NAME¶
LWP::Authen::OAuth - generate signed OAuth requests
SYNOPSIS¶
require LWP::Authen::OAuth;
Google¶
# Google uses 'anonymous' for unregistered Web/offline applications or the
# domain name for registered Web applications
my $ua = LWP::Authen::OAuth->new(
oauth_consumer_secret => "anonymous",
);
# request a 'request' token
my $r = $ua->post( "https://www.google.com/accounts/OAuthGetRequestToken",
[
oauth_consumer_key => 'anonymous',
oauth_callback => 'http://example.net/oauth',
xoauth_displayname => 'Example Application',
scope => 'https://docs.google.com/feeds/',
]
);
die $r->as_string if $r->is_error;
# update the token secret from the HTTP response
$ua->oauth_update_from_response( $r );
# open a browser for the user
# data are returned as form-encoded
my $uri = URI->new( 'http:' );
$uri->query( $r->content );
my %oauth_data = $uri->query_form;
# Direct the user to here to grant you access:
# https://www.google.com/accounts/OAuthAuthorizeToken?
# oauth_token=$oauth_data{oauth_token}\n";
# turn the 'request' token into an 'access' token with the verifier
# returned by google
$r = $ua->post( "https://www.google.com/accounts/OAuthGetAccessToken", [
oauth_consumer_key => 'anonymous',
oauth_token => $oauth_data{oauth_token},
oauth_verifier => $oauth_verifier,
]);
# update the token secret from the HTTP response
$ua->oauth_update_from_response( $r );
# now use the $ua to perform whatever actions you want
Sending status updates to a single account is quite easy if you create an
application. The "oauth_consumer_key" and
"oauth_consumer_secret" come from the 'Application Details' page and
the "oauth_token" and "oauth_token_secret" from the 'My
Access Token' page.
my $ua = LWP::Authen::OAuth->new(
oauth_consumer_key => 'xxx1',
oauth_consumer_secret => 'xxx2',
oauth_token => 'yyy1',
oauth_token_secret => 'yyy2',
);
$ua->post( 'http://api.twitter.com/1/statuses/update.json', [
status => 'Posted this using LWP::Authen::OAuth!'
]);
DESCRIPTION¶
This module provides a sub-class of LWP::UserAgent that generates OAuth 1.0
signed requests. You should familiarise yourself with OAuth at
<
http://oauth.net/>.
This module only supports HMAC_SHA1 signing.
OAuth nonces are generated using the Perl random number generator. To set a
nonce manually define 'oauth_nonce' in your requests via a CGI parameter or
the Authorization header - see the OAuth documentation.
METHODS¶
- $ua = LWP::Authen::OAuth->new( ... )
- Takes the same options as "new" in LWP::UserAgent plus
optionally:
oauth_consumer_key
oauth_consumer_secret
oauth_token
oauth_token_secret
Most services will require some or all of these to be set even if it's just
'anonymous'.
- $ua->oauth_update_from_response( $r )
- Update the "oauth_token" and "oauth_token_secret" from
an HTTP::Response object returned by a previous request e.g. when
converting a request token into an access token.
- $key = $ua->oauth_consumer_key( [ KEY ] )
- Get and optionally set the consumer key.
- $secret = $ua->oauth_consumer_secret( [ SECRET ] )
- Get and optionally set the consumer secret.
- $token = $ua->oauth_token( [ TOKEN ] )
- Get and optionally set the oauth token.
- $secret = $ua->oauth_token_secret( [ SECRET ] )
- Get and optionally set the oauth token secret.
SEE ALSO¶
LWP::UserAgent, MIME::Base64, Digest::SHA, URI, URI::Escape
Rationale¶
I think the complexity in OAuth is in the parameter normalisation and message
signing. What this module does is to hide that complexity without replicating
the higher-level protocol chatter.
In Net::OAuth:
$r = Net::OAuth->request('request token')->new(
consumer_key => 'xxx',
request_url => 'https://photos.example.net/request_token',
callback => 'http://printer.example.com/request_token_ready',
...
extra_params {
scope => 'global',
}
);
$r->sign;
$res = $ua->request(POST $r->to_url);
$res = Net::OAuth->response('request token')
->from_post_body($res->content);
... etc
In LWP::Authen::OAuth:
$ua = LWP::Authen::OAuth->new(
oauth_consumer_key => 'xxx'
);
$res = $ua->post( 'https://photos.example.net/request_token', [
oauth_callback => 'http://printer.example.com/request_token_ready',
...
scope => 'global',
]);
$ua->oauth_update_from_response( $res );
... etc
Net::OAuth, OAuth::Lite.
AUTHOR¶
Timothy D Brody <tdb2@ecs.soton.ac.uk>
Copyright 2011 University of Southampton, UK
This program is free software; you can redistribute it and/or modify it under
the same terms as Perl itself