Packages
boruta
2.3.4
3.0.0-beta.4
3.0.0-beta.3
3.0.0-beta.2
3.0.0-beta.1
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.2
2.2.1
2.2.0
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
2.0.0-rc.1
2.0.0-rc.0
1.2.1
1.2.0
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0
1.0.0-rc.3
1.0.0-rc.2
1.0.0-rc.1
1.0.0-rc.0
0.2.1
0.2.0
0.1.1
0.1.0
0.1.0-rc.5
0.1.0-rc.4
0.1.0-rc.3
0.1.0-rc.2
0.1.0-rc.1
Core of an OAuth/OpenID Connect provider enabling authorization in your applications.
Current section
Files
Jump to
Current section
Files
lib/boruta/oauth/bearer_token.ex
defmodule Boruta.Oauth.BearerToken do
@moduledoc """
OAuth bearer token utilities
Provide utilities to manipulate bearer tokens as stated in [RFC 6750 - Bearer token usage](https://datatracker.ietf.org/doc/html/rfc6750)
"""
alias Boruta.Oauth.Error
@spec extract_token(conn :: Plug.Conn.t()) ::
{:ok, access_token :: String.t()} | {:error, error :: Error.t()}
def extract_token(%Plug.Conn{body_params: %{"access_token" => access_token}}) do
case access_token do
access_token when is_binary(access_token) ->
{:ok, access_token}
_ ->
{:error,
%Error{
status: :bad_request,
error: :invalid_request,
error_description: "Invalid bearer from body params."
}}
end
end
def extract_token(%Plug.Conn{} = conn) do
with [authorization_header] <- Plug.Conn.get_req_header(conn, "authorization"),
[_authorization_header, access_token] <- Regex.run(~r/[B|b]earer (.+)/, authorization_header) do
{:ok, access_token}
else
_ ->
{:error,
%Error{
status: :bad_request,
error: :invalid_request,
error_description: "Invalid bearer from Authorization header."
}}
end
end
end