NAME
Net::OAuth2::AuthorizationServer::AuthorizationCodeGrant - OAuth2 Authorization Code Grant
SYNOPSIS
my $Grant = Net::OAuth2::AuthorizationServer::AuthorizationCodeGrant->new(
clients => {
TrendyNewService => {
client_secret => 'TopSecretClientSecret',
scopes => {
post_images => 1,
annoy_friends => 1,
},
},
}
);
# verify a client against known clients
my ( $is_valid,$error ) = $Grant->verify_client(
client_id => $client_id,
scopes => [ qw/ list of scopes / ],
);
if ( ! $Grant->login_resource_owner ) {
# resource owner needs to login
...
}
# have resource owner confirm (and perhaps modify) scopes
my ( $confirmed,$error,$scopes_ref ) = $Grant->confirm_by_resource_owner(
client_id => $client_id,
scopes => [ qw/ list of scopes / ],
);
# generate a token
my $token = $Grant->token(
client_id => $client_id,
scopes => $scopes_ref,
type => 'auth', # one of: auth, access, refresh
redirect_uri => $redirect_uri,
user_id => $user_id, # optional
jwt_claims_cb => sub { ... }, # optional, see jwt_claims_cb in Manual
);
# store the auth code
$Grant->store_auth_code(
auth_code => $auth_code,
client_id => $client_id,
redirect_uri => $uri,
scopes => $scopes_ref,
);
# verify an auth code
my ( $client,$error,$scope,$user_id ) = $Grant->verify_auth_code(
client_id => $client_id,
client_secret => $client_secret,
auth_code => $auth_code,
redirect_uri => $uri,
);
# store access token
$Grant->store_access_token(
client_id => $client,
auth_code => $auth_code,
access_token => $access_token,
refresh_token => $refresh_token,
scopes => $scopes_ref,
old_refresh_token => $old_refresh_token,
);
# verify an access token
my ( $is_valid,$error ) = $Grant->verify_access_token(
access_token => $access_token,
scopes => [ qw/ list of scopes / ],
is_refresh_token => 0,
);
# or:
my ( $client,$error,$scope,$user_id ) = $Grant->verify_token_and_scope(
refresh_token => $refresh_token,
auth_header => $http_authorization_header,
);DESCRIPTION
This module implements the OAuth2 "Authorization Code Grant" flow as described at http://tools.ietf.org/html/rfc6749#section-4.1.
CONSTRUCTOR ARGUMENTS
Along with those detailed at "CONSTRUCTOR ARGUMENTS" in Net::OAuth2::AuthorizationServer::Manual the following are supported by this grant type:
auth_code_ttl
The validity period of the generated authorization code in seconds. Defaults to 600 seconds (10 minutes)
CALLBACK FUNCTIONS
The following callbacks are supported by this grant type:
verify_client_cb
login_resource_owner_cb
confirm_by_resource_owner_cb
store_auth_code_cb
verify_auth_code_cb
store_access_token_cb
verify_access_token_cbPlease see "CALLBACK FUNCTIONS" in Net::OAuth2::AuthorizationServer::Manual for documentation on each callback function.
AUTHOR
Lee Johnson - leejo@cpan.org
LICENSE
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. If you would like to contribute documentation or file a bug report then please raise an issue / pull request:
https://github.com/Humanstate/net-oauth2-authorizationserver