Security cam blog posts on Tumblr
Module Mojo
As in previous Perl columns [3] featuring OAuth-controlled Perl applications such as Google Drive, Listing 1 [4] also uses the Mojolicious module from CPAN to ask permission to publish blog entries. When launched by typing ./tumblr-oauth
, it outputs the message:
Listing 1
tumblr-oauth
[Sat Oct 12 09:56:27 2013] [info] Listening at "http://localhost:8082". Server available at http://localhost:8082.
and then launches a web server on port 8082 of localhost. If a browser now requests the URL http://localhost:8082, the script just sends a link with the text Login on Tumblr. When you click the link, you are taken to the Tumblr login page, where you need to identify yourself with your email address and password, if you were not already logged in.
Tumblr then displays the dialog shown in Figure 8 to the user, asking permission for the Perlsnapshot application to read and write to the blog. The blog I set up previously for test purposes under the name of "Schtonk's Rants" at schtonk.tumblr.com will be used for the camera images later on. If the user now presses Allow, Tumblr refers the browser back to the previously set callback URL (http://localhost:8082) and hands over two access tokens to the local web server: oauth_token
and oauth_verifier
.
Armed with these tokens, the recipient can mess around with the users' blogs – within the constraints of the permissions – as if logged in as the users themselves. However, application users do not need to share a password but only a token, which they can revoke at any time.
A Local Web Server
To do this, Listing 1 draws on the CPAN WWW::Tumblr::Authentication::OAuth module, which includes the necessary URLs for retrieving tokens. The variables in lines 15 and 16 contain the $consumer_key
and $secret_key
values obtained in Figure 7 on registering the application.
Before the Mojolicious::Lite module starts the server, it expects some options on the command line. Against all expectations, the daemon
option starts the web server in the foreground and --listen
is assigned the local URL to listen to in line 13. To avoid the need to pass in command-line parameters to tumblr-oauth
, line 28 unceremoniously stuffs the options into the @ARGV
array and then foists them onto the Mojolicious module.
Browser requests for port 8082 without a path are fielded by the code starting in line 34, which sets the stash variable login_url
and thus converts the template in the DATA
area of the script, starting in line 90, into an HTML page with a login link, which the browser then displays. If Tumblr redirects back to the Mojolicious server after obtaining permission from the user, this happens in the /callback
path, and the code from line 45 is executed.
Line 62 uses DumpFile()
from the CPAN YAML module to store all four tokens received, as well as two new access tokens created with token()
and token_secret()
, respectively, in YAML-readable format in the .tumblr.yml
file in the home directory. Application scripts later access the file, read the tokens, and thus gain access to the user's blog.
Shots Through the Window
Listing 2 shows the actual application that grabs photos from the surveillance camera. In line 16, you need to insert the address of your own camera, plus the username and password for the camera's web interface in lines 20 and 21. The WWW::Mechanize type object's credentials()
method stores this information and automatically adds it to web requests when the camera's web server asks for a password. All you really need to retrieve data from a web server is the Perl LWP::UserAgent module, but the WWW::Mechanize superclass provides a more convenient credentials()
method that requires fewer parameters.
Listing 2
tumblr-post
The Foscam camera delivers a snapshot of its field of view as /snapshot.cgi
; the blurt()
function from the CPAN Sysadm::Install module writes the image data to a local file named snapshot.jpg
in lines 27 and 28.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Gnome Fans Everywhere Rejoice for the Latest Release
Gnome 47.2 is now available for general use but don't expect much in the way of newness, as this is all about improvements and bug fixes.
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.