Packages
boruta
2.1.4
3.0.0-beta.4
3.0.0-beta.3
3.0.0-beta.2
3.0.0-beta.1
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.2
2.2.1
2.2.0
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
2.0.0-rc.1
2.0.0-rc.0
1.2.1
1.2.0
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0
1.0.0-rc.3
1.0.0-rc.2
1.0.0-rc.1
1.0.0-rc.0
0.2.1
0.2.0
0.1.1
0.1.0
0.1.0-rc.5
0.1.0-rc.4
0.1.0-rc.3
0.1.0-rc.2
0.1.0-rc.1
Core of an OAuth/OpenID Connect provider enabling authorization in your applications.
Current section
Files
Jump to
Current section
Files
lib/boruta/oauth/requests/code_request.ex
defmodule Boruta.Oauth.CodeRequest do
@moduledoc """
Code request
"""
@typedoc """
Type representing a code request as stated in [OAuth 2.0 RFC](https://tools.ietf.org/html/rfc6749#section-4.1.1).
Note : `resource_owner` is an addition that must be provided by the application layer.
"""
@type t :: %__MODULE__{
client_id: String.t(),
redirect_uri: String.t(),
state: String.t(),
nonce: String.t(),
scope: String.t(),
resource_owner: struct(),
grant_type: String.t(),
code_challenge: String.t(),
code_challenge_method: String.t(),
response_types: String.t()
}
@enforce_keys [:client_id, :redirect_uri, :resource_owner]
defstruct client_id: nil,
redirect_uri: nil,
state: "",
nonce: "",
scope: "",
resource_owner: nil,
response_type: "code",
grant_type: "authorization_code",
code_challenge: "",
code_challenge_method: "plain",
response_types: []
alias Boruta.Oauth.Scope
@spec require_nonce?(request :: __MODULE__.t()) :: boolean()
def require_nonce?(%__MODULE__{response_types: response_types, scope: scope}) do
Scope.contains_openid?(scope) && Enum.member?(response_types, "id_token")
end
end