line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Catalyst::ActionRole::OAuth2::GrantAuth; |
2
|
8
|
|
|
8
|
|
39916
|
use Moose::Role; |
|
8
|
|
|
|
|
29
|
|
|
8
|
|
|
|
|
94
|
|
3
|
8
|
|
|
8
|
|
53900
|
use Try::Tiny; |
|
8
|
|
|
|
|
62
|
|
|
8
|
|
|
|
|
575
|
|
4
|
8
|
|
|
8
|
|
4138
|
use CatalystX::OAuth2::Request::GrantAuth; |
|
8
|
|
|
|
|
33
|
|
|
8
|
|
|
|
|
1590
|
|
5
|
|
|
|
|
|
|
|
6
|
|
|
|
|
|
|
# ABSTRACT: Authorization grant endpoint for OAuth2 authentication flows |
7
|
|
|
|
|
|
|
|
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
with 'CatalystX::OAuth2::ActionRole::Grant'; |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
sub build_oauth2_request { |
12
|
12
|
|
|
12
|
0
|
51
|
my ( $self, $controller, $c ) = @_; |
13
|
|
|
|
|
|
|
|
14
|
12
|
|
|
|
|
459
|
my $store = $controller->store; |
15
|
12
|
|
|
|
|
34
|
my $req; |
16
|
|
|
|
|
|
|
try { |
17
|
|
|
|
|
|
|
$req = CatalystX::OAuth2::Request::GrantAuth->new( |
18
|
12
|
|
|
12
|
|
737
|
%{ $c->req->query_parameters } ); |
|
12
|
|
|
|
|
50
|
|
19
|
12
|
|
|
|
|
564
|
$req->store($store); |
20
|
12
|
50
|
|
|
|
98
|
$req->user($c->user) if $c->user_exists; |
21
|
|
|
|
|
|
|
} |
22
|
|
|
|
|
|
|
catch { |
23
|
0
|
|
|
0
|
|
0
|
$c->log->error($_); |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
# need to figure out a better way, but this will do for now |
26
|
0
|
|
|
|
|
0
|
$c->res->body('warning: response_type/client_id invalid or missing'); |
27
|
|
|
|
|
|
|
|
28
|
0
|
|
|
|
|
0
|
$c->detach; |
29
|
12
|
|
|
|
|
186
|
}; |
30
|
|
|
|
|
|
|
|
31
|
12
|
|
|
|
|
2636
|
return $req; |
32
|
|
|
|
|
|
|
} |
33
|
|
|
|
|
|
|
|
34
|
|
|
|
|
|
|
1; |
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
__END__ |
37
|
|
|
|
|
|
|
|
38
|
|
|
|
|
|
|
=pod |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
=head1 NAME |
41
|
|
|
|
|
|
|
|
42
|
|
|
|
|
|
|
Catalyst::ActionRole::OAuth2::GrantAuth - Authorization grant endpoint for OAuth2 authentication flows |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
=head1 VERSION |
45
|
|
|
|
|
|
|
|
46
|
|
|
|
|
|
|
version 0.001007 |
47
|
|
|
|
|
|
|
|
48
|
|
|
|
|
|
|
=head1 SYNOPSIS |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
package AuthServer::Controller::OAuth2::Provider; |
51
|
|
|
|
|
|
|
use Moose; |
52
|
|
|
|
|
|
|
BEGIN { extends 'Catalyst::Controller::ActionRole' } |
53
|
|
|
|
|
|
|
|
54
|
|
|
|
|
|
|
with 'CatalystX::OAuth2::Controller::Role::Provider'; |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
__PACKAGE__->config( |
57
|
|
|
|
|
|
|
store => { |
58
|
|
|
|
|
|
|
class => 'DBIC', |
59
|
|
|
|
|
|
|
client_model => 'DB::Client' |
60
|
|
|
|
|
|
|
} |
61
|
|
|
|
|
|
|
); |
62
|
|
|
|
|
|
|
|
63
|
|
|
|
|
|
|
sub grant : Chained('/') Args(0) Does('OAuth2::GrantAuth') { |
64
|
|
|
|
|
|
|
my ( $self, $c ) = @_; |
65
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
my $oauth2 = $c->req->oauth2; |
67
|
|
|
|
|
|
|
|
68
|
|
|
|
|
|
|
$c->user_exists and $oauth2->user_is_valid(1) |
69
|
|
|
|
|
|
|
or $c->detach('/passthrulogin'); |
70
|
|
|
|
|
|
|
} |
71
|
|
|
|
|
|
|
|
72
|
|
|
|
|
|
|
=head1 DESCRIPTION |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
This action role implements the authorization confirmation endpoint that asks |
75
|
|
|
|
|
|
|
the user if he wishes to grant resource access to the client. This is |
76
|
|
|
|
|
|
|
generally done by presenting a form to the user. Regardless of the mechanism |
77
|
|
|
|
|
|
|
used for this confirmation, the C<$c->req->oauth2> object must be informed of |
78
|
|
|
|
|
|
|
the user's decision via the C<user_is_valid> attribute, which must be true by |
79
|
|
|
|
|
|
|
the end of the request, in order for the authorization flow to be continued. |
80
|
|
|
|
|
|
|
|
81
|
|
|
|
|
|
|
=head1 AUTHOR |
82
|
|
|
|
|
|
|
|
83
|
|
|
|
|
|
|
Eden Cardim <edencardim@gmail.com> |
84
|
|
|
|
|
|
|
|
85
|
|
|
|
|
|
|
=head1 COPYRIGHT AND LICENSE |
86
|
|
|
|
|
|
|
|
87
|
|
|
|
|
|
|
This software is copyright (c) 2017 by Suretec Systems Ltd. |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
This is free software; you can redistribute it and/or modify it under |
90
|
|
|
|
|
|
|
the same terms as the Perl 5 programming language system itself. |
91
|
|
|
|
|
|
|
|
92
|
|
|
|
|
|
|
=cut |