AshAuthentication.Oauth2Server.Metadata (ash_authentication_oauth2_server v0.2.1)

Copy Markdown View Source

Builders for the discovery metadata endpoints.

  • protected_resource/1 (RFC 9728) — for the resource server, served at /.well-known/oauth-protected-resource.
  • authorization_server/1 (RFC 8414) — for the authorization server, served at /.well-known/oauth-authorization-server.

Both return plain maps; controllers JSON-encode them.

Summary

Functions

authorization_server(server, context \\ %{})

Build the OAuth Authorization Server Metadata document (RFC 8414).

protected_resource(server, context \\ %{})

Build the OAuth Protected Resource Metadata document (RFC 9728).

Functions

authorization_server(server, context \\ %{})

@spec authorization_server(server :: module(), context :: map()) :: map()

Build the OAuth Authorization Server Metadata document (RFC 8414).

Endpoint paths are derived from the issuer_url so that mounting under a custom prefix works without configuration. context is forwarded to issuer_url/1 so per-tenant deployments can resolve the issuer from the current request.

protected_resource(server, context \\ %{})

@spec protected_resource(server :: module(), context :: map()) :: map()

Build the OAuth Protected Resource Metadata document (RFC 9728).

context is forwarded to the server's resource_url/1 and issuer_url/1 callbacks so per-request (e.g. per-tenant) resolution works. Single-tenant callers can pass %{}.