Mark Overmeer > Net-OAuth2-0.51 > Net::OAuth2::AccessToken



Annotate this POD


Open  1
View/Report Bugs
Module Version: 0.51   Source   Latest Release: Net-OAuth2-0.62


 Net::OAuth2::AccessToken - OAuth2 bearer token


  my $auth  = Net::OAuth2::Profile::WebServer->new(...);

  my $token = $auth->get_access_token($code, ...);
  # $token is a Net::OAuth2::AccessToken
  {   print $token->error_description;

  my $response = $token->get($request);
  my $response = $token->get($header, $content);
  print $token->to_string;  # JSON

  # probably better to set new(auto_refresh), but you may do:
  $token->refresh if $token->expired;


This object represents a received (bearer) token, and offers ways to use it and maintain it.

A "bearer token" is an abstract proof of your existence: different services or potentially different physical servers are able to exchange information about your session based on this, for instance whether someone logged-in while showing the token.



 -Option           --Default
  access_token       undef
  auto_refresh       <false>
  error              undef
  error_description  <value of error>
  error_uri          undef
  expires_at         undef
  expires_in         undef
  profile            <required>
  refresh_token      false
  scope              undef
  token_type         undef
access_token => STRING
auto_refresh => BOOLEAN

Refresh the token before each use.

error => STRING

Set when an error has occured, the token is not valid. This is not numerical.

error_description => STRING

A humanly readible explanation on the error. This defaults to the string set with the error option, which is not nice to read.

error_uri => URI

Where to find more details about the error.

expires_at => TIMESTAMP

Expire this token after TIMESTAMP (as produced by the time() function)

expires_in => SECONDS

Expire the token SECONDS after the initiation of this object.

profile => Net::OAuth2::Profile object
refresh_token => BOOLEAN

Auto-refresh the token at each use.

scope => URL
token_type => TYPE
$obj->session_thaw(SESSION, OPTIONS)

Pass in the output of a session_freeze() call in the past (maybe even for an older version of this module) and get the token object revived. This SESSION is a HASH.

You may pass any of the parameters for new() as OPTIONS, to overrule the values inside the SESSION.

 -Option --Default
  profile  <required>
profile => Net::OAuth2::Profile object



Returns the (base64 encoded version of the) access token. The token will get updated first, if it has expired and refresh_token is enabled, or when new(auto_refresh) is set.

It does not matter that the token is base64 encoded or not: it will always need to be base64 encoded during transport.



When the token is received (hence this object created) it be the result of an error. It is the way the original code was designed...




Returns true when the token has an expiration set and that time has passed. We use this token AFTER this check: to avoid the token to timeout inbetween, we take (by default 15 seconds) margin.


Returns the expiration timestamp of this token (true) or undef (false) when it is not set.


Returns the number of seconds left, before the token is expired. That may be negative.

$obj->update_token(TOKEN, TOKENTYPE, EXPIRES_AT)

Change the token.



Refresh the token, even if it has not expired yet. Returned is the new access_token value.


This returns a SESSION (a flat HASH) containing all token parameters which needs to be saved to be able to restore this token later. This SESSION can be passed to session_thaw() to get revived.

Be sure that your storage is character-set aware. For instance, you probably want to set 'mysql_enable_utf8' when you store this in a MySQL database. JSON


Freeze this object into JSON. The JSON syntax is also used by the OAuth2 protocol, so a logical choice to provide. However, generically, the session_freeze() method provided.


The token can be encoded in transport protocol in different ways. Using these method will add the token to the HTTP messages sent.

$obj->delete(URI, [HEADER, [CONTENT]])
$obj->get(URI, [HEADER, [CONTENT]])
$obj->post(URI, [HEADER, [CONTENT]])
$obj->put(URI, [HEADER, [CONTENT]])


This module is part of Net-OAuth2 distribution version 0.51, built on January 08, 2013. Website:


Copyrights 2013 on the perl code and the related documentation by [Mark Overmeer] for SURFnet bv, The Netherlands. For other contributors see Changes.

Copyrights 2011-12 by Keith Grennan.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See

syntax highlighting: