OAuth::Lite::ServerUtil - server side utility
my $util = OAuth::Lite::ServerUtil->new; $util->support_signature_method('HMAC-SHA1'); $util->allow_extra_params(qw/file size/); unless ($util->validate_params($oauth_params)) { return $server->error(400, $util->errstr); } $util->verify_signature( method => $r->method, params => $oauth_params, url => $request_uri, consumer_secret => $consumer->secret, ) or return $server->error(401, $util->errstr);
And see OAuth::Lite::Server::mod_perl2 source code.
This module helps you to implement application that acts as OAuth Service Provider.
Constructor
my $util = OAuth::Lite::ServerUtil->new;
Set strict true by default, and it judge unsupported param as invalid when validating params. You can build ServerUtil as non-strict mode, then it accepts unsupported parameters.
my $util = OAuth::Lite::ServerUtil->new( strict => 0 );
When you validate oauth parameters, if an extra parameter is included, the validation will fail.
my $params = { oauth_version => '1.0', ...and other oauth parameters, }; $params->{file} = "foo.jpg"; # fail! unless ($util->validate_params($params)) { $your_app->error( $util->errstr ); }
So, if you want allow extra parameter, use this method.
$util->allow_extra_param('file'); my $params = { oauth_version => '1.0', ...and other oauth parameters, }; $params->{file} = "foo.jpg"; # Now this results successfully. unless ($util->validate_params($params)) { $your_app->error( $util->errstr ); }
You can allow multiple extra parameters at once.
$util->allow_extra_params(qw/file size/);
Set the signature method class's name that your server can supports.
$util->support_signature_method('HMAC_SHA1');
This method requires indicated signature method class inside. So, you should install OAuth::Lite::SignatureMethod::$method_class_name beforehand. For example, when your choise is HMAC_SHA1, you need to have OAuth::Lite::SignatureMethod::HMAC_SHA1 installed in your server.
You can set multiple signature method class at once.
$util->support_signature_methods(qw/HMAC_SHA1 RSA_SHA1/);
Check if the request includes all required params and doesn't include unsupported params. It doesn't check unsupported params when working on strict mode.
unless ($util->validate_params($params)) { $your_app->error( $util->errstr ); }
When the request is to exchange tokens or to access to protected resources, pass 1 for second argument. This flag indicates that oauth_token param is needed.
unless ($util->validate_params($params, 1)) { $your_app->error( $util->errstr ); }
unless ($util->validate_signature_method('HMAC-SHA1')) { $your_app->error(qq/Unsupported signature method/); ... }
# you can omit consumer_secret and token_secret if you don't need them. $util->verify_signature( method => $r->method, params => $params, url => $requested_uri, consumer_secret => $consumer_secret, token_secret => $token_secret, ) or die $utl->errstr;
OAuth::Lite::Server::mod_perl2
Lyo Kato, lyo.kato _at_ gmail.com
lyo.kato _at_ gmail.com
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.
To install OAuth::Lite, copy and paste the appropriate command in to your terminal.
cpanm
cpanm OAuth::Lite
CPAN shell
perl -MCPAN -e shell install OAuth::Lite
For more information on module installation, please visit the detailed CPAN module installation guide.