NAME
OAuth::Lite::Util - utility for OAuth
SYNPSIS
use OAuth::Lite::Util qw(
gen_random_key
encode_param
decode_param
create_signature_base_string
parse_auth_header
);
my $random = gen_random_key(8);
my $enocded = encode_param($param);
my $deocded = decode_param($encoded);
my $base_string = create_signature_base_string('GET',
'http://example.com/path?query', $params);
my $header = q{OAuth realm="http://example.com/api/resource", oauth_consumer_key="hogehoge", ... };
my ($realm, $oauth_params) = parse_auth_header($header);
say $realm;
say $oauth_params->{oauth_consumer_key};
say $oauth_params->{oauth_version};
...
DESCRIPTION
Utilty functions for OAuth are implemented here.
PAY ATTENTION
If you use OAuth 1.31 or older version, its has invalid way to normalize params. (when there are two or more same key and they contain ASCII and non ASCII value)
But the many services have already supported deprecated version, and the correct way breaks backward compatibility. So, from 1.32, supported both correct and deprecated method.
use $OAuth::Lite::USE_DEPRECATED_NORMALIZER to switch behaviour. Currently 1 is set by default to keep backward compatibility.
use OAuth::Lite::Util;
use OAuth::Lite;
$OAuth::Lite::USE_DEPRECATED_NORMALIZER = 0;
...
METHODS
gen_random_key($length)
Generate random octet string. You can indicate the byte-length of generated string. (10 is set by default) If 10 is passed, returns 20-length octet string.
use OAuth::Lite::Util qw(gen_random_key);
my $key1 = gen_random_key();
my $key2 = gen_random_key();
encode_param($param)
Encode parameter according to the way defined in OAuth Core spec.
decode_param($encoded_param)
Decode the encoded parameter.
create_signature_base_string($http_method, $request_uri, $params);
my $method = "GET";
my $uri = "http://example.com/api/for/some-resource";
my $parmas = {
oauth_consumer_key => 'foo-bar',
oauth_signature_method => 'HMAC-SHA1',
oauth_version => '1.0',
...
};
my $base_string = create_signature_base_string($method, $uri, $params);
normalize_request_url($url);
Normalize url according to the way the OAuth Core spec defines.
my $string = normalize_request_url('http://Example.com:80/path?query');
# http://example.com/path
my $string = normalize_request_url('https://Example.com:443/path?query');
# https://example.com/path
my $string = normalize_request_url('http://Example.com:8080/path?query');
# http://example.com:8080/path
normalize_params($params);
Sort and encode params and concatenates them according to the way OAuth Core spec defines.
my $string = normalize_params({
a => 1, c => 'hi%20there', f => [25, 50, 'a'], z => [ 'p', 't' ]
});
parse_auth_header($header)
Parse authorization/www-authentication header for OAuth. And return the realm and other params.
# service provider side
my $header = $r->headers_in->{Authorization};
my ($realm, $params) = parse_auth_header($header);
say $params->{oauth_token};
say $params->{oauth_consumer_key};
say $params->{oauth_signature_method};
...
# consumer side
my $header = $res->header('WWW-Authenticate');
my ($realm) = parse_auth_header($header);
build_auth_header(%params)
my $header = build_auth_header($realm, {
oauth_consumer_key => '...',
oauth_signature_method => '...',
... and other oauth params
});
AUTHOR
Lyo Kato, lyo.kato _at_ gmail.com
COPYRIGHT AND LICENSE
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.