File Coverage

lib/Net/OAuth2/Profile/WebServer.pm
Criterion Covered Total %
statement 62 88 70.4
branch 4 16 25.0
condition 5 17 29.4
subroutine 18 24 75.0
pod 8 13 61.5
total 97 158 61.3


line stmt bran cond sub pod time code
1             # Copyrights 2013-2019 by [Mark Overmeer ].
2             # For other contributors see ChangeLog.
3             # See the manual pages for details on the licensing terms.
4             # Pod stripped from pm file by OODoc 2.02.
5             # This code is part of distribution Net-OAuth2. Meta-POD processed
6             # with OODoc into POD and HTML manual-pages. See README.md
7             # Copyright Mark Overmeer. Licensed under the same terms as Perl itself.
8              
9             package Net::OAuth2::Profile::WebServer;
10 4     4   79672 use vars '$VERSION';
  4         19  
  4         264  
11             $VERSION = '0.67';
12              
13 4     4   25 use base 'Net::OAuth2::Profile';
  4         8  
  4         1941  
14              
15 4     4   35 use warnings;
  4         7  
  4         126  
16 4     4   24 use strict;
  4         7  
  4         102  
17              
18 4     4   19 use Carp qw(croak);
  4         7  
  4         243  
19 4     4   1638 use Net::OAuth2::AccessToken;
  4         9  
  4         134  
20 4     4   26 use Scalar::Util 'blessed';
  4         8  
  4         201  
21              
22 4     4   25 use HTTP::Request ();
  4         8  
  4         58  
23 4     4   20 use HTTP::Response ();
  4         6  
  4         82  
24 4     4   20 use HTTP::Status qw(HTTP_TEMPORARY_REDIRECT);
  4         9  
  4         4361  
25              
26              
27             sub init($)
28 2     2 0 6 { my ($self, $args) = @_;
29 2   50     14 $args->{grant_type} ||= 'authorization_code';
30 2         12 $self->SUPER::init($args);
31 2         6 $self->{NOPW_redirect} = $args->{redirect_uri};
32 2         5 $self->{NOPW_referer} = $args->{referer};
33             $self->{NOPW_auto_save} = $args->{auto_save}
34 2   50 0   33 || sub { my $token = shift; $token->changed(1) };
  0         0  
  0         0  
35 2         11 $self;
36             }
37              
38             #-------------------
39              
40 2     2 1 6 sub redirect_uri() {shift->{NOPW_redirect}}
41             sub referer(;$)
42 3 50   3 1 5 { my $s = shift; @_ ? $s->{NOPW_referer} = shift : $s->{NOPW_referer} }
  3         12  
43 0     0 1 0 sub auto_save() {shift->{NOPW_auto_save}}
44              
45             #--------------------
46              
47             sub authorize(@)
48 1     1 1 1690 { my ($self, @req_params) = @_;
49              
50             # temporary, for backward compatibility warning
51 1         7 my $uri_base = $self->SUPER::authorize_url;
52             # my $uri_base = $self->authorize_url;
53              
54 1 50 33     16 my $uri = blessed $uri_base && $uri_base->isa('URI')
55             ? $uri_base->clone : URI->new($uri_base);
56              
57 1         8 my $params = $self->authorize_params(@req_params);
58 1         5 $uri->query_form($uri->query_form, %$params);
59 1         136 $uri;
60             }
61              
62             # Net::OAuth2 returned the url+params here, but this should return the
63             # accessor to the parameter with this name. The internals of that code
64             # was so confused that it filled-in the params multiple times.
65             sub authorize_url()
66 1     1 0 6 { require Carp;
67 1         189 Carp::confess("do not use authorize_url() but authorize()! (since v0.50)");
68             }
69              
70              
71             sub authorize_response(;$)
72 0     0 1 0 { my ($self, $request) = @_;
73 0         0 my $resp = HTTP::Response->new
74             ( HTTP_TEMPORARY_REDIRECT => 'Get authorization grant'
75             , [ Location => $self->authorize ]
76             );
77 0 0       0 $resp->request($request) if $request;
78 0         0 $resp;
79             }
80              
81              
82             sub get_access_token($@)
83 0     0 1 0 { my ($self, $code, @req_params) = @_;
84              
85 0         0 my $params = $self->access_token_params(code => $code, @req_params);
86              
87 0         0 my $request = $self->build_request
88             ( $self->access_token_method
89             , $self->access_token_url
90             , $params
91             );
92              
93 0         0 my $response = $self->request($request);
94              
95 0         0 Net::OAuth2::AccessToken->new
96             ( profile => $self
97             , auto_refresh => !!$self->auto_save
98             , $self->params_from_response($response, 'access token')
99             );
100             }
101              
102              
103             sub update_access_token($@)
104 0     0 1 0 { my ($self, $access, @req_params) = @_;
105 0 0       0 my $refresh = $access->refresh_token
106             or croak 'unable to refresh token without refresh_token';
107              
108 0         0 my $req = $self->build_request
109             ( $self->refresh_token_method
110             , $self->refresh_token_url
111             , $self->refresh_token_params(refresh_token => $refresh, @req_params)
112             );
113              
114 0         0 my $resp = $self->request($req);
115 0         0 my %data = $self->params_from_response($resp, 'update token');
116              
117             my $token = $data{access_token}
118 0 0       0 or croak "no access token found in refresh data";
119              
120 0         0 my $type = $data{token_type};
121              
122             my $exp = $data{expires_in}
123 0 0       0 or croak "no expires_in found in refresh data";
124              
125 0         0 $access->update_token($token, $type, $exp+time(), $data{refresh_token});
126             }
127              
128             sub authorize_params(%)
129 1     1 0 2 { my $self = shift;
130 1         5 my $params = $self->SUPER::authorize_params(@_);
131 1   50     5 $params->{response_type} ||= 'code';
132              
133             # should not be required: usually the related between client_id and
134             # redirect_uri is fixed to avoid security issues.
135 1         24 my $r = $self->redirect_uri;
136 1 50 0     18 $params->{redirect_uri} ||= $r if $r;
137              
138 1         4 $params;
139             }
140              
141             sub access_token_params(%)
142 1     1 0 3 { my $self = shift;
143 1         9 my $params = $self->SUPER::access_token_params(@_);
144 1   33     6 $params->{redirect_uri} ||= $self->redirect_uri;
145 1         2 $params;
146             }
147              
148             sub refresh_token_params(%)
149 0     0 0 0 { my $self = shift;
150 0         0 my $params = $self->SUPER::refresh_token_params(@_);
151 0   0     0 $params->{grant_type} ||= 'refresh_token';
152 0         0 $params;
153             }
154              
155             #--------------------
156              
157             sub build_request($$$)
158 3     3 1 3398 { my $self = shift;
159 3         15 my $request = $self->SUPER::build_request(@_);
160              
161 3 50       10 if(my $r = $self->referer)
162 0         0 { $request->header(Referer => $r);
163             }
164              
165 3         8 $request;
166             }
167              
168             #--------------------
169              
170             1;