Provided by: libnet-oauth2-perl_0.64-1_all bug


       Net::OAuth2::Profile - OAuth2 access profiles


        Net::OAuth2::Profile is extended by


         See Net::OAuth2::Profile::WebServer
         and Net::OAuth2::Profile::Password


       Base class for OAuth `profiles'.  Currently implemented:

       ·   Net::OAuth2::Profile::WebServer

       ·   Net::OAuth2::Profile::Password

       You may want to use the OAuth2 documentation at Google
       <> to understand the process
       and the parameters.


           Next to the %options listed below, it is possible to provide settings for each of the
           <${commands}> "access_token", "protected_resource", "authorize", and "refresh_token".
           For each command, you can set

           ·   ${command}_url => URI|STRING

               The absolute uri which needs to be used to be addressed to execute the $command.
               May be specified as URI object or STRING.

           ·   ${command}_path => PATH

               As previous, but relative to the "site" option value.

           ·   ${command}_method => 'GET'|'POST'

               Which method to use for the call (by default POST).

           ·   ${command}_param  => []

               Additional parameters for the command.

            -Option           --Default
             client_id          <required>
             client_secret      <required>
             grant_type         <required>
             hd                 undef
             scope              undef
             secrets_in_params  <true>
             site               undef
             state              undef
             token_scheme       'auth-header:Bearer'
             user_agent         <created internally>

           client_id => STRING
           client_secret => STRING
           grant_type => STRING
           hd => STRING
             Passthrough parameter that allows you to restrict one's login to a particular Google
             Apps domain. The application making the call should check that the returned value
             for hd matches the expected domain, as the user can change the hd parameter in the
             original request.

             See for more

           scope => STRING
           secrets_in_params => BOOLEAN
             The client secrets are passed both via an Authentication header, as via query
             parameters in the URI.  The former is required to be accepted by rfc6749, the latter
             is optional.  However: many servers use the query parameters only.

             QQ Catalyst, on the other hand, does refuse requests with these parameters in the
             query.  So, with this flag explicitly set to false, only the Auth header gets

           site => URI
           state => STRING
           token_scheme => SCHEME
             See add_token() for the supported SCHEMEs.  Scheme "auth-header" is probably the
             only sane default, because that works with any kind of http requests, where the
             other options have limited or possible disturbing application.

             Before [0.53], the default was 'auth-header:OAuth'.

             Specify the method to submit authenticated requests to the service. By default, add
             the access token as a header, such as: "Authorization: Bearer TOKEN".  Some services
             require that the header will be different, i.e. "Authorization: OAuth TOKEN", for
             which case specify token_scheme 'auth-header:Oauth'.

             To add the access token as a uri-parameter: 'uri-query:oauth_token' (in this case,
             the parameter name will be oauth_token) Merge the access token inside a form body
             via 'form-body:oauth_token'

           user_agent => LWP::UserAgent object



       $obj->request( $request, [$more] )
           Send the $request (a HTTP::Request object) to the server, calling LWP::UserAgent
           method "request()".  This method will NOT add security token information to the

       $obj->request_auth( $token, <$request | <$method, $uri, [$header, $content]>> )
           Send an authorized request: the $token information gets included in the request
           object.  Returns the answer (HTTP::Response).


             my $auth  = Net::OAuth2::Profile::WebServer->new(...);
             my $token = $auth->get_access_token($code, ...);

             # possible...
             my $resp  = $auth->request_auth($token, GET => $uri, $header, $content);
             my $resp  = $auth->request_auth($token, $request);

             # nicer (?)
             my $resp  = $token->get($uri, $header, $content);
             my $resp  = $token->request($request);

       $obj->add_token($request, $token, $scheme)
           Merge information from the $token into the $request following the the bearer token
           $scheme.  Supported schemes:

           ·   auth-header or auth-header:REALM

               Adds an "Authorization" header to requests.  The default REALM is "OAuth", but
               "Bearer" and "OAuth2" may work as well.

           ·   uri-query or uri-query:FIELD

               Adds the token to the query parameter list.  The default FIELD name used is

           ·   form-body or form-body:FIELD

               Adds the token to the www-form-urlencoded body of the request.  The default FIELD
               name used is "oauth_token".

       $obj->build_request($method, $uri, $params)
           Returns a HTTP::Request object.  $params is an HASH or an ARRAY-of-PAIRS of query

       $obj->params_from_response($response, $reason)
           Decode information from the $response by the server (an HTTP::Response object). The
           $reason for this answer is used in error messages.

       $obj->site_url( <$uri|$path>, $params )
           Construct a URL to address the site.  When a full $uri is passed, it appends the
           $params as query parameters.  When a $path is provided, it is relative to new(site).


       This module is part of Net-OAuth2 distribution version 0.64, built on March 21, 2018.


       Copyrights 2013-2018-2018 on the perl code and the related documentation
        by [Mark Overmeer <>] for SURFnet bv, The Netherlands.  For other
       contributors see ChangeLog.

       Copyrights 2011-12 by Keith Grennan.

       This program is free software; you can redistribute it and/or modify it under the same
       terms as Perl itself.  See