File Coverage

blib/lib/CatalystX/OAuth2/Request/RequestAuth.pm

Criterion	Covered	Total	%
statement	19	19	100.0
branch	6	10	60.0
condition	0	2	0.0
subroutine	4	4	100.0
pod	0	2	0.0
total	29	37	78.3

line	stmt	bran	cond	sub	pod	time	code
1							package CatalystX::OAuth2::Request::RequestAuth;
2	8			8		62	use Moose;
	8					21
	8					64
3
4							# ABSTRACT: Role for the initial request in the oauth2 flow
5
6							with 'CatalystX::OAuth2::Grant';
7
8							has client_secret =>
9							( isa => 'Str', is => 'ro', predicate => 'has_client_secret' );
10							has enable_client_secret => ( isa => 'Bool', is => 'rw', default => 0 );
11
12							around _params => sub {
13							my $orig = shift;
14							return $orig->(@_), qw(client_secret)
15							};
16
17							# cargo-culted, a small refactor of the action roles should remove the need to do this
18	5			5	0	24	sub has_approval { 1 }
19
20							sub _build_query_parameters {
21	3			3		11	my ($self) = @_;
22
23	3	100				104	my %q = $self->has_state ? ( state => $self->state ) : ();
24
25	3	50				119	$self->response_type eq 'code'
26							or return {
27							error => 'unsuported_response_type',
28							error_description => 'this server does not support "'
29							. $self->response_type
30							. "' as a method for obtaining an authorization code",
31							%q
32							};
33
34	3					110	$q{response_type} = $self->response_type;
35
36	3					97	my $store = $self->store;
37	3	50				93	my $client = $store->find_client( $self->client_id )
38							or return {
39							error => 'unauthorized_client',
40							error_description => 'the client identified by '
41							. $self->client_id
42							. ' is not authorized to access this resource'
43							};
44
45	3	50	0			14702	$store->verify_client_secret( $self->client_id, $self->client_secret )
46							or return {
47							error => 'unauthorized_client',
48							error_description => 'the client identified by '
49							. $self->client_id
50							. ' is not authorized to access this resource'
51							}
52							if $self->enable_client_secret;
53
54	3					96	$q{client_id} = $self->client_id;
55
56	3	50				75	$client->endpoint eq $self->redirect_uri
57							or return {
58							error => 'invalid_request',
59							error_description =>
60							'redirection_uri does not match the registered client endpoint'
61							};
62
63	3					88	$q{redirect_uri} = $self->redirect_uri;
64
65	3					89	my $code = $store->create_client_code( $self->client_id );
66	3					13057	$q{code} = $code->as_string;
67
68	3					83	return \%q;
69							}
70
71							sub next_action_uri {
72	7			7	0	362	my ( $self, $controller, $c ) = @_;
73	7					311	$c->uri_for( $controller->_get_auth_token_via_auth_grant_action,
74							$self->query_parameters );
75							}
76
77							1;
78
79							__END__
80
81							=pod
82
83							=head1 NAME
84
85							CatalystX::OAuth2::Request::RequestAuth - Role for the initial request in the oauth2 flow
86
87							=head1 VERSION
88
89							version 0.001007
90
91							=head1 AUTHOR
92
93							Eden Cardim <edencardim@gmail.com>
94
95							=head1 COPYRIGHT AND LICENSE
96
97							This software is copyright (c) 2017 by Suretec Systems Ltd.
98
99							This is free software; you can redistribute it and/or modify it under
100							the same terms as the Perl 5 programming language system itself.
101
102							=cut