Packages
boruta
2.3.3
3.0.0-beta.4
3.0.0-beta.3
3.0.0-beta.2
3.0.0-beta.1
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.2
2.2.1
2.2.0
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
2.0.0-rc.1
2.0.0-rc.0
1.2.1
1.2.0
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0
1.0.0-rc.3
1.0.0-rc.2
1.0.0-rc.1
1.0.0-rc.0
0.2.1
0.2.0
0.1.1
0.1.0
0.1.0-rc.5
0.1.0-rc.4
0.1.0-rc.3
0.1.0-rc.2
0.1.0-rc.1
Core of an OAuth/OpenID Connect provider enabling authorization in your applications.
Current section
Files
Jump to
Current section
Files
priv/templates/boruta.gen.controllers/controllers/oauth/authorize_controller.ex.eex
defmodule <%= @web_module %>.Oauth.AuthorizeController do
@behaviour Boruta.Oauth.AuthorizeApplication
use <%= @web_module %>, :controller
alias Boruta.Oauth.AuthorizeResponse
alias Boruta.Oauth.Error
alias Boruta.Oauth.ResourceOwner
alias <%= @web_module %>.OauthView
def oauth_module, do: Application.get_env(:<%= @otp_app %>, :oauth_module, Boruta.Oauth)
def authorize(%Plug.Conn{} = conn, _params) do
current_user = conn.assigns[:current_user]
conn = store_user_return_to(conn)
authorize_response(
conn,
current_user
)
end
defp authorize_response(conn, %_{} = current_user) do
conn
|> oauth_module().authorize(
%ResourceOwner{sub: to_string(current_user.id), username: current_user.email},
__MODULE__
)
end
defp authorize_response(conn, _params) do
redirect_to_login(conn)
end
@impl Boruta.Oauth.AuthorizeApplication
def authorize_success(
conn,
%AuthorizeResponse{} = response
) do
redirect(conn, external: AuthorizeResponse.redirect_to_url(response))
end
@impl Boruta.Oauth.AuthorizeApplication
def authorize_error(
%Plug.Conn{} = conn,
%Error{status: :unauthorized}
) do
redirect_to_login(conn)
end
def authorize_error(
conn,
%Error{format: format} = error
)
when not is_nil(format) do
conn
|> redirect(external: Error.redirect_to_url(error))
end
def authorize_error(
conn,
%Error{status: status, error: error, error_description: error_description}
) do
conn
|> put_status(status)
|> put_view(OauthView)
|> render("error.html", error: error, error_description: error_description)
end
@impl Boruta.Oauth.AuthorizeApplication
def preauthorize_success(_conn, _response), do: :ok
@impl Boruta.Oauth.AuthorizeApplication
def preauthorize_error(_conn, _response), do: :ok
defp store_user_return_to(conn) do
conn
|> put_session(
:user_return_to,
current_path(conn)
)
end
defp redirect_to_login(_conn) do
raise """
Here occurs the login process. After login, user may be redirected to
get_session(conn, :user_return_to)
"""
end
end