NAME
OAuth::Lite2::Client::ExternalService - OAuth 2.0 Federated Assertion Profile Client
SYNOPSIS
my $client = OAuth::Lite2::Client::ExternalService->new(
id => q{my_client_id},
secret => q{my_client_secret},
access_token_uri => q{http://example.org/token},
);
sub get_access_token {
my $your_app = shift;
my $access_token = $client->get_access_token(
assertion => $your_app->request->param("assertion"),
scope => q{photo},
) or return $your_app->error( $client->errstr );
$your_app->store->save( access_token => $access_token->access_token );
$your_app->store->save( expires_at => time() + $access_token->expires_in );
$your_app->store->save( refresh_token => $access_token->refresh_token );
}
sub refresh_access_token {
my $your_app = shift;
my $access_token = $client->refresh_access_token(
refresh_token => $refresh_token,
) or return $your_app->error( $client->errstr );
$your_app->store->save( access_token => $access_token->access_token );
$your_app->store->save( expires_at => time() + $access_token->expires_in );
$your_app->store->save( refresh_token => $access_token->refresh_token );
}
sub access_to_protected_resource {
my $your_app = shift;
my $access_token = $your_app->store->get("access_token");
my $expires_at = $your_app->store->get("expires_at");
my $refresh_token = $your_app->store->get("refresh_token");
unless ($access_token) {
$your_app->show_reauthorize_page();
return;
}
if ($expires_at < time()) {
$your_app->refresh_access_token();
return;
}
my $req = HTTP::Request->new( GET => q{http://example.org/photo} );
$req->header( Authorization => sprintf(q{OAuth %s}, $access_token) );
my $agent = LWP::UserAgent->new;
my $res = $agent->request($req);
...
}
DESCRIPTION
OAuth 2.0 Federated Assertion Profile Client.
new( %params )
- id
-
Client ID
- secret
-
Client secret
- access_token_uri
-
token endpoint uri on auth-server.
- refresh_token_uri
-
refresh-token endpoint uri on auth-server. if you omit this, access_token_uri is used instead.
- agent
-
user agent. if you omit this, LWP::UserAgent's object is set by default. You can use your custom agent or preset-agents.
See also
OAuth::Lite2::Agent::Dump OAuth::Lite2::Agent::Strict OAuth::Lite2::Agent::PSGIMock
get_access_token( %params )
- assertion
- type
- iss
- aud
- scope
refresh_access_token( %params )
- refresh_token
last_request
Returns a HTTP::Request object that is used when you obtain or refresh access token last time internally.
last_response
Returns a HTTP::Response object that is used when you obtain or refresh access token last time internally.
AUTHOR
Ryo Ito, <ritou.06@gmail.com>
COPYRIGHT AND LICENSE
Copyright (C) 2014 by Ryo Ito
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.8 or, at your option, any later version of Perl 5 you may have available.