authable v0.10.0 Authable.OAuth2

OAuth2 authorization strategy router

Link to this section Summary

Functions

Calls appropriate module authorize function for given grant type

Warning: Deprecated use grant_app_authorization/2

Authorizes client for resouce owner with given scopes

Revokes access to resouce owner’s resources

Link to this section Functions

Link to this function authorize(params)

Calls appropriate module authorize function for given grant type.

It simply authorizes based on allowed grant types in configuration and then returns access token as @token_store(Authable.Model.Token) model.

Examples

# For authorization_code grant type
Authable.OAuth2.authorize(%{
  "grant_type" => "authorization_code",
  "client_id" => "52024ca6-cf1d-4a9d-bfb6-9bc5023ad56e",
  "client_secret" => "Wi7Y_Q5LU4iIwJArgqXq2Q",
  "redirect_uri" => "http://localhost:4000/oauth2/callbacks",
  "code" => "W_hb8JEDmeYChsNfOGCmbQ"
%})

# For client_credentials grant type
Authable.OAuth2.authorize(%{
  "grant_type" => "client_credentials",
  "client_id" => "52024ca6-cf1d-4a9d-bfb6-9bc5023ad56e",
  "client_secret" => "Wi7Y_Q5LU4iIwJArgqXq2Q"
%})

# For password grant type
Authable.OAuth2.authorize(%{
  "grant_type" => "password",
  "email" => "foo@example.com",
  "password" => "12345678",
  "client_id" => "52024ca6-cf1d-4a9d-bfb6-9bc5023ad56e",
  "scope" => "read"
%})

# For refresh_token grant type
Authable.OAuth2.authorize(%{
  "grant_type" => "refresh_token",
  "client_id" => "52024ca6-cf1d-4a9d-bfb6-9bc5023ad56e",
  "client_secret" => "Wi7Y_Q5LU4iIwJArgqXq2Q",
  "refresh_token" => "XJaVz3lCFC9IfifBriA-dw"
%})

# For any other grant type; must implement authorize function and returns
# access_token as @token_store(Authable.Model.Token) model.
Link to this function authorize_app(user, map)

Warning: Deprecated use grant_app_authorization/2.

Link to this function grant_app_authorization(user, map)

Authorizes client for resouce owner with given scopes

It authorizes app to access resouce owner’s resouces. Simply, user authorizes a client to grant resouces with scopes. If client already authorized for resouce owner then it checks scopes and updates when necessary.

Examples

# For authorization_code grant type
Authable.OAuth2.grant_app_authorization(user, %{
  "client_id" => "52024ca6-cf1d-4a9d-bfb6-9bc5023ad56e",
  "redirect_uri" => "http://localhost:4000/oauth2/callbacks",
  "scope" => "read,write"
%})
Link to this function revoke_app_authorization(user, map)

Revokes access to resouce owner’s resources.

Delete all tokens and then removes app for given app identifier.

Examples

# For revoking client(uninstall app)
Authable.OAuth2.revoke_app_authorization(user, %{
  "id" => "12024ca6-192b-469d-bfb6-9b45023ad13e"
%})