Mojar::Auth::Jwt - JWT authentication for Google services
use Mojar::Auth::Jwt; $jwt = Mojar::Auth::Jwt->new( iss => $auth_user, private_key => $private_key ); $tx = $ua->post_form($jwt->aud, 'UTF-8', { grant_type => $grant_type, assertion => $jwt->encode }); $token = $_->json->{access_token} if $_ = $tx->success;
This class implements JSON Web Token (JWT) authentication (v3) for accessing googleapis.com from a service application. If your application impersonates users (to access/manipulate their data) then you need something else instead.
Type; only supported (tested) value is JWT.
JWT
Algorithm; only supported (tested) value is RS256.
RS256
JWT username. For example, Google Analytics reporting users have ...@developer.gserviceaccount.com.
...@developer.gserviceaccount.com
https://www.googleapis.com/auth/analytics.readonly.
https://www.googleapis.com/auth/analytics.readonly
https://accounts.google.com/o/oauth2/token.
https://accounts.google.com/o/oauth2/token
Start of validity (epoch seconds). Defaults to now.
Length of validity period. Defaults to an hour.
Expiry time (epoch seconds). Defaults to now + duration.
Private key.
JWT header.
JWT content.
Signed encapsulation of header + body
Cipher object, built from Crypt::OpenSSL::RSA. Before accessing, ensure private_key has been set.
private_key
Constructor; typically only iss and private_key are needed.
iss
Clear out stale fields.
Encode header and body and sign with a signature. Either ensure header and body are already set or pass them as parameters.
$jwt->header(...) ->body(...); $encoded = $jwt->encode;
or
$encoded = $jwt->encode(header => q{...}, body => q{...});
Create a new JWT object by deconstructing encoded strings.
$new_jwt = $jwt->decode($encoded_string);
Verify existing signature is valid with respect to header and body. (Mainly used in unit tests.)
Encode a hashref.
$encoded_string = $jwt->mogrify($hashref);
Decode a hashref.
$hashref = $jwt->demogrify($encoded_string);
You need to create a low-privilege user within your GA account, granting them access to an appropriate profile. Then register your application for unattended access. That results in a username and private key that your application uses for access.
As far as I know this class has only been used for accessing Google Analytics services so far. I am expecting it to be useful for other services that use JWT.
See Mojar.
Acme::JWT is less Google-centric.
To install Mojar::Google::Analytics, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Mojar::Google::Analytics
CPAN shell
perl -MCPAN -e shell install Mojar::Google::Analytics
For more information on module installation, please visit the detailed CPAN module installation guide.