NAME
Kernel::System::Credential::OAuth2::ResourceOwnerPasswordBasicAuth
Ressorce Owner Password Flow
SEE ALSO
Authorisation Flow
https://auth0.com/docs/get-started/authentication-and-authorization-flow
Resource Owner Password Flow
https://auth0.com/docs/get-started/authentication-and-authorization-flow/resource-owner-password-flow
Smart Bonding Onboarding Guide for -Support Partners
https://portal.otrs.com/otrs/index.pl?Action=AgentTicketAttachment;TicketID=7306140;ArticleID=10197791;FileID=1
SYNOPSIS
The call to the identity service provider shall look like this
—Request—-
POST https://YOUR_DOMAIN/oauth/token
Content-Type: application/x-www-form-urlencoded
audience=grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET
—Response—
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token":"eyJz93a...k4laUWw",
"token_type":"Bearer",
"expires_in":86400
}
SYNOPSIS
This type of credentials is very rudimentary. We just make a request whenever we need to refresh our actual one. Refresh and Request are the same. There is not authorization phase in this flow. token_endpoint and autorization_endpoint are therefore the same, although authrization_endpoint is superfluous here, we keep it not to disturb other flows. The default parameters are the same for request and refresh. This is because we don't known how the consumer is going to use us. See Pod for the service provider constructor.
ATTRIBUTES
No specific attributes here. We live on the parent attributes.
METHODS
_ClientParams
This method adds the specific attributes/parameters we need to create a L:A:OAuth2::ROPF credential client. The param code is mandatory for L::A::O::ServiceProvider but not used here because it does come from the authorization phase. The more general parameters are added in OAuth2 where they are assigned. Those here are then just appended. See:
L<https://metacpan.org/pod/LWP::Authen::OAuth2#Construct-service-provider>
NeedsAuthorizationConsent()
Verifies if the credential is in a state that needs the user consent to get the authorization token.
CanRefresh
Checks if the access token can be refreshed.
Refresh
Performs needed operations to refresh the access token data.
# Refresh authorization if needed.
my $Refreshed = $AuthCredential->Refresh();
# Force the authorization to refresh.
my $Refreshed = $AuthCredential->Refresh( Force => 1 );
Returns
1 - success
undef - in case of any error
FullAuthURL()
Returns the full authorization url where the user should be redirect to.
RequestAuthorization()
Requests the provider for the authorization access token.
my $Success = $Self->RequestAuthorization();
Returns
1 - success
undef - error occured