From 3b958bc30c5ccb6ea3143c08d1ca65dc0bf4b9bc Mon Sep 17 00:00:00 2001 From: Dave Arter Date: Wed, 13 May 2020 16:38:09 +0100 Subject: Rename O::L::C::W::Azure to O::L::C::W::AuthCodeFlow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Turns out there’s nothing strictly Azure-specific about it. --- perllib/OIDC/Lite/Client/WebServer/AuthCodeFlow.pm | 42 ++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 perllib/OIDC/Lite/Client/WebServer/AuthCodeFlow.pm (limited to 'perllib/OIDC/Lite/Client/WebServer/AuthCodeFlow.pm') diff --git a/perllib/OIDC/Lite/Client/WebServer/AuthCodeFlow.pm b/perllib/OIDC/Lite/Client/WebServer/AuthCodeFlow.pm new file mode 100644 index 000000000..33a9a788f --- /dev/null +++ b/perllib/OIDC/Lite/Client/WebServer/AuthCodeFlow.pm @@ -0,0 +1,42 @@ +package OIDC::Lite::Client::WebServer::AuthCodeFlow; + +use strict; +use warnings; +use parent 'OIDC::Lite::Client::WebServer'; + +use OIDC::Lite::Client::IDTokenResponseParser; + +=head1 NAME + +OIDC::Lite::Client::WebServer::AuthCodeFlow - extension to auth against an +identity provider using the authorization code flow, such as Azure AD B2C or +Google OAuth 2.0. +More info: https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowSteps + +OIDC::Lite doesn't appear to support the authorisation code flow to get an +ID token - only an access token. This flow returns all its claims in the id_token +(and may not support a UserInfo endpoint e.g. Azure AD B2C), so this extension +adds support for parsing the id_token when calling get_access_token. + +=cut + +=head2 new + +Overrides response_parser so that get_access_token returns a +L object. + +NB this does not perform any verification of the id_token. It's assumed to be +safe as it's come directly from the OpenID IdP and not an untrusted user's +browser. + +=cut + +sub new { + my $self = shift->next::method(@_); + + $self->{response_parser} = OIDC::Lite::Client::IDTokenResponseParser->new; + + return $self; +} + +1; -- cgit v1.2.3