NAME

OAuth::Lite::Util - utility for OAuth

SYNPSIS

use OAuth::Lite::Util qw(
    gen_random_key
    encode_param
    decode_param
    create_signature_base_string
    parse_auth_header
);

my $random = gen_random_key(8);
my $enocded = encode_param($param);
my $deocded = decode_param($encoded);

my $base_string = create_signature_base_string('GET',
    'http://example.com/path?query', $params);

my $header = q{OAuth realm="http://example.com/api/resource", oauth_consumer_key="hogehoge", ... };
my ($realm, $oauth_params) = parse_auth_header($header);
say $realm;
say $oauth_params->{oauth_consumer_key};
say $oauth_params->{oauth_version};
...

DESCRIPTION

Utilty functions for OAuth are implemented here.

PAY ATTENTION

If you use OAuth 1.31 or older version, its has invalid way to normalize params. (when there are two or more same key and they contain ASCII and non ASCII value)

But the many services have already supported deprecated version, and the correct way breaks backward compatibility. So, from 1.32, supported both correct and deprecated method.

use $OAuth::Lite::USE_DEPRECATED_NORMALIZER to switch behaviour. Currently 1 is set by default to keep backward compatibility.

use OAuth::Lite::Util;
use OAuth::Lite;
$OAuth::Lite::USE_DEPRECATED_NORMALIZER = 0;
...

METHODS

gen_random_key($length)

Generate random octet string. You can indicate the byte-length of generated string. (10 is set by default) If 10 is passed, returns 20-length octet string.

use OAuth::Lite::Util qw(gen_random_key);
my $key1 = gen_random_key();
my $key2 = gen_random_key();

encode_param($param)

Encode parameter according to the way defined in OAuth Core spec.

decode_param($encoded_param)

Decode the encoded parameter.

create_signature_base_string($http_method, $request_uri, $params);

my $method = "GET";
my $uri = "http://example.com/api/for/some-resource";
my $parmas = {
    oauth_consumer_key     => 'foo-bar',
    oauth_signature_method => 'HMAC-SHA1',
    oauth_version => '1.0',
    ...
};
my $base_string = create_signature_base_string($method, $uri, $params);

normalize_request_url($url);

Normalize url according to the way the OAuth Core spec defines.

my $string = normalize_request_url('http://Example.com:80/path?query');
# http://example.com/path
my $string = normalize_request_url('https://Example.com:443/path?query');
# https://example.com/path
my $string = normalize_request_url('http://Example.com:8080/path?query');
# http://example.com:8080/path

normalize_params($params);

Sort and encode params and concatenates them according to the way OAuth Core spec defines.

my $string = normalize_params({
    a => 1, c => 'hi%20there', f => [25, 50, 'a'], z => [ 'p', 't' ]
});

parse_auth_header($header)

Parse authorization/www-authentication header for OAuth. And return the realm and other params.

# service provider side
my $header = $r->headers_in->{Authorization};
my ($realm, $params) = parse_auth_header($header);
say $params->{oauth_token};
say $params->{oauth_consumer_key};
say $params->{oauth_signature_method};
...

# consumer side
my $header = $res->header('WWW-Authenticate');
my ($realm) = parse_auth_header($header);

build_auth_header(%params)

my $header = build_auth_header($realm, {
    oauth_consumer_key     => '...', 
    oauth_signature_method => '...',
    ... and other oauth params
});

AUTHOR

Lyo Kato, lyo.kato _at_ gmail.com

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.