Modules
An OAuth 2.1 authorization server, configured per app via a single module.
Resource extension for OAuth 2.1 authorization-code rows.
Action helpers for resources extended with
AshAuthentication.Oauth2Server.AuthorizationCodeResource.
Introspection helpers for the
AshAuthentication.Oauth2Server.AuthorizationCodeResource extension.
Verifies that an OAuth2 authorization-code resource declares every
attribute the Authorize and Token cores read or write.
Protocol-pure logic for the /oauth/authorize endpoint.
Change that rotates a refresh-token row atomically.
A GenServer which periodically removes expired OAuth2 authorization
codes and refresh tokens.
Mint and verify OAuth 2.1 access tokens.
Builders for the discovery metadata endpoints.
PKCE (RFC 7636) S256 helpers.
Resource extension for OAuth 2.1 refresh-token rows.
Action helpers for resources extended with
AshAuthentication.Oauth2Server.RefreshTokenResource.
Introspection helpers for the
AshAuthentication.Oauth2Server.RefreshTokenResource extension.
Verifies the refresh-token resource has the shape the Token core depends on
Protocol-pure logic for /oauth/register (RFC 7591 Dynamic Client
Registration).
Supervises the background processes for an OAuth2 server.
Protocol-pure logic for the /oauth/token endpoint.
Resource-server side bearer token validation.
Plug router for the human-driven consent step of the OAuth 2.1 flow.
Default HTML consent screen.
HTTP error response helpers for OAuth 2.1 / RFC 7591.
Plug router for the client-facing OAuth 2.1 protocol endpoints — anything called by an external OAuth client without a browser session.
Phoenix router macros for mounting the OAuth 2.1 authorization server.
Mix Tasks
Scaffolds an OAuth 2.1 authorization server