OAuthomatic::Caller - actually make OAuth-signed calls
version 0.0202
Sign OAuth calls and execute them.
This object is mostly used internally by OAuthomatic, but may be useful separately if you want to implement initialization scheme by yourself but prefer it's API and structural exceptions to raw Net::OAuth.
Calculates URL which user should visit to authorize app (and associated temporary token).
Acquires access token, preserves them in the object (so future calls will be authenticated), and return (so it can be saved etc).
Prepare properly signed HTTP::Request but do not execute it, just return ready-to-be-sent object.
Parameters: identical as in "execute_oauth_request"
Make a request to url using the given HTTP method and signing request with OAuth credentials.
url
One of GET, POST, PUT, DELETE.
GET
POST
PUT
DELETE
Actual URL to call (http://some.site.com/api/...)
http://some.site.com/api/...
Additional arguments to escape and add to the URL. This is simply shortcut, three calls below are equivalent:
$c->execute_oauth_request(method => "GET", url => "http://some.where/api?x=1&y=2&z=a+b"); $c->execute_oauth_request(method => "GET", url => "http://some.where/api", url_args => {x => 1, y => 2, z => 'a b'}); $c->execute_oauth_request(method => "GET", url => "http://some.where/api?x=1", url_args => {y => 2, z => 'a b'});
Exactly one of those must be specified for POST and PUT (none for GET or DELETE).
Specifying body_form means, that we are creating www-urlencoded form. Parameters will be included in OAuth signature. Example:
body_form
$c->execute_oauth_request(method => "POST", url => "http://some.where/api", body_form => {par1 => 'abc', par2 => 'd f'});
Note that this is not just a shortcut for setting body to already serialized form. Case of urlencoded form is treated in a special way by OAuth (those values impact OAuth signature). To avoid signature verification errors, OAuthomatic will reject such attempts:
# WRONG AND WILL FAIL. Use body_form if you post form. $c->execute_oauth_request(method => "POST", url => "http://some.where/api", body => 'par1=abc&par2=d+f', content_type => 'application/x-www-form-urlencoded');
Specifying body means, that we post non-form body (for example JSON, XML or even binary data). Example:
body
$c->execute_oauth_request(method => "POST", url => "http://some.where/api", body => "<product><item-no>3434</item-no><price>334.22</price></product>", content_type => "application/xml; charset=utf-8");
Value of body can be either binary string (which will be posted as-is), or perl unicode string (which will be encoded according to the content type, what by default means utf-8).
Such content is not covered by OAuth signature, so less secure (at least if it is posted over non-SSL connection).
For longer bodies, references are supported:
$c->execute_oauth_request(method => "POST", url => "http://some.where/api", body => \$body_string, content_type => "application/xml; charset=utf-8");
Used to set content type of the request. If missing, it is set to text/plain; charset=utf-8 if body param is specified and to application/x-www-form-urlencoded; charset=utf-8 if body_form param is specified.
text/plain; charset=utf-8
application/x-www-form-urlencoded; charset=utf-8
Note that module author does not test behaviour on encodings different than utf-8 (although they may work).
Common code for API and OAuth-protocol calls. Uses all parameters described in "execute_oauth_request" and two additional:
ProtectedResource, UserAuth, RequestToken etc (XXX from Net::Oauth::XXXXRequest)
Actual token to use while signing (skip to use only client token) - either $self->token_cred, or some temporary_cred, depending on task at hand.
OAuthomatic::Config object used to bundle various configuration params.
OAuthomatic::Server object used to bundle server-related configuration params.
Common code for API and OAuth-protocol calls. Uses all parameters described in "execute_oauth_request" and some additional:
Verifier to be added to access token creation.
Callback url for temporary token creation.
True if authorization tokens are to be merged into POST body, false if they are to be preserved in Authorize header.
Marcin Kasperski <Marcin.Kasperski@mekk.waw.pl>
This software is copyright (c) 2015 by Marcin Kasperski.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install OAuthomatic, copy and paste the appropriate command in to your terminal.
cpanm
cpanm OAuthomatic
CPAN shell
perl -MCPAN -e shell install OAuthomatic
For more information on module installation, please visit the detailed CPAN module installation guide.