The module is a bad choice for the following reasons:

• Plack::Middleware::OAuth has not received an update in almost ten years.
• The module's POD says: "This module is still in **BETA** , DO NOT USE THIS FOR PRODUCTION!"
• The module has open issues that are ten years old. No recent issues. None of the issues have been addressed. So it is not in good working order, and not getting fixed.
• The module author hasn't posted anything to CPAN in almost eight years.

The module author tells you in the documentation not to use the module. It wouldn't be productive to try to find an author who has been absent for eight years, to ask questions or to ask for bug-fixes in a module that has been marked "beta" for a decade.

If it were me, I would investigate other OAuth modules and choose one that is actively maintained.

Hi Dave,Thanks for your kind responses. I have contacted the author and fork the module from github and made possible to redirect to our OKTA authorization page by modifying ReuestTokenV2.pm. Please check below code snippet that made it possible but one thing how can i capture the headers query string parameter from browser

My main goal is to capture the query string parameter "code" in order to get the value and utlize the same to get the access_token from our OKTA authorization server. I am trying to code sub function in my OP.pm, I was wondering i could utlize the HTTP request in same

app.psgi

use strict;
use warnings;
use Plack::Middleware;
use Plack::Middleware::OAuth;
use Plack::Middleware::OAuth::dev;
use URI;
use LWP::UserAgent;
use Plack::Builder;
use Plack::Middleware;
use Authen::Simple::ActiveDirectory;
use Log::Log4perl;
builder {enable 'OAuth', 
     on_success => => sub {
       my ($self,$token) = @_;
       
       my $userinfo = Plack::Middleware::OAuth::UserInfo->new( config 
+=> $self->config , token => $token );
       
         if( $token->is_provider('Dev') ) {
                    my $info = $userinfo->ask( $token->provider );
                    return $self->to_yaml( $info );
                }
                return $self->render( 'Error' );
     },
providers => { 'Dev' => {  client_id     => 'xxxxxxxxxxxxxxxxxxx',
            client_secret => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxx'
            }, 
            };
webapp->to_app;

};
[download]

Please check below config dev.pm

package Plack::Middleware::OAuth::dev;
use warnings;
use strict;

sub config { + {
    version          => 2,
    authorize_url    => 'https://dev.oktapreview.com/oauth2/v1/authori
+ze',
    access_token_url => 'https://dev.oktapreview.com/oauth2/v1/token',
    response_type    => 'code',
    redirect_uri => 'https://testchandan.com:5001',
    grant_type    =>  'authorization_code',
    scope            => 'openid',
    state       =>       '1234',

} }

1;
[download]

Aren't you running Dancer2? Have you tried Dancer2::Plugin::Auth::OAuth? That's what I use.

Sure, Can you please let me know if this is the same app.psgi or the configuration will be different? My main goal is to capture the query string parameter "code" in order to get the value and utlize the same to get the access_token from our OKTA authorization server. I am trying to code sub function in my OP.pm, I was wondering i could utilize the HTTP request in order to collect the query string parameter code in same session and it won't ask for authentication.

sub result4 {
                    
                    my ($args) = @_;
    my $oktadev   = $args->{OKTAUsersList};
    my $email   = $args->{Email};
                    
                    my $ua = LWP::UserAgent->new();
$ua->proxy([ 'http' ], 'http://proxy.myorg.com:8080');
my $uri = URI->new('https://dev.oktapreview.com/oauth2/v1/authorize');
   $uri->query_form(client_id => 'xxxxxxxxxxxxxxxxxx',response_type=>'
+code', scope=>'openid okta.users.read',redirect_uri=>'https://testcha
+ndan.com:5001',state=>'1234', nonce=>'UBGW');
    my $response1 = $ua->get($uri);
    my $responsecode = $response1->code() ;
    my $responsecontent = $response1->content();
    print $response1->headers_as_string if $response1->is_success;
    print "$responsecode\n";
    print "$responsecontent\n";
                     unless($response1->is_success(),$response1->code)
+ {
   die($response1->code, "\n", $response1->content, "\n");
                    
                }
                
                }
[download]

Its redirecting again to authorization page as per the content but i was wondering this will get me the authrization code as its implemented on to the same app and i was using the same browser session without further asking the password.. Please let me know what should be my approch to collect query string parameter code from browser headers in order to get the access_token from Authorization server? Please let me know if any more details are needed

My webapp.pm

package webapp;
use Dancer2;
use Op;


our $VERSION = '0.1';


get '/' => sub {
    #&client1;
    template 'query2' => { 'title' => 'webapp' };
};
post '/' => sub {
    my $r2 = Op::result4({OKTAUsersList => param('OKTA-Users-List'),
                         Email => param('Email')});
    template result4 => { title => 'webapp', result4 => $r2 }
};
true;
[download]

Hi, I have switched to Dancer2::Plugin::Auth::OAuth and would like to use the same for authorization. Could you please confirm the if this would be the app.psgi but its not loading with below configuration. Do i need to add below configuration inside plack builder. This supposed to work without Plack builder. Please let me know

app.psgi

#!/usr/bin/env perl

use strict;
use warnings;
use FindBin;
use lib "$FindBin::Bin/../lib";
use webapp;
use Dancer2::Plugin::Auth::OAuth;
use Dancer2::Plugin::Auth::OAuth::Provider::dev;


 Dancer2::Plugin::Auth::OAuth->on_plugin_import(providers => { 'dev' =
+> {  client_id     => 'xxxxxxxxxxxxxxxxx',
            client_secret => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
            }, 
            });
 Dancer2::Plugin::Auth::OAuth::Provider::dev->config();


webapp->to_app;
[download]