Provided by: liblwp-authen-oauth2-perl_0.14-1_all bug

NAME

       LWP::Authen::OAuth2::ServiceProvider::Google - Access Google OAuth2 APIs

VERSION

       Version 0.02

SYNOPSIS

       See LWP::Authen::OAuth2 for basic usage.  The one general note is that "scope" is "scope"
       is optional in the specification, but required for Google.  Beyond that Google supports
       many client types, and their behavior varies widely.

       See <https://developers.google.com/accounts/docs/OAuth2> for Google's own documentation.
       The documentation here is a Cliff Notes version of that, so look there for any necessary
       clarification.

REGISTERING

       Before you can use OAuth 2 with Google you need to register yourself as a client.  For
       that, go to <https://code.google.com/apis/console>.  Follow their directions to create a
       project, choose your "flow" (which is called your "client_type" in this document - look
       ahead for advice on available types), and then you'll be given a "client_id" and
       "client_secret".  If you're in the Login, WebServer or Client client types you'll also
       need to register a "redirect_uri" with them, which will need to be an "https://..." URL
       under your control.

       At that point you have all of the facts that you need to use this module.  Be sure to keep
       your "client_secret" secret - if someone else gets it and starts abusing it, Google
       reserves the right to block you.

       This module only handles the authorization step, after which it is up to you to figure out
       how to use whatever API you want to access.

CLIENT TYPES

       Google offers many client types.  Here is the status of each one in this module:

       Login
           This is for applications that want to let Google manage their logins.  See
           <https://developers.google.com/accounts/docs/OAuth2Login> for Google's documentation.

           This is not yet supported, and would require the use of JSON Web Tokens to support.

       Web Server Application
           This is intended for applications running on web servers, with the user sitting behind
           a browser interacting with you.  See
           <https://developers.google.com/accounts/docs/OAuth2WebServer> for Google's
           documentation.

           It can be specified in the constructor with:

               client_type => "web server",

           however that is not necessary since it is also the assumed default if no client_type
           is specified.

           After registering yourself as a client with Google, you will need to specify the
           "redirect_uri" as an https URL under your control.  If you just need this for one or
           two accounts there is no need to actually build anything at that URL - just go through
           the authorization as those accounts and grab your "code" from the URL.  If you will
           support many, making that URL useful is your responsibility.

           With this client type you are not guaranteed a refresh token, so the constructor does
           not require "client_id" and "client_secret".  (Passing them there is still likely to
           be convenient for you.) However there are several optional arguments available to
           "$oauth2->authorization_url(...)" that are worth taking note of:

           "access_type"
               Pass "access_type => "offline"," to "$oauth2-"request_tokens(...)> to request
               offline access.  This means that you get a "refresh_token" which can be used to
               refresh the access token without help from the user.  The intent of this option is
               to support things like software that delays posting a blog entry until a
               particular time.

               In light testing this did not work for me until I passed the next argument, but
               then it worked perfectly.

           "approval_prompt"
               Pass "approval_prompt => "force"," to "$oauth2-"request_tokens(...)> to force the
               user to see the approval screen.  The default behavior without this is that the
               user sees the approval screen the first time through, and on subsequent times just
               gets an immediate redirect.

           "login_hint"
               If you think you know who the user is, you can pass an email in this parameter to
               let Google know which account you are trying to access.  Google thinks this may be
               helpful if someone is logged into multiple accounts at the same time.

       Client-side Application
           This client type is only for JavaScript applications.  See
           <https://developers.google.com/accounts/docs/OAuth2UserAgent> for Google's
           documentation.

           This is not supported since Perl is not JavaScript.

       Installed Application
           This client type is for applications that run on the user's machine, which can control
           a browser.  See <https://developers.google.com/accounts/docs/OAuth2InstalledApp> for
           Google's documentation.

           It can be specified in the constructor with:

               client_type => "web server",

           On the first time it is the client's responsibility to open a browser and send the
           user to "$oauth2-"authorization_url(...)>.  If you pass in "redirect_uri =>
           "http://localhost:$port"," then your application is expected to be listening on that
           port.  If you instead pass in "redirect_uri => "urn:ietf:wg:oauth:2.0:oob"," then the
           code you need will be in the "title" inside of the page the browser is redirected to,
           and you'll need to grab it from there.

           The returned tokens always give you a refresh token, so you only have to go through
           this once per user.

           The only special authorization argument is "login_hint", which means the same thing
           that it does for webserver applications.

       Devices
           This client_type is for applications that run on the user's machine, which do not
           control a browser.  See <https://developers.google.com/accounts/docs/OAuth2ForDevices>
           for Google's documentation.

           This client_type is not supported because I have not yet thought through how to handle
           the required polling step of setting up permissions.

       Service Account
           This client_type is for applications that login to the developer's account using the
           developer's credentials.  See
           <https://developers.google.com/accounts/docs/OAuth2ServiceAccount> for Google's
           documentation.

           This is not yet supported, and would require the use of JSON Web Tokens to support.

AUTHOR

       Ben Tilly, "<btilly at gmail.com>"

BUGS

       The main bug is that out of 6 client types, 5 of which could reasonably be supported, only
       two are so far.

       Please report any bugs or feature requests to "bug-lwp-authen-oauth2 at rt.cpan.org", or
       through the web interface at
       <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=LWP-Authen-OAuth2>.  I will be notified,
       and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

       You can find documentation for this module with the perldoc command.

           perldoc LWP::Authen::OAuth2::ServiceProvider

       You can also look for information at:

       Github (submit patches here)
           <https://github.com/btilly/perl-oauth2>

       RT: CPAN's request tracker (report bugs here)
           <http://rt.cpan.org/NoAuth/Bugs.html?Dist=LWP-Authen-OAuth2>

       AnnoCPAN: Annotated CPAN documentation
           <http://annocpan.org/dist/LWP-Authen-OAuth2>

       CPAN Ratings
           <http://cpanratings.perl.org/d/LWP-Authen-OAuth2>

       Search CPAN
           <http://search.cpan.org/dist/LWP-Authen-OAuth2/>

ACKNOWLEDGEMENTS

       Thanks to Rent.com <http://www.rent.com> for their generous support in letting me develop
       and release this module.  My thanks also to Nick Wellnhofer <wellnhofer@aevum.de> for
       Net::Google::Analytics::OAuth2 which was very enlightening while I was trying to figure
       out the details of how to connect to Google with OAuth2.

LICENSE AND COPYRIGHT

       Copyright 2013 Rent.com.

       This program is free software; you can redistribute it and/or modify it under the terms of
       the the Artistic License (2.0). You may obtain a copy of the full license at:

       <http://www.perlfoundation.org/artistic_license_2_0>

       Any use, modification, and distribution of the Standard or Modified Versions is governed
       by this Artistic License. By using, modifying or distributing the Package, you accept this
       license. Do not use, modify, or distribute the Package, if you do not accept this license.

       If your Modified Version has been derived from a Modified Version made by someone other
       than you, you are nevertheless required to ensure that your Modified Version complies with
       the requirements of this license.

       This license does not grant you the right to use any trademark, service mark, tradename,
       or logo of the Copyright Holder.

       This license includes the non-exclusive, worldwide, free-of-charge patent license to make,
       have made, use, offer to sell, sell, import and otherwise transfer the Package with
       respect to any patent claims licensable by the Copyright Holder that are necessarily
       infringed by the Package. If you institute patent litigation (including a cross-claim or
       counterclaim) against any party alleging that the Package constitutes direct or
       contributory patent infringement, then this Artistic License to you shall terminate on the
       date that such litigation is filed.

       Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
       "AS IS' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.  THE IMPLIED WARRANTIES OF
       MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO
       THE EXTENT PERMITTED BY YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR
       CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
       ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF ADVISED OF THE POSSIBILITY OF
       SUCH DAMAGE.

perl v5.26.0                                2017LWP::Authen::OAuth2::ServiceProvider::Google(3pm)