OAuth
Dreamwidth has basic support for OAuth 1.0a authentication. It's not configured by default, and as of right now the only page that allows for OAuth access is the OAuth test page. But there are plans in the future to use it for the new REST-based API.
First, install and configure Memcache . Dreamwidth's OAuth support uses Memcache for its storage of temporary authentication keys.
Next, run bin/upgrading/gen-secrets.pl
$ cd $LJHOME $ bin/upgrading/gen-secrets.pl
This will output a set of configuration lines. Paste those changes into the bottom of your ext/local/etc/config-private.pl file.
Restart your Dreamwidth server to pick up those changes.
Now we're ready to register your consumer. Go to http://www.your-dw-site.com/admin/oauth and create a new consumer. You can call it whatever you want.
Once we have a consumer registered we can actually get an access token for your user.
Token authorization is most easily done in a web context. Here is a sample web application which grants access to an OAuth token. It uses Dancer, so you'll need to install it first.
$ sudo apt install libdancer-perl
And the app itself. Copy and paste it into a file called dancerauth.pl
# dancerauth.pl # Web Server Example (Dancer / Dreamwidth OAuth) # This example is modified from the version in the documentation for Net::OAuth use Dancer; use Net::OAuth::Client; set session => 'YAML'; sub client { Net::OAuth::Client->new( "yourtoken", #token "yoursecret", #secret site => 'http://www.your-dw-site.com/', #hostname request_token_path => '/oauth/request_token', authorize_path => '/oauth/authorize', access_token_path => '/oauth/access_token', callback => "http://localhost:3000/auth/dw/callback", session => \&session, ); } get '/' => sub { return '<a href="http://localhost:3000/auth/dw">auth</a>'; }; # Send user to authorize with service provider get '/auth/dw' => sub { redirect client->authorize_url; }; # User has returned with token and verifier appended to the URL. get '/auth/dw/callback' => sub { my $access_token = client->get_access_token(params->{oauth_token}, params->{oauth_verifier}); my $response = $access_token->get('/oauth/test'); info "token=" . $access_token->token . " token_secret=" . $access_token->token_secret . " \n"; if ($response->is_success) { return "Yay, it worked!<br>token: " . $access_token->token . "<br>token_secret: " . $access_token->token_secret . "<br><a href='http://localhost:3000/'>Try again</a> <br> " . "<a href='http://localhost:3000/auth/tokentest'>Test token</a><br>" . $response->decoded_content; } else { return "Error: " . $response->status_line; } }; # tests using the token/secret get '/auth/tokentest' => sub { # Use the auth code to fetch the access token my $access_token = Net::OAuth::AccessToken->new( client => client, token => "accesstokenfromcallback", #your access token token_secret => "accesssecretfromcallback", #your access secret ); my $response = $access_token->get('/oauth/test'); if ($response->is_success) { return $response->decoded_content; } else { return "Error: " . $response->status_line; } }; set logger => 'console'; set show_errors => 1; dance;
Modify the first 'sub client' section to use your hostname and your registered consumer's token and secret.
Run the example
$ perl dancerauth.pl
In your browser, if you haven't already logged into your site, do so. Then browse to http://localhost:3000/ (dancer runs on port 3000 by default).
Click on the 'auth' link. You should be redirected to a page on your DW site asking you to grant your newly registered program access to your account. Click accept, and you should be redirected to a success page
Yay, it worked! token: (your new access token) token_secret: (your access token's secret) Try again Test token {"ok":1,"username":"yourusername","userid":"yourid"}
Now you should have a token which will give OAuth access to your account. To test it, stop your dancer server and edit the /auth/tokentest section. Add the token and token_secret you got from your previous request in the appropriate places. Restart your dancer server, and go to http://localhost:3000/auth/tokentest (or just click on the 'Test token' link from your previous request). It should also return a success page.