Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re^5: Need to resolve the API call query

by chandantul (Scribe)
on Jun 09, 2021 at 05:00 UTC ( #11133678=note: print w/replies, xml ) Need Help??


in reply to Re^4: Need to resolve the API call query
in thread Need to resolve the API call query

This node falls below the community's threshold of quality. You may see it by logging in.

Replies are listed 'Best First'.
Re^6: Need to resolve the API call query
by davido (Cardinal) on Jun 09, 2021 at 22:03 UTC

    The module is a bad choice for the following reasons:

    • Plack::Middleware::OAuth has not received an update in almost ten years.
    • The module's POD says: "This module is still in **BETA** , DO NOT USE THIS FOR PRODUCTION!"
    • The module has open issues that are ten years old. No recent issues. None of the issues have been addressed. So it is not in good working order, and not getting fixed.
    • The module author hasn't posted anything to CPAN in almost eight years.

    The module author tells you in the documentation not to use the module. It wouldn't be productive to try to find an author who has been absent for eight years, to ask questions or to ask for bug-fixes in a module that has been marked "beta" for a decade.

    If it were me, I would investigate other OAuth modules and choose one that is actively maintained.


    Dave

      Hi Dave,Thanks for your kind responses. I have contacted the author and fork the module from github and made possible to redirect to our OKTA authorization page by modifying ReuestTokenV2.pm. Please check below code snippet that made it possible but one thing how can i capture the headers query string parameter from browser

      My main goal is to capture the query string parameter "code" in order to get the value and utlize the same to get the access_token from our OKTA authorization server. I am trying to code sub function in my OP.pm, I was wondering i could utlize the HTTP request in same

      app.psgi

      use strict; use warnings; use Plack::Middleware; use Plack::Middleware::OAuth; use Plack::Middleware::OAuth::dev; use URI; use LWP::UserAgent; use Plack::Builder; use Plack::Middleware; use Authen::Simple::ActiveDirectory; use Log::Log4perl; builder {enable 'OAuth', on_success => => sub { my ($self,$token) = @_; my $userinfo = Plack::Middleware::OAuth::UserInfo->new( config +=> $self->config , token => $token ); if( $token->is_provider('Dev') ) { my $info = $userinfo->ask( $token->provider ); return $self->to_yaml( $info ); } return $self->render( 'Error' ); }, providers => { 'Dev' => { client_id => 'xxxxxxxxxxxxxxxxxxx', client_secret => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +xxx' }, }; webapp->to_app; };

      Please check below config dev.pm

      package Plack::Middleware::OAuth::dev; use warnings; use strict; sub config { + { version => 2, authorize_url => 'https://dev.oktapreview.com/oauth2/v1/authori +ze', access_token_url => 'https://dev.oktapreview.com/oauth2/v1/token', response_type => 'code', redirect_uri => 'https://testchandan.com:5001', grant_type => 'authorization_code', scope => 'openid', state => '1234', } } 1;
Re^6: Need to resolve the API call query
by 1nickt (Abbot) on Jun 09, 2021 at 22:07 UTC

      Sure, Can you please let me know if this is the same app.psgi or the configuration will be different? My main goal is to capture the query string parameter "code" in order to get the value and utlize the same to get the access_token from our OKTA authorization server. I am trying to code sub function in my OP.pm, I was wondering i could utilize the HTTP request in order to collect the query string parameter code in same session and it won't ask for authentication.

      sub result4 { my ($args) = @_; my $oktadev = $args->{OKTAUsersList}; my $email = $args->{Email}; my $ua = LWP::UserAgent->new(); $ua->proxy([ 'http' ], 'http://proxy.myorg.com:8080'); my $uri = URI->new('https://dev.oktapreview.com/oauth2/v1/authorize'); $uri->query_form(client_id => 'xxxxxxxxxxxxxxxxxx',response_type=>' +code', scope=>'openid okta.users.read',redirect_uri=>'https://testcha +ndan.com:5001',state=>'1234', nonce=>'UBGW'); my $response1 = $ua->get($uri); my $responsecode = $response1->code() ; my $responsecontent = $response1->content(); print $response1->headers_as_string if $response1->is_success; print "$responsecode\n"; print "$responsecontent\n"; unless($response1->is_success(),$response1->code) + { die($response1->code, "\n", $response1->content, "\n"); } }

      Its redirecting again to authorization page as per the content but i was wondering this will get me the authrization code as its implemented on to the same app and i was using the same browser session without further asking the password.. Please let me know what should be my approch to collect query string parameter code from browser headers in order to get the access_token from Authorization server? Please let me know if any more details are needed

      My webapp.pm

      package webapp; use Dancer2; use Op; our $VERSION = '0.1'; get '/' => sub { #&client1; template 'query2' => { 'title' => 'webapp' }; }; post '/' => sub { my $r2 = Op::result4({OKTAUsersList => param('OKTA-Users-List'), Email => param('Email')}); template result4 => { title => 'webapp', result4 => $r2 } }; true;

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://11133678]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (2)
As of 2021-06-14 03:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What does the "s" stand for in "perls"? (Whence perls)












    Results (60 votes). Check out past polls.

    Notices?