line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package OAuth::Lite2::Server::GrantHandler::ExternalService; |
2
|
|
|
|
|
|
|
|
3
|
2
|
|
|
2
|
|
2643
|
use strict; |
|
2
|
|
|
|
|
6
|
|
|
2
|
|
|
|
|
71
|
|
4
|
2
|
|
|
2
|
|
10
|
use warnings; |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
64
|
|
5
|
|
|
|
|
|
|
|
6
|
2
|
|
|
2
|
|
14
|
use parent 'OAuth::Lite2::Server::GrantHandler'; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
14
|
|
7
|
2
|
|
|
2
|
|
94
|
use OAuth::Lite2::Server::Error; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
48
|
|
8
|
2
|
|
|
2
|
|
660
|
use OAuth::Lite2::ParamMethod::AuthHeader; |
|
2
|
|
|
|
|
7
|
|
|
2
|
|
|
|
|
49
|
|
9
|
2
|
|
|
2
|
|
11
|
use Carp (); |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
720
|
|
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
sub handle_request { |
12
|
10
|
|
|
10
|
1
|
437
|
my ($self, $dh) = @_; |
13
|
|
|
|
|
|
|
|
14
|
10
|
|
|
|
|
40
|
my $req = $dh->request; |
15
|
|
|
|
|
|
|
|
16
|
10
|
|
|
|
|
55
|
my $parser = OAuth::Lite2::ParamMethod::AuthHeader->new; |
17
|
10
|
|
|
|
|
37
|
my $header_credentials = $parser->basic_credentials($req); |
18
|
10
|
50
|
|
|
|
49
|
my $client_id = ($header_credentials->{client_id}) ? $header_credentials->{client_id} : $req->param("client_id"); |
19
|
|
|
|
|
|
|
|
20
|
10
|
100
|
|
|
|
2742
|
my $assertion = $req->param("assertion") |
21
|
|
|
|
|
|
|
or OAuth::Lite2::Server::Error::InvalidRequest->throw( |
22
|
|
|
|
|
|
|
description => "'assertion' not found" |
23
|
|
|
|
|
|
|
); |
24
|
|
|
|
|
|
|
|
25
|
9
|
100
|
100
|
|
|
127
|
my $user_id = $dh->get_user_id_by_external_assertion( |
|
|
|
100
|
|
|
|
|
|
|
|
100
|
|
|
|
|
26
|
|
|
|
|
|
|
client_id => $client_id, |
27
|
|
|
|
|
|
|
assertion => $assertion, |
28
|
|
|
|
|
|
|
type => $req->param("type") || '', |
29
|
|
|
|
|
|
|
iss => $req->param("iss") || '', |
30
|
|
|
|
|
|
|
aud => $req->param("aud") || '', |
31
|
|
|
|
|
|
|
) or OAuth::Lite2::Server::Error::InvalidGrant->throw; |
32
|
|
|
|
|
|
|
|
33
|
4
|
|
|
|
|
253
|
my $scope = $req->param("scope"); |
34
|
|
|
|
|
|
|
|
35
|
4
|
|
|
|
|
55
|
my $auth_info = $dh->create_or_update_auth_info( |
36
|
|
|
|
|
|
|
client_id => $client_id, |
37
|
|
|
|
|
|
|
user_id => $user_id, |
38
|
|
|
|
|
|
|
scope => $scope, |
39
|
|
|
|
|
|
|
); |
40
|
4
|
50
|
33
|
|
|
82
|
Carp::croak "OAuth::Lite2::Server::DataHandler::create_or_update_auth_info doesn't return OAuth::Lite2::Model::AuthInfo" |
41
|
|
|
|
|
|
|
unless ($auth_info |
42
|
|
|
|
|
|
|
&& $auth_info->isa("OAuth::Lite2::Model::AuthInfo")); |
43
|
|
|
|
|
|
|
|
44
|
4
|
|
|
|
|
17
|
my $access_token = $dh->create_or_update_access_token( |
45
|
|
|
|
|
|
|
auth_info => $auth_info, |
46
|
|
|
|
|
|
|
); |
47
|
4
|
50
|
33
|
|
|
60
|
Carp::croak "OAuth::Lite2::Server::DataHandler::create_or_update_access_token doesn't return OAuth::Lite2::Model::AccessToken" |
48
|
|
|
|
|
|
|
unless ($access_token |
49
|
|
|
|
|
|
|
&& $access_token->isa("OAuth::Lite2::Model::AccessToken")); |
50
|
|
|
|
|
|
|
|
51
|
4
|
|
|
|
|
15
|
my $res = { |
52
|
|
|
|
|
|
|
token_type => 'Bearer', |
53
|
|
|
|
|
|
|
access_token => $access_token->token, |
54
|
|
|
|
|
|
|
}; |
55
|
4
|
50
|
|
|
|
35
|
$res->{expires_in} = $access_token->expires_in |
56
|
|
|
|
|
|
|
if $access_token->expires_in; |
57
|
4
|
50
|
|
|
|
49
|
$res->{refresh_token} = $auth_info->refresh_token |
58
|
|
|
|
|
|
|
if $auth_info->refresh_token; |
59
|
4
|
50
|
|
|
|
47
|
$res->{scope} = $auth_info->scope |
60
|
|
|
|
|
|
|
if $auth_info->scope; |
61
|
|
|
|
|
|
|
|
62
|
4
|
|
|
|
|
36
|
return $res; |
63
|
|
|
|
|
|
|
} |
64
|
|
|
|
|
|
|
|
65
|
|
|
|
|
|
|
=head1 NAME |
66
|
|
|
|
|
|
|
|
67
|
|
|
|
|
|
|
OAuth::Lite2::Server::GrantHandler::ExternalService - handler for 'federated-assertion' grant_type request |
68
|
|
|
|
|
|
|
|
69
|
|
|
|
|
|
|
=head1 SYNOPSIS |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
my $handler = OAuth::Lite2::Server::GrantHandler::ExternalService->new; |
72
|
|
|
|
|
|
|
my $res = $handler->handle_request( $data_handler ); |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
=head1 DESCRIPTION |
75
|
|
|
|
|
|
|
|
76
|
|
|
|
|
|
|
handler for 'federated-assertion' grant_type request. |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
=head1 METHODS |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
=head2 handle_request( $req ) |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
See L document. |
83
|
|
|
|
|
|
|
|
84
|
|
|
|
|
|
|
=head1 AUTHOR |
85
|
|
|
|
|
|
|
|
86
|
|
|
|
|
|
|
Ryo Ito, Eritou.06@gmail.comE |
87
|
|
|
|
|
|
|
|
88
|
|
|
|
|
|
|
=head1 COPYRIGHT AND LICENSE |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
Copyright (C) 2014 by Ryo Ito |
91
|
|
|
|
|
|
|
|
92
|
|
|
|
|
|
|
This library is free software; you can redistribute it and/or modify |
93
|
|
|
|
|
|
|
it under the same terms as Perl itself, either Perl version 5.8.8 or, |
94
|
|
|
|
|
|
|
at your option, any later version of Perl 5 you may have available. |
95
|
|
|
|
|
|
|
|
96
|
|
|
|
|
|
|
=cut |
97
|
|
|
|
|
|
|
|
98
|
|
|
|
|
|
|
1; |