Changeset 17507

Timestamp:

08/12/08 15:51:43 (5 years ago)

Author:

lyokato

Message:

lang/perl/OAuth-Lite: updated for 1.10

Location:

lang/perl/OAuth-Lite/trunk/lib/OAuth/Lite

Files:

• Consumer.pm (modified) (1 diff)
• Server/mod_perl2.pm (modified) (15 diffs)

lang/perl/OAuth-Lite/trunk/lib/OAuth/Lite/Consumer.pm

@@ -399 +399 @@
     my ($self, %args) = @_;
     $args{url} ||= $self->request_token_url;
-    my $request_token_url = $args{url}
+    my $request_token_url = delete $args{url}
         or Carp::croak qq/get_request_token needs url in hash params
             or set request_token_path on constructor./;
-    my $realm = $args{realm} || $self->{realm} || '';
+    my $realm = delete $args{realm} || $self->{realm} || '';
     my $res = $self->__request(
-        realm => $realm,
-        url   => $request_token_url,
+        realm  => $realm,
+        url    => $request_token_url,
+        params => {%args},
     );
     unless ($res->is_success) {

lang/perl/OAuth-Lite/trunk/lib/OAuth/Lite/Server/mod_perl2.pm

@@ -146 +146 @@
 
     sub service {
-        my ($self, $params) = @_;
+        my $self = shift;
     }
 
@@ -250 +250 @@
 And disables the exchanged request-token.
 
-=head2 service($params)
+=head2 service
 
 Handle protected resource.
@@ -256 +256 @@
 
     sub service {
-        my ($self, $params) = @_;
+        my $self = shift;
+        my $params = $self->{params};
         my $token_string = $params->{oauth_token};
         my $access_token = MyDB::Scheme->resultset('RequestToken')->find($token_string);
@@ -312 +313 @@
     $self->oauth->allow_extra_param('foo');
 
+=head2 request_method
+
+Request method (Upper Case).
+When the raw request method is POST and X-HTTP-Method-Override is define in header,
+return the value of X-HTTP-Method-Override.
+
+=head2 request_uri
+
+Returns request uri
+
 =head2 request_body
 
@@ -319 +330 @@
 
 Set proper 'WWW-Authentication' response header
+
+=head2 is_required_request_token
+
+Check if current request requires request-token.
+
+=head2 is_required_access_token
+
+Check if current request requires access-token.
+
+=head2 is_required_protected_resource
+
+Check if current request requires protected-resource.
+
+=head2 accepts_consumer_request
+
+You can adopt OAuth Consumer Request 1.0.
+
+See http://oauth.googlecode.com/svn/spec/ext/consumer_request/1.0/drafts/1/spec.html
+
+To adopt this spec, you have to set var 'AcceptConsumerRequest' on httpd.conf
+
+        <Location /resource>
+        PerlSetVar Mode PROTECTED_RESOURCE
+        PerlSetVar AcceptConsumerRequest 1
+        PerlResponseHandler MyServiceWithOAuth
+        </Location>
+
+Then override service method for protected resource.
+
+        sub service {
+                my $self = shift;
+        my $params = $self->{params};
+
+                my $resource_owner_id;
+
+                if (exists $params->{oauth_token}) {
+
+                        my $access_token_value = $params->{oauth_token};
+                        $resource_owner_id = $self->get_user_id_of_access_token($access_token_value);
+
+                } else {
+
+                        my $consumer_key = $params->{oauth_consumer_key};
+                        $resource_owner_id = $self->get_user_id_of_consumer_developer($consumer_key);
+
+                }
+
+                my @resources = MyDB::Scheme->resultset('SomeResource')->search({
+                                user_id => $resource_owner_id,  
+                });
+
+                # output resource data in the manner your api defines.
+                ...
+
+                return Apache2::Const::OK;
+
+        }
 
 =head2 error
@@ -378 +446 @@
     my $self = bless {
         request => $r,
-        oauth   => OAuth::Lite::ServerUtil->new,
-        realm   => undef,
-        secure  => 0,
-        mode    => PROTECTED_RESOURCE,
+        oauth => OAuth::Lite::ServerUtil->new,
+        realm => undef,
+        secure => 0,
+        mode => PROTECTED_RESOURCE,
+                accepts_consumer_request => 0,
+        params => {},
+        completed_validation => 0,
     }, $class;
     my $realm = $self->request->dir_config('Realm');
     $self->{realm} = $realm if $realm;
+    my $accept = $self->request->dir_config('AcceptConsumerRequest');
+    $self->{accepts_consumer_request} = $accept if $accept;
     my $mode = $self->request->dir_config('Mode');
+    my @valid_modes = (PROTECTED_RESOURCE, REQUEST_TOKEN, ACCESS_TOKEN);
     if ($mode) {
-        if (none { $mode eq $_ } (PROTECTED_RESOURCE, REQUEST_TOKEN, ACCESS_TOKEN)) {
+        if (none { $mode eq $_ } @valid_modes) {
             die "Invalid mode."; 
         } else {
@@ -420 +494 @@
 }
 
+sub request_uri {
+    my $self = shift;
+    return $self->request->uri;
+}
+
+sub request_method {
+    my $self = shift;
+    unless (defined $self->{_request_method}) {
+        my $method = uc($self->request->method);
+        my $x_method = uc($self->request->headers_in->{'X-HTTP-Method-Override'} || '');
+        if ($method eq 'POST' && ($x_method eq 'PUT' || $x_method eq 'DELETE')) {
+            $self->{_request_method} = $x_method;
+        } else {
+            $self->{_request_method} = $method;
+        }
+    }
+    return $self->{_request_method};
+}
+
 sub __service {
     my $self = shift;
@@ -427 +520 @@
     if ($authorization && $authorization =~ /^\s*OAuth/) {
         ($realm, $params) = parse_auth_header($authorization);
-    } elsif ( uc($self->request->method) eq 'POST'
+    } elsif ( $self->request_method() eq 'POST'
           &&  $self->request->headers_in->{'Content-Type'} =~ m!application/x-www-form-urlencoded!) {
         for my $pair (split /&/, $self->request_body) {
@@ -439 +532 @@
     }
 
-    my $needs_to_check_token =  $self->__is_required_request_token
-                             ? 0
-                             : 1;
+    my $needs_to_check_token =  ( $self->is_required_request_token
+        || ( $self->is_required_protected_resource && $self->accepts_consumer_request ) )
+        ? 0
+        : 1;
 
     unless ($self->oauth->validate_params($params, $needs_to_check_token)) {
         return $self->errout(400, $self->oauth->errstr);
     }
+
+    $self->{params} = $params;
 
     my $consumer_key = $params->{oauth_consumer_key};
@@ -467 +563 @@
     my $request_uri = $uri->as_string;
 
-    if ($self->__is_required_request_token) {
+    if ($self->is_required_request_token) {
 
         $self->oauth->verify_signature(
-            method          => $self->request->method, 
+            method          => $self->request_method(), 
             params          => $params,
             url             => $request_uri,
@@ -476 +572 @@
         ) or return $self->errout(401, q{Invalid signature});
 
-        my $request_token = $self->publish_request_token($consumer_key);
+        my $request_token = $self->publish_request_token($consumer_key)
+            or return $self->errout(401, $self->errstr);
         return $self->__output_token($request_token);
 
-    } elsif ($self->__is_required_access_token) {
+    } elsif ($self->is_required_access_token) {
 
         my $token_value = $params->{oauth_token};
@@ -487 +584 @@
         }
         $self->oauth->verify_signature(
-            method          => $self->request->method, 
+            method          => $self->request_method(), 
             params          => $params,
             url             => $request_uri,
@@ -499 +596 @@
     } else {
 
-        my $token_value = $params->{oauth_token};
-        my $token_secret = $self->get_access_token_secret($token_value);
-        unless (defined $token_secret) {
-            return $self->errout(401, q{Invalid token});
+        my $token_secret = '';
+        if (exists $params->{oauth_token}) {
+            my $token_value = $params->{oauth_token};
+            $token_secret = $self->get_access_token_secret($token_value);
+            unless (defined $token_secret) {
+                return $self->errout(401, q{Invalid token});
+            }
         }
 
         $self->oauth->verify_signature(
-            method          => $self->request->method, 
+            method          => $self->request_method(), 
             params          => $params,
             url             => $request_uri,
             consumer_secret => $consumer_secret || '',
-            token_secret    => $token_secret || '',
+            token_secret    => $token_secret,
         ) or return $self->errout(401, q{Invalid signature});
+
+        $self->{completed_validation} = 1;
 
         return $self->service($params);
@@ -528 +630 @@
 }
 
-sub __is_required_request_token {
+sub is_consumer_request {
+    my $self = shift;
+    unless ($self->is_required_protected_resource && $self->accepts_consumer_request) {
+        die qq(This method can be called only when accessing protected resource.
+            and accepts consumer-request.);
+    }
+    unless ($self->{completed_validation}) {
+        die qq(This method can be called only after validation);
+    }
+    return exists $self->{params}{oauth_token} ? 1 : 0;
+}
+
+sub is_required_request_token {
     my $self = shift;
     return ($self->{mode} eq REQUEST_TOKEN) ? 1 : 0;
 }
 
-sub __is_required_access_token {
+sub is_required_access_token {
     my $self = shift;
     return ($self->{mode} eq ACCESS_TOKEN) ? 1 : 0;
+}
+
+sub is_required_protected_resource {
+    my $self = shift;
+    return ($self->{mode} eq PROTECTED_RESOURCE) ? 1 : 0;
+}
+
+sub accepts_consumer_request {
+    my $self = shift;
+    return $self->{accepts_consumer_request};
 }
 
@@ -585 +709 @@
 sub set_authenticate_header {
     my $self = shift;
-    $self->request->err_headers_out->add( 'WWW-Authenticate',
-        sprintf(q{OAuth realm="%s"}, $self->realm));
+    my $header = sprintf(q{OAuth realm="%s"}, $self->realm);
+    $self->request->err_headers_out->add( 'WWW-Authenticate', $header );
 }