Atex.OAuth.Discovery (atex v0.10.0)

View Source

Authorization server discovery for AT Protocol OAuth.

Resolves a PDS to its authorization server and fetches authorization server metadata. Results are cached for 1 hour via Atex.OAuth.Cache.

Summary

Functions

Fetch the authorization server for a given Personal Data Server (PDS).

Fetch the metadata for an OAuth authorization server.

Functions

get_authorization_server(pds_host, fresh \\ false)

@spec get_authorization_server(String.t(), boolean()) ::
  {:ok, String.t()} | {:error, any()}

Fetch the authorization server for a given Personal Data Server (PDS).

Makes a request to the PDS's .well-known/oauth-protected-resource endpoint. Results are cached for 1 hour to reduce load on third-party PDSs.

Parameters

  • pds_host - Base URL of the PDS (e.g., "https://bsky.social")
  • fresh - If true, bypasses the cache and fetches fresh data (default: false)

Returns

  • {:ok, authorization_server} - Successfully discovered authorization server URL
  • {:error, :invalid_metadata} - Server returned invalid metadata
  • {:error, reason} - Error discovering authorization server

get_authorization_server_metadata(issuer, fresh \\ false)

@spec get_authorization_server_metadata(String.t(), boolean()) ::
  {:ok, Atex.OAuth.Flow.authorization_metadata()} | {:error, any()}

Fetch the metadata for an OAuth authorization server.

Retrieves the metadata from .well-known/oauth-authorization-server. Results are cached for 1 hour.

Parameters

  • issuer - Authorization server issuer URL
  • fresh - If true, bypasses the cache and fetches fresh data (default: false)

Returns

  • {:ok, metadata} - Successfully retrieved authorization server metadata
  • {:error, :invalid_metadata} - Server returned invalid metadata
  • {:error, :invalid_issuer} - Issuer mismatch in metadata
  • {:error, any()} - Other error fetching metadata