Packages
boruta
1.0.0-rc.0
3.0.0-beta.4
3.0.0-beta.3
3.0.0-beta.2
3.0.0-beta.1
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.2
2.2.1
2.2.0
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
2.0.0-rc.1
2.0.0-rc.0
1.2.1
1.2.0
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0
1.0.0-rc.3
1.0.0-rc.2
1.0.0-rc.1
1.0.0-rc.0
0.2.1
0.2.0
0.1.1
0.1.0
0.1.0-rc.5
0.1.0-rc.4
0.1.0-rc.3
0.1.0-rc.2
0.1.0-rc.1
Core of an OAuth/OpenID Connect provider enabling authorization in your applications.
Current section
Files
Jump to
Current section
Files
lib/boruta/oauth.ex
defmodule Boruta.Oauth do
@moduledoc """
Boruta OAuth entrypoint, handles OAuth requests.
Note : this module works in association with `Boruta.Oauth.Application` behaviour
"""
alias Boruta.Oauth.Authorization
alias Boruta.Oauth.AuthorizeResponse
alias Boruta.Oauth.Error
alias Boruta.Oauth.Introspect
alias Boruta.Oauth.IntrospectResponse
alias Boruta.Oauth.Request
alias Boruta.Oauth.Revoke
alias Boruta.Oauth.TokenResponse
@doc """
Triggers `token_success` in case of success and `token_error` in case of failure from the given `module`. Those functions are described in `Boruta.Oauth.Application` behaviour.
"""
@spec token(conn :: Plug.Conn.t() | map(), module :: atom()) :: any()
def token(conn, module) do
with {:ok, request} <- Request.token_request(conn),
{:ok, token} <- Authorization.token(request) do
module.token_success(
conn,
TokenResponse.from_token(token)
)
else
{:error, %Error{} = error} ->
module.token_error(conn, error)
end
end
@doc """
Triggers `authorize_success` in case of success and `authorize_error` in case of failure from the given `module`. Those functions are described in `Boruta.Oauth.Application` behaviour.
"""
@spec authorize(conn :: Plug.Conn.t() | map(), resource_owner :: struct(), module :: atom()) :: any()
def authorize(conn, resource_owner, module) do
with {:ok, request} <- Request.authorize_request(conn, resource_owner),
{:ok, token} <- Authorization.token(request) do
module.authorize_success(
conn,
AuthorizeResponse.from_token(token)
)
else
{:error, %Error{} = error} ->
case Request.authorize_request(conn, resource_owner) do
{:ok, request} ->
module.authorize_error(conn, Error.with_format(error, request))
_ ->
module.authorize_error(conn, error)
end
end
end
@doc """
Triggers `introspect_success` in case of success and `introspect_error` in case of failure from the given `module`. Those functions are described in `Boruta.Oauth.Application` behaviour.
"""
@spec introspect(conn :: Plug.Conn.t() | map(), module :: atom()) :: any()
def introspect(conn, module) do
with {:ok, request} <- Request.introspect_request(conn),
{:ok, token} <- Introspect.token(request) do
module.introspect_success(conn, IntrospectResponse.from_token(token))
else
{:error, %Error{error: :invalid_access_token} = error} ->
module.introspect_success(conn, IntrospectResponse.from_error(error))
{:error, %Error{} = error} ->
module.introspect_error(conn, error)
end
end
@spec revoke(conn :: Plug.Conn.t() | map(), module :: atom()) :: any()
def revoke(conn, module) do
with {:ok, request} <- Request.revoke_request(conn),
:ok <- Revoke.token(request) do
module.revoke_success(conn)
else
{:error, error} ->
module.revoke_error(conn, error)
end
end
end