API Reference AttestoPhoenix v#0.6.3

Copy Markdown View Source

Modules

AttestoPhoenix

A Phoenix/Ecto OAuth 2.0 / OIDC authorization-server and resource-server layer built on top of Attesto.

AttestoPhoenix.ClientStore

The host-owned OAuth client registry contract (RFC 6749 §2 / §3.1.2).

AttestoPhoenix.Config

Configuration for the attesto_phoenix authorization-server layer.

AttestoPhoenix.ConsentPolicy

The host-owned resource-owner authentication and consent contract (RFC 6749 §3.1 / §4.1.1, OpenID Connect Core §3.1.2).

AttestoPhoenix.Controller.AuthorizeController

OAuth 2.0 / OpenID Connect authorization endpoint (RFC 6749 §3.1, OIDC Core §3.1.2).

AttestoPhoenix.Controller.DiscoveryController

RFC 8414 - OAuth 2.0 Authorization Server Metadata endpoint.

AttestoPhoenix.Controller.JWKSController

GET /.well-known/jwks.json - the JSON Web Key Set (RFC 7517 §5).

AttestoPhoenix.Controller.OpenIDConfigurationController

OpenID Connect Discovery 1.0 - OpenID Provider Metadata endpoint.

AttestoPhoenix.Controller.PARController

Pushed Authorization Request endpoint (RFC 9126).

AttestoPhoenix.Controller.RegistrationController

OAuth 2.0 Dynamic Client Registration endpoint (RFC 7591 §3).

AttestoPhoenix.Controller.RevocationController

POST /oauth/revoke - OAuth 2.0 Token Revocation (RFC 7009).

AttestoPhoenix.Controller.TokenController

OAuth 2.0 token endpoint (RFC 6749 §3.2).

AttestoPhoenix.Controller.UserinfoController

OpenID Connect UserInfo endpoint (OpenID Connect Core 1.0 §5.3).

AttestoPhoenix.Event

Neutral event struct and dispatcher for the optional :on_event callback.

AttestoPhoenix.EventSink

The host-owned audit/telemetry contract.

AttestoPhoenix.OAuthError

The error value type and the wire-rendering helpers for the authorization-server controllers and the protected-resource plugs.

AttestoPhoenix.PARStore

Behaviour for Pushed Authorization Request storage (RFC 9126).

AttestoPhoenix.Plug.Authenticate

Phoenix-friendly protected-resource authentication.

AttestoPhoenix.Plug.RequireScopes

Phoenix alias for Attesto.Plug.RequireScopes.

AttestoPhoenix.PrincipalStore

The host-owned subject/principal contract.

AttestoPhoenix.RegistrationStore

The host-owned dynamic client registration persistence contract (RFC 7591 §3 / RFC 7592 §2).

AttestoPhoenix.RequestContext

Neutral request-fact helpers the OAuth 2.0 / OIDC flows derive from a Plug.Conn.

AttestoPhoenix.Router

Router macro that mounts the authorization-server endpoints.

AttestoPhoenix.Schema.Authorization

Ecto schema for the single-use authorization codes backing an Attesto.CodeStore.

AttestoPhoenix.Schema.DPoPNonce

Ecto schema for a single server-issued DPoP nonce (RFC 9449 §8).

AttestoPhoenix.Schema.DPoPReplay

Ecto schema for one recorded DPoP proof jti (JWT ID).

AttestoPhoenix.Schema.RefreshToken

Ecto schema for the refresh-token records that back an Ecto-backed Attesto.RefreshStore.

AttestoPhoenix.ScopePolicy

The host-owned scope-authorization contract (RFC 6749 §3.3).

AttestoPhoenix.Store.EctoCodeStore

Ecto implementation of the Attesto.CodeStore behaviour.

AttestoPhoenix.Store.EctoNonceStore

Postgres-backed Attesto.DPoP.NonceStore for clustered deployments (RFC 9449 §8).

AttestoPhoenix.Store.EctoRefreshStore

Ecto implementation of the Attesto.RefreshStore behaviour.

AttestoPhoenix.Store.EctoReplayCheck

Ecto-backed, shared-store jti replay check for DPoP proofs (RFC 9449 §11.1).

AttestoPhoenix.Store.PAR.ETS

Single-node ETS Pushed Authorization Request store.

AttestoPhoenix.Store.Sweeper

Optional periodic housekeeping GenServer that deletes expired rows from the Ecto-backed authorization-code, refresh-token, DPoP-nonce, and DPoP-replay tables.

Mix Tasks

mix attesto_phoenix.gen.migration

Generates an Ecto migration that creates the persistence backing the Ecto-based stores ship with attesto_phoenix.

mix attesto_phoenix.install

Installs the attesto_phoenix authorization-server layer into a Phoenix app