
 122
 123
 124 1;
 125
 126
 127 __END__
 128
 129 =head1 NAME
 130
 131 Catalyst::Authentication::Credential::OAuth - OAuth credential for Catalyst::Plugin::Authentication framework.
 132
 133 =head1 VERSION
 134
 135 0.02
 136
 137 =head1 SYNOPSIS
 138
 139 In MyApp.pm
 140
 141     use Catalyst qw/
 142         Authentication
 143         Session
 144         Session::Store::FastMmap
 145         Session::State::Cookie
 146     /;
 147
 148
 149 In myapp.conf
 150
 151     <Plugin::Authentication>
 152         default_realm   oauth
 153         <realms>
 154             <oauth>
 155                 <credential>
 156                     class       OAuth
 157                     <providers>
 158                         <example.com>
 159                             consumer_key             my_app_key
 160                             consumer_secret          my_app_secret
 161                             request_token_endpoint   http://example.com/oauth/request_token
 162                             access_token_endpoint    http://example.com/oauth/access_token
 163                             user_auth_endpoint       http://example.com/oauth/authorize
 164                         </example.com>
 165                     </providers>
 166                 </credential>
 167             </oauth>
 168         </realms>
 169     </Plugin::Authentication>
 170
 171
 172 In controller code,
 173
 174     sub oauth : Local {
 175         my ($self, $c) = @_;
 176
 177         if( $c->authenticate( { provider => 'example.com' } ) ) {
 178             #do something with $c->user
 179         }
 180     }
 181
 182
 183
 184 =head1 USER METHODS
 185
 186 =over 4
 187
 188 =item $c->user->token
 189
 190 =item $c->user->token_secret
 191
 192 =item $c->user->extra_params - whatever other params the provider sends back
 193
 194 =back
 195
 196 =head1 AUTHOR
 197
 198 Cosmin Budrica E<lt>cosmin@sinapticode.comE<gt>
 199
 200 Bogdan Lucaciu E<lt>bogdan@sinapticode.comE<gt>
 201
 202 With contributions from:
 203
 204   Tomas Doran E<lt>bobtfish@bobtfish.netE</gt>
 205
 206
 207 =head1 BUGS
 208
 209 Only tested with twitter
 210
 211 =head1 COPYRIGHT
 212
 213 Copyright (c) 2009 Sinapticode. All rights reserved
 214
 215 This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
 216
 217 =cut