View Source MyApp.CharonOauth2.Grants (CharonOauth2 v0.0.5)

Context to manage grants

Link to this section Summary

Functions

Get a list of all oauth2 grants.

Delete a grant.

Delete all grants older than the configured grant_ttl.

Get a single grant by one or more clauses, optionally with preloads. Returns nil if Grant cannot be found.

Insert a new grant

Link to this section Functions

Link to this function

all(filters \\ %{}, preloads \\ [])

View Source
@spec all(%{required(atom()) => any()}, [MyApp.CharonOauth2.Grant.resolvable()]) :: [
  MyApp.CharonOauth2.Grant.t()
]

Get a list of all oauth2 grants.

doctests

Doctests

iex> insert_test_grant()
iex> [%Grant{}] = Grants.all()

# can be filtered
iex> grant = insert_test_grant()
iex> [%Grant{}] = Grants.all(%{authorization_id: grant.authorization_id})
iex> [%Grant{}] = Grants.all(%{code: grant.code})
iex> [] = Grants.all(%{authorization_id: grant.authorization_id + 1})
@spec delete(MyApp.CharonOauth2.Grant.t() | keyword() | map()) ::
  {:ok, MyApp.CharonOauth2.Grant.t()} | {:error, :not_found}

Delete a grant.

examples-doctests

Examples / doctests

# grant must exist
iex> {:error, :not_found} = Grants.delete(id: -1)

# succesfully deletes a grant
iex> grant = insert_test_grant()
iex> {:ok, _} = Grants.delete([id: grant.id])
iex> {:error, :not_found} = Grants.delete([id: grant.id])
@spec delete_expired() :: {integer(), nil}

Delete all grants older than the configured grant_ttl.

examples-doctests

Examples / doctests

iex> valid = insert_test_grant()
iex> expired = insert_test_grant()
iex> past = DateTime.utc_now() |> DateTime.add(-10)
iex> from(t in Grant, where: t.id == ^expired.id) |> Repo.update_all(set: [expires_at: past])
iex> Grants.delete_expired()
iex> valid_id = valid.id
iex> [%{id: ^valid_id}] = Grants.all()
Link to this function

get_by(clauses, preloads \\ [])

View Source

Get a single grant by one or more clauses, optionally with preloads. Returns nil if Grant cannot be found.

doctests

Doctests

iex> grant = insert_test_grant()
iex> %Grant{} = Grants.get_by(id: grant.id)
iex> nil = Grants.get_by(id: grant.id + 1)

# preloads things
iex> grant = insert_test_grant()
iex> %{authorization: %{client: %{id: _}}} = Grants.get_by([id: grant.id], Grant.supported_preloads)

# a grant can be retrieved by its code (actually by the HMAC of its code)
iex> %{id: id, code: code} = insert_test_grant()
iex> ^id = Grants.get_by(code: code).id
@spec insert(map()) :: {:ok, MyApp.CharonOauth2.Grant.t()} | {:error, Changeset.t()}

Insert a new grant

examples-doctests

Examples / doctests

# succesfully creates a grant
iex> {:ok, _} = grant_params() |> Grants.insert()

iex> Grants.insert(%{}) |> errors_on()
%{authorization_id: ["can't be blank"], type: ["can't be blank"], resource_owner_id: ["can't be blank"]}

# authorization must exist
iex> grant_params(authorization_id: -1) |> Grants.insert() |> errors_on()
%{authorization: ["does not exist"]}

# resource owner must exist and must match the authorization's owner
iex> grant_params(resource_owner_id: -1) |> Grants.insert() |> errors_on()
%{authorization_id: ["belongs to other resource owner"]}

# type must be one of client grant_type's
iex> client = insert_test_client(grant_types: ~w(refresh_token))
iex> authorization = insert_test_authorization(client_id: client.id)
iex> grant_params(authorization_id: authorization.id) |> Grants.insert() |> errors_on()
%{type: ["not supported by client"]}

# redirect_uri must be one of client redirect_uri's
iex> grant_params(redirect_uri: "https://boom") |> Grants.insert() |> errors_on()
%{redirect_uri: ["does not match client"]}

# redirect_uri is required if client has multiple uris set
iex> client = insert_test_client(redirect_uris: ~w(https://a https://b))
iex> authorization = insert_test_authorization(client_id: client.id)
iex> grant_params(authorization_id: authorization.id, redirect_uri: nil) |> Grants.insert() |> errors_on()
%{redirect_uri: ["can't be blank"]}
iex> grant_params(authorization_id: authorization.id, redirect_uri: "https://c") |> Grants.insert() |> errors_on()
%{redirect_uri: ["does not match client"]}