Net::OAuth2::Moosey::Client - OAuth 2.0 client for perl




This is a perl implementation of the OAuth 2.0 protocol.

It is based on (forked from), and very similar in functionality to Keith Grennan's Net::OAuth2 module.

The major differences to the original Net::OAuth2 module are:

  • Converted to use Moose

  • Named parameters for all methods

  • More documentation

  • No demo code for a web application


  use Net::OAuth2::Moosey::Client;
  my %client_params = (
      site_url_base           => '',
      access_token_url_base   => '',
      authorize_url_base      => '',
      scope                   => '',        
      client_id               => '',
      client_secret           => 'atecSNTE23sthbjcasrCuw4i',

  my $client = Net::OAuth2::Moosey::Client->new( %client_params );

  # Get a fresh access token

  # Send a request
  my @post_args =  ( '',
    HTTP::Headers->new( Content_Type => 'application/x-www-form-urlencoded' ),
    sprintf( 'sql=%s', url_encode( 'SHOW TABLES' ) ) );
  my $response = $self->auth_client->post( @post_args );




  • client_id <Str>

    ID for your application as given to you by your service provider.

  • client_secret <Str>

    Secret for your application as given to you by your service provider.

  • scope <Uri>

    Scope for which your are applying for access to.


  • site_url_base <Uri>

    Base url for OAuth.


  • access_token_url_base <Uri>

    Access token url.


  • authorize_url_base <Uri>

    Authorize url.


  • access_token_path <Str>

  • authorize_path <Str>

    The ..._path parameters are an alternative to their ..._url_base counterparts. If used, the authorize_url will be built from the site_url_base and the _path.

  • refresh_token <Str>

    If known, the refresh token can be defined here If not, it will be determined during a request.

  • access_token <Str>

    If known the access token can be defined here. If not, it will be determined during a request.

  • access_code <Str>

    If known, the access code can be defined here. It is only necessary if you have not yet got an access/refresh token. If you are running in interactive mode (and access/refresh tokens are not defined), you will be given a URL to open in a browser and copy the resulting code to the command line.

  • token_store <Str>

    Path to a file to store your tokens. This can be the same file for multiple services - it is a simple YAML file with one entry per client_id which stores your refresh and access tokens.

  • redirect_uri <Str>

    Only needs to be defined if using the 'webserver' profile. The page to which the service provider should redirect to after authorization. For instances using the 'application' profile, the default 'urn:ietf:wg:oauth:2.0:oob' is used.

  • access_token_method <Str>

    GET or POST?

    Default: POST

  • bearer_token_scheme <Str>

    Should be one of: auth-header, uri-query, form-body

    Default: auth-header

  • profile <Str>

    Are you using this module as a webserver (users browser is forwarded to the authorization urls, and they in turn redirect back to your redirect_uri), or as an application (interactively, no browser interaction for authorization possible)?

    Should be one of: application, webserver

    Default: application

  • interactive <Bool>

    Are you running your program interactively (i.e. if necessary, do you want to have a prompt for, and paste the authorization code from your browser on the command line?).

    Options: 0, 1

    Default: 1

  • keep_alive <Int>

    Should the LWP::UserAgent instance used have a connection cache, and how many connections should it cache? Turning off keep_alive can make interaction with your service provider very slow, especially if it is over an encrypted connection (which it should be).

    Default: 1 (try 2 if your service provider requires frequent authorization token refreshing)

  • user_agent <LWP::UserAgent>

    It is not necessary to pass a UserAgent, but maybe you have a custom crafted instance which you want to reuse...

  • access_token_object <Net::OAuth2::Moosey::AccessToken>

    The access token object which manages always having a fresh token ready for you.


Make the current access token expire, and request a fresh access token


Submit a request. This is a wrapper arround a basic LWP::UserAgent->request, but adds the necessary headers with the access tokens necessary for an OAuth2 request.


A wrapper for the request method already defining the request method as POST


A wrapper for the request method already defining the request method as GET


Returns the authorization url


Returns the access token url


Copyright 2011 Robin Clarke

This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.

See for more information.


Thanks to Keith Grennan for Net::OAuth2 on which this is based